Privacy

Data Privacy Statement

I. Name and address of Controller

The Controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states and other provisions of data protection law:

Martin Christ Gefriertrocknungsanlagen GmbH
An der Unteren Söse 50
37520 Osterode am Harz
Germany

Tel. +49 (0) 55 22 50 07-0
Fax +49 (0) 55 22 50 07-12
Email: info@martinchrist.de
Website: www.martinchrist.de


II. Name and address of Data Protection Officer

The Controller's Data Protection Officer is:

Volker Mennemann
DPRT Business Services GmbH
Heidlohstraße 2b
22459 Hamburg
Germany

Tel.: +49 (0) 40 30 20 80 9-0
Email: vmennemann@dprt-bs.de
Website: www.dprt-bs.de


III. General information concerning data processing

1. Scope of processing of personal data
We collect and use personal data of our users only to the extent that this is necessary in order to provide a functional website and our content and services. Personal data of our users is generally collected and used only with the user's consent. An exception applies in cases where it is not possible to obtain prior consent for factual reasons and where statutory provisions permit the processing of the data. 

2. Legal basis for processing personal data
Where we obtain a data subject's consent for the processing of personal data, the legal basis is Art. 6 (1) letter a EU General Data Protection Regulation.

Where personal data which is required for the performance of a contract to which the data subject is a party is processed, Art. 6 (1) letter b GDPR serves as the legal basis. This also applies to processing operations which are required in order to implement precontractual measures.

Where personal data must be processed in order to meet a legal obligation to which our Company is subject, Art. 6 (1) letter c GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our Company or a third party and if the interests, basic rights and fundamental freedoms of the data subject do not override the first named interest, the legal basis used for the processing is Art. 6 (1) letter f GDPR. 

3. Erasure of data and duration of storage
The personal data of the data subject shall be erased or blocked as soon as the purpose of the storage no longer applies. It may be stored beyond said date if this has been stipulated by the European or national legislator in EU regulations, laws or other provisions to which the Controller is subject. The data shall also be blocked or erased if a storage period specified in the said laws expires, unless there is a need to continue to store the data for the purpose of entering into or performing a contract.

4. SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests, which you send us as operator of the site.

You will recognise an encrypted connection from the fact that the browser's address line changes from “http://” to “https://” and from the padlock symbol in your browser line.
If the SSL or TLS encryption is activated the data which you send us will not also be read by third parties.


IV. Provision of website and creation of logfiles

1. Description and scope of data processing
Whenever our website is visited our system automatically records data and information from the computer system of the visiting computer. 
The following data is collected in this process:

1. Name of site visited
2. Date and time of access
3. Data volumes transferred
4. Status report of successful access
5. Operating system
6. Browser type, version and language
7. Websites from which the user's system accesses our website
8. IP address of the user or the host name of the access provider assigned to this IP address
The data shall also be stored in the log files of our system. This data shall not be stored together with other personal data of the user.

2. Legal basis for data processing 
The legal basis for the temporary storage of the data and the log files is Art. 6 (1) letter f GDPR.

3. Purpose of data processing
The IP address must be temporarily stored by the system to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session. 

Storage is done in log files to ensure the functionality of the website. The data is also used to optimise the website and to ensure that our IT systems are secure. No analysis of the data is performed for marketing purposes in this connection.

These purposes also form the basis of our legitimate interest in the data processing pursuant to Art. 6 (1) letter f GDPR.

4. Duration of storage
The data is erased as soon as it is no longer required to achieve the purpose of collecting it. Where the data is recorded for the purpose of providing the website, this shall be the case when the relevant session has ended. 

For security reasons (such as investigating misuse and fraud) log file information shall be stored for a period of one month and then deleted. Data whose continued retention is required for evidentiary purposes shall be exempt from deletion pending final clarification of the incident in question. It may be possible to store it for longer. In this case the IP addresses of the users shall be erased or changed to prevent them from being assigned to the visiting customer.

5. Objection and rectification option
Capturing the data for the purpose of making the website available and storing the data in log files is an absolute requirement for operating the website. The user cannot consequently object to this. 


V. Use of cookies

a) Description and scope of data processing
Our website uses cookies. Cookies are text files which are stored in the internet browser or by the internet browser on the user's computer system. When a user visits a website a cookie can be stored on the user's operating system. This cookie contains a characteristic character string which enables the browser to be clearly identified the next time the website is visited. 
We use cookies to make our website more user-friendly. Some elements of our website require the visiting browser to also be identified after a page change.
This website uses the following types of cookies, whose scope and functionality is explained below:
- Transient cookies
- Persistent cookies
Transient cookies are automatically deleted when you close the browser. These specifically include the session cookies. These store what is known as a session ID which allows different queries from your browser to be assigned to the joint session, enabling your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
Persistent cookies are automatically deleted after a specified time, which can vary depending on the cookie. You can delete the cookies in your browser's security settings at any time.
You can configure your browser setting as you wish and e.g. refuse to accept third-party cookies or any cookies at all. We should point out that you might as a result not be able to use all the functions of this website.
The cookies used on our website include not only an internal session cookie but also the cookies used by the analytical tool eTracker (see also VII). The latter enable users' web-surfing behaviour to be analysed.
Whenever our website is visited, users are informed through an information banner about the fact that cookies are used for analytical purposes, and reference is made to this Privacy Statement. In this connection, users are also told how the storage of cookies can be prevented in the browser settings.

b) Legal basis for data processing 
The legal basis for the processing of personal data using cookies for technical requirements is Art. 6 (1) letter f GDPR.
The legal basis for the processing of personal data using cooking for analytical purposes when the user's consent has been obtained for this purpose is Art. 6 (1) letter a GDPR.

c) Purpose of data processing
The purpose of using technically necessary cookies is to make it easier for users to use websites. Some functions of our website cannot be offered without the use of cookies. For those functions the browser has to be recognised again even after a page change.
The user data collected using technically necessary cookies shall not be used to create user profiles.
The purpose of analytical cookies is to improve the quality of our website and its content. Analytical cookies allow us to learn how the website is used so that we can continually optimise our offer.
These purposes also form the basis of our legitimate interest in the processing of the personal data pursuant to Art. 6 (1) letter f GDPR. 

d) Duration of storage, objection and rectification option
Cookies are stored on the user's computer and transmitted from the computer to our site. You as user therefore also have complete control over the use of cookies. By adjusting the settings in your internet browser you can deactivate or restrict the transfer of cookies. Cookies which are already stored may be deleted at any time. This can be done automatically. If cookies are deactivated for our website not all the functions of the website might be able to be fully used any more.


VI. Service form and email contact

1. Description and scope of data processing
There is a service form on our website for our customers which can be used if you wish to contact us electronically. If a user makes use of this option the data that is entered in the input screen is transmitted to us and stored. This data is:

1. Name of company (customer)
2. Institution
3. Address of the customer (street, house number, postcode, town/city)
4. Telephone number, fax number and email address of customer
5. First name of requestor
6. Last name of requestor
7. Device information
The following optional information may also be recorded:
1. Department
2. Working group
3. Customer number
4. Contact partner (contact information, last name, first name, department, level, room)
5. Reference to existing order
For the data to be processed your consent is obtained in the course of the dispatching process, and reference is made to this privacy statement.

Contact may also be made using the email address provided. The user's personal data sent with the email will be stored in this case. 

The data shall not be disclosed to third parties in this connection. The data shall be used exclusively for the purpose of processing the conversation.

2. Legal basis for data processing 
The legal basis for the processing of the data where the user's consent has been obtained is Art. 6 (1) letter a GDPR.

The legal basis for the processing of the data which is transmitted in an email is Art. 6 (1) letter f GDPR. If the email contact aims to enter into a contract, an additional legal basis for the processing is Art. 6 (1) letter b GDPR.

3. Purpose of data processing
The sole purpose of processing the personal data from the input screen is to process the service notification. 

Where email contact is made, the transmitted data shall be used exclusively for the purpose of processing the request. 

The other personal data processed during the dispatch process serves to prevent misuse of the service form and to ensure the security of our IT systems. 

4. Duration of storage
The data is erased as soon as it is no longer required to achieve the purpose of collecting it. For the personal data which has been sent by email, this is the case when the relevant conversation with the user is terminated. The conversation is terminated when it is clear from the circumstances that the facts in question have been definitively clarified.

5. Objection and rectification option
The user has the option at any time of revoking his consent to the processing of the personal data. If the user contacts us by email he can object to the storage of his personal data at any time. The conversation and/or the processing of the service request cannot be continued in such a case.

All you need to do to object to the processing of the personal data is send us an informal email message. The lawfulness of the data processing which has been performed up until the revocation shall remain unaffected by the revocation.

All personal data which has been stored in the course of processing the service request is erased in this case.


VII. Plugins and tools

1. eTracker
The provider of this website uses services of etracker GmbH from Hamburg, Germany [LINK: www.etracker.com] to analyse usage data. This involves the placement of cookies which enable a statistical analysis of the use of this website by its visitors and the display of usage-related content or advertising. Cookies are small text files which are stored by the internet browser on the user's mobile device. etracker cookies contain no information enabling a user to be identified.

The data generated with etracker is processed and stored on behalf of the provider of said website by etracker exclusively in Germany and is consequently subject to strict German and European data protection laws and standards. etracker has been independently audited and certified in this regard and has been awarded the data protection ePrivacyseal seal of approval (https://www.eprivacy.eu/kunden/vergebene-siegel/firma/etracker-gmbh/).

The data is processed pursuant to Art. 6 (1) letter a (consent) of the EU General Data Protection Regulation (EU GDPR). Since the privacy of our visitors is particularly important to us, the IP address is anonymised as early as possible by etracker and login or device IDs are converted by etracker to a code which is unique but not assigned to an individual. etracker makes no other use of the data and does not merge it with other data or pass it to third parties.

Further information concerning data protection at etracker can be found at: https://www.etracker.com/datenschutz/

2. Monotype web fonts
This site uses so-called web fonts which are provided by Monotype GmbH (fonts.com or fast.fonts.net). Whenever a site is visited your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. To do this, the browser you use must connect with the fonts.com servers. As a result, fonts.com is notified that our website has been called up through your IP address. If your browser does not support web fonts a standard font will be used by your computer.

The use of Fonts.com web fonts is made in the interest of ensuring that our online offers have a uniform and appealing look to them. This also forms the basis of the legitimate interest as defined in Art. 6 (1) letter f GDPR.
Files loaded by a "fonts.com" server. Your IP address can be transmitted to a "fonts.com" server and stored there in the usual server log. The further processing of this information is the responsibility of "fonts.com", the corresponding conditions and setting options can be found in the privacy policy (www.monotype.com/legal/privacy-policy) of "fonts.com".

3. Google Analytics
We use the web analytics service "Google Analytics" from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to analyze visitor traffic. Google uses cookies to provide this service. The information thus generated is processed and stored by Google at its location in the USA. Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). For more information on data usage, please refer to the provider's privacy policy at https://www.google.com/intl/en/policies/privacy.

VIII. Rights of the data subject

If personal data about you is processed you are the data subject within the meaning of GDPR and you have rights in relation to the Controller.
Under the applicable statutory provisions, you have the right at any time to be provided with information free of charge about your stored personal data, its origin and recipients and the purpose of the data processing and, where necessary, a right to have said data rectified, blocked or erased, and a right to have the data provided to him or transferred to another party.
You have the right pursuant to Art. 7 (3) GDPR to withdraw consents granted with future effect. In addition, you may object at any time to the future processing of the data concerning you pursuant to Art. 21 GDPR.
In the event of infringements of the data protection law the data subject has the right to object to the competent supervisory authority. The competent supervisory authority in data protection matters is the federal data protection officer of the federal state in which your company has its registered office. A list of the data protection officers and their contact data can be found at the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
If you would like more information in this regard, and also if you have any other questions on the topic of personal data, you can contact us at any time at the address stated in the Disclaimer.