BRAUN Hamburg GmbH & Co. KG
1. Name and contact details of the Controller and of the data protection officer
BRAUN Hamburg GmbH & Co. KG
Phone: +49 (0)40 – 33 44 70
Fax: +49 (0)40 – 33 44 71 03
The company data protection officer can be reached at the above-mentioned address, Att. data protection officer, or by e-mail: email@example.com
2. Collection, Storage and Erasure of Personal Data as well as Type and Purpose and their use
a) When visiting the website:
When you visit our Website www.braun-hamburg.com, the browser you are using on your terminal device automatically sends information to the server of our website. This information will be temporarily stored in a so-called log file. The following information will be recorded without your intervention and stored until automated deletion.
- IP address of the requesting computer,
- date and time of access,
- name and URL of the file accessed,
- website from which access has been made (Referrer-URL),
- the browser used and, if applicable, your computer’s operating system, and your access provider’s name.
We will be processing the above-mentioned data for the following purposes:
- ensuring a smooth connection of the website,
- ensuring comfortable use of our website,
- evaluation of system security and stability,
- for other administrative purposes.
The legal basis for data processing is GDPR sec. 6 para 1 lit. f. Our legitimate interest follows from the purposes listed above for data collection. In no case we will be using the collected data for the purpose of drawing conclusions about you.
b) When using our contact form:
For questions of any kind, we offer you the opportunity to contact us via a form provided on our website. Your name, a valid email address, and your request (“message”) are required so that we know who sent the request and that we will be able to process it. Other information may be given voluntarily.
Data processing for the purpose of contacting us is made pursuant to GDPR art. 6 para. 1 sentence 1 lit. a on basis of your voluntarily given consent.
Personal data collected for using our contact form will be erased after completion of your request.
c) When subscribing to newsletter:
If you explicitly have consented pursuant GDPR sec. 6 para. 1 sentence 1 lit. a we will use your email address to regularly send you our newsletter. For receiving our newsletter, an e-mail address is sufficient.
If at all, your data will only be passed on to third parties for the technical handling of the newsletter dispatch via a service provider working in compliance with data protection regulations.
You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can unsubscribe at any time using firstname.lastname@example.org.
d) Customer account registration data:
Within the order process you have the opportunity to set up a customer account with us. Your address data including e-mail address and orders are stored here. All you have to do the next time you order is enter your e-mail address and a password. The Password must be kept secret.
e) Order and payment data:
For the acceptance, handling and execution of your order, your data will be forwarded to service providers, e.g. the carrier of the goods, if necessary.
Payment data is collected in encrypted form and used solely to process the corresponding transaction. Except in the case of purchase on account, we do not have any knowledge of or access to the bank and credit card data. The processing is carried out solely by the corresponding service provider.
As a registered customer you can choose the option "Save payment data" in the order process. The secure and easy storage of sensitive credit card data is done via an "alias" (token) on your customer account for later purchases.
Under "My customer account" >> "My payment data" you can manage or erase the stored information. If you do not wish to deposit a credit card in your profile, you can also enter the data again with each order.
f) Credit assessment:
In cases in which we make delivery before payment, e.g. in the case of a purchase on account, we regularly check your creditworthiness and in certain cases, in which there is a legitimate interest, also the creditworthiness of existing customers. For this purpose we cooperate with Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss, from which we receive the required data. For this purpose we transfer your name and your contact data to Creditreform Boniversum GmbH.
In the event of receivables overdue for a prolonged period, your data will be transmitted to Creditreform Hamburg, Decken & Wall KG, Wandalenweg 8 - 10, 20097 Hamburg, as collection agency for the purpose of asserting claims in Germany, and will be used there. The legal basis for data processing is GDPR sec. 6 Para. 1 S. 1 lit. f. Our legitimate interest follows from reasons of creditor and credit protection. Information pursuant to GDPR sec. 14 on data processing at Creditreform Boniversum GmbH can be found here: www.boniversum.de/EU-DSGVO.
g) Erasure of data:
Your data stored by us will only be stored for as long as it is required.
- The data of the customer account will remain stored until you cancel the account.
- Without a customer account the order data remain stored until completion of the order.
Then the data will be erased, unless there are legal storage obligations to keep it. Data that we need to complete outstanding tasks or to assert our rights and claims, as well as data that we must keep in accordance with legal requirements, are excluded from erasure. In this case, the data is blocked for further processing.
3. Disclosure of Data to Third Parties
Your personal data will not be transmitted to third parties for purposes other than those listed below. We only pass on your personal data to third parties:
- if you explicitly have consented pursuant GDPR sec. 6 para. 1 sentence 1 lit. a,
- if passing on your personal data pursuant GDPR sec. 6 para. 1 sentence 1 lit. f is necessary for assertion, exercise or defence of legal claims, and there is no reason to believe that you have an overriding interest worthy of protection in non-disclosure of your data,
- in the event of a legal obligation existing for their transfer pursuant to GDPR sec. 6 para. 1 sentence 1 lit. c, and
- this is permitted by law and it is necessary for carrying out our contractual relationships with you pursuant to GDPR sec. 6 para. 1 sentence 1 lit. b.
4. Cookies & Web Beacons
In the cookie information is stored, each resulting in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity.
The data processed by cookies is required for the aforementioned purposes in order to protect our legitimate interests and those of third parties pursuant to GDPR sec. 6 para 1 lit. f.
Most browsers automatically accept cookies. However, you can configure your browser in a way that no cookies will be stored on your computer or a message always will appear prior to a new cookie being created. However, complete deactivation of cookies might lead to you not being able to using all our website’s functions.
b) Web Beacons:
Web beacons are hidden graphics used to collect information. Web beacons can be used to evaluate visitor traffic on websites.
5. Analysis Tools
We use the tracking measures listed below on the legal basis of GDPR sec. 6 para 1 lit. f. With the tracking measures used, we want to ensure that our website will be meeting requirements and will be held continually optimized. Furthermore, we use tracking devices to statistically record the use of our website and to evaluate it for the purpose of optimizing our service for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.
a) Google Analytics:
We use Google Analytics, a web analysis service by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter „Google“) for the purpose of demand-oriented design and continuous optimization of our sites. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
In this context, pseudonymised user profiles will be created and cookies will be used, see point 4. The information on your use of our website created by the cookie such as
- browser type / version,
- used operating system,
- Referrer URL (the previously visited page),
- the accessing computer’s host name of (IP address),
- time of server request,
will be submitted to a server of Google in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and of the internet for the purposes of market research and demand-oriented design of these web pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses will be anonymized so that an assignment is not possible (IP masking).
Furthermore, you can prevent recording of data generated by the cookie relating to your use of the website (including your IP address) and its processing by Google when downloading and installing a browser-add-on https://tools.google.com/dlpage/gaoptout?hl=de
Further information on data protection in connection with Google Analytics can be found at https://www.google.com/analytics/terms/de.html.
Our website uses Criteo (Criteo GmbH, Gewürzmühlenstraße 11, 80538 München) to collect information about the surfing behaviour of website visitors in purely anonymous form. This is for marketing purposes and carried out by cookies set in your browser.
Criteo can analyze the surfing behavior and then display targeted product recommendations as a suitable advertising banner when other websites are visited. Under no circumstances can we use the anonymized data to personally identify the website visitor. The data collected by Criteo will only be used to improve the offering of advertisement. On the bottom right of each displayed banner there is a small "i" (for information), which opens on mouse-over and leads to a page where the system is explained and an opt-out is offered.
When you click on Opt-Out, an "Opt-Out" cookie is set, which will prevent these banners from being displayed in the future. Any other use or passing on to third parties is excluded.
For more information and the possibility to object to the anonymous analysis of your surfing behavior please see https://www.criteo.com/de/privacy/.
We use the Zanox advertising service to document transactions (e.g. leads and sales). Zanox is a product of AWIN AG, Eichhornstraße 3, 10785 Berlin. Cookies and web beacons are used in this context, point 4. The information generated by cookies and/or web beacons about the use of this website (including your IP address) and delivery of advertisement is transferred to a Zanox server and stored there. Zanox will use this information to evaluate your use of the Website with respect to the advertisements, to compile reports on Website activities and advertisements for the Website Operators and to provide other services relating to the use of the Website and the Internet. Zanox may also transfer this information to third parties where required to do so by law or where such third parties process the information on behalf of Zanox. You can deactivate the storage of cookies in your respective browser under Tools/Internet options, limit them to certain websites or set your browser to notify you as soon as a cookie is sent.
We use the metalyzer service from metapeople GmbH (http://www.metapeople.com) for our online shop. User data is collected and processed for marketing and optimization purposes. This data is used to compile pseudonymised user profiles. The web server of metapeople GmbH stores the name of the internet service provider, the website from which he or she visits us, the web-pages he or she visits including date and duration of the visit. The collected data does not contain your name or address nor your e-mail address and therefore does not allow any personal identification. You can object to the collection and storage of data at any time with effect for the future. Opt-Out
e) Doubleclick Ad Exchange:
The advertising service "Doubleclick Ad Exchange" used on our website is a product of Google Inc., USA ("Google", see above), which we use for optimized advertising. Within the framework of the use of Doubleclick Ad Exchange, cookies and web beacons are used, point 4. This records and stores information such as visitor traffic on our website. The information generated by the cookie and/or web beacon about your use of the website is transferred to a server in the USA and stored there.
Google uses the information obtained in this way to evaluate your usage behavior with regard to Doubleclick Ad Exchange ads. Google may also disclose this information to third parties if this is required by law or if third parties process this data on behalf of Google. If IP addresses are transferred and stored in this context, this is only to combat and filter spam/fraud (ad impression spam and click spam).
6. Social Media
On our website you have is the opportunity to share articles in the social networks Facebook, Twitter and Pinterest. We use this opportunity to promote our website. The underlying advertising purpose is to be regarded as a legitimate interest within the meaning of the GDPR. These plug-ins are integrated by us by means of external links to the pages of the operators of the social network in order to protect visitors to our website in the best possible way. Responsibility for the data protection-compliant operation is to be guaranteed by their respective providers.
7. Google Maps
Further instructions for managing your own data in connection with Google products can be found here: https://support.google.com/accounts/answer/3024190.
8. Rights of Data Subjects
You have the right:
- to obtain access to your personal data processed by us in accordance with GDPR sec. 15. In particular, you may obtain access to the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the source of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
- to immediately request the rectification of inaccurate or completion of incomplete personal data stored by us in accordance with GDPR sec. 16;
- to request the erasure of your personal data stored by us pursuant to GDPR sec. 17, unless the processing for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for assertion, exercise or defense of legal rights is required;
- to demand the restriction of the processing of your personal data pursuant to GDPR sec. 18, as far as the accuracy of the data is contested by you, the processing is unlawful, but you reject its erasure and we no longer need the data, but you require this, for the exercise or defense of legal claims or you objected to processing pursuant to GDPR sec. 21;
- to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format in accordance with GDPR sec. 20. or to demand transmission to another controller;
- to object to your consent given pursuant to GDPR sec. 7 para 3 at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future and
- to lodge a complaint with a supervisory authority pursuant to GDPR sec. 77. As a rule, you can contact the supervisory authority of your habitual residence or place of work or place of business.
9. Right to object
If your personal data are processed based on legitimate interests pursuant to GDPR sec. 6 para. 1 sentence 1 lit. f, you have the right to object to the processing of your personal data pursuant to GDPR sec. 21, provided that there are reasons on grounds relating to your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to make use of your right of revocation or objection, simply send an e-mail to email@example.com.
10. Data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form can be seen from the closed display of the key or lock symbol in the status bar of your browser. We make use of the rest of the adequate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
This data protection declaration is currently valid and has the status as of May 2018.
Due to further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at www.braun-hamburg.com/en/privacy.