Privacy policy

Data protection
Privacy Policy
Name and contact details of the data controller as specified in article 4, section 7 of the GDPR.
Broderius Präzision Gesellschaft für Vorrichtungen, Sonderwerkzeuge und Maschinenbau mbH
Oststrasse 116 -118
22844 Norderstedt, Germany
Represented by:
Winfried Appel
E-mail: info@broderius.de
Security and protection of your personal data
We place top priority on protecting the confidentiality of the personal data you furnish us with and protecting such data from authorised access. Therefore, we exercise exceptional care and apply state-of-the art security standards in order to guarantee maximum protection of your personal data.
As a company governed by civil law we are subject to the specifications detailed in the European General Data Protection Regulation (GDPR) and the stipulations outlined in the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). We have taken technical and organisational steps to ensure that data protection requirements are complied with by us and our external service providers.
Definitions
The legislator requires personal data to be processed lawfully, in good faith and in a way that is transparent to the data subject (“Lawful manner, processed in good faith, transparency”). In order to guarantee this is the case, we are informing you about the individual legal definitions that are also used in this Privacy Policy:
1. Personal data
Personal data includes all information that relates to a natural person identified or to be identified (hereinafter referred to as the data subject); a person is considered identifiable who can be identified either directly or indirectly, in particular due to allocation via an identifier such as a name, an ID number, location data, an online ID or one or several special attributes which indicate the physical, physiological, genetic, mental, economic, cultural or social identity of such natural person.
2. Processing
Processing is defined as any process or any such series of processes in conjunction with personal data, with or without the aid of automated processes, such as the capture, entry, organisation, filing, storage, adaptation or change, reading, retrieval, usage, disclosure via transmission, sharing or any other form of provision, comparison or linkage, restriction, deletion or eradication of such data.


3. Restricting processing
Restricting processing means the selection of stored personal data the purpose of which is to restrict the processing thereof in the future.
4. Profiling
Profiling means any type of automated processing of personal data the purpose of which is to use such personal data in order to assess personal aspects related to a natural person, in particular in order to analyse or predict aspects regarding performance in the workplace, financial situation, health, personal preferences, interests, reliability, behaviour, the place where such person lives or a move to another location.
5. Pseudonomisation
Pseudonomisation means the processing of personal data in a way in which the personal data cannot be allocated to a specific data subject without additional information being provided, in so far as such additional information is stored separately and is subject to technical and organisational measures that guarantee that the personal data cannot be allocated to an identified or identifiable natural person.
6. File system
File system is defined as any structured collection of personal data, which is accessible based on certain criteria, regardless of whether such collection is stored centrally, locally or according to functional or geographical parameters.
7. Data controller
The data controller is defined as an natural or legal person, state-run authority, institution or other body that alone or conjunction with others decides on the purposes for and means of processing personal data; should such purposes or means of such processing be stipulated by European Union law or the law of the member states, the data controller or the criteria prevailing over the appointment of such person can be governed by European Union law or the law of the member states.
8. Processor
The processor is defined as a natural person or legal person, state-run authority, institution or other body that processes the personal data on behalf of the data controller.
9. Recipient
The recipient is defined as a natural or legal person, state-run authority, institution or other body to whom personal data has been disclosed, regardless of whether these are third parties or not. State-run authorities who receive personal data due to a particular investigation mandate anchored in European Union law or the law of member states, are however not considered recipients; the processing of such data by the above-mentioned state-run authorities is performed in compliance with applicable data protection stipulations commensurate with the purposes of processing such data.


10. Third party
A third party is a natural or legal person, state-run authority, institution or other body, except the data subject, the data controller, the processor and people who are authorised under the direct responsibility of the data controller or the processor to process the personal data.
11. Consent
Consent is defined as any agreement provided voluntarily by the data subject for the case concerned and furnished in an informed and unambiguous way in the form of a declaration or another clearly affirmative action with which the data subject states that he/she consents to the processing of his/her personal data.
Lawfulness of processing
The processing of personal data is only lawful if such processing has a legal basis. A legal basis for processing can, pursuant to article 6 section 1
lit. a – f of the GDPR, be in particular:
• The data subject has provided his/her consent to processing his/her personal data for one or several specific purposes;
• Processing is required to fulfill a contract where the party to the contract is the data subject or to take steps at the request of the data subject before concluding the contract;
• Processing is required to meet a legal requirement that the data controller must comply with;
• Processing is required in order to protect vital interests of the data subject or another natural person;
• Processing is required in order to perform a task that is in the public interest or in order to exercise official authority and which the data controller has been requested to do;
• Processing is required to protect justified interests of the data controller or a third party in so far as the interests or basic rights and freedoms of the data subject that require the protection of personal data do not take precedence, in particular when the data subject is a child.
Information regarding capturing personal data
(1) We will inform you below about capturing personal data when you use our website. Personal data includes for example names, addresses, e-mail addresses, user behaviour.
(2) If we are contacted by e-mail or through a contact form, we store the data you disclose to us (your e-mail, name) in order to answer your questions. Following storage, we delete any data generated in this respect that is no longer required or processing is restricted if statutory requirements to retain such data exist.
Capturing personal data when visiting our website
When you merely visit our website to obtain information, in other words you do not register or transmit information to us in any other way, we only capture personal data that your browser transmits to our servers. If you want to look at our website, we capture the following data required by us for technical reasons in order to show our website to you and guarantee its stability and security (legal basis is article 6, section 1, page 1, lit. f. GDPR):
• IP address
• Date and time of the query
• Difference in time zones to Greenwich Mean Time (GM)
• Content of the request (actual page)
• Access status/HTTP status code
• Data quantity transmitted
• Website from which the query comes
• Browser
• Operating system and its interface
• Language and version of the browser software.
Use of cookies
(1) In addition to the previously mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk and allocated to the browser you use and through which certain information is passed to the body that places the cookie. Cookies cannot execute any programs or transmit viruses to your computer. Their purpose is to make the online offering more user friendly and effective.
(2) This website uses the following types of cookies whose scope and functionality are explained below:
• Transient cookies (see 1).
• Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These save a session ID with which various queries by your browser can be allocated to a joint session. As a result, your computer can be recognised when you return to our website. The session cookies are deleted when you log off or close the browser.
Further functions of and offerings on our website
(1) In addition to visiting our website merely for informational purposes, we also offer various services that you can use if you are interested. To do so, you normally have to state further personal data that we require to provide the service concerned and for which the previously mentioned data-processing principles apply.
(2) In some cases, we use external service providers to process your data. We select and appoint such service providers carefully and they undertake to follow our instructions and are checked regularly.
(3) We can also transmit your personal data to third parties if we and partners offer promotions, competitions, conclusions of contracts or similar services. You can obtain more detailed information about this by stating your personal data or in the description of the offering below.
(4) If our service providers or partners are headquartered in a state outside the European Economic Area (EEA), we will inform you about the consequences thereof in the description of the offering.

Google Analytics Englisch

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as Page views, length of stay, operating systems used and origin of the user. This data may be summarized by Google in a profile that is assigned to the respective user or their device.

Google Analytics uses technologies that enable the user to be recognized for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.

This analysis tool is used on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be revoked at any time.

IP anonymization

We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on how Google Analytics handles user data in Google's data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics in Google Analytics

This website uses the “demographic characteristics” function of Google Analytics in order to be able to show website visitors appropriate advertisements within the Google advertising network. This allows reports to be created that contain information on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the point "Objection to data collection".

Google Analytics e-commerce tracking

This website uses the "e-commerce tracking" function of Google Analytics. With the help of e-commerce tracking, the website operator can analyze the purchasing behavior of website visitors in order to improve their online marketing campaigns. Information such as the orders placed, average order values, shipping costs and the time from viewing to purchasing a product are recorded. This data can be combined by Google under a transaction ID that is assigned to the respective user or their device.

Storage period

Data stored by Google at user and event level that are linked to cookies, user IDs (e.g. user ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) are anonymized after 14 months or deleted. You can find details on this under the following link: https://support.google.com/analytics/answer/7667196?hl=de


Children
Our offering is only directed at adults. People under 18 should not transmit any personal data to us without the consent of parents or guardians.
Rights of the data subject
(1) Withdrawal of consent
If the personal data is processed on the basis of consent given, you have the right to withdraw such consent at any time. Withdrawing the consent does not prejudice the lawfulness of the processing that has been carried out on the basis of consent until withdrawal thereof.
You can contact us at any time if you wish to make use of your right to withdraw consent.
(2) Right to confirmation
You have the right to request confirmation from the data controller on whether we process personal data about you. You can request such confirmation at any time by using the above-mentioned contact information.
(3) Right to information
If personal data is processed, you have the right to demand information about such personal data and the following information at any time:
• The purposes for which the data is processed;
• The categories of personal data that are being processed;
• The recipients or categories of recipients to whom the personal data has been disclosed or will be disclosed, in particular in the case of recipients in non-EU countries or international organisations;
• If possible, the scheduled duration for which the personal data is stored, or should this not be possible, the criteria for establishing such duration;
• The existence of a right to have your personal data corrected or deleted or to restrict processing by the data controller or a right to objecting to this processing;
• The existence of a right to complain to a supervisory body;
• If the personal data is not captured from the data subject, all information available about the origin of the data;
• The existence of an automated decision including profiling pursuant to article 22, paragraphs 1 and 4 GDPR and – in these cases at least – meaningful information on the logic involved as well as the impact of the effects of such processing on the data subject.
If personal data is transmitted to a non-EU country or an international organisation, you have the right to be informed about the appropriate guarantees pursuant to article 46 GDPR in conjunction with such transmission. We will provide you with a copy of the personal data that is processed. We can request appropriate fees, based on admin costs, for any further copies you request. If you submit your application electronically, the information must be provided in a standard electronic format unless the application states otherwise. The right to receive a copy pursuant to paragraph 3 may not prejudice the rights and freedoms of other people.
(4) Right to correction
You have the right to request correction of inaccurate personal data about you without delay. Taking into account the purpose of the processing, you have the right to demand that incomplete personal data about you is completed – also by way of an additional declaration.

(5) Right to deletion (“Right to be forgotten”)
You have the right to ask the data controller to delete your personal data without delay and we are obliged to delete personal data immediately if one of the following reasons applies:
• The personal data is no longer necessary for the purposes for which it was captured or otherwise processed.
• The data subject withdraws his/her consent, upon which processing of the data pursuant to article 6, paragraph 1, a or article 9, paragraph 2, a of the GDPR was based and there is no other legal basis for such processing.
• Pursuant to article 21, paragraph 1 GDPR, the data subject objects to processing and there are no reasons that take precedence to justify processing, or pursuant to article 21, paragraph 2, GDPR the data subject objects to the processing.
• The personal data was processed unlawfully.
• Deleting the personal data is required to meet a legal obligation pursuant to European Union law or the law of the member states to which the data controller is obliged to comply with.
• The personal data was captured due to services offered by the information society pursuant to article 8, paragraph 1, GDPR.
If the data controller has placed the personal data in the public domain and is obliged to deleted such data pursuant to paragraph 1, the data controller will take appropriate steps also of a technical nature, bearing in mind the technology available and implementation costs, to inform the people who are in charge of processing the personal data that the data subject has requested the deletion of all links to or copies or duplicates of such personal data.
The right to deletion (“right to be forgotten”) does not apply if processing is required for the following purposes:
• To exercise the right to freedom of speech and information;
• To meet a legal obligation that requires processing based on European Union law or the law of the member states which the data controller is obliged to comply with, or to fulfil a task that is in the public interest or to exercise official authority that was assigned to the data controller;
• Due to public interest in the realm of public health pursuant to article 9, paragraph 2, h and i as well as article 9, paragraph 3 of the GDPR;
• For archiving purposes that are in the public interest, for scientific or historical research or other statistical purposes pursuant to article 89, paragraph 1 of the GDPR, in so far as the right stated in paragraph 1 will probably make achieving the purposes of such processing impossible or have a serious negative impact on them or
• to assert, exercise or defend legal entitlements.

(6) Right to restricting processing
You have the right to demand processing of your personal data is restricted if one of the following conditions apply:
• The accuracy of the personal data is disputed by the data subject and processing is restricted for the period in which the data controller is able to check the accuracy of the personal data;
• Processing of the data is unlawful and the data subject does not agree to deletion of the personal data and restricts the usage of the personal data instead;
• The data controller no longer requires the personal data for processing purposes, but the data subject requires it to assert, exercise or defend legal entitlements or
• the data subject has appealed against processing of the data pursuant to article 21, paragraph 1 of the GDPR, as long as there is a lack of clarity as to whether justified grounds on the part of the data controller take precedence over those of the data subject.
Should the data processing have been restricted due to the above-mentioned reasons, this personal data – apart from the storage thereof – will only be processed with the consent of the data subject or to assert, exercise or defend legal entitlements or to protect rights of another natural or legal person or because of major public interest by the European Union or a member state.
In order to assert the right to restricting processing of the data, the data subject can contact us at any time via the contact info given.
(7) Right to data portability
You have the right to receive the personal data you furnished us with in a structured, standardised and machine-readable format and you have the right to transmit such data to another data controller without being hampered in doing so by the data controller in the following cases:
• Processing of the data is based on consent as specified in article 6, paragraph 1, a or article 9, paragraph 2, a or on a contract based on article 6, paragraph 1, b, GDPR and
• processing has been performed using automated processes.
When exercising the right to data portability pursuant to paragraph 1, you have the right to have the personal data directly transmitted from one data controller to another, if technically possible. Exercising the right to data portability does not prejudice the right to deletion (“Right to be forgotten”). Such right does not apply to data processing required of the data controller to perform a task that is in the public interest or in exercising official authority.
(8) Right to object
You have the right to object to processing of your personal data for personal reasons pursuant to article 6, paragraph 1, e or f of the GDPR; such right also applies to profiling based on such provisions. The data controller will no longer process the personal data unless he/she/it can furnish compelling legitimate grounds for processing such data, which take precedence over the interests, rights and freedoms of the data subject or if the purpose of processing the data is to assert, exercise or defend legal entitlements.
If personal data is processed for direct advertising purposes, you have the right to object to processing of your personal data to carry out such direct advertising at any time; such stipulation also applies to profiling, in so far as such profiling is associated with such direct advertising. Should you object to your data being processed for direct advertising purposes, your personal data will no longer be processed for such purposes.
In conjunction with using the services of the information society, regardless of directive 2002/58/EC, you can exercise your right to object via automated procedures where technical specifications are used.
You also have the right to object to processing of your personal data for personal reasons, where such processing is carried out for scientific or historical research or statistical purposes pursuant to article 89, paragraph 1, unless such processing is performed in order to carry out a task that is in the public interest.
You can exercise the right to object at any time by contacting the data controller concerned.
(9) Automated decisions on a case-by-case basis including profiling
You have the right to a decision not solely based on automatic processing – including profiling – that has a legal impact on you or is of significant detriment to you. Such stipulation does not apply if the decision is required for the following purposes or allowed for the following reasons:
• To conclude or fulfill a contract between the data subject and the data controller,
• Due to legal regulations from the European Union or member states which the data controller is subject to and these regulations include appropriate measures to respect the rights and freedoms and justified interests of the data subject or
• with explicit consent of the data subject.
The data controller will take appropriate measures to protect the rights, freedoms and justified interests of the data subject, which includes at least the right on the part of the data controller to enforce intervention by a person, to explain standpoints and to defend the decision.
The data subject can exercise such right at any time by contacting the data controller.
(10) The right to complain to a supervisory body
You also have the right, without prejudice to any administrative or legal remedies elsewhere, to complain to a supervisory body, in particular in the member state where you are domiciled or work, or in the place where the alleged infringement took place, if the data subject believes that processing of his/her personal data is in breach of this regulation.
(11) Right to effective judicial remedy
Without prejudice to any administrative or out-of-court remedies including the right to complain to a supervisory body pursuant to article 77 of the GDPR, you also have the right to an effective judicial remedy if you believe that your rights specified in this regulation are being infringed due to processing of your personal data that does not comply with this regulation.
© 2021 Broderius Präzision Gesellschaft für Vorrichtungen, Sonderwerkzeuge und Maschinenbau mbH. Erstellt von Webdesign Burmeister