DATA PROTECTION
Data protection declaration
We are very pleased about your interest in BeA GmbH (hereinafter “BeA”, we or us). Data protection has a high priority for our management, so protecting your privacy when processing personal data and using our website is a particularly important concern.
Using our website is generally possible without providing personal data. If you use our company’s special services via our website or would like to contact us, processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.
The processing of personal data, such as the name, address, email address or telephone number of a data subject, is carried out in accordance with the requirements of the EU General Data Protection Regulation (EU-GDPR) and in accordance with the others data protection regulations applicable in Germany. With this data protection declaration we would like to inform the public about the type, scope and purpose of the personal data we process. Furthermore, by means of this data protection declaration, data subjects are informed about the rights to which they are entitled and the information obligations pursuant to Articles 13 and 14 of the EU GDPR are fulfilled.
1. Contact details of the person responsible
The person responsible within the meaning of the EU GDPR and national data protection regulations is:
BeA GmbH
Managing Director:
Dr. Jörg Dalhöfer
Andreas Höhling
HR: LĂĽbeck HRB 21320HL
Tax number: 30/293 80 781
VAT number: DE 342/809/873
WEEE Reg .-No.: DE 94007702
2. Contact details of the data protection officer
BeA’s data protection officer is
s-consit GmbH
Contact person: Daniel Nyhof LL.M., LL.B.
SchĂĽtzenstr. 25a
23843 Bad Oldesloe
Germany
daniel.nyhof@s-consit.de
You can contact our data protection officer directly at any time if you have any questions or suggestions about data protection.
3. Website use / collection of general data and information
The BeA website collects a series of general data and information each time you or an automated system accesses it. This general data and information is stored in the server’s log files: name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page ), IP address and the Internet service provider and other similar data and information that serve to avert danger in the event of attacks on our information technology systems.
BeA does not draw any conclusions when using this general data and information Conclusions about the person concerned. Rather, this information is needed to correctly deliver the content of our website, to optimize the content of our website, to ensure the long-term functionality of our information technology systems and the technology of our website, and to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. This anonymously collected data and information is therefore evaluated both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data we process. The data in the server log files is stored separately from all personal data provided by a data subject.
3.1. Cookies
The BeA websites use cookies. Cookies are text files that are stored and stored on a computer system via an Internet browser.
Numerous Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.
By using cookies, BeA can provide you with more user-friendly services that would not be possible without the cookie setting.
Using a cookie, the information and offers on our website can be optimized for the benefit of the user. Cookies enable us to recognize the users of our website on a pseudonymized basis. The purpose of this recognition is to make it easier for users to use our website and to save technical settings. The data subject can prevent the setting of cookies through our website at any time by means of an appropriate setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
Other cookies used by BeA serve for user-friendliness and are deleted when the browser session ends (session cookies ).
3.2. Use of Google Analytics
On our website we use Google Analytics, a web analysis service from Google Inc. (“Google”). The use is based on Article 6 Paragraph 1 Letter f) EU GDPR or Section 15 Paragraph 3 TMG in our legitimate interest (i.e. interest in the analysis, optimization and economic operation of our online offering). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of the website such as
- Browser type/version,
- operating system used,
- Referrer URL ( the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request,
are usually displayed transferred to a Google server in the USA and stored there. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data. We have also expanded Google Analytics on this website to include the code “anonymizeIP”. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On our behalf, Google will use this information to evaluate your use of the website and to create reports about the websites -To compile activities and to provide us with other services related to website use and internet use. You can prevent the storage of cookies by setting your browser software accordingly; However, we would like to point out that in this case you may not be able to use all of the functions of this website to their full extent.
The cookies we send and with cookies, user identification (e.g. user ID) or advertising -IDs linked data will be automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs automatically once a month. Further information on terms of use and data protection can be found at www.google.com/analytics/terms/de.html or at policies.google.com.
You can also have the data collected by the Prevent the data generated by cookies and related to your use of the website (including your IP address) from being sent to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: tools.google.com/dlpage/gaoptout. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent data collection by Google Analytics by clicking on this button:Deactivate tracking. An opt-out cookie will be set to prevent future collection of your data when you visit this website. The opt-out cookie only applies in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
3.3. Integration of services and content from third parties
Within our online offering, we rely on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit . f.) EU GDPR) content or service offers from third parties in order to integrate their content and services, such as videos, navigation services or fonts (hereinafter uniformly referred to as “content”).
This always applies assumes that the third party providers of this content (e.g. Google LLC.) perceive the users’ IP address, as without the IP address they would not be able to send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offering, as well as being linked to such information from other sources. p>
3.4. Use of Google reCAPTCHA
We use the Google reCaptcha service to determine whether a human or a computer makes a specific entry in our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the device used, the website you visit on our website and on which the captcha is integrated, the date and duration of the visit, the identification data of the device used Browser and operating system type, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the data processing described is Article 6 Paragraph 1 Letter f of the General Data Protection Regulation. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated entries (attacks).
3.5. BeA Newsletter
After registering for the free BeA newsletter on https://www. BeA-group.com/newsletter/registration/ we will inform you regularly by email about new products and special offers. The data you enter when registering will only be used to personalize the newsletter and will not be passed on to third parties.
You can unsubscribe from the newsletter at any time or send your consent by email to marketing@BeA-group.com revoke. Your data will be deleted within 3 months after you have stopped receiving the newsletter, provided that there are no legal retention obligations to the deletion.
By submitting the data you have entered, you consent to the data processing and confirm our data protection declaration.
4. Social Media
4.1. Social media presences
We maintain online presences within various social networks and platforms in order to be able to communicate with customers, interested parties and users active there and to inform them about our products and services.
We would like to point out that user data may be processed outside the EU. This can result in risks for users because, for example, it could make it more difficult to enforce users’ rights. With regard to US operators who are certified under the Privacy Shield, we would like to point out that they are obliged to comply with EU data protection standards.
We operate a KMR on the following social media platforms Social media channel:
- Facebook: https://www.facebook.com/KMR.de /
- YouTube: https://www.youtube.com/channel/UCRRp_OkNO_JMYQVrLauK6Cw?
- Instagram: https://www.instagram.com/kmr_deutschland/
- LinkedIn: https://www.linkedin.com/showcase/30113019
We also operate a BeA social media channel on the following social media platforms:
- YouTube: https ://www.youtube.com/user/BeAGroupcom
- LinkedIn: https://www .linkedin.com/company/30105160
Besides us, there is the operator of the social media platform itself. This is also another person responsible who carries out data processing, over which we only have limited influence. At the points where we can influence and parameterize data processing, we work to ensure data protection-compliant handling by the operator of the social media platform within the scope of the options available to us. In many places, however, we cannot influence the data processing by the operator of the social media platform and do not know exactly what data they process.
4.2. Data processing by BeA GmbH
The data you enter on our social media pages such as: B. Comments, videos, images, likes, public messages, etc. are published through the social media platform and are not used or processed by us for any other purposes at any time. We only reserve the right to delete content if this is necessary. We may share your content on our site if this is a function of the social media platform and communicate with you via the social media platform.
If you consent to certain data processing over which we have influence If you would like to object, please contact us using the contact details provided in this statement.
If you send us an inquiry on the social media platform, we may also refer you to other, secure communication channels, depending on the response required that guarantee confidentiality. You always have the option of sending us confidential inquiries to our address given here.
We make sure that our pages are as data protection-compliant as possible where the operator of the social media platform gives us the opportunity to design. With regard to statistics that the operator of the social media platform provides to us, we can only influence them to a very limited extent and cannot switch them off. However, we ensure that no additional optional statistics are made available to us.
The processing of users’ personal data is based on our legitimate interests in our public relations work, effective information for users and communication with users in accordance with Art. 6 Para. 1 lit. f.) EU GDPR. If the users are asked by the respective operators of the platforms for their consent to the data processing described above, the legal basis for the processing is Art. 6 Para. 1 lit. a), Art. 7 EU GDPR.
For For a detailed description of the respective processing and the options for objection (opt-out), please refer to the information provided by the operators linked below.
We also point out in the case of requests for information and the assertion of user rights that these can be asserted most effectively with the operators of the platforms. Only the operators have access to the user’s data and can take appropriate measures and provide information directly.
4.3. Data processing by the operators of the social media platforms
The operators of the social media platforms usually use web tracking methods. Web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already stated, we unfortunately have little influence on the web tracking methods of the social media platform. In particular, we cannot switch this off.
Please be aware of this: It cannot be ruled out that the operator of the social media platform will use your profile and behavioral data, such as your habits, personal relationships, Evaluate preferences, preferences, etc. In this respect, we have no influence on the processing of your data by the operators of the social media platforms.
More information on data processing by the operator of the social media platform and other objection options can be found in the data protection declarations of the operators: p>
- Facebook: https://www.facebook.com/privacy/explanation
- YouTube: https://policies.google.com/privacy?hl=de&gl=de
- Instagram: https://help.instagram.com/519522125107875
- LinkedIn: https://linkedin.com/legal/privacy-policy
4.3.1. Facebook
We use the “Facebook Insight” analysis function from Facebook Inc. on our Facebook fan page. The function serves the purpose of advertising and market research in order to provide you with more relevant content and new content that is of interest to you to develop functions. Facebook uses cookies that enable an analysis of your visits to the fan page.
The information generated by the cookies about your use of the fan page, e.g. number of page activities (actions taken on the page), number of page views, Number of likes, number of people reached, number of post interactions, data on video views, number of page subscribers, percentage distribution of gender, age structure, country, city and language of people reached and interacted usually transferred to Facebook servers in the USA and stored there.
Since we use the “Facebook Insight” analysis function, according to the case law of the European Court of Justice, there is a joint responsibility (joint controllership) together with Facebook We have concluded an agreement with Facebook in accordance with Article 26 of the EU GDPR.
Facebook processes user data for the following purposes:
- Advertising, analysis, creation of personalized advertising
- Creation of user profiles
- Market research
When you access the page, Facebook automatically saves information in a log file that your browser transmits to Facebook.
We expressly point out that we have no knowledge of the scope and content of the data collected by Facebook or how it is processed and used or, if necessary, transmitted to third parties by Facebook.
Information on data protection at Facebook can be found in the Facebook privacy policy linked above.
5. Contractual relationships/regulations regarding data transfer
Within BeA, those positions, departments and employees as well as affiliated companies of the BeA Group receive your personal data (e.g. name, address, billing address, telephone number, Email address, etc.) that we need to fulfill our contractual and legal obligations. Processors we use (Article 28 EU GDPR) may also receive data for these purposes. These are in particular companies in the categories IT services, technical services, logistics, printing services, telecommunications, debt collection, advice and consulting as well as sales and marketing. In addition, data may be passed on to external persons (e.g. lawyers) if this is necessary to enforce legal interests.
Data will only be passed on to other recipients outside of BeA if this is required by legal regulations or you have consented. Under these conditions, recipients of personal data can be, in particular, public bodies and institutions (supervisory authorities, tax authorities, social security institutions) if there is a legal or official obligation or those recipients who we have specified when granting their consent to the data transfer.
BeA intends to transfer data to third countries or international organizations within the framework previously explained (e.g. Google) or if purchasers/customers are based in third countries, this is necessary for us to process the contracts, the legal basis is Article 6 Paragraph 1 lit. b) i. V. with Art. 44, 49 EU GDPR.
6. Data categories and legal bases
The categories of personal data collected include in particular the following data:
6.1. Master and contract data:
We refer to all data of a customer that we collect for the establishment, content design, change or termination of a contractual relationship regarding the contractual services as master and contract data. This includes, for example, name, address, billing address, telephone and fax number(s), the start of the contract, if necessary the bank details for direct debit billing, the email address, powers of attorney, contact details of authorized representatives, submitted complaints, etc. Processing takes place based on Art. 6 Para. 1 lit. b) EU GDPR.
The customer is informed that BeA uses the data that was lawfully collected as part of an existing customer relationship for the purpose of direct postal advertising may use for their own offers if the customer has not objected to such use. When collecting or storing the data for the first time and each time an advertising message is sent to their address, BeA clearly informs the customer in a clearly visible and legible manner that they can object to the sending of further messages to BeA at any time in text form. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f) EU GDPR.
6.2. Billing data
BeA collects and processes the billing data arising within the framework of the respective contractual relationship (in particular product data, delivery data, quantities). The use of the data is primarily for billing purposes; In particular, the data is further processed for creating and sending invoices as well as collecting the claim, processing incoming payments and arrears, and reminders. The processing is carried out on the basis of Article 6 Para. 1 lit. EU GDPR.
6.3. Other obligations for processing and storage:
In addition, data must be partially restricted in processing and archived within the framework of statutory tax and commercial storage obligations. The processing is carried out on the basis of Article 6 Paragraph 1 Letter c) EU GDPR.
6.4. If necessary, we process your data beyond the actual fulfillment of the contract to protect our legitimate interests or those of third parties.
Examples: Examination and optimization of procedures for needs analysis and direct customer contact; Advertising or market and opinion research, provided you have not objected to the use of your data; Assertion of legal claims and defense in legal disputes; Ensuring IT security and IT operations; Measures for business management and further development of services and products.
The processing is carried out on the basis of Art. 6 Para. 1 lit. f) EU GDPR.
7. Making contact
When you contact BeA (for example using the contact form or email), your details from the inquiry form, including the contact details you provided there (required mandatory information and voluntary information are available from the respective company). Form marked accordingly) for the purpose of processing the request and in the event of follow-up questions. Once the request has been completed, your data will be deleted at regular intervals, unless you are a customer of ours or if there are statutory retention periods to the contrary.
Further processing or use for other purposes as well as passing on of this data will not take place without your consent. The processing is carried out on the basis of Article 6 Para. 1 lit. a), b) and f) EU GDPR.
8. Data protection for applications and the application process
BeA collects and processes the personal data of applicants for the purpose of processing the application process. Processing can also take place electronically. This is particularly the case if an applicant sends us relevant application documents electronically, for example by email. If an employment relationship is established with an applicant, the data will be further processed and stored for the purpose of handling the employment relationship in compliance with the legal regulations.
The processing is carried out on the basis of Article 6 Paragraph 1 Letter b) EU -GDPR i. In accordance with Section 26 BDSG.
If no employment relationship is established, the application documents will be deleted six months after the rejection decision has been announced, provided that deletion does not conflict with MKCL’s other legitimate interests. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).
Processing is carried out on the basis of Article 6 Paragraph 1 Letter f) of the EU GDPR.
9. Routine deletion and restriction of processing of personal data
BeA processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or if this is required by European or national legislation BeA is subject to, was provided.
If necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and processing of a contract.
In addition We are subject to various storage and documentation obligations, which arise in particular from the Commercial Code (HGB) and the Tax Code (AO). The periods specified there for storage and documentation are up to ten years.
Finally, the storage period is also assessed according to the statutory limitation periods, for example according to Sections 195 ff. of the Civil Code (BGB). As a rule, three years, but in certain cases it can be up to thirty years.
If the purpose of storage no longer applies or if a storage period prescribed by European or national legislation expires, the personal data will be stored routinely and in accordance with the legal regulations their processing is restricted or deleted.
10. Rights of the data subject
You can exercise the following rights at any time:
- Right to information in accordance with Article 15 EU GDPR
- Law to rectification in accordance with Art. 16 EU GDPR
- Right to deletion / to be forgotten in accordance with Art. 17 EU GDPR
- Right to restriction of processing in accordance with Art. 18 EU GDPR
- Right to data portability in accordance with Art. 20 EU GDPR
- Right to object in accordance with Art. 21 EU GDPR
Right to object: If we have one If we process data to protect our legitimate interests, you have the right to object to this processing at any time for reasons relating to your particular situation. This particularly includes the right to object to processing for advertising purposes. The objection applies with effect for the future. The restrictions in accordance with Sections 34 and 35 BDSG new version apply to the right to information and the right to deletion. In addition, there is a right to lodge a complaint with a data protection supervisory authority (Article 77 EU GDPR in conjunction with Section 19 BDSG new version).
To exercise your rights, you can contact our data protection officer or BeA at any time using the details provided above.
11. Security of processing
BeA implements technical and organizational security measures in accordance with Art. 32 EU GDPR to protect your personal data against destruction, loss or alteration, whether unintentional or unlawful, or unauthorized disclosure of or protect unauthorized access to personal data transmitted, stored or otherwise processed. This includes, in particular, encryption of website access using common, state-of-the-art procedures.
BeA has also implemented a procedure for regular checking, assessment and evaluation of the effectiveness of the technical and organizational measures taken in order to ensure that our security measures are appropriate to continuously improve technological developments.
12. Scope of the information according to Art. 13 and 14 GDPR
Our websites may contain links to websites of other providers. Since BeA has no influence on the content, design or application of data protection regulations of third-party providers, we recommend that you inform yourself about the guidelines applicable there when visiting third-party websites.
The content of this data protection declaration applies exclusively in relation to to BeA’s online presence and not to any linked websites.