Using the following information, we would like to give you a summary of the way your personal data are processed by us and your rights as a “data subject” arising from data protection laws. As a rule, you do not need to disclose any personal data to use our websites. However, if you would like to use special services provided by our company via our website, processing of personal data might be required. If processing of personal data is required and if no legal basis for such processing exists, we generally ask for your consent.
In our capacity as data controller, we implemented numerous technical and organisational measures to ensure that personal data processed via this website is protected as completely as possible. Nevertheless, web-based data transfer generally still presents vulnerabilities, which makes any guarantee of complete protection impossible. For this reason, you are free to transmit personal data to us using alternative means such as telephone or mail.
Holzhofstrasse 26, 82362 Weilheim, Germany,
is the controller as defined in the GDPR
Phone: +49 (0) 881 9293 0
Director of the controller: Thomas Weckerle
You can contact the data protection officer at:
You can contact our data protection officer directly at any time if you have any questions or suggestions regarding data protection.
Our company uses article 6 (1) point a GDPR as the legal basis for processing operations with regard to which we have obtained your consent to process data for a specific purpose.
If processing personal data is required for contract performance regarding a contract to which you are a party, as is for example the case with processing operations necessary for the supply of goods or rendering of other services or return services, processing is based on article 6 (1) point b GDPR. The same applies to processing operations required to execute pre-contractual measures, as is the case with inquiries regarding our products or services.
If our company must comply with a legal obligation requiring the processing of personal data, for example to fulfil tax obligations, processing is based on article 6 (1) point c GDPR.
In rare cases, processing personal data could be required to protect vital interests of the data subject or another natural person. This would be the case if, for example, a visitor was injured on our premises and it thus became necessary to transmit their name, age, health insurance data or other vital information to a doctor, a hospital or another third party. In this case, processing would be based on article 6 (1) point d GDPR.
Lastly, processing operations could be based on article 6 (1) point f GDPR. This legal basis applies to processing operations which are not covered by any other of the aforementioned legal bases if processing is required to safeguard legitimate interests of our company or any third party, provided the interests, fundamental rights and freedoms of the data subject do not outweigh such interests. European legislators make special mention of such processing operations, which is the particular reason why we are allowed to carry them out. In this matter, the legislators were of the opinion that legitimate interests might be assumed to exist if you are a customer of our company (recital 47 sentence 2 GDPR).
This site uses SSL/TLS encryption to guarantee secure data processing and make sure any confidential content, such as orders, login data or contact enquiries you sent to us, the website operator, is transmitted securely. You can recognise an encrypted connection by the lock symbol in the address bar of your browser and by the fact that “https://” is displayed in the address bar of your browser instead of “http://”.
If SSL/TLS encryption is activated, data you transmit to us cannot be read by any third party.
If you use our website purely for information purposes, i.e. if you do not register or transmit information to us in any other way, we will only collect data your browser transfers to our server (by means of so-called “server logfiles”). Our website collects various general information and data whenever a page is accessed by you or an automated system. The general information and data are recorded are stored on the server logfiles. The following information can be collected
When we use such general information and data, we do not draw any conclusions about you as an individual. Rather, this information is necessary to
Thus, the information and data collected will be evaluated by us for statistical purposes on the one hand and, on the other hand, for the purpose of enhancing data security and data protection within our company to ultimately ensure an optimal security level for personal data processed by us. The data from the server logfiles will be stored separately from any personal data provided by a data subject.
Article 6 (1) sentence 1 point f GDPR constitutes the legal basis for data processing. Our legitimate interest can be derived from the above-mentioned purpose of data collection.
If you contact us (e.g. via contact form or email), we will collect personal data. The personal data collected when using a contact form are indicated on the respective contact form. Such data are stored and used exclusively for the purpose of replying to your request or for contact purposes and related technical administration. Your data are processed on the legal basis of our legitimate interest of replying to your request according to article 6 (1) point f GDPR. If you contact us with the intention of concluding a contract, article 6 (1) point b GDPR forms an additional legal basis for data processing. After we finished handling your request, your data will be erased; this is the case if under the circumstances it seems reasonably certain that the respective matter has been settled conclusively and provided the erasure of data is not prevented by any statutory retention obligations.
Our website uses so-called web fonts for a uniform display of fonts. Web fonts are provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you open a webpage, your browser loads the necessary web fonts into the browser cache to be able to display texts and fonts correctly.
For this purpose, the browser you use must connect with Google’s servers. Through this, Google becomes aware of the fact that our website was opened via your IP address. We use Google Web Fonts to present our website in a uniform and attractive way. This is considered a legitimate interest as defined in article 6 (1) point f GDPR.
Google LLC based in USA is certified for “Privacy Shield”, a US-European data protection convention guaranteeing compliance with the level of data protection applicable in the EU.
You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed.
You have the right to obtain from us free of charge at any time access to information about the personal data stored concerning you as an individual; furthermore, you have the right to obtain a copy of such data at any time.
You have the right to request the rectification of inaccurate personal data concerning you. Furthermore, the data subject has the right to have incomplete personal data completed, taking into account the purposes of processing.
You have the right to request we erase personal data concerning you without undue delay if one of the reasons provided for by law applies and if processing is not necessary.
You have the right to request from us restriction of processing if one of the statutory requirements is met.
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit those data to another controller without hindrance from us, to whom,the personal data have been provided, if processing is based on consent in accordance with article 6 (1) point a GDPR or article 9 (2) point a GDPR or on a contract in accordance with article 6 (1) point b GDPR and provided processing is carried out by automated means, if processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Furthermore, upon exercising your right to data portability in accordance with article 20 (1) GDPR, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible and if this action does not have any negative impact on the rights and freedoms of another person.
You have the right to withdraw your consent regarding the processing of personal data at any time with effect for the future.
You have the right to lodge a complaint with a competent data protection supervisory authority regarding our processing of personal data.
We only process and store your personal data for the duration necessary to fulfil the storage purpose and if this is provided for by any of the statutory provisions our company is subject to.
If the storage purpose no longer exists or if a prescribed storage period has expired, the personal data will be routinely blocked or erased in accordance with legal provisions.
The respective statutory retention period is the criterion for determining how long personal data will be stored for. Once such a period has expired, the respective data will be routinely erased if they are no longer required for contract performance or contract initiation.