Have any questions?
+49 7446 1820
With this statement we inform you about the nature and extent, as well as the purpose and legal basis of the processing of personal data on this website and on any online presence in social networks. In addition, we communicate here our information and notification obligations for the use of personal data in our company.
Name and address of the responsible person
The controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is the company named in the imprint.:
Contact the data protection officer
data protection officer of the controller is:
ER Secure GmbH
In der Knackenau 4
Understanding the processing of personal data
We only collect and process the personal data of our users to the extent necessary for the provision of a functional website or the provision of services by our company. The processing takes place only with your approval, or in case it is permitted or required by legal regulation.
The security of your personal data is a high priority for us. We therefore protect your data through technical and organizational measures to prevent misuse of the use. We regularly review the measures taken and adapt these to current technical conditions. In addition, we commit all employees to confidentiality in accordance with §28 GDPR.
Purposes and legal basis of processing, transfer to third parties and abroad
We process your data for the following purposes:
- Fulfillment of new or existing contractual relationships or for the implementation of pre-contractual measures, e.g. the creation of offers
- Sending marketing information
- Editing inquiries, e.g. as part of our core activity or for application letters
- Provision of telemedia, e.g. our website or e-mail
In doing so, we process the data in accordance with of the legal basis of Art. 6 para. 1 GDPR:
- 6 para. 1 lit. a GDPR: processing operations based on their consent
- 6 para. 1 lit. b GDPR: processing operations to fulfill a contract or precontractual measures, e.g. a purchase or service contract or optaining an offer
- 6 para. 1 lit. c GDPR: processing operations to which we are legally obliged, e.g. the storage for tax reasons
- 6 para. 1 lit. GDPR: processing operations that we carry out based on our legitimate interests, e.g. the disclosure of their data to postal service providers for the purpose of sending mail or to a tax consultant. This includes the storage of website usage information for the purpose of optimizing our website.
The disclosure of your data to third parties is based on the above permits and occurs only in the context of an order processing contract or if other confidentiality obligations exist, this includes professional secret carriers or shipping service providers. If a transfer to third countries takes place outside the European Economic Area, corresponding guarantees of the recipients are provided for under Art. 44 et seq. GDPR, e.g. a certification under the Privacy Shield.
Duration of storage, deletion of personal data
Personal data will only be processed and stored for the period required to fulfill the processing purposes. After fulfillment of the purpose, your data will be deleted or blocked by us, as long as we are no longer subject to a statutory storage obligation.
We send newsletters with promotional content to our customers. The legal basis for the shipment is either the consent in accordance with Art. 6 para. 1 lit. a, if you have entered yourself into the newsletter via the newsletter function. The entry is made with the double opt-in method, i. You will receive a confirmation e-mail in which you must click on a confirmation link. You can object to the consent at any time, this includes each newsletter a logout function.
If we have received your contact via a contractual relationship, we will send you the newsletter with product information to safeguard our legitimate interest in accordance with Art. 6 para. 1 lit. f i.V.m § 7 Abs. 3 UWG. You can object to the use of your e-mail adress for advertising purposes. Each newsletter contains an unsubscribe function.
If we have saved your name, we will use it for the address. If possible, we will send the newsletter gender-specific.
We use the external service provider RapidMail to send the newsletter. The provider maintains a database in which we can see information about the registration and deregistration and a contradiction or revocation of a consent.
The logging serves to safeguard our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, to provide a user-friendly and legally compliant newsletter, e.g. in relation to proof requirements.
Embedding Google Maps
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Collection of access data and log files
We collect access data (log files) on every server access on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f. DSGVO. This includes the name of the retrieved website, the date and time of the retrieval, the transferred file and data volume, the message about the retrieval success or failure, browser type and browser version, the operating system, referrer URL (the previously visited page), and their IP address. Log files are collected for security purposes (for example, to investigate crimes) and stored for a period of 7 days and then deleted. If data are still required for evidence, they will be exempted from the cancellation until the final clarification of the incident.
To ensure a fast and stable connection, we have outsourced the hosting to an external service provider. This process the above-mentioned log data according to our specifications. The disclosure is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO i.V.m. Art. 28 GDPR.
Cookies are files stored by the Internet browser on the user's computer system. When accessing this website, cookies are stored in the browser memory of the person concerned.
You can prevent the storage of cookies in the browser, the page may possibly only work to a limited extent. It makes more sense at this point to set the deletion of all cookies after the end of each browser session, which works on our site without restriction and a recognition at the next visit with all positive and negative consequences is prevented.
We use technical cookies, as this is technically necessary for the operation of the service offered in accordance with Art. 6 (1) lit. f DSGVO, i. to safeguard our legitimate interest.
Technical cookies are used to recognize a user when the website is called up again and so to store for example. made language settings, shopping cart information or similar beyond a surfing session.
When making contact (eg via contact form, e-mail, telephone or via social networks), the personal data of the user for processing the contact request according to. Art. 6 para. 1 lit. b DSGVO, i. to fulfill a contract or precontractual measures. If necessary, your data will be transferred to a customer management program (CRM system). Please note that we are committed to e-mail archiving according to the GoBD; a complete deletion of e-mails sent to us (from our archive system) is therefore not possible.
Information transmitted via our contact form on our website is securely encrypted in accordance with the requirements of TMG §13 (7).
Transfer of personal data
Your data will be forwarded to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of the goods. To process payments, we pass on your payment data to the bank responsible for the payment.
Processing of applicant data
If you send us application documents via e-mail, the information sent to us will be archived by us to protect our legitimate interest for up to 6 months in order to contact you in case of a vacancy. After 6 months the emails will be deleted from our active system. You have the possibility of objecting to the storage directly or subsequently. If necessary, contact us again.
Reference to the persons concerned
In case we process your personal data, you are the person concerned and in terms oft he GDPR you have the following rights towards the responsible body:
Right to information and data portability
You have the right to request information about the personal data stored about you. You have the right to receive the requested data in a common, machine-readable format.
Right to rectification
You have the right to ask the person responsible for the correction of incorrect personal data concerning you. Taking into account the purposes of processing, they have the right to ask for the completion of incomplete personal data.
Right to restriction
Under the following conditions, they may request the restriction of the processing of personal data concerning them:
- The accuracy of the personal data is contested by the data subject for a period enabling the controller to verify the accuracy of the personal data.
- The processing is unlawful and the data subject opposes the erasure of the personal data and instead requests the restriction of the use of the personal data.
- The controller no longer needs the personal data for the purposes of processing, but the data subject requires them to assert, exercise or defend legal claims, or if
- the person concerned objects to the processing, as long as it is not certain that the legitimate reasons of the person responsible outweigh those of the data subject.
If the processing has been restricted, these personal data may be stored only with the consent of the data subject or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of significant public interest Union or a Member State. We will inform you before the restriction is lifted.
Right to delete
You may request the deletion of the processing of your personal data under the following conditions:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- The data subject revokes their consent and there is no other legal basis for processing.
- The data subject objects to the processing and there are no overriding legitimate grounds for processing.
- The personal data were processed unlawfully.
- The erasure of personal data is necessary to fulfill a legal obligation under Union or national law to which the controller is subject.
- The personal data was collected in relation to the use of web services.
Right to revoke a declaration of consent
You have the right to revoke your consent to the processing of personal data at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Right to information
If you have used the right to correct, delete or restrict the processing, we are obliged to notify all recipients to whom this information has been transmitted about the correction, deletion or restriction of the data, unless this is a disproportionate effort or impossible.
Right of objection
You have the right, at any time, to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. The controller no longer processes the personal data unless he can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
If personal data are processed in order to operate direct mail, they have the right to object at any time to the processing of personal data concerning them for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
Right to complain to a supervisory authority
You have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy, in particular in the Member State of its habitual residence, employment or the place of alleged infringement, if you consider that the processing of the personal data concerning you is against the GPDR violates.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
Non-provision of personal data
If you do not provide us with personal data that we need for contractual purposes, this non-provisioning generally means that the contract can not be closed. In individual cases, we can inform you whether a provision is legally binding or contractually required and what would be the consequences of non-provision in individual cases.
As of: 20.09.2018