1. General information and mandatory information
1.1. Data protection
We would like to point out that the transmission of data online (e.g. communication by e-mail) may be vulnerable to security breaches. It is not possible to fully protect data from access by third parties.
1.2. Data controller and data protection officer
The data controller for the processing of data on this website is:
Triebeser Straße 16
T: +49 (0) 36628 66 - 10 00
We have appointed an internal company data protection officer (pursuant to Article 37 et seq. GDPR):
Data Protection Officer
Triebeser Str. 16
1.3. Encrypted communication
This website uses SSL encryption for security reasons and in order to protect the transmission of confidential information, such as orders or requests that you send to us as the website operator. Your connection is being encrypted if a padlock symbol appears in your browser address bar and the start of the URL in your address bar changes from “http://” to “https://”.
When SSL encryption is activated, the data that you transfer to us cannot be read by third parties.
2. Your rights concerning data protection
2.1. Access, blocking, erasure, restriction, objection
As part of the applicable statutory provisions, you have various rights relating to the processing of your personal data. You can contact our data protection officer at any time using the details provided if you would like to exercise your rights or if you have any questions concerning your personal data.
Each data subject has the following rights under the GDPR:
- The right of access to the personal data stored about you (pursuant to Article 15 GDPR),
- The right to have your personal data rectified (pursuant to Article 16 GDPR),
- The right to erasure (pursuant to Article 17 of the GDPR),
- The right to the restriction of processing (pursuant to Article 18 GDPR),
- The right to object to your data being processed (pursuant to Article 21 GDPR).
The right of access and the right to erasure are subject to the restrictions laid down in Sections 34 and 35 of the German Data Protection Act (BDSG).
2.2. Right to data portability
You have the right (pursuant to Article 20 GDPR) to have data that we have processed by automated means on the basis of your consent or in order to perform a contract to be given to you or to a third party in a commonly used and machine-readable format. If you request that this data be transmitted directly to another controller, this will only take place if technically feasible.
2.3. Withdrawal of your consent to the processing of your data
If we are processing your data on the basis of your consent (e.g. in accordance with Article 6 (1) a GDPR in conjunction with Article 7 GDPR and where relevant Article 49 (1) a GDPR), you have the right to withdraw this consent at any time. To exercise this right, you simply need to notify us of your request by email. This withdrawal of consent will not affect the lawfulness of any data processing that has already taken place.
2.4. The right to lodge a complaint with the competent supervisory authority
As a data subject, you have the right to lodge a complaint with a supervisory authority in the event of infringements of data protection legislation.
3. Collection of data on our website
Cookies that are necessary for electronic communication purposes or in order to provide certain features that you wish to use (e.g. the shopping cart feature) are stored on the basis of Art. 6 (1) f GDPR. As the website operator, we have a legitimate interest in storing cookies to help optimize our services and keep them free from technical faults.
You can also configure your browser to alert you when cookies are created so that you can choose whether to accept them on a case-by-case basis. You can also configure it to always decline cookies or to decline them in certain cases as well as to automatically delete cookies when you close the browser. Please note that deactivating cookies may limit the functionality of this website.
Server log files
The provider of this website automatically collects and stores information in server log files automatically transferred to us by your browser when you visit this website. This information includes:
- Your browser type and browser version
- Your operating system (if applicable)
- The referrer URL
- The URL visited, including the protocol and method
- Your computer’s hostname
- The date and time of the server request
- Your IP address
- GeoIP country code
This data is not merged with other sources of data.
The abovementioned data is processed within the server log files so that we can fulfil our legitimate interest (pursuant to Article 6 (1) f GDPR). Our legitimate interest is to provide you, as one of our users, with a functional website tailored to your needs (e.g. in the right language for your country) so that our website is presented in an attractive manner and can be optimized continuously. In addition, collecting this data allows us to prevent or protect ourselves against cyber attacks, to perform error analysis, and to detect potential cases of fraud.
The data is processed by the company Netigo GmbH on the basis of a processing agreement pursuant to Art. 28 GDPR, in which we require the service provider to protect the data of our website visitors and not to disclose this data to unauthorized third parties. The data is only processed by us on servers in the EU and is not disclosed to third parties. The server log files are stored by the provider for 30 days before being deleted.
How to contact us
Our website provides various means for you to contact us. For example, if you would like to ask us any questions or give us any feedback, you can do this using the contact form provided on our website or the contact details listed (in particular our e-mail address). You can also use the chat service to contact our customer service representatives.
When using the contact form and the chat service, you are required to enter some personal details about yourself before your request can be sent and processed. For example, you need to provide us with your name and email address. We need this information to communicate with you and to provide you with a fast, high-quality service. This falls within the scope of our legitimate interest (in accordance with Art. 6 (1) f GDPR). In addition, details concerning your request help us to forward it to the right department quickly. You can also choose to give us your telephone number if you would like us to contact you in this way.
We will only use and store your data for the purpose of processing your request. We will pass on the information you enter to the relevant members of staff, who will process your request according to your requirements. We will only share your data with third parties if doing so is necessary in order to process your request. Our chat feature is provided using the web hosting services provided by Netigo GmbH. We have concluded a data processing agreement with Netigo in accordance with Article 28 GDPR, in which we require the service provider to protect our customers’ data and not to disclose it to unauthorized third parties. The data is only processed in the EU and is not disclosed to third parties.
We will store your request and the data provided in your request for the purpose of processing your request and so that we can respond to any follow-up questions. We will keep this data until you ask us to delete it or until we have fulfilled the purpose for which we were storing it. Any mandatory legal provisions – in particular retention periods – will remain unaffected by this.
3.1. Collection of data by embedded video services
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
We use the services of this company in order to display videos about our products and our company on our website in an appealing and professional manner. The integration of Vimeo videos occurs due to our legitimate interest in presenting an appealing image on our website (Art. 6 (1)(f) GDPR).
The integration of videos could result – for reasons of technical necessity – in calling on Vimeo servers that may be located in third-party countries with a lower level of data protection. Vimeo is independently responsible for the associated use of data from your browser or device in this context.
To guarantee compliance with data protection requirements when transmitting data to the USA and other countries outside the European Union or the European Economic Area, we have established EU standard contract clauses with Vimeo. In addition, videos from Vimeo are embedded in their "Do Not Track" version as a rule so that personal data is only transmitted to Vimeo to a minimal extent. Vimeo has also committed to continue complying with its previous obligations from the former Privacy Shield Agreement.
Our website uses plugins from the video portal YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We use the services of this company in order to display videos about our products and our company on our website in an appealing and professional manner. The integration of YouTube videos occurs based on our legitimate interest in presenting an appealing image on our website (Art. 6 (1) f GDPR). To this end, we have concluded a processing agreement with Google in which we require Google to handle personal data in compliance with data protection regulations and only based on our instructions. You can find detailed information here: https://www.youtube.com/t/terms_dataprocessing
The integration of videos could result – for reasons of technical necessity – in calling on Google servers that may be located in third-party countries outside the EU and EEA with a lower level of data protection. Google is independently responsible for the transmission and processing of data from your browser or device in this context. To keep data transmission to a minimum, we embed all YouTube videos using the “Privacy-Enhanced Mode”. As a result, data is only sent to Google if you actively click the video in order to play it.
3.2. Collection of data by the services of Google
This website uses various services offered by the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The use of these individual services is described in more detail below.
The services we implement regularly collect various data from you, the devices you use and the websites you visit. This data includes
- Referrer URL (the address of the website from which the user is redirected)
- IP address (e.g. 218.104.22.168)
- Information about the operating system (the software that makes it possible to operate your computer. Common operating systems are Windows, Mac OS X or Linux)
- Cookies (small text files that save data in your browser)
- Mouse and keyboard behavior (every action that you perform with the mouse or keyboard is saved)
- Date and language settings (the language and date you have preconfigured on your PC are saved)
- Screen resolution (indicates how many pixels are used in the screen display)
Our use of the following services and the associated collection of personal data (in particular IP addresses) is generally based on our legitimate interest in analyzing, improving and making our website content appear attractive to you as a user as well as on our legitimate interest in tailoring any advertising to your needs. Where necessary, we will obtain your consent to the use of these services in advance.
The processing of data on our behalf
We have concluded a data processing agreement for our use of Google Analytics and fully comply with the strict provisions of German data protection authorities when using this service. Additionally, standard contract clauses have been established with the provider regarding the use of the service that should help to ensure a more appropriate level of data protection. The data processing agreement can be accessed here: https://privacy.google.com/businesses/processorterms/.
Collection of demographic data by Google Analytics
This website uses the Demographics feature provided by Google Analytics. This feature enables reports to be created that contain statements about the age, gender, and interests of visitors to this site. This data is gathered from Google’s personalized advertising as well as visitor data from third-party providers. This data cannot be attributed to any specific individuals. You can disable this feature at any time by adjusting the ads settings in your Google account, or you can prohibit the general collection of your data by Google Analytics by following the steps outlined above.
Google reCAPTCHA (hereinafter referred to as “reCAPTCHA”) is used to check whether the data entered on our website (e.g. via our contact form) has been inputted by a human or an automated program. To achieve this, reCAPTCHA analyzes various aspects of the behavior of visitors to our website. This analysis begins automatically as soon as a visitor accesses the website. During the analysis process, reCAPTCHA evaluates various pieces of information (e.g. IP address, the length of time the user spends on the website, and the way the user moves their mouse cursor). The data collected during the analysis process is forwarded to Google.
The analysis work performed by reCAPTCHA runs completely in the background and website users are not informed that it is taking place.
The data is processed on the basis of Article Art. 6 (1) f GDPR. As website operator, we have a legitimate interest in protecting our website from malicious automated spying and spam.
Google Web Fonts
To ensure that fonts are displayed consistently, this website uses web fonts provided by Google. When you open a web page, your browser loads the required web fonts into your browser cache so that text and fonts are displayed correctly.
We have locally integrated the features provided by Google into our website, so no data is transmitted to the Google servers in this context.
This page uses the Google Maps service. Your IP address needs to be stored in order for you to use Google Maps. This information is generally transmitted to and stored on a Google server in the USA. As the website provider, we have no influence over this data transmission, but we have concluded standard contractual clauses with Google intended to bring about a higher level of data protection with service providers. This can be accessed here: privacy.google.com/businesses/controllerterms/
We use Google Maps due to our interest in making our website more attractive and in making it easier for our visitors to find the addresses provided on our website. This constitutes a legitimate interest within the meaning of Art. 6 (1) f GDPR.
3.3. Online marketing and partner programs
Our website measures conversions using the Facebook pixel feature provided by Facebook, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
The Facebook pixel allows us to track users’ behavior once they have been forwarded to our website after clicking on a Facebook advert. This enables us to analyze the effectiveness of Facebook adverts for statistical and market research purposes and in order to improve our future marketing activities.
The Facebook pixel is only activated after you have granted your consent within our request concerning cookie settings. You may withdraw or modify your selection there at any time with future effect (see Section 3).
You can also deactivate the custom audiences remarketing feature in the Ad Settings section at www.facebook.com/ads/preferences/. To do this, you will need to be logged in to Facebook.
If you do not have a Facebook account, you can opt out of behavioral advertising by Facebook by visiting the website of the European Interactive Digital Advertising Alliance at http://www.youronlinechoices.com.
The “Pinterest Tag” (individual code segment) from Pinterest Inc., 635 High Street, Palo Alto, CA, USA, (“Pinterest”) is embedded on our website.
Using the Pinterest tag, Pinterest is able to identify the visitors to our website as a target group for displaying ads (“Pinterest ads”). Accordingly, we use the Pinterest tag so that our targeted Pinterest ads will only be displayed to Pinterest users who have actually shown an interest in our website or who meet specific criteria (e.g. interest in specific topics or products that are determined based on the websites visited) which we indicate to Pinterest (known as “ActAlike Audiences”). Using the Pinterest tag, we also aim to ensure that our Pinterest ads match the potential interest of users and are not bothersome. In addition, we can also use the Pinterest tag to trace the efficacy of Pinterest ads for statistical and marketing purposes by seeing whether users were forwarded to our website after clicking on a Pinterest ad (known as “Conversion”).
The Pinterest tag will only be activated if you have granted us your voluntary consent (in accordance with Art. 6 (1) a GDPR) in our request under cookie settings. You may withdraw or modify your selection there at any time with future effect (see Section 3).
All data that is collected remains anonymous to us and does not allow us to draw conclusions about the identity of the user in question. Data is collected concerning device information (e.g. type, brand), the operating system used, the IP address of the device used, the time of access, the type and content of the campaign, the reaction to the respective campaign (e.g. completed purchase, newsletter subscription) as well as device identifiers that consist of individual features of the end device. This enables us to recognize your end device on our website.
The information below provides details about the content of our newsletter. It also explains our subscription and mailing procedures, the methods we use for performing statistical analysis, and your rights to object. When you subscribe to our newsletter, you are consenting to receive the newsletter and to the procedures and methods described.
Contents of the newsletter
We only send the newsletter to recipients who have provided their consent in accordance with Article 6 (1) a GDPR or when it is legally permissible to do so. If, in relation to a subscription to the newsletter, the content of the newsletter is described in specific terms, this will serve as an essential basis for the user providing consent. Our newsletter contains information about our offers and promotions as well as about our company. It may also include information that specifically refers to blog posts, our services, or our online presence.
Using the mailing service provider Campaign Monitor
We have commissioned Campaign Monitor Pty Ltd, 404/3-5 Stapleton Ave, Sutherland NSW 2232, Sydney, Australia as a third-party service provider to distribute and analyze our newsletter. We have concluded a data processing agreement with Campaign Monitor. In this agreement, we require Campaign Monitor to protect our customers’ data and not to disclose it to third parties. A copy of this Agreement is available for you to read via the following link: www.campaignmonitor.com/assets/files/terms/campaign-monitor-eu-data-transfer-clauses.pdf.
When you subscribe to our newsletter, the data (e.g. e-mail address) you provide during the registration process will be forwarded to Campaign Monitor and stored there. The service provider is based in Australia and the data is processed on servers in the USA.
Double opt-in and logging
After you have subscribed to the newsletter, Campaign Monitor will send you an e-mail asking you to confirm your registration (this is the “double opt-in” procedure). This confirmation is required so as to ensure that no one can register using someone else’s e-mail address.
Newsletter registrations are logged as evidence that the registration process complies with legal requirements. This means that the registration and confirmation times as well as the IP address are stored. Changes to your data stored by Campaign Monitor will also be logged.
If you wish to subscribe to the newsletter offered on the website, you will need to provide us with an e-mail address and information that will enable us to verify that you own the e-mail address you have given (double opt-in procedure) and that you consent to receiving the newsletter.
Collection and analysis of statistics
Campaign Monitor also helps us to analyze our newsletter campaigns. This enables us to determine whether a newsletter message has been opened, when and from which location it was opened, and, if applicable, which links were used. In this way, we can determine which links are particularly popular, among other things. It is true that it is technically possible for us to attribute this information to the individual recipients of the newsletter. However, neither we nor Campaign Monitor aim to monitor individual users. The analyses are used to identify our users’ reading habits on a group basis and to tailor our content to them, or to send out varying content that relates to our users’ interests.
Campaign Monitor also enables us to further divide the recipients of our newsletter into different categories (e.g. favorite sports). This means that the newsletter can be more tailored to the target groups in each case.
Online access and data management
Consent to sending the newsletter is obtained by us on the basis of Art. 6 (1) a and 7 GDPR as well as Section 7 (2) no. 3 and (3) of the German Act on Unfair Competition (Gesetz gegen den unlauteren Wettbewerb, UWG). You can use the “unsubscribe” link in the newsletter to withdraw your consent to the storage of data and the e-mail address at any time, and its use for sending the newsletter. This withdrawal of consent will not affect the legality of the data processing that has already taken place.
The use of the service provider Campaign Monitor, the performance of statistical surveys and analyses, and the logging of the registration process are carried out on the basis of our legitimate interests in accordance with Art. 6 (1) f GDPR. We are interested in using a newsletter system that is user-friendly and secure. It should also serve our own commercial interests and meet users’ expectations.
Please also note that, according to the legal provisions of Art 21 GDPR, you can withdraw your consent to the future processing of your personal data at any time. In particular, consent to data processing for direct marketing purposes can be withdrawn.
Unsubscribing/withdrawal of consent
You can unsubscribe from our newsletter at any time. This means that you have withdrawn your consent. You will find the link to unsubscribe from the newsletter at the bottom of each newsletter. After unsubscribing, your e-mail address will be stored on a blocking list and will only be used to ensure that we no longer send e-mails to your e-mail address.
You will find additional information on the Campaign Monitor Privacy Notice, which is available at: https://www.campaignmonitor.com/policies/#two.
3.5. Use of Web Fonts
Web Fonts by Linotype
To ensure that fonts are displayed consistently, this website uses web fonts provided by Linotype, that is, the company Monotype GmbH, Spichernstraße 2, 10777 Berlin.
When you open a web page, your browser loads the required web fonts into your browser cache so that text and fonts are displayed correctly. For this to work, your browser needs to be connected to Linotype’s servers. The web fonts are provided through our server, website visits are counted using a tracking code since this is required for licensing the fonts. This informs Linotype that our website was accessed via your IP address. We use Linotype web fonts due to our interest in providing a uniform and attractive website. This constitutes a legitimate interest within the meaning of Art. 6 (1) f GDPR.
If your browser does not support web fonts, your computer will use a standard font instead.
Collection of data on social media
Bauerfeind AG operates its own channels and accounts on various social networks. We use these presences to increase awareness of our brand, to inform various target groups about new developments relating to our company and our products, and to provide interested parties with the opportunity of actively rating, commenting and sharing our posts. This falls within the scope of our legitimate interest, including the associated data processing on these platforms (in accordance with Art. 6 (1) f GDPR):
- Facebook: https://www.facebook.com/bauerfeindag
- Instagram: https://www.instagram.com/bauerfeindsports/, https://www.instagram.com/bauerfeindmedical/ and https://www.instagram.com/bauerfeindag/
- Twitter: https://twitter.com/bauerfeindag
- Pinterest: https://www.pinterest.de/bauerfeindmedical/
- XING: https://www.xing.com/companies/bauerfeindag
- Facebook: https://www.facebook.com/privacy/explanation
- Instagram: https://help.instagram.com/519522125107875
- Twitter: https://twitter.com/de/privacy
- Pinterest: https://about.pinterest.com/de/privacy-policy
- XING: https://privacy.xing.com/de/datenschutzerklaerung
Bauerfeind receives regularly aggregated statistical information from the platform operators concerning visitor counts, click rates, visit durations and similar information that is provided to us as website operators in order to analyze and optimize our website. According to the current legal interpretation, the service provider and Bauerfeind are joint controllers for data processing in this case (for more on this, see for example www.facebook.com/legal/terms/information_about_page_insights_data).
In order to directly contact us or react to our posts via social media platforms, you need to have your own account with the respective service provider. Then you will have the option of rating, commenting or sharing our posts or of following us. Through these activities, we gain knowledge of your personal data (e.g. username and other content from your profile). Please consider that these dialogs are generally public for the most part and can be viewed by a large number of people. We therefore urgently recommend that you avoid communicating any contact details, sensitive or private information etc. concerning you or third parties via these channels. We can also rate, comment and share your public posts or follow you. The associated data will be made visible to our followers and visitors. We do not intend any publication or processing beyond this scope.
In addition, you can directly send messages to us using the messenger services integrated in the platforms; these cannot be read by other users. However, we inform you that we have no knowledge of the manner and methods used by the service providers to analyze, interpret or otherwise process these messages.
As an alternative to social media and in particular to the available messenger services, you are of course welcome to access our homepage www.bauerfeind.de for all information concerning the company and our products. You can also find contact options here which allow you to establish non-public communication with us (e.g. contact form).