DATA PRIVACY REGULATIONS
We take data privacy seriously
Ensuring that your privacy is protected when processing your personal data is an important issue for us. If you visit our website, our web servers will by default store your Internet Service Provider's IP address, the website from which you were referred to our website, the webpages of our website that you view and the date and time of your visit. This information is essential for the technical transmission of the webpages and secure server operations. These data will not be subject to any personalised analysis.
If you send data to us by contact form, such data will be stored on our servers as part of the data backup. Your data will be used by us exclusively for the purposes of processing your request. Your data will be treated as strictly confidential. Your data will not be disclosed to any third parties.
Güntner GmbH & Co. KG
Hans-Güntner-Str. 2 – 6
Tel.: +49 8141 242-0
Fax: +49 8141 242-155
Personal data is data concerning your person. This includes your name, address and e-mail address. You do not need to divulge any personal data in order to be able to visit our website. In some cases we need your name and address, as well as further information in order to be able to offer you the desired service.
The same applies in the event of us providing you, upon request, with informative literature, or if we answer your enquiries. We will always point that out to you in such cases. We, moreover, only save the data that you have transmitted to us automatically or voluntarily.
If you make use of a service of ours, we generally only gather the data that is necessary in order to be able to provide you with our service. We may ask you to provide further information, which is, however, of a voluntary nature. Whenever we process personal data, we do it in order to be able to offer you our service or else pursue our commercial goals.
Automatically saved data
Server log files
The website provider automatically collects and stores information, which your browser automatically sends to us, in so-called server log files. This information includes:
- date and time of the request
- name of the requested file
- webpage or website from which the file was requested
- access status (file transmitted, file not found, etc.)
- web browser and operating system used
- full IP address of the computer making the request
- volume of data transmitted
These data will not be merged with other data sources. The data are processed in accordance with Article 6(1)(f) of the General Data Protection Regulation (GDPR) on the basis of our legitimate interest in improving the stability and functionality of our website. We will briefly store these data for technical security reasons, in particular in order to thwart any attempted attacks on our web servers. We will not be able to trace anything back to individuals using these data. After a maximum of seven days, the data will be anonymised by shortening the IP address down to domain level so that it is no longer possible to establish a connection to the individual user. Once anonymised, the data will be processed for statistical purposes; no comparison with other data sets will be carried out and no data will be disclosed to third parties, not even extracts.
This website uses the CookieFirst cookie consent technology in order to obtain your consent to certain cookies being stored on your terminal device and to document that consent in compliance with data protection requirements. The provider of this technology is Digital Data Solutions B.V., Plantage Middenln 42a, 1018 DH Amsterdam, The Netherlands, website: https://cookiefirst.com/ (hereinafter referred to as “CookieFirst”).
When you enter our website, the following personal data are transferred to CookieFirst:
• Your consent(s) or revocation of your consent(s)
• Your IP address
• Information about your browser
• Information about your terminal device
• The time at which you visit the website
CookieFirst also stores a cookie in your browser so that the consents you have given and revocation of them can be assigned to you. The data recorded in this way are stored until you ask us to erase them, you yourself delete the CookieFirst cookie, or the purpose for which the data are stored no longer applies. Mandatory statutory data retention obligations remain unaffected.
Contract for data processing services
We have concluded a contract for data processing services with CookieFirst. This is an agreement that is prescribed under data protection law and that ensures that CookieFirst processes the personal data of visitors to our website only in accordance with our instructions and in compliance with the GDPR.
THE SOFTWARE SOLUTION MATOMO
We use the Matomo software from InnoCraft Ltd. https://matomo.org, 150 Willis St, 6011 Wellington, New Zealand, to automatically collect and store data (IP address, time of the visit, device and browser information, and information on your use of our website) and to create usage profiles from that data using pseudonyms for the purpose of website analytics. Cookies may be used as part of that. The pseudonymised usage profiles are not combined with personal data about the bearer of the pseudonym without explicit consent to that, which must be given separately. Data are processed by Matomo on our servers.
Friendly Captcha (protection against bots/spam)
Our website uses the service “Friendly Captcha” (www.friendlycaptcha.com).
This service is offered by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany.
Friendly Captcha is an innovative, privacy-friendly protection solution to make it difficult for our website to be used by automated programs and scripts (termed “bots”).
We have integrated program code of Friendly Captcha on our website (for example for contact forms) so that the visitor’s terminal device can establish a connection to Friendly Captcha’s servers and receive an arithmetic task from Friendly Captcha. The visitor solves the arithmetic task on his or her terminal device using certain system resources and it sends the result to our web server. This makes contact with Friendly Captcha’s server via an interface and receives an answer as to whether the puzzle has been correctly solved on the terminal device. Depending on the result, we can add security rules to requests via our website and thus continue to process or reject the requests, for example.
The data are used solely to protect against spam and bots as described above.
No cookies are placed or read on the visitor’s terminal device by Friendly Captcha.
IP addresses are stored only in hashed form (a one-way encryption process) and do not allow us or Friendly Captcha to identify an individual.
If personal data are collected, they are erased after 30 days at the latest.
The legal basis for processing is our legitimate interests in protecting our website against misuse by bots and therefore against spam and attacks (such as flooding attacks) in accordance with Article 6(1)(f) GDPR.
You can find more information on data protection in relation to the use of Friendly Captcha at https://friendlycaptcha.com/legal/privacy-end-users/.
For embedding videos we use Vimeo among other providers. Vimeo is operated by Vimeo, LLC, headquartered in 555 West 18th Street, New York, New York 10011. We use plugins from the provider Vimeo on several of our web pages. If you bring up one of the pages on our website equipped with such a plugin – our media library, for example – a connection to the Vimeo servers will be established and the plugin will appear. In doing so, the Vimeo server will be informed which of our web pages you visited. If you are logged in as a user on Vimeo, Vimeo will assign this information to your personal user account. When using the plugin, for instance clicking a video’s start button, this information will likewise be assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo. You can find more information about data processing and notices on data protection by Vimeo at https://vimeo.com/privacy.
We have implemented technical and administrative security measures in order to protect your personal data from loss, destruction, manipulation and unauthorised access. All of our employees and all service providers who work for us are obliged to comply with the data protection laws in force.
Whenever we collect and process personal data they will be encrypted before they are transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our privacy policies are continuously updated. Please ensure that you always have the latest version.
Rights of those affected
You will always have a right of access to, rectification of, erasure of and restriction of the processing of your stored data, a right to object to processing, a right to data portability and a right to lodge a complaint in accordance with the provisions of data protection law.
Right of access: You shall have the right to obtain confirmation from us as to whether or not and to what extent we process your data.
Right to rectification: If we process any data of yours which are incomplete or inaccurate, you shall have the right to obtain from us the rectification and/or completion of the data at any time.
Right to erasure: You shall have the right to obtain from us the erasure of your data if we process your data unlawfully or the processing disproportionately encroaches on your justified protection interests. Please note that there may be grounds for opposing immediate erasure, for example in the case of legally stipulated record-keeping obligations. Irrespective of any exercising of your right to erasure, we will erase your data immediately and in full provided that there are no opposing contractual or legal record-keeping obligations in this regard.
Right to restriction of processing: You shall have the right to obtain from us restriction of the processing of your data if:
- the accuracy of the data is contested by you, for a period enabling us to verify the accuracy of the data;
- the processing of the data is unlawful but you oppose erasure of the data and request the restriction of their use instead;
- we no longer need the data for the specified purposes, but they are still required by you for the establishment or defence of legal claims;
- you have objected to the processing of the data.
Right to data portability: You shall have the right to receive from us your data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us if:
- we process the data on the basis of revocable consent provided by you or for the performance of a contract between us and
- the processing is carried out by automated means.
Provided that it is technically feasible, you have the right to ask us to transmit your data directly to another controller.
Right to object: If we process your data on the basis of a legitimate interest you shall have the right to object to the data processing at any time, including profiling based on the respective provisions of the GDPR. We shall no longer process your data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. You shall have the right to object at any time to the processing of your data for direct marketing purposes without the need to provide any grounds.You are entitled, at any time, to assert a right to information, rectification, erasure or restriction of the processing of your stored data, you have a right to object to the processing, and you also have a right of data portability, and to file a complaint in accordance with the prerequisites of data privacy law.
Amendments to this data privacy statement
We reserve the right to amend our data privacy statements, should it be necessary to do so based on new types of technology. Please make sure that you are have the most up-to-date version. Should any fundamental changes be made to this data privacy statement, we will publish them on our website.
Right to lodge a complaint: If you believe that our processing of your data is in breach of German or European data protection law, please contact us in order for us to clarify any questions or issues. You of course also have the right to contact your competent supervisory authority, the relevant State Office for Data Protection Supervision (Landesamt für Datenschutzaufsicht). If you wish to exercise any of the aforementioned rights with us, please contact our Data Protection Officer. In the event of any doubt we may request additional information in order to confirm your identity.
All parties and visitors interested in our website can reach us, concerning data privacy matters, at:
Mr Christian Volkmer
represented by Mr. Wojtek
Dragon Projekt 29 GmbH & Co. KG
Tel.: +49-941 2986930
Fax: +49-941 29869316