Privacy policy

I. Name and address of the controller

The controller, as defined by the General Data Protection Regulation and other data protection legislation of the Member States, and other data protection requirements is

Maschinenhandel Höing KG
represented by its Managing Director Manfred Höing
Liebigstrasse 8, 48712 Gescher
Tel.: +49 (0) 2542 95 55 55
email: info(at)mhg-maschinen.com
website: www.mhg-maschinen.com

II. General information about data protection

1. Scope of processing personal data

We always only process the personal data of our users if this is necessary to provide a functioning website and of our content and services. Our users’ data is only regularly processed based on the user’s consent. An exception applies in such cases, in which it is not possible to obtain prior consent based on actual reasons, and the data may be processed based on statutory requirements.

2. Legal basis for processing personal data

If we obtain consent of the data subjects for processing operations, Art. 6 1 letter a of the General Data Protection Regulation (GDPR) serves as the legal basis.

When personal data is processed that is necessary to fulfil a contract, where the data subject is a contracting party, Art. 6, para. 1 letter b GDPR serves as the legal basis. This also applies to processing operations that are necessary to implement precontractual measures. If it is necessary to process personal data to meet a legal obligation to which our company is subject, Art. 6 1 letter c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person render processing personal data necessary, Art. 6, para. 1, letter d GDPR serves as the legal basis.

If processing is necessary to assume a justified interest of our company or a third party and the interests, basic rights and basic freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6, para. 1 letter f GDPR serves as the legal basis.

3. Erasure of data and storage period

The data subjects’ personal data shall be erased or access to it withdrawn, as soon as the purpose for storing it no longer applies. Data may also be stored above and beyond this if this has been provided for by European or national legislation in the Union’s directives, laws or other regulations to which the controller is subject. Data shall only be erased or access withheld when a storage period specified by the aforesaid norm expires, unless it is necessary for the data to continue to be stored in order to conclude or fulfil the contract.

III. Provision of the website and generation of logfiles

1. Description and scope of data processing

Each time our website is called, our system automatically collects data and information from the computer system of the computer accessing the site.

The following data is collected during this process:

  1. Information about the type of browser and the version used
  2. User’s operating system
  3. User’s Internet service provider
  4. The user’s IP address
  5. Name of the website accessed
  6. Date and time of access
  7. Data volume transferred
  8. Notification of successful access
  9. Referrer URL (name of the previously visited website)

This data will not be stored in logfiles.

2. Legal basis for data processing

Art. 6, para. 1, letter f GDPR is the legal basis for temporarily caching the data.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. To do this, the user’s IP address must remain saved for the duration of the session. We also have a legitimate interest in processing data to this end based on Art. 6, para. 1 letter f GDPR.

4. Storage period

The data is erased, as soon as it is no longer required to meet the purpose for which it was collected. This is the case if the particular session has ended.

5. Option to reject and rectify

The collection of data to provide the website is crucial for the webpage to work. As a result, the user has no option to object.

IV. Email contact, other contact details

1. Description and scope of data processing

You can contact us using the email address published on our website or using the mailto links we provide you. In this case, your personal data forwarded by email will be saved. Furthermore, you are able to contact us using the telephone and fax numbers given on our website or by post. In these cases, we will use your contact details to process your enquiry, and may also save it at our company, if the nature of your enquiry requires this, or your contact results in a business relationship.

In this respect, this will not result in any data being forwarded to third parties. The data is used solely to process the conversation. If possible, we will forward the email internally to a responsible member of staff if you contact a general email address or to an address of a member of staff who is not responsible or absent.

2. Legal basis for data processing

The legal basis for processing the data that is transferred to us as part of forwarding an email or through other contact with us is Art. 6, para. 1 letter f GDPR. Aim of the email contact to the conclusion of a contract is the additional legal basis for processing Art. 6, para. 1 letter b GDPR.

3. Purpose of data processing

We only use the data from the email or your other contact to process the contact. Here lies the necessary justified interest in processing the data.

4. Storage period

The data is erased, as soon as it is no longer required to meet the purpose for which it was collected. This the case if each conversation is ended with the user. The conversation is ended if it is possible to deduce from the circumstances that the matter concerned has finally been resolved.

5. Option to reject and rectify

You have an option at any time to object to your personal data being stored. To do this, you are able to contact us at any time using the contact details referred to under item I. We will then arrange for the data to be deleted straight away. The conversion cannot be continued in such a case.

If the data is required to fulfil a contract or to carry out precontractual measures, the data may only be erased prematurely, if no precontractual or statutory obligations stand in the way of an erasure.

V. Use of Google services (Google Maps, Google Fonts)

1. Scope and purpose of processing personal data

We rely on services of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter Google, i.e. Google Maps and Google Fonts.

Google uses a variety of technologies to capture and store data when the user accesses a Google service. This may also include cookies or similar technologies, which are used to identify the browser or the end device used by the user. Cookies are tiny text files that are cached and stored on a computer system via an Internet browser. Google also collects the user’s IP address for its services, as without the IP address the contents cannot be sent to the user’s browser.

a. Google Maps

We use Google Maps to present the information visually and interactively. When using Google Maps, data is also collected, processed and used about the users’ use of maps functions. You can obtain further information about Google Maps in the terms of use at: https://www.google.com/intl/de_de/help/terms_maps.html

b. Google Fonts

We use Google Fonts to present typefaces using webfonts consistently. When our website is accessed, your browser loads the necessary webfonts in the browser cache to display text and typefaces correctly. The browser used must establish a link with the servers of Google for this purpose. To do this, Google is made aware that our website has been accessed using the data subject’s IP address. Google Fonts are used in the interests of a consistent and attractive presentation of our online offer. Obtain more information about Google Fonts at: https://developers.google.com/fonts/faq

c. Further information about data processing by Google and management of data processing

You can obtain further information about how personal data is processed through Google in Google’s data privacy statement and in Google’s terms of use.

You are also able to change the settings about how your data is processed: https://support.google.com/accounts/answer/3024190

VI. Rights of data subjects

If your personal data is processed, you are a data subject, as defined by GDPR, and you have the following rights vis-a-vis the data controller.

1. Right to information

You are able to ask for a confirmation if we have processed any of your personal data. If such processing has taken place, you can ask the data controller for the following information:

  1. the purpose about which the personal data is processed;
  2. the categories of personal data that are processed;
  3. the recipients and categories of recipients to which your personal data was disclosed or is still disclosed;
  4. the planned duration of storage of the personal data about you, if specific information about this is not possible; criteria for stipulating the storage period;
  5. existence of a right to rectify or erase the personal data about you, a right to restrict processing by the data controller or right to object to this processing;
  6. the right of the supervisory authority to raise an objection;
  7. all available information about the origin of data if the personal data is not collected from the data subject

You are entitled to demand information if data about you is transferred to a third country or an international organisation. In this context, you are able to demand being notified using the appropriate guarantees based on Art. 46 GDPR in connection with the disclosure.

2. Right to erasure

You have the right to rectify and/or complete the data held by the controller, if the personal data processed about you is incorrect or incomplete. The controller has to make the rectification straight away.

3. Right to restrict processing

Under the following conditions, you can demand that your personal data is restricted:

  1. if you dispute the accuracy of your personal data for a period that enables the data controller to check the accuracy of the personal data;
  2. the processing is unlawful and you reject erasure of personal data and instead demand that use of personal data is restricted;
  3. the controller no longer requires the personal data for the purpose of processing, you need this, however, to claim, exercise or defend legal claims, or
  4. if you raised an objection against processing pursuant to Art. 21, para. 1 GDPR and it is still now clear if the controller’s legitimate reasons outweigh your reasons.

If processing of your personal data has been restricted, this data, excepting your own storage, will only be processed with your consent or claim or consent or exercise or defend legal rights, or to defend the rights of another natural person or legal entity, or are processed for reasons of an important public interest of the Union or a Member State. If processing has been restricted based on the aforesaid conditions, you will be notified by the data controller before the restriction is lifted.

4. Right to erasure

a) Duty to erase

You can demand that the controller erases your personal data immediately, and the controller is obliged to erase this data straight away if one of the following reasons apply:

  1. Your personal data is no longer required for the purposes for which it is collected or is processed in some other way.
  2. You revoke your consent on which processing based on Art. 6, para. 1 letter a or Art. 9, para. 2 letter a GDPR was based, and there is no other legal basis for processing the data.
  3. You raise an objection to processing based on Art. 21(a) GDPR, and there are no overriding legitimate reasons for processing, or you raise an objection to processing based on Art. 21, para. 2 GDPR.
  4. Your personal data has been processed unlawfully.
  5. Erasure of your personal data is necessary to meet a legal obligation based on European Union law or the law of the Member States to which the controller is subject.
  6. Your personal data has been collected with respect to the services offered by the information company pursuant to Art. 8, para. 1 GDPR.

b) Information to third parties

If the controllers disclose personal information about you, and they are obliged based on Art. 17, para. 1 GDPR to erase such information, they take reasonable steps taking account of the available technology and implementation costs, also technically, to be informed about this that you, as the data subject, have demanded the erasure of all links about this personal data or copies of replications of this personal data.

c) Exceptions

There is no right of erasure if processing is required

  1. to express the right to freely express an opinion and information;
  2. to fulfil a legal obligation that requires that processing takes place based on European Union law or that of Member States to which the controller is subject, which lies in the public interest or takes place to exercise official authority that is assigned to the controller;
  3. for reasons of public interest in the area of public health pursuant to Art. 9, para. 2 letter h and i, as well as Art. 9, para. 3 GDPR;
  4. for the purpose of archiving in the public interest, scientific or historical research purposes or for statistical purposes based on Art. 89, para. 1 GDPR, if the right under section a) is likely to render the realisation of aims of this process impossible or seriously prejudice them, or
  5. to assert, exercise or defend legal claims.

5. Right to information

If you have exercised the right to have processing of data held by the controller rectified, erased or restricted, they are obliged to notify all recipients to whom you have disclosed your personal data about the rectification or erasure of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate amount of effort.

You have the right to be notified about these recipients by the controller.

6. Right to data portability

You are entitled to have your personal data that you have provided to the controller in a structured, current and machine-readable format. You also have the right to disclose this data to another controller without any restriction by the controller to whom you provided the personal data, provided

  1. the processing takes place on a consent pursuant to Art. 6, para. 1 letter a or Art. 9, para. 2 letter a GDPR or is based on a contract pursuant to Art. 6, para. 1 letter b GDPR and
  2. processing takes place with the help of automated processes.

In exercising this right, you further have the right to have your personal data disclosed directly by a controller to another controller, provided this is technically feasible. This may not prejudice the freedoms and rights of others.

The right to data portability does not apply to processing personal data that is necessary to perform a task that is in the public interest or is carried out to exercise public authority that was assigned to the controller.

7. Right of objection

You have the right, for reasons that arise from a particular situation to raise an objection against processing of your personal data that takes place on the basis of Art. 6, para. 1 letter e or f GDPR.

The controller will no longer process your personal data, unless you have evidence about compelling reasons worthy of protection that outweigh your interests, rights and freedoms, or the purpose of processing is to claim, exercise or defend legal claims.

If you have processed data subjects’ personal data for the purpose of direct publicity, you have the right to object to your data being processed at any time for the purpose of such publicity; this also applies to profiling, where this is connected directly with such direct publicity.

If you object to processing for the purpose of direct publicity, your personal data will no longer be processed for this purpose.

You have the option to exercise your right to object in connection with the use of services of the information society by means of automated processes – notwithstanding Directive 2002/58/EU, in which technical specifications are used.

8. Right to withdraw informed consent under data protection law

You have the right to withdraw your informed consent under data protection law at any time. The withdrawal of informed consent shall not affect the lawfulness of processing that takes place up to the point of withdrawal.

9. Right to lodge a complaint with a supervisory authority

Without prejudice to another statutory legal remedy under administrative law or judicial remedy, you have the right to complain to a supervisory authority, in particular in a Member State in your place of residence, your place of work or place of the suspected breach, if you are of the opinion that processing your personal data breaches GDPR.

The supervisory authority to which the complaint was made shall notify the complainant about the current state of progress and the results of the complaint including the possibility of a legal remedy pursuant to Art. 78 GDPR.

Menu