It is very important for us to ensure protection of your personal data as regards the collection, processing and use of such data when you visit our homepage.
We would like to take this opportunity below to inform you of the fact that we will ask you for personal data and store and process such data electronically, along with how this will be done as well.
Personal data is information that identifies you. This includes information, such as your name, address, telephone number or email address, but also data such as your place of residence, IP address or bank details. You do not need to disclose personal data in order to use our website. In certain cases we may, however, require your name, address and other details in order to supply the desired goods or perform the desired services.
This shall apply in particular for sending information materials or for responding to individual queries. We shall make suitable reference in cases where personal data needs to be disclosed. Furthermore, we shall only store and process data that you have voluntarily or automatically disclosed.
Name and contact information for controller of the processing
Responsible for the processing is HEROSE GMBH Armaturen und Metalle, Elly-Heuss-Knapp-Straße 12, 23843 Bad Oldesloe
Represented by its managing directors Dipl.-Jur. Dirk M. Zschalich, MBE and Dipl.-Ing Eike Dölschner, tel: +49 (0) 4531/509-0, fax: +49 (0) 4531/509-120 or e-mail: firstname.lastname@example.org
Data Protection Officer
Our external operational Data Protection Officer ensures a professional data privacy approach. We are advised by Mauß Datenschutz.
If you have any queries regarding data privacy, please feel free to get in touch using one of the following options:
Telephone: 040 / 999 99 52-0
Processing of your IP address by the web server
Services on the Internet can only be used from a technical perspective if your IP address is disclosed. This is processed by the web servers delivering the websites in question. Your IP address is stored together with other, non-identifiable information in technical protocol files, known as log files. We shall only use these files in order to be able to analyse the reason and impact in situations where a fault arises. The log files are deleted on a weekly basis. Non-identifiable information includes i.a. the following:
- the names and size (Bytes) of the web pages you have visited
- the name of the browser you are using
- the name and version of your operating system
- the device type of your computer (or mobile telephone or tablet)
- date and time of access
- any search engines used via which you have reached our website
- the names and size (Bytes) of any downloaded files
- user agent (Browser)
Apart from this processing by the web server, we shall only use or store your IP address in anonymous form (for more information on this see Google Analytics section). The legal basis for the storage is Art 6 no 1 lit f) GDPR, our legitimate interest in investigating technical errors and correcting them.
All data entered by you on this website is transmitted to us in an encrypted manner, so that they are protected from being viewed by third parties.
Furthermore, all of our web pages are SSL-encrypted, therefore it is highly unlikely that the content you read can also be read by third parties. We use state-of-the-art encryption methods for this process. Nevertheless, please refrain from sending us personal (or non-personal) medical data, for example, or other sensitive information via our website.
If you are using our contact form to send us messages we use the transmitted personal data to answer your request. Legal basis for our interest to answer your request is Art. 6 no. 1 lit. b) GDPR, or for other purposes to which you have given your consent (legal basis Art. 6 no. 1 lit. a) GDPR and which are described in this data protection declaration. Your data will be erased as soon as it is no longer required for the purpose for which it was collected. If we are legally obliged to store the data for a longer period, the data will be erased after this period has expired.
With respect to our newsletter, we need your e-mail address to send you the newsletter. We welcome any additional data, such as your first and last name, because then we will be able to personally address you, but the only information required is your e-mail address.
The information you provide in the context of subscribing to the newsletter will only be used to send you the newsletter. You may unsubscribe from our newsletter with future effect at any time free of charge.
The information you enter in our registration form is transmitted to us in encrypted form, which means it is protected against access by third parties.
The newsletter, which is sent by e-mail, contains references in graphics that are loaded by our servers when the newsletter is opened from your e-mail programme. Based on this loading activity we can see whether and when you opened the newsletter. Clicking on the “continue...” link in the newsletter will open the respective article in your browser. We also process information on the opening of newsletter articles in the browser.
We use this usage data to evaluate the readers’ interest in the individual articles. If you want to ensure that we cannot specifically allocate usage data to you, you should not provide a name (or provide an alias) when you subscribe to the newsletter and use an e-mail address without any information that identifies you. We do not create a profile or, in particular, combine the information with additional personal or usage data, though.
You have the right to withdraw your consent (Art. 7 no. 3 GDPR). We store and process your personal data until you unsubscribe from the newsletter (“Unsubscribe”). When you unsubscribe from the newsletter, your personal data (in particular the personal data you provided when you subscribed to it) will be deleted. We will permanently store usage data regarding the newsletter in anonymous form. Legal basis for the processing is Art 6 no 1 lit. a GDPR. Legal basis for the anonymization and storage of the data after you have unsubscribed is Art 6 no. 1 lit. f GDPR. Our legitimate interest in this case is to be able to permanently check the success of our marketing activities and to be able to optimize them over longer periods of time and to have a complete database at our disposal.
You can of course also view our website without cookies. If you do not wish us to recognise your computer, you can prevent cookies from being saved on your hard drive by choosing “do not accept cookies” in your browser preferences. You should consult the instructions of your browser’s developer to find out how this works in individual cases.
You can find information how to change the Cookie settings for some of the usual browsers on the following websites:
- Google Chrome
- Internet Explorer https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox (https://support.mozilla.org/en-US/kb/enable-or-disable-cookies-firefox-android)
- Safari (https://support.apple.com/en-gb/guide/safari/sfri11471/mac)
Legal basis for the use of Google Fonts is Art 6 lit f GDPR. Our legitimate interest is based on the technical secure operation of our website
Cookies of third parties
As part of the use of Google products, Google stores a cookie called NID in your browser. This is according to Google for recognition and to show you tailored advertising in Google offers. The relevant data protection conditions can be found under: https://policies.google.com/technologies/types?hl=en-US
We make use of Google Maps functionality on our website. Google Maps is a service operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you visit one of our web pages containing Google Maps, there is already a link established to Google's servers when the page loads up. In addition to your IP address, it also determines which of our web pages you have already visited. Other personal data, such as your location when accessing such web pages, is also transmitted to Google.
We use Google Analytics to analyze website usage. The resulting data is used to optimize our website and advertising.
Google Analytics is a web analytics service operated and provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, United States). Google processes the website usage data on our behalf and is contractually committed to taking steps to ensure the confidentiality of the processed data.
During your visit to the website, the following data is recorded for example:
Orders including sales and ordered products
Your behavior on the pages (for example, clicks, scroll behavior, and length of stay)
Your approximate location (country and city)
Your IP address (in abbreviated form, so that no clear assignment is possible)
Technical information such as browser, Internet provider, terminal and screen resolution
Source of origin of your visit (i.e via which website or via which advertising material you have come to us)
This data is transmitted to a Google server in the USA. Google complies with the data protection provisions of the EU-US Privacy Shield Agreement.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that will allow you to be recognized during future website visits.
The recorded data is stored together with the randomly generated user ID, which allows the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remain stored in aggregated form for an indefinite period.
If you do not agree with the collection, you can prevent it with the one-time installation of the browser add-on for disabling Google Analytics.
The legal basis for the use of Google Analytics is Art. 6 para. 1 lit. f DS-GVO, our legitimate interest is to review the success of our website and to further optimize it according to its use.
We use external scripts from cloudflare.com, a service operated by CloudFlare, Inc., 101 Townsend St., San Francisco, CA 94107. These scripts are downloaded from CloudFlare’s servers when our web pages are loaded. Your IP address is then transmitted to CloudFlare’s servers. CloudFlare also determines in this context which websites you have already visited.
We use YouTube on our website. This is a video portal operated by YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter referred to as "YouTube".
YouTube is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".
Through certification according to the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google and its subsidiary YouTube guarantee that they will follow the EU's data protection regulations when processing data in the United States.
We use YouTube in its advanced privacy mode to show you videos. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website. According to YouTube, the advanced privacy mode means that the data specified below will only be transmitted to the YouTube server if you actually start a video.
Without this mode, a connection to the YouTube server in the USA will be established as soon as you access any of our webpages on which a YouTube video is embedded.
This connection is required in order to be able to display the respective video on our website within your browser. YouTube will record and process at a minimum your IP address, the date and time the video was displayed, as well as the website you visited. In addition, a connection to the DoubleClick advertising network of Google is established.
If you are logged in to YouTube when you access our site, YouTube will assign the connection information to your YouTube account. To prevent this, you must either log out of YouTube before visiting our site or make the appropriate settings in your YouTube account.
For the purpose of functionality and analysis of usage behavior, YouTube permanently stores cookies on your device via your browser. If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your browser. Further details can be found in the section about cookies.
Transmission of personal data into Non-EU Countries
With the exception of the aforementioned transmission to CloudFlare and Google as part of using Google Maps and YouTube as well as Google Analytics, we do not transfer any personal data to non–EU countries. The location of all servers operated and used by us is Germany.
The transmission to Google Inc. and CloudFlare LLC (both are residing in the US) are based on the privacy shield agreement which both companies are part of (s. https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active und https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active).
If you want to make use of the following rights please contact our controller for the processing under the above mentioned contact data. Alternatively you can also contact our Data Protection Officer directly.
Right to information
According to Art. 15 GDPR, you have the right to request information from us if we have collected data about you. If so you may request information about this personal data and to further information mentioned in Art 15 GDPR.
Right to rectification
According to Art. 16 GDPR you have the right to demand immediate correction of incorrect personal data concerning you. Furthermore, taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.
Right to delete
According to Art. 17 GDPR, you have the right to request the deletion of your personal data. Herose is obliged to delete personal data immediately, provided that the corresponding requirements of Art. 17 GDPR are met. For further details we refer to Art 17 GDPR.
Right to restriction
In accordance with Art. 18 GDPR, you have the right under certain conditions to demand that Herose restrict the processing of your personal data. Here, too, we refer to the details on Art. 18 GDPR
Right to transmission
According to Art. 20 GDPR, you have the right to receive the personal data which you have provided in a structured, common and machine-readable format, and you have the right to transfer this data to another responsible person without hindrance, provided the processing is based on a consent according to Article 6 paragraph 1 lit. a GDPR or Article 9 (2) lit. a GDPR which is based on a contract pursuant to Article 6 para. 1 lit. b GDPR and processing is done by using automated procedures.
Right to withdraw the consent
If you have given your consent to the processing of your data, you can revoke it at any time. Such revocation affects the admissibility of the processing of your personal data after you have given it to us.
Insofar as we base the processing of your personal data on the balancing of interests, you can file an objection to the processing. This is the case if, in particular, the processing is not required to fulfil a contract with you, as described by Herose in the description of the functions. In the event of such disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.
Right to lodge a complaint with a supervisory authority
According to Art. 77 GDPR, you have the right to lodge a complaint with the supervisory authority, without prejudice to any other administrative or judicial remedy. This right shall apply, in particular, to the Member State to your place of residence, to your place of work or to the place of the alleged infringement if you consider that the processing of the personal data concerning you is contrary to the GDPR.
Changes and amendments to this data protection regulation
We reserve the right to change the security and data protection measures, especially if it is required by technical developments. In these cases, we will also, if necessary, adapt these notes on data protection accordingly. Please note always the current version of this data protection regulation.