Shop Newsletter Contact
Privacy

Data Privacy Policy

We take the protection of your personal data seriously and, naturally, protect them in the scope of the applicable data protection legislation as amended, in particular the provisions of the EU General Data Protection Regulation (GDPR). Unless otherwise stated below, data processing is based on point (f) of Art. 6 (1) GDPR.

This Data Privacy Policy provides information on the nature, scope and purpose of processing personal data within our online offer.

Controller

The controller in terms of data protection legislation is:
Auer Lighting GmbH
Hildesheimer Straße 35
37581 Bad Gandersheim
Imprint: https://www.auer-lighting.com/en/imprint/

Usage and access data

When you access our website, your internet browser automatically transmits data to the web server for technical reasons. This information is stored in so-called log files and includes the name of the requested page, date and time of access, the data volume transmitted, notification of whether the request was successful, the operating system, browser type, version and language, the referrer URL that brought you to that page and the IP address or the host name of the access provider allocated to this IP address. This information is not attributed to you personally or used to compile a profile, but used exclusively for statistical analysis, to maintain the technical operation of this website and to improve our online offering. For safety reasons (e.g. to investigate misuse or fraud), logfile information is stored for a period of one month and erased thereafter. Data that needs to be stored as evidence for a longer period is excluded from erasure until the respective incident has been clarified.

Cookies

This website uses so-called cookies, small text files that are stored on your terminal. Your browser accesses these files, which serve to increase the user friendliness and security of this website. Our online shop, for instance, uses cookies to allocate your visit to your virtual shopping cart. If you do not want cookies to be stored on your terminal, you can set the option to deactivate cookies in your browser settings or delete existing cookies. If you deactivate cookies, you may not be able to use all the features of this online offering.

Existing data

Whenever a contractual relationship between you and us is to be established, designed or amended, we collect and use personal data concerning you as far as this is required for such purposes. In individual cases, we are allowed to provide information on this data (existing data) to the competent authorities upon their order as far as this is necessary to enforce the law, prevent threats, to fulfil the statutory duties of protecting the constitution or military counter-intelligence or enforce industrial property rights.

Contacting us

When you contact us (via contact form or another form on this website, email, telephone or by placing an order), we process and store your data in order to handle and process your request. We do not pass these data on without your consent. We erase requests as soon as they are no longer needed. We review the necessity to store data every two years. Further, the statutory archiving periods apply. 

Ordering via the online shop / customer account

In order to deal with an order, we process the data provided by you to perform the contractual services, to bill and deliver the products and to provider customer relations support. The data are processed on the basis of point (b) of Art. 6 (1) GDPR. We set up a user account when you place your first order via the online shop; by logging into that account, you can check your orders and modify your address data (invoice/delivery recipient). These data are stored for the duration of an ongoing business relationship and, subject to contrasting preservation or archiving obligations, erased after the business relationship is ended. We review the necessity to store data every two years.

Newsletter

We only send e-mail newsletters with marketing content to recipients who have explicitly consented to receiving such newsletters. In this context, we use the so-called double opt-in procedure. After you have registered for the newsletter, we send an email to the address stated in the registration requesting you to confirm that registration once again. This ensures that nobody can register using a third person’s name. We only include your address in the mailing list and store your data for this purpose once you have confirmed your registration. The legal basis for processing is point (a) of Art. 6 (1) GDPR (consent). The registration is logged so that we can prove that you have given your consent. You can unsubscribe to our newsletter at any time and thus withdraw your consent to receiving this newsletter. Each newsletter has an unsubscribe link at the bottom.

Incorporation of third-party services and content

Based on our legitimate interest (e.g. our interest in analysing, optimising and profitably operating our online offering), we use content or services offered by third parties on our website. This may include videos or maps. Unless otherwise stated below, the IP address is transmitted to the third-party provider when such content is requested.

YouTube

Our website uses plugins of the YouTube service offered by Google. The service is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Whenever you access one of our pages with a YouTube plugin, a connection is established to the YouTube servers to request the relevant video file. In this context, the YouTube server is informed which of our pages you have visited. We use the enhanced data protection mode of the YouTube plugin. If you are logged into your YouTube account when you access our video page, you enable YouTube to attribute your online user behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account. For more information on how user data is treated, please go to the provider’s data privacy policy at  https://www.google.de/intl/en/policies/privacy 

Google Maps

We incorporate maps from the “Google Maps” service operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data privacy policy:  https://www.google.de/intl/en/policies/privacy 

jQuery libraries

We use JavaScript libraries on our website that are based on jQuery technology. This service is offered by JSFoundation, Inc., 1 Letterman Drive, San Francisco, CA 94129, USA. Data privacy policy: https://js.foundation/about/governance/privacy-policy

etracker

The provider of this website uses services offered by etracker GmbH from Hamburg, Germany  (https://www.etracker.com/en/) to analyse usage data. This service uses cookies that help to analyse how the visitors use this website and to show usage-related content or advertisements. Cookies are small text files that the internet browser stores on the user’s terminal. etracker cookies do not contain information that could be used to identify a user.

The data generated by etracker are processed and stored by etracker on behalf of the website provider. Processing and storage takes place only in Germany and is subject to the strict German and European data protection laws and standards. etracker has been audited and certified by an independent body and received the ePrivacyseal data protection seal (https://www.eprivacy.eu/en/customers/awarded-seals/company/etracker-gmbh/).

The legal basis for processing is point (f) of Art. 6 (1) of the EU General Data Protection Regulation (EU-GDPR), i.e. legitimate interest. Our legitimate interest is to optimise our online offering and internet presence. As we place great importance on our users’ privacy, etracker anonymises the IP address as early as possible and converts the etracker registration or device identification information into a unique identifier that cannot be attributed to an individual person. etracker does not use data for other purposes, does not combine the data with other data and does not forward data to third parties.

Privacy

You can object to the above data processing at any time as far as it refers to you personally. Objections have no negative consequences for you.

For more information on etracker’s data protection standards, please go to https://www.etracker.com/en/data-privacy/

Erasure of data

Unless expressly stated in this Data Privacy Policy, we erase the data we store as soon as they are no longer needed for the respective purpose and provided that erasure does not conflict with any statutory preservation periods. If the data are not erased because they are needed for other and legally admissible purposes, the processing of such data is restricted, meaning that the data are made unavailable to users and are not processed for other purposes. This applies, for instance, to data that are subject to preservation periods under commercial law or tax law. 

Cooperation with processors and third parties

In the scope of our processing, we only disclose or transmit data or otherwise grant access to data to other persons or companies (processors or third parties) if we are authorised to do so by law. This is the case, for instance, if the data need to be transmitted for the performance of a contract or to handle an order, if you have given your consent to the data being transmitted, if there is a legal obligation to do so or we are thereby pursuing our legitimate interests (e.g. if we use subcontractors). Whenever we commission third parties to process data, we always conclude a data processing agreement pursuant to data protection legislation.

Your right to access personal data, to erasure and restriction of processing

You have the right to obtain information on the personal data concerning you that we store, the origin and recipients of such data and the purpose of data processing and to receive such information free of charge. Unless your wish conflicts with a statutory preservation period for data (e.g. data retention), you have the right to obtain the rectification of inaccurate personal data concerning you and the right to have your personal data erased or processing thereof restricted.

Right of withdrawal

Pursuant to Art. 7 (3) GDPR, you also have the right to withdraw consent previously given for future processing.

Right to object

Pursuant to Art. 21 GDPR, you may at any time object to future processing of personal data concerning you.

Right to lodge a complaint

In case of infringements of data protection law, the data subject has a right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR). The data subject can exercise this right at a supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement. The competent supervisory authority in Lower Saxony is:

Die Landesbeauftragte für den Datenschutz Niedersachsen
Barbara Thiel
Prinzenstraße 5
30159 Hanover
Telephone: 05 11/120-45 00
Facsimile: 05 11/120-45 99
Email: poststelle@lfd.niedersachsen.de
Homepage: https://www.lfd.niedersachsen.de 

For a list of additional supervisory authorities and the corresponding contact details, please go to:  https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Data Protection Officer

If you have further questions, please do not hesitate to contact our data protection officer Thorsten Damerau at:

Auer Lighting GmbH
Data Protection Officer
Hildesheimer Straße 35
37581 Bad Gandersheim
Telephone: 0 53 82 / 5382 701 – 240
Email: datenschutz@auer-lighting.com

Version: 24.05.2018