Heat treatment of steel - forging and rolling mill - production of tailor-made solutions for industry - Leppe Stainless Steel Chr. Höver & Sohn - NRW

PRIVACY POLICY

Information obligations pursuant to Art. 13 of the General Data Protection Regulation (GDPR)
Privacy Policy / Transparency Notice

Chr. Höver & Sohn GmbH, Oberleppe 26, 51789 Lindlar, collects and processes your personal data under the following provisions.

Controller contact details:
Harald Höver
Tel: +49(0)2266-95-0
E-mail: info@hoever-sohn.com

Data Protection Officer contact details:
Sven Oliver Rüsche
Bunsenstr. 5
D-51647 Gummersbach,
Tel: +49(0)2261-9989-251
Mail: datenschutz@sor.de

Purposes of data processing and legal bases

Your personal data is processed in accordance with the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other data protection regulations. The processing and use of specific data depends on the service agreed or commissioned. Our contract documents, forms, consent declarations, and other information provided to you (e.g., on the website or in the terms and conditions) contain further details and additions regarding the purposes of processing.

a) Consent (Art. 6(1)(a) EU GDPR)

Where you have given us consent to process personal data, that consent constitutes the legal basis for the processing stated therein. You may revoke consent at any time. Revocation does not affect the lawfulness of processing carried out prior to revocation.

b) Performance of contractual obligations (Art. 6(1)(b) EU GDPR, Sec. 26 BDSG)

We process personal data to perform our contracts with you, in particular in the context of order processing and the use of our services. Your personal data is also processed for measures and activities within pre-contractual relationships.

c) Compliance with legal obligations (Art. 6(1)(c) EU GDPR)

We process your personal data where this is necessary to comply with legal obligations (e.g., commercial and tax laws).

We may also process your data, where applicable, for identity and age verification, fraud and anti-money laundering prevention, the prevention, combatting and clarification of terrorist financing and property-endangering offenses, screening against European and international anti-terror lists, fulfillment of tax control and reporting obligations, as well as archiving data for data protection and data security purposes and for audits by tax and other authorities. Furthermore, disclosure of personal data may be required in the context of administrative or judicial proceedings for the purpose of gathering evidence, criminal prosecution, or the enforcement of civil law claims.

d) Legitimate interests (Art. 6(1)(f) EU GDPR)

Where necessary, we also process your personal data to safeguard our legitimate interests or the legitimate interests of third parties. This may occur for the following purposes:

– for advertising or market research, provided you have not objected to the use of your data.

– for obtaining information and exchanging data with credit agencies where this exceeds our inherent commercial risk.

– for the limited storage of your data if deletion is not possible or only possible with disproportionate effort due to the specific storage method.

– for screening against European and international anti-terror lists where this goes beyond statutory obligations.

– for the further development of services and products as well as existing systems and processes.

– for the disclosure of personal data in the course of due diligence, e.g., during corporate transactions.

– for enriching our data through the use or research of publicly accessible data.

– for statistical evaluations or market analyses.

– for benchmarking.

– for the assertion of legal claims and defense in legal disputes not directly attributable to the contractual relationship.

– for developing scoring systems or automated decision-making processes.

– for internal and external investigations and/or security checks.

– for certifications in private-law or administrative matters.

– for ensuring and exercising our domiciliary rights through appropriate measures.

Categories of data

Depending on the type of contract / consent in the individual case, the following categories of data may be processed:

– Personal data (e.g., name, nationality, occupation/industry, and comparable data)

– Address and contact data (e.g., address, e-mail address, telephone number, and comparable data)

– ID data

– Billing data

– Payment/coverage confirmation for bank and credit cards

– Information about your financial situation (creditworthiness data, i.e., data to assess economic risk)

– Supplier history

– Communications data

– Personal data from public sources (e.g., internet, media, press, commercial register, residents’ register, debtor directories, land registers)

Recipients

Within our company, your personal data is shared with the departments that need it to fulfill contractual and legal obligations or to implement our legitimate interests.

In addition, the following entities may receive your data:

– processors commissioned by us (pursuant to Art. 28 GDPR), external service providers for supporting activities, and additional controllers within the meaning of the GDPR, especially in the areas of: IT services, logistics, support/maintenance of IT applications, archiving, document processing, compliance services, controlling, data validation / plausibility checks, data destruction, purchasing/procurement, customer management, marketing, media technology, research, telecommunications, website management, auditing/tax consulting services, credit institutions, printing companies, data disposal companies, courier services

– public bodies and institutions where a legal or regulatory obligation exists that requires us to provide information, report, or disclose data, or where disclosure is in the public interest

– other entities for which you have granted us your consent to transfer data

For certain tasks we use service providers who in turn often use other service providers that may have their registered office, parent company, or data center in a third country. A transfer is permissible if the European Commission has decided that an adequate level of data protection exists in a third country (Art. 45 GDPR). If the Commission has not made such a decision, personal data may only be transferred to a third country or an international organization if appropriate safeguards are provided (e.g., standard data protection clauses adopted by the Commission or a supervisory authority in a specific procedure) and enforceable rights and effective legal remedies are available.

Duration of data storage:
As a rule, we process your personal data for the duration of our business relationship, which includes the initiation and execution of a contract.

If you revoke your consent and/or lawfully object to processing, or the purpose of processing no longer applies because storage is no longer necessary to fulfill our contractual and legal obligations, the data will regularly be deleted unless temporary further processing is required for the following purposes:

– to comply with the various retention and documentation obligations arising, among others, from the German Commercial Code (HGB) and the Fiscal Code (AO). The periods specified there range from two to ten years.

– to preserve evidence within the framework of statutory limitation periods which, for example under Sections 195 et seq. of the German Civil Code (BGB), are generally three years but may be up to thirty years in certain cases.

Your data protection rights:
You have the right of access (Art. 15 GDPR) to the personal data concerning you, as well as the right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR). You also generally have the right to object to the processing of your personal data by us (Art. 21 GDPR). However, this right to object applies only in the presence of particular circumstances of your personal situation, and our company’s rights may prevail over your right to object. If you wish to exercise any of these rights, please contact our Data Protection Officer (datenschutz@sor.de).

Scope of your obligation to provide data

You are only required to provide those data that are necessary for initiating and conducting a business relationship or a pre-contractual relationship with us, or which we are legally obliged to collect. Without this data, we will generally not be able to conclude or perform the contract. This may also apply to data required at a later stage in the business relationship. If, in addition, we request data from you, you will be separately informed about the voluntary nature of such information.

Your consent:
If you have consented to the processing of your data (Art. 6(1)(a) or Art. 9(2)(a)), you have the right to revoke your consent at any time. The lawfulness of processing carried out up to the time of revocation remains unaffected.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR):

You have the right to lodge a complaint with a data protection supervisory authority. The supervisory authority responsible for us is:

The State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (NRW)
P.O. Box 200444
40102 Düsseldorf

1. Data protection at a glance

General information

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data means all data by which you can be personally identified. Detailed information on data protection can be found in our Privacy Policy set out below this text.

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the Legal Notice on this website.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter into a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or the time of the page request). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure error-free provision of the website. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive, at any time and free of charge, information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the Legal Notice. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Analytics tools and third-party tools

When you visit our website, your surfing behavior may be statistically evaluated. This happens mainly with cookies and so-called analytics programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information about this can be found in the following Privacy Policy.

You can object to this analysis. We will inform you about the options for objection in this Privacy Policy.

2. General notes and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this Privacy Policy.

When you use this website, various personal data will be collected. Personal data is information by which you can be personally identified. This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmission on the internet (e.g., when communicating by e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.

Information about the controller

The controller responsible for data processing on this website is:

Chr. Höver & Sohn GmbH & Co. KG
Harald Höver
Oberleppe 26
51789 Lindlar

Phone: +49 (0) 0 2266/95-0
E-mail: info@hoever-sohn.com

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, e-mail addresses, etc.).

Revoking your consent to data processing

Many data-processing operations are only possible with your express consent. You can revoke consent you have already given at any time. An informal e-mail to us is sufficient for this purpose. The lawfulness of the data processing carried out up to the point of revocation remains unaffected by the revocation.

Right to lodge a complaint with the competent supervisory authority

In the event of infringements of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority on matters of data protection is the state data protection officer of the federal state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock icon in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of the data processing and, if applicable, a right to rectification, blocking, or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the Legal Notice.

Objection to advertising e-mails

We hereby object to the use of contact data published within the scope of the Legal Notice obligation for the transmission of unsolicited advertising and information materials. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.

3. Data collection on our website

Cookie Declaration

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address

This data will not be combined with other data sources.

The basis for data processing is Art. 6(1)(f) GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of the data entered into the contact form is therefore based exclusively on your consent (Art. 6(1)(a) GDPR). You can revoke this consent at any time. An informal e-mail to us is sufficient. The lawfulness of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to store it, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

4. Analytics tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called “cookies”. These are text files stored on your computer that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there.

The storage of Google Analytics cookies is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You may prevent the storage of cookies by adjusting your browser software accordingly; however, please note that if you do so you may not be able to use all functions of this website to their full extent. You can also prevent Google’s collection of the data generated by the cookie and related to your use of the website (including your IP address) as well as Google’s processing of this data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can prevent the collection of your data by Google Analytics by clicking the following link. An opt-out cookie will be set that prevents the collection of your data on future visits to this website: Disable Google Analytics

More information on how Google Analytics handles user data can be found in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de.

Data processing agreement

We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic features in Google Analytics

This website uses the “demographic features” function of Google Analytics. This enables the creation of reports containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising by Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can disable this feature at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described under “Objection to data collection.”

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

reCAPTCHA is used to check whether data entry on our websites (e.g., in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g., IP address, time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not advised that an analysis is taking place.

Data processing is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM.

Further information about Google reCAPTCHA and Google’s Privacy Policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

5. Plugins and tools

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google’s servers. In this way, Google learns that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.

If your browser does not support web fonts, a standard font from your computer will be used.

Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

Google Maps

This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps it is necessary to store your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offers and to make the locations indicated on the website easy to find. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.

More information on the handling of user data can be found in Google’s Privacy Policy: https://www.google.de/intl/de/policies/privacy/.