Magnetbau Schramme GmbH & Co. KG
magnetbau-schramme-brandambassador-sam-products-valves-electromagnets-sensors-lvdt
  1. Start »
  2. Privacy Magnetbau Schramme

privacy statement Magnetbau Schramme

Privacy Policy 

The principles of fair and transparent data processing require that the data subject be informed of the existence of the processing operation and its purposes. The confidentiality and integrity of your personal data is of particular concern to us. We will therefore process and use your personal data carefully and appropriately in accordance with your consent and in compliance with the legal provisions on data protection. 
The right to protection of personal data is not an unlimited right. It must be seen in the light of its social function and weighed against other fundamental rights, while respecting the principle of proportionality. 

Personal data is any information relating to an identified or identifiable natural person. Data subjects are identifiable if they can be assigned directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, online identification or one or more special features (Article 4 (1) GDPR).
This data protection notice describes how we collect, process, and use your personal data when you visit our website. You will find more detailed information in the following sections.

1.    Who is responsible for the data processing?
Responsible for the data processing on this website (i.e. the “controller”) in accordance with Article 4 (7) GDPR: 

Magnetbau Schramme GmbH & Co.KG
Zur Ziegelhütte 1-5
88693 Deggenhausertal

Telefon: +497555 9286-0
E-Mail: info@magnetbau-schramme.de    
Internet: www.magnetbau-schramme.de 
2.    How to contact our data protection officer? 
Our data protection officer can be reached via the following contact details:

Magnetbau Schramme GmbH & Co.KG
Datenschutzbeauftragter
Zur Ziegelhütte 1-5
88693 Deggenhausertal 
E-Mail: datenschutz@magnetbau-schramme.de

3.    Data collection on our website
3.1    Cookies
To make the use of our website more attractive, user-friendly and effective, we use cookies. These are small text files that are stored on your terminal device and contain information about the websites visited. Cookies do not cause any damage to your computer and do not contain any viruses. 
By making appropriate changes to your browser settings, you can be informed about the setting of cookies and decide individually whether to accept them or generally exclude them, as well as arrange for the automatic deletion of cookies when closing the browser window. By deactivating cookies, you may not be able to use all functions of our website. 
Insofar as you allow us to use cookies through your browser settings or consent, the following cookies may be used on our websites:

Name    Purpose    Expiry date
First-party cookies        
BT_pdc     Contains Base64 encoded visitor history data (is customer, newsletter recipient, visitor ID, smart messages displayed) for personalization (only if cookie is enabled).    1 year 
_et_coid    Cookie detection (only with cookie activation)    2 years 
isSdEnabled    Detection of whether the scroll depth is measured for the visitor (only if cookies are activated).    1 day 
be_typo_user    Tells Typo3 if the visitor has logged into the Typo3 backend and which backend user is being used.    End of session 
BT_ctst    Used only to detect whether or not cookies are enabled in the visitor's browser (only when cookies are enabled).    End of session
BT_sdc    Contains Base64-encoded data of the current visitor session (referrer, number of pages, number of seconds since the start of the session, smart messages displayed in the session), which is used for personalization purposes (only if cookie is activated).    End of session 
fe_typo_user    The sites also use "fe_typo_user". This cookie is set by the CMS (Content Management System) TYPO3 for the unmistakable identification of a user. It provides the user with better user guidance, e.g. saving search settings or form data. Typically, this cookie is deleted when the browser is closed.    End of session 
PHPSESSID    The Sites use "PHPSESSID" to ensure a comfortable visit to our websites. This cookie saves your current session with respect to PHP applications, ensuring that all site features based on the PHP programming language can be fully displayed.    End of session 
typo3-login-cookiecheck    Checks the browser settings related to the version of the page in the Typo3 backend.    End of session 
Third-party Cookies         
APISID    This DoubleClick cookie is usually set through the website of advertising partners and used by them to profile the interests of the website visitor and display relevant ads on other websites. This cookie works by uniquely identifying your browser and device.    410 days 
HSID    This cookie is set by DoubleClick (owned by Google) to profile the interests of the website visitor and serve relevant ads on other websites.    410 days 
PREF    This cookie, which may be set by Google or Doubleclick, can be used by advertising partners to create an interest profile in order to serve relevant ads on other websites. It works by uniquely identifying your browser and device.    410 days 
SAPISID    This DoubleClick cookie is usually set through the website of advertising partners and used by them to profile the interests of the website visitor and display relevant ads on other websites. This cookie works by uniquely identifying your browser and device.    410 days 
SID    This is a very common cookie name, but if it is found as a session cookie, it is probably used as for session state management.

This cookie is used by Google in combination with the HSID to verify a Google user account and the last login time.    410 days 
SSID    This cookie carries out information about how the end user uses the website, as well as any advertisements that the end user has seen before visiting said website.    410 days 

Legal basis 
The legal basis for the processing of this data is Article  6 (1) (f) GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services.
3.2    Server log files 
Each time you visit our website, our system automatically collects information and stores it in so-called server log files. The following data is collected by us:
•    Used browser type and browser version 
•    IP address 
•    Operating system used 
•    referrer URL 
•    Time and date of server request

Purpose of data processing/duration of storage
The storage of the above-mentioned data in the log files is done to ensure the functionality of our website. In addition, we use this data to optimize our website and to ensure the security of our information technology systems. Hosteurope is our service provider and we have concluded an order processing contract with them. According to this contract, we have no obligation to cooperate in the deletion of the data.

Legal basis 
The legal basis for the processing of this personal data is Article 6 (1) (f) GDPR.

Recipient
The recipient of this data is our server host, with which an order processing contract within the meaning of Article 28 GDPR has been concluded.

3.3    Google Web Fonts 
Purpose of data processing
In order to display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Webfonts (https://www.google.com/webfonts/) on our website. Google Webfonts are transferred to your browser's cache to avoid multiple loading. If the browser does not support Google Web Fonts or prevents access, content is displayed in a standard font.
Calling script libraries or font libraries automatically triggers a connection to the library's operator. It is theoretically possible - although it is currently also unclear whether and, if so, for what purposes - that operators of such libraries collect data.   The privacy policy of the library operator Google can be found here: www.google.com/policies/privacy/.  

Legal basis
The legal basis for data processing is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest results from our need for an appealing presentation of our online offer. 


3.4    Google AdWords
Purpose of data processing 
Our website uses the online advertising program Google Adwords service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and within the framework of Google AdWords the conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are text files that are stored on your computer and allow an analysis of the use of the websites you visit. These cookies usually lose their validity after 30 days and are therefore no longer used to personally identify users. However, if the cookie has not yet expired and you visit certain pages of our website, Google and we can recognize that you have clicked on the ad and have been forwarded to this page. Each Google AdWords customer receives a different cookie. It is therefore not possible to track the cookies via the website of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. This allows customers to know the total number of users who clicked on your ad and were redirected to a page tagged with a conversion tracking tag. However, you will not receive any information about this that can be used to personally identify users. By adjusting the settings of your browser software accordingly, you can object to this use if you do not wish to participate in the tracking. Thus, you will not be included in the conversion tracking statistics. 

You can find more information about the data processing by Google in the Google privacy policy: www.google.de/intl/de/policies/privacy.  

Legal basis 
The legal basis for the described processing of personal data is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in improving our website.

4.    Contact options
4.1    Contacting us directly
Purpose of data processing  
You have the possibility to contact us at any time by mail, telephone, fax or e-mail. In order to process your contact request, we may store your communication data (e.g. telephone number, e-mail) and identification data (e.g. name, address).

Legal basis 
If the request is aimed at the conclusion of a contract or is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Art. 6 (1) lit. b GDPR. 

In all other cases, the processing is based on our legitimate interest (Art. 6 (1) lit. f) GDPR) in the effective processing of the requests sent to us.
4.2    Contact form
Purpose of data processing  
There is a contact form on our website. If you contact us via the contact form with regard to questions of any kind, you give us your voluntary consent for the purpose of contacting you. In this case, the personal data transmitted with the inquiry (last name, e-mail address and telephone number) will be stored.
This data will not be passed on without your consent.

Legal basis 
The legal basis for processing the data you enter in the contact form is exclusively based on your consent (Art. 6 (1) lit. a) GDPR). If the request is aimed at the conclusion of a contract or is necessary for the implementation of pre-contractual measures, the legal basis for the processing is Art. 6 (1) (b) GDPR.
In all other cases, the processing is based on our legitimate interest (Art. 6 (1) lit. f) GDPR) in the effective processing of the requests sent to us.

5.    Applicant management (e-mail) 

Contact details of the controller
Magnetbau Schramme GmbH & Co.KG
Zur Ziegelhütte 1-5
88693 Deggenhausertal

Telefon: +497555 9286-0
E-Mail: info@magnetbau-schramme.de 
Internet: www.magnetbau-schramme.de 

Data protection officer
Magnetbau Schramme GmbH & Co.KG
Datenschutzbeauftragter
Zur Ziegelhütte 1-5
88693 Deggenhausertal 
E-Mail: datenschutz@magnetbau-schramme.de 

Purpose and legal basis of data processing 
We process your personal data, for the purpose of evaluating applications for possible employment or cooperation with the company. As part of the application process, we process the data provided by you. This may be general personal data such as your name, address, details of your professional qualifications and school education or details of further professional training, or other details that you provide to us in connection with your application.
The legal basis for the processing of your provided data is Art. 6 (1) lit. b) GDPR.

Recipients of your personal data
Your personal data will only be passed on internally to employees who are responsible for it as part of the application process. All employees are obliged to maintain the confidentiality of your data. As a matter of principle, your personal data will not be passed on externally unless we are legally permitted to do so.

Decision-making including profiling
No automated individual decision-making procedures pursuant to Art. 22 GDPR or other profi-ling measures within the meaning of Art. 4 No. 4 GDPR take place.

Transfer to third countries
Your data will be processed exclusively within the European Union. A transfer outside the Union does not take place. Should this become necessary, we will inform you of this in advance and ensure all necessary measures to maintain an appropriate level of data protection.

Storage period and deletion
The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. As a general rule, we only store your personal data for as long as permitted by the defined purpose or as required by law for reasons of proof. We store the data collected for the application for a maximum of 6 months after completion of the application process. After this period, the data collected for the application will be deleted or blocked if deletion is not possible. Any storage beyond this period will only take place if you have given your consent to a longer storage period or if a legal permission exists.

Rights of the data subjects 
As a data subject, you are entitled to the following rights:
•    Right of access by the data subject (Art. 15 GDPR)
•    Right to rectification (Art. 16 GDPR)
•    Right to erasure (Art. 17 GDPR)
•    Right to restriction of processing (Art. 18 GDPR)
•    Right of notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 GDPR)
•    Right to data portability (Art. 20 GDPR)
•    Right to object (Art. 21 GDPR)
•    Right in relation to automated individual decision-making, including profiling (Art. 22 GDPR)
•    Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
If you have given us your consent, you may revoke it at any time with effect for the future without affecting the lawfulness of the processing already carried out. 

For this purpose, an informal communication by e-mail to: datenschutz@magnetbau-schramme.de is sufficient. 

Note on the complaint to a supervisory authority 
Without prejudice to any other administrative or judicial remedy, the data subject shall have the right to lodge a complaint with the competent supervisory authority. This depends on the federal state of your residence, your work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with address can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.  

Our responsible state commissioner for data privacy and information security

Postal address 
P.O. Box 10 29 32 
70025 Stuttgart
Germany  

or 

Königstrasse 10a
70173 Stuttgart

Online complaint form:  
www.baden-wuerttemberg.datenschutz.de/online-beschwerde/ 

6.    Social Media 
6.1    LinkedIn
On our website, we use the functions of the LinkedIn network, a service of the Linke-dIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you visit our website that contains the LinkedIn function, a connection to LinkedIn servers is established. To the best of our knowledge, no personal data is stored, in particular the IP address is not stored or the usage behavior is not evaluated.

Legal basis
The legal basis for the use of the LinkedIn plugin is Art. 6 (1)  f) GDPR. We have a legitimate interest in the greatest possible visibility in social media. You can find more information under the privacy policy of LinkedIn: www.linkedin.com/legal/privacy-policy.
6.2    Xing 
On our website, we use the functions of the XING network, which are offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time our website is accessed, a connection to XING servers is established. To our knowledge, no personal data is stored in this process; in particular, there is no evaluation of usage behavior and IP addresses are not stored.

Legal basis
The legal basis for the use of the XING plugin is Art. 6 (1) lit. f GDPR. We have a legitimate interest in ensuring the greatest possible visibility in social media. For more information on data protection and the XING Share button, please refer to the XING privacy policy at: www.xing.com/app/share.
6.3    Twitter
We use on our website the functions of the service Twitter, a service of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. When you use Twitter and the ''Re-Tweet'' function, your Twitter account links the websites you visit and is announced to other users on Twitter. In the process, a data transmission to Twitter also takes place. We, as the provider of our website, would like to point out that we are not informed of the content of the transmitted data or its use by Twitter.

Legal basis
The legal basis for the use of the Twitter plugin is Art. 6 (1) lit. f GDPR. We have a legitimate interest in the widest possible visibility in social media.
You can find more information in Twitter's privacy policy at: twitter.com/de/privacy.

6.4    Pinterest 
We use "Pinterest" on our website, a service of Pinterest Europe Ltd, Pal-merston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. Pinterest stores and processes information about your user behavior on our website. Pinterest uses, among other things, cookies, i.e. small text files that are stored locally in the cache of your web browser on your end device and that enable an analysis of your use of our website.

We use Pinterest for marketing and optimization purposes, in particular to analyze the use of our website and to continuously improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behavior, we can improve our offer and make it more interesting for you as a user. This is also our legitimate interest in the processing of the above data by the third-party provider. 
The legal basis for the processing of your personal data is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR.
You can find more information in the Pinterest privacy policy at: policy.pinterest.com/de/privacy-policy 
6.5    Youtube
We use YouTube. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you start a YouTube video, a connection to the YouTube servers is established. The YouTube server is thus informed that you have visited our website.
If you are logged into your YouTube account, you give YouTube the opportunity to assign your surfing behavior directly to your personal profile. You can avoid this by logging out of your YouTube account. After playing a video, YouTube can save various cookies on your end device.
By means of these cookies, YouTube has the possibility to obtain information about visitors to our website. This information is used to prevent fraud attempts, to collect video statistics and to improve the user experience. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.
The legal basis for the processing of your personal data is our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR.
You can find more information in YouTube's privacy policy at: 
policies.google.com/privacy.
6.6    Kununu 
We use the functions of the social network Kununu on our websites. Kununu is an application of the XING service. When you visit our websites, your browser briefly connects to servers of XING SE ("XING"), with which the "XING Share Button" functions (in particular the calculation/display of the counter value) are provided.
We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Kununu. We have no influence on the scope of the data that Kununu collects with the button. If you do not want Kununu to be able to assign the visit to our pages to your user account, please log out of your Kununu user account beforehand.
You can find more information in the privacy policy of Kununu at: 
www.kununu.com/de/info/datenschutz/ and www.kununu.com/de/info/agb 

6.7    Facebook
Contact details of the controller
Responsible for data processing is pursuant to Art. 4 No. 7 in conjunction with. Art. 26 (1) sentence 1 GDPR:

Facebook Ireland Ltd.
4 Grand Canal Square
Dublin 2 
Ireland

and 

Magnetbau Schramme GmbH & Co. KG 
Zur Ziegelhütte 1-5
88693 Deggenhausertal

Legal representative: 
Dr. -Ing. Joachim Hümmler
Phone: +49 7555 9286 - 0

E-mail: info@magnetbau-schramme.de   
Internet: www.magnetbau-schramme.de    

Details can be found in the following information and in the joint-controller agreement concluded between Facebook and us: www.facebook.com/legal/terms/page_controller_addendum 

Data protection officer
Our data protection officer can be reached via the following contact details:

Magnetbau Schramme GmbH & Co.KG
Datenschutzbeauftragter
Zur Ziegelhütte 1-5
88693 Deggenhausertal 
E-Mail: datenschutz@magnetbau-schramme.de 

Legal basis and purpose of processing 
The purpose of the processing Magnetbau Schramme Gmbh & Co. KG 
We process your personal data for the purpose of optimizing our service and, as the operator of the Facebook fan page, have no interest in collecting and further processing it for analysis or marketing purposes. 
The legal basis for the data processing of your provided data is based on our legitimate interest according to Art. 6 (1) lit. f GDPR. 

Purpose of processing Facebook
You can view the legal basis and purposes of processing by Facebook at www.facebook.com/about/privacy/legal_bases and at de-de.facebook.com/policy.php.

In particular, Facebook may process the following personal data:
•    User interaction
•    Ip address
•    device information
•    Information from partners
•    Information about networks, connections and usage
•    cookies
•    Demographic characteristics (state, gender, age, etc.)
Which personal data is processed depends primarily on which products are used.

Data Processing for Page Insights
Page Insights are aggregate statistics created based on certain events logged by Facebook servers when people interact with Pages and their associated content. Statistical categories can be accessed via these so-called "Insights" of the Facebook page. These statistics are generated and provided by Facebook, over which we as the operator of the fan page have no influence. You can find more information about this at: 
www.facebook.com/legal/terms/information_about_page_insights_data  

Recipients of your personal data 
Recipients Magnetbau Schramme GmbH & Co. KG
An internal transfer of your personal data will only take place for the fulfillment of the stated purposes. All employees are obliged to maintain the confidentiality of your data.

Recipient Facebook
You can find more information about this at: de-de.facebook.com/policy.php 

Transfer to a third country 
Your data will be transferred to and processed in the United States or other third countries for the purposes described above. These data transfers are necessary to provide the services set forth in the Facebook Instagram Terms of Service and to operate globally to provide the products to users. Facebook uses standard contractual clauses approved by the European Commission and relies on the decisions of the European Commission. 

Decision making including profiling
There are no automated individual decision-making procedures according to Art. 22 GDPR or other profiling measures within the meaning of Art. 4 No. 4 GDPR by Magnetbau Schramme GmbH & Co. KG take place. However, we would like to point out that profiling is carried out by Facebook. 

Storage period and deletion
The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. In principle, the following applies in this context: we only store your personal data as long as this is permitted by the defined purpose, or the legislator requires it for reasons of proof. Should we wish to store your data for longer than previously described, we would ask you to confirm this as part of a voluntary declaration of consent.

Rights of the data subjects
As a data subject, you are entitled to the following rights:
•    Right of access by the data subject (Art. 15 GDPR)
•    Right to rectification (Art. 16 GDPR)
•    Right to erasure (Art. 17 GDPR)
•    Right to restriction of processing (Art. 18 GDPR)
•    Right of notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 GDPR)
•    Right to data portability (Art. 20 GDPR)
•    Right to object (Art. 21 GDPR)
•    Right in relation to automated individual decision-making, including profiling (Art. 22 GDPR)
•    Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
If you wish to make use of your data subject rights, either contact Facebook directly, as Facebook is responsible for fulfilling the obligations (including Articles 12 and 13 of the GDPR, Articles 15 to 21 of the GDPR, Articles 33 and 34 of the GDPR), or contact datenschutz@magnetbau-schramme.de. If you have given your consent to the processing of your data, you can revoke this consent at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.

Notice regarding the complaint to a supervisory authority

Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the competent supervisory authority. This is based on the federal state of your residence, work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with address can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.   

Our responsible state commissioner for data protection and information security 

Mailing address:

P.O. Box 10 29 32  
70025 Stuttgart 
Germany

or

Königstraße 10a 
70173 Stuttgart 

Online complaint form:
www.baden-wuerttemberg.datenschutz.de/online-beschwerde/   

You also have the right to lodge a complaint with the leading supervisory authority responsible for Facebook Ireland, the Irish Data Protection Commission, or with your local supervisory authority. The data controller regarding your information is Facebook Ireland. 
You can contact this company either online at www.facebook.com/help/contact/2061665240770586   

or by mail to: 

Facebook Ireland Ltd. 
4 Grand Canal Square 
Grand Canal Harbour 
Dublin 2 Ireland
6.8    Instagram
Contact details of the controller
Responsible for data processing is pursuant to Art. 4 No. 7 in conjunction with. Art. 26 (1) sentence 1 GDPR:

Facebook Ireland Ltd.
4 Grand Canal Square
Dublin 2 
Ireland

and 

Magnetbau Schramme GmbH & Co. KG 
Zur Ziegelhütte 1-5
88693 Deggenhausertal

Legal representative: 
Dr. -Ing. Joachim Hümmler
Phone: +49 7555 9286 - 0

E-mail: info@magnetbau-schramme.de
Internet: www.magnetbau-schramme.de
Operating company: Instagram Inc. 1601 Willow Road, Menlo Park, CA, 94025, USA

Data protection officer
Our data protection officer can be reached via the following contact details:

Magnetbau Schramme GmbH & Co.KG
Datenschutzbeauftragter
Zur Ziegelhütte 1-5
88693 Deggenhausertal 
E-Mail: datenschutz@magnetbau-schramme.de 

Legal basis and purpose of processing
The purpose of the processing Magnetbau Schramme GmbH & Co. KG 
We process your personal data for the purpose of optimizing our service and, as the operator of the Facebook fan page, have no interest in collecting and further processing it for analysis or marketing purposes. 
The legal basis for the data processing of your provided data is based on our legitimate interest according to Art. 6 (1) lit. f) GDPR. 

Purpose of processing Instagram 
You can view the legal basis and purposes of processing by Instagram at help.instagram.com/155833707900388.

In doing so, Instagram or Facebook may process the following personal data in particular:
•    User interaction
•    IP address
•    device information
•    Information from partners
•    Information about networks, connections and usage
•    cookies
•    Demographic characteristics (state, gender, age, etc.)

Which personal data is processed depends primarily on which products are used.

Data Processing for Page Insights
Page Insights are aggregate statistics created based on certain events logged by Instagram, or Facebook servers, when people interact with Pages and their associated content. Statistical categories can be accessed via these so-called "Insights". These statistics are generated and provided by Instagram or Facebook, over which we as the operator of the fan page have no influence. You can find more information about this at: help.instagram.com/788388387972460  

Recipients of your personal data 
Empänger Magnetbau Schramme GmbH & Co. KG
An internal transfer of your personal data will only take place for the fulfillment of the stated purposes. All employees are obliged to maintain the confidentiality of your data.

Recipient Instagram
For more information, please visit: help.instagram.com/155833707900388 

Transfer to a third country 
Your data will be transferred to and processed in the United States or other third countries for the purposes described above. These data transfers are necessary to provide the services set forth in the Instagram Terms of Service and to operate globally to provide the products to users. Facebook uses standard contractual clauses approved by the European Commission and relies on the decisions of the European Commission. 

Decision making including profiling
There are no automated individual decision-making procedures according to Art. 22 GDPR or other profiling measures within the meaning of Art. 4 No. 4 GDPR by Magnetbau Schramme GmbH & Co. KG take place. However, we would like to point out that profiling is carried out by Instagram or Facebook.

Storage period and deletion
The legislator has enacted a large number of retention periods, which we observe with the utmost care in order to comply with these obligations. As a general rule, we only store your personal data for as long as this is permitted by the defined purpose or as required by law for reasons of proof. Should we wish to store your data for longer than previously described, we would ask you to confirm this as part of a voluntary declaration of consent.

Rights of the data subject 
As a data subject, you are entitled to the following rights:
•    Right of access by the data subject (Art. 15 GDPR)
•    Right to rectification (Art. 16 GDPR)
•    Right to erasure (Art. 17 GDPR)
•    Right to restriction of processing (Art. 18 GDPR)
•    Right of notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 GDPR)
•    Right to data portability (Art. 20 GDPR)
•    Right to object (Art. 21 GDPR)
•    Right in relation to automated individual decision-making, including profiling (Art. 22 GDPR)
•    Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
If you wish to make use of your data subject rights, either contact Facebook directly, as Facebook is responsible for fulfilling the obligations (including Articles 12 and 13 of the GDPR, Articles 15 to 21 of the GDPR, Articles 33 and 34 of the GDPR), or contact datenschutz@magnetbau-schramme.de. If you have given your consent to the processing of your data, you can revoke this consent at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.

Notice regarding the complaint to a supervisory authority

Without prejudice to any other administrative or judicial remedy, the data subject shall have the right to lodge a complaint with the competent supervisory authority. This depends on the federal state of your residence, your work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with address can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.   

Our responsible state commissioner for data protection and information security 

Mailing address:
P.O. Box 10 29 32  
70025 Stuttgart 
Germany

or

Königstraße 10a 
70173 Stuttgart 

Online complaint form:
www.baden-wuerttemberg.datenschutz.de/online-beschwerde/   

You also have the right to lodge a complaint with the leading supervisory authority responsible for Facebook Ireland, the Irish Data Protection Commission, or with your local supervisory authority. The data controller regarding your information is Facebook Ireland. 
You can contact this company either online at www.facebook.com/help/contact/2061665240770586   

or by mail to: 

Facebook Ireland Ltd. 
4 Grand Canal Square 
Grand Canal Harbour 
Dublin 2 Ireland
7.    Who gets your data? 
7.1    Internal recipients
An internal transfer of your personal data will only take place for the fulfillment of the stated purposes or for the fulfillment of legal obligations. All responsible employees are obliged to maintain the confidentiality of your data. 
7.2    External recipients 
Your personal data will only be passed on to external recipients if this is necessary for the processing or handling of your request, if another legal permission exists or if we have your consent for this. 

A transfer to external parties may take place under the following circumstances:

Processor 
A processor is any natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller. 

Public authorities and institutions
Authorities and state institutions, such as public prosecutors, hospitals, courts or tax authorities, to which we must transfer personal data for legally compelling reasons. The legal basis for the transfer is Article 6 (1) lit. c GDPR. 

Third country 
It cannot be ruled out that your personal data will be transferred to a third country. In doing so, we ensure that an adequate level of data protection exists before transferring your personal data, be it through an adequacy decision of the European Commission, guarantees, certifications or EU standard contractual clauses.
8.    SSL-Encryption 
For security reasons our website uses SSL encryption. This protects transmitted data and prevents it from being read by unauthorised third parties. You can recognise an encrypted connection by the fact that the address line of the browser changes from

“http://” to “https://” and by the lock symbol which is visible in your browser line.
9.    Automated decision making and profiling
Automated decision making including profiling according to Art. 22 and Art. 4 No. 4 GDPR does not take place on our website.
10.    How long will your data be stored? 
Your personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, you request us to delete it, or you revoke your consent to its storage. By way of exception, your personal data will only be stored if this is required by the laws, regulations or other legal provisions to which we are subject. Data that has been stored by us for other purposes remains unaffected by this.
11.    What rights do you have? 
You have the following rights with respect to the personal data concerning you:
•    Right of access by the data subject (Art. 15 GDPR)
•    Right to rectification (Art. 16 GDPR)
•    Right to erasure (Art. 17 GDPR)
•    Right to restriction of processing (Art. 18 GDPR)
•    Right to data portability (Art. 20 GDPR)
•    Right to object (Art. 21 GDPR)
•    Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
If you have given us your consent, you can revoke it at any time with effect for the future without affecting the lawfulness of the processing already carried out. 
For this purpose, an informal communication by e-mail to: datenschutz@magnetbau-schramme.de is sufficient.

Note on the complaint to a supervisory authority  

Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the competent supervisory authority. This depends on the federal state of your residence, work or the alleged violation. A list of the supervisory authorities (for the non-public sector) with address can be found at: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html. 

Our responsible state commissioner for data privacy and information security

Postal address 
P.O. Box 10 29 32 
70025 Stuttgart
Germany  

or 

Königstrasse 10a
70173 Stuttgart

Online complaint form:  

www.baden-wuerttemberg.datenschutz.de/online-beschwerde/