METTEN Stein+Design

Data Protection Policy

Content:

I. GENERAL 

1. Data privacy responsible and data protection officer

2. Data security policy

3. Principles for the storage and deletion of personal data

II. GENERAL INFORMATION

1. Purposes and legal principles, based on which your data are processed

2. Purposes for the fulfilment of a contract or pre-contractual measures

3. Purposes within the scope of a legitimate interest of our own or of third parties

4. Purposes within the scope of your consent

5. Purposes for the fulfilment of legal requirements or in public interest

6. The categories of data we process, as regards data not directly obtained, and their origin

7. Recipients or categories of recipients of your data

III. VISIT OUR WEBSITE

1. General information on using the website

2. Contracted data processors

3. Cookies

4. Webtracking: Matomo (Piwik)

5. Web fonts

IV. USE OF OUR SERVICE

1. Communication and contact form

2. Newsletter

3. Route planner

4. Social Media

V. RIGHTS OF THE AFFECTED PERSONS

- Right to information

- Right to rectification

- Right to restriction of processing

- Right to deletion

- Right to data portability

- Right to objection

- Right of appeal to a supervisory authority

- Separate reference to the right of objection pursuant to Art. 21 para. 1, 2 GDPR

VI. Additional data protection information on our portals on social networks

-This privacy policy applies to the following social media presence

-Data processing through social networks

-Legal Basis

-Responsibility and assertion of rights

-Storage time

-Your rights

-Individual social networks

VII. QUESTIONS AND CONTACT PERSONS

 


I. GENERAL 

We appreciate your interest in our online offer. Below we inform you about the handling of personal data and about the data subject rights in accordance with the provisions of the General Data Protection Regulation (GDPR). Personal data is any data which is personal to you, e.g. name, address, e-mail address, user behaviour.

 

1. DATA PRIVACY RESPONSIBLE AND DATA PROTECTION OFFICER

Responsible in the meaning of the Art. 4 Nr. 7 GDPR is 
METTEN Stein+Design GmbH & Co. KG
Industriegebiet Hammermühle
D-51491 Overath
info@metten.de
(s.a. our Imprint)

The data protection officer can be reached at:
METTEN Stein+Design GmbH & Co. KG
Data Protection Officer
Industriegebiet Hammermühle
D-51491 Overath
datenschutz@metten.de 

 

2. DATA SECURITY POLICY

We secure our website and other systems by technical and organisational measures against loss, destruction, access, modification or dissemination of your data by unauthorised persons. Access to customer accounts is only possible after entering a user ID and a personal password. You should always treat your access data confidentially and close the browser window when you have finished communicating with us, especially if you share the computer with others.

For secure communication with us, we offer encrypted communication via the SSL protocol, which we use to secure the transfer of your personal data in our online shop.

To enable access to our web site, there is limited to a no longer 30 days period, in principle, of temporarily data storage carried out for the purpose of ensuring data and system security. This refers to data that may allow identification of a person (e.g., the IP address). The potential processing of such personal data for the purposes of data and system security is based on stipulations under Art. 6 para. 1 sentence 1 lit. f GDPR and our legitimate interest in securing our systems and preventing abuse.

 

3. PRINCIPLES FOR THE STORAGE AND DELETION OF PERSONAL DATA

Personal data will only be processed for the period required to achieve the respective processing purpose or if provided for in applicable laws or regulations, e.g. commercial or tax retention requirements. If a storage purpose ceases or if a legally prescribed storage period expires, the personal data concerned will be routinely and in accordance with the statutory provisions deleted or their processing will be restricted, e.g. limited under commercial or fiscal retention requirements.

The processing of personal data based on a legal obligation, namely the fulfilment of statutory retention obligations, and is based on stipulations under Art. 6 para. 1 sentence 1 lit. c GDPR Insofar as personal data pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR are processed for purposes of securing evidence; these processing purposes are dispensed with after expiry of the statutory limitation periods; the statutory period of limitation is of three years.

For more details on specific storage and deletion periods, we refer to individual service descriptions or information in this privacy policy.

 


II. GENERAL INFORMATION

 

1. PURPOSES AND LEGAL PRINCIPLES, BASED ON WHICH YOUR DATA ARE PROCESSED

We process your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other applicable data protection regulations. Which data is processed in detail and how it is used depends largely on the services requested or agreed upon in each case. Further details or additions to the purposes of data processing can be found in the respective contract documents, forms, a declaration of consent and/or other information provided to you. In addition, data protection information may be updated from time to time, as you can see from our website.

 

2. PURPOSES FOR THE FULFILLMENT OF A CONTRACT OR PRE-CONTRACTUAL MEASURES (ART. 6 PAR. 1B GDPR)

We process personal data to implement our contracts with you and to execute your orders as well as to carry out measures and activities within the scope of pre-contractual relations. These essentially include contract-related communication, the corresponding invoicing and associated payment transactions, verifiability of transactions, orders and other agreements, goodwill procedures, measures for controlling and optimising business processes and for fulfilling due diligence obligations, statistical evaluations for corporate management, cost recording and controlling, internal and external communication, emergency management, accounting and tax assessment of operational services, risk management, assertion of legal claims and defence in legal disputes, ensuring IT security and general security, securing and exercising domiciliary rights, guaranteeing the integrity, authenticity and availability of data, prevention and investigation of criminal offences, control by supervisory bodies or controlling authorities.

3. PURPOSES WITHIN THE SCOPE OF A LEGITIMATE INTEREST OF OUR OWN OR OF THIRD PARTIES (ART. 6 PAR. 1F GDPR)

Beyond the actual fulfilment of the contract or preliminary contract, we may process your data, if necessary, to protect our own legitimate interests or those of third parties, in particular for the following purposes

  • advertising or market and opinion research, unless you have withdrawn consent for processing your data
  • obtaining information and data exchange with credit agencies, to the extent that this exceeds our financial risk
  • testing and optimising procedures for requirements analysis
  • further development of services and products as well as of existing systems and processes
  • for comparison with European and international anti-terrorism lists, insofar as they go beyond statutory requirements
  • augmentation of our data, among other things by using or researching publicly available data
  • statistical evaluation or market analysis
  • benchmarking
  • asserting legal claims and defence in legal disputes which are not directly attributable to the contractual relationship
  • limited storage of the data, if deletion is not possible or only possible with disproportionately high expenditure due to the special type of storage
  • developing scoring systems or automated decision-making processes
  • prevention and investigation of criminal offences, insofar as not exclusively for fulfilling legal requirements
  • security of buildings and facilities (e.g. by means of access controls and video surveillance) insofar as this goes beyond the general duty of care
  • internal and external investigations, security checks
  • possibly listening to telephone conversations for training purposes
  • obtaining and maintaining certifications whether from a private entity or a public authority
  • securing and exercising domiciliary rights by means of appropriate measures as well as of video surveillance to protect our customers and employees and to secure evidence in the event of criminal offences and prevention thereof.

 

4. PURPOSES WITHIN THE SCOPE OF YOUR CONSENT (ART. 6 PAR. 1A GDPR)

Your personal data can also be processed for specific purposes (e.g. use of your e-mail address for marketing purposes) on the basis of your consent. You can generally withdraw this at any time. This also applies to withdrawing declarations of consent which were granted to us prior to the application of the GDPR, as of 25.05.2018. You will be separately informed about the purposes and consequences of withdrawing or failing to grant consent in the corresponding text of the consent. In principle, withdrawing a consent is only valid for the future. Any processing that has taken place prior to the withdrawal shall not be affected and shall remain lawful.

 

5. PURPOSES FOR THE FULFILMENT OF LEGAL REQUIREMENTS (ART. 6 PAR. 1C GDPR) OR OF PUBLIC INTEREST (ART. 6 1E GDPR))

Like any other company, we are also subject to a large number of legal obligations. These may primarily involve legal requirements, but may also be regulatory or official requirements. In addition, the disclosure of personal data may become necessary in the context of official/judicial measures for the purpose of gathering evidence, prosecution or enforcement of civil claims.

 

6. THE CATEGORIES OF DATA WE PROCESS, AS REGARDS DATA NOT DIRECTLY OBTAINED FROM YOU, AND THEIR ORIGIN

Insofar as this is necessary for the provision of our services, we process personal data received from other companies or other third parties as permitted. In addition, we process personal data that we have permissibly obtained, received or acquired from public sources and we are allowed to process. Relevant categories of personal data may include in particular:

  • Personal data
  • Contact information
  • Address data
  • Payment/coverage dates for bank and credit cards
  • Creditworthiness data
  • Customer history
  • Data about your use of telemedia offered by us

 

7. RECIPIENTS OR CATEGORIES OF RECIPIENTS OF YOUR DATA

The internal departments or organisational units within our company that receive your data are those which require the data to fulfil our contractual and legal obligations or within the scope of processing and implementing our legitimate interests. Your data will be passed on to external parties solely

  • in connection with the fulfilment of the contract
  • for the purposes of fulfilling legal requirements according to which we are obliged to provide, report or forward information or if forwarding information serves the public interest (cf. section II, 5.)
  • insofar as external service providers process your data on our behalf as contracted data processors or function providers
  • on the basis of our legitimate interest or the legitimate interest of the third party for the purposes mentioned under II, 3
  • if you have given us your consent for transferring to third parties

We will not forward your data to third parties for any other reason. If we commission service providers within the scope of order processing, your data will be subject to the same security standards by them as by us. In other cases, the recipients may use the data only for the purposes for which these were transmitted to them.

 


III. VISIT OUR WEBSITE

 

1. GENERAL INFORMATION ON USING THE WEBSITE

In the case of merely informative use of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the following personal data that your browser transmits to our server, which is technically necessary for us to display our website and to ensure its stability and safety: IP address, date and time of the request, Greenwich Mean Time (GMT), time zone difference, request content (concrete page), access status / HTTP status code, amount of data transferred, the website that receives the request, browser, operating system and its interface as well as language and version of the browser software. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest in the sense of this standard lies in the provision of a functional website. The personal data will be deleted as soon as the purpose of the storage is omitted.

 

2. CONTRACTED DATA PROCESSORS

As part of the operation of this website and related processes, we may be assisted by other service providers (for example, web hosting and web development) who work for us as contracted processors. These service providers are strictly bound by instructions and contractually obliged to us.

 

3. COOKIES

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. In the cookie is stored information resulting from the connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our page.

On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimising our offer (see Section 4 "Web tracking: MATOMO (PIWIK)“). These cookies allow us to automatically recognise when you visit our site again, that you have already visit us previously. These cookies are automatically deleted after a defined time.

In addition, we use cookies for the provision of certain services that are stored on your device for a certain period of time.

Our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR consists in providing and optimising our services.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you cannot use all features of our website.

 

4. WEBTRACKING: MATOMO (PIWIK)

We use the web tracking tool "Matomo" (formerly "Piwik"), an open-source software for the statistical analysis of visitor access. Matomo uses for the analysis of the use of the website cookies, which are stored on your computer. The usage information generated by the cookie is transmitted and stored onto our server for the purpose of optimising our online offer. An evaluation of IP address data is carried out in any case only in abbreviated / anonymised form, so that a personal reference is excluded. Regarding the nature, extent and functionality of cookies in general, we refer to the general cookie explanation above.

The legal basis for the processing of personal data using Matomo is Art. 6 (1) sentence 1 lit. f) GDPR. Our legitimate interest in the sense of this standard is to provide a user-friendly and optimised website.

In the sense of an opt-out, you can decide whether a web analytics cookie for Matomo may be stored in your browser, in order to enable us to collect and analyse various statistical data provided by Matomo.



This places a so-called deactivation cookie in your browser. Please note that the Matomo deactivation cookie of this website will also be deleted if you remove the cookies stored in your browser. In addition, if you're using another computer or web browser, you'll need to go through the deactivation process again.

 

5. Web fonts

This website uses so-called web fonts, provided by Monotype, for the uniform representation of fonts. These are installed on our web server to improve data protection.

To check the corresponding license to use the font, your browser must establish a connection to the Monotype servers. As a result, Monotype is notified that our website has been accessed via your IP address. Monotype Web Fonts are used for the purpose of a uniform and attractive presentation of our online services. This constitutes a legitimate interest pursuant to Art. 6 paragraph 1, letter f of the GDPR.

If your browser does not support web fonts, a default font is used by your computer.

For more information on Monotype web fonts, see Monotype’s privacy policy: https://www.monotype.com/legal/privacy-policy/

Further information on web fonts tracking can be found in Monotype’s Web Fonts Tracking Privacy Policy https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy

 


IV. USE OF OUR SERVICE

 

1. COMMUNICATION AND CONTACT FORM

On our website, we offer you various ways to contact us and send us messages. Contact is in particular carried out by means of a phone, e-mail or via the provided contact form which can be used for electronic contact. As far as you agree to this, the data entered in the input mask will be transmitted to us and stored. At the time of sending the completed contact form, the following data will also be stored: IP address of the calling computer, date and time of sending. Alternatively, contact via the provided e-mail address or by phone is also possible. In this case, your personal data transmitted by e-mail or by phone will be stored.

The data is used exclusively for processing the conversation. The legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. f) GDPR. If the establishment of contact aims at concluding a contract, then additional legal basis for the processing is Art. 6 para. 1 p.1 lit. b) of GDPR. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. This is also our legitimate interest.

The personal data transmitted to us in case of a contact made will be deleted if the respective conversation with you is over and the storage of the data is no longer necessary. 

 

2. NEWSLETTER

To receive the newsletter offered on our website, you can subscribe using our form. We use the so-called Double-Opt-In procedure. In this case, a confirmation email is first sent to your specified email address with the request for confirmation. The subscription only becomes effective when you click on the activation link mentioned in the confirmation email.

We use your data transmitted to us exclusively for sending the newsletter, which may contain information or offers. We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. In doing so, rapidmail GmbH is prohibited from using your data for any other purpose than for sending the newsletter. Rapidmail GmbH is not permitted to forward or sell your data. Rapidmail is a German, certified newsletter software provider which has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

You can withdraw your consent to the storage of the data and its use for newsletter sending at any time, e.g. via the unsubscribe link in the newsletter. 

 

3. ROUTE PLANNER

We use Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland, to visually display geographic information. Please note that when Google Maps is used by Google, it also collects, processes and uses data about the use of Maps features by visitors to the Websites. More information about the data processing by Google can be found here Google Privacy Policy. You can find the terms of use of Google Maps under "Terms of Use of Google Maps".

 

4. SOCIAL MEDIA (SHARIFF, FACEBOOK, PINTEREST, TWITTER, WHATSAPP)

As part of our website, we offer you the option of functionalities of social media or social networks (hereinafter referred to as: "social networks") in relation to the contents of our website offer and thus to facilitate interaction.
In order to ensure the highest possible standard of data protection, we have decided not to include standard provider plug-ins. Instead we rely on the "Shariff method" developed by Heise Publishing House. Buttons or interface commands with which functionalities of social networks can be triggered on our website, establish a direct contact between you and the respective social network only if you actively select a corresponding "share button".
The Shariff method is already being used in numerous online offers in order to meet users' data protection interests or to increase the standard of protection. The starting point was an initiative of the Heise Publishing House for a so-called 2-click method, which was further developed with the "Shariff" concept. Information on the Shariff project of Heise Publishing House can be found at: http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.  
Currently, we have included share buttons according to the above requirements for the services listed below, through which the provider can make available additional information on the handling of your data by the service concerned:

 


V. RIGHTS OF THE AFFECTED PERSONS

We are happy to inform you about your rights under the GDPR as "data subject". You have the following rights regarding your personal data:

  • Right to Information (Art. 15 para. 1, 2 GDPR)
  • Right to Correction (Art. 16 GDPR) or Deletion (Art. 17 GDPR)
  • Right to Restriction of processing (Art. 18 GDPR)
  • Right to Data Portability (Art. 20 GDPR)
  • Right to Objection to data processing (Art. 21 GDPR)
  • Right to Withdrawal (Art. 7 para. 3 GDPR)
  • Right to appeal to a supervisory authority (Art. 77 GDPR)

In addition, we summarise here the key points of the data subject rights under the GDPR as follows, although this description does not claim to be exhaustive, but merely addresses the main features of the data subjects under the GDPR provisions:

 

- Right to information (including the rights to confirmation and to data provision)

The data subject has the right to ask the person responsible for its presumable data processing for a confirmation of the processing of the personal data concerned.

The data subject has the right to access personal data concerning him or her and the following related information: 

  • the processing purposes;
  • the categories of personal data being processed;
  • the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organisations;
  • if possible, the planned duration for which the personal data are stored or, if this is not possible, the criteria for determining that duration;
  • the existence of a right to rectification or erasure of the personal data concerning them, or to the restriction of processing by the controller or a right to object to such processing;
  • the existence of a right of appeal to a supervisory authority;
  • if the personal data are not collected from the data subject, all available information on the source of the data;
  • the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject;
  • if personal data are transmitted to a third country or to an international organisation, to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

The data subject has the right to provide a copy of the personal data with regard to the personal data relating to him or her that is the subject of a data processing.  

 

- Right to rectification

The data subject has the right to demand from the person responsible without delay the correction of incorrect personal data concerning him. In consideration of the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.

 

- Right to restriction of processing

The data subject has the right to require the controller to restrict the processing if one of the following conditions is met: 

  • the accuracy of the personal data is disputed by the data subject for a period allowing the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data;
  • the controller no longer needs the personal data for the purposes of the processing, but the data subject requires them to assert, exercise or defend legal claims; or
  • the data subject has lodged an objection to the processing pursuant to Art. 21 (1) GDPR, as long as it is not certain that the legitimate reasons of the person responsible outweigh those of the data subject.

 

- Right to deletion

In principle and subject to the statutory necessity of data processing (see, for example, Art. 17 (3) GDPR), the data subject has the right to demand that the data subject's personal data be deleted immediately if one of the following reasons applies: 

  • The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
  • The data subject revokes their consent to the processing pursuant to Art. 6 para. 1 sentence 1 lit. a or Art. 9 para. 2 lit. GDPR and there is no other legal basis for processing.
  • According to Art. 21 (1) GDPR, the data subject objects to the processing of his or her personal data and there are no legitimate reasons for such processing, or the data subject objects to the processing according to rights pursuant to Art. 21 (2) GDPR.
  • The personal data were processed unlawfully.
  • The erasure of personal data is necessary to fulfil a legal obligation under the European Union law or a national law to which the data controller is subject.
  • The personal data were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

 

- Right to data portability

The data subject has the right to receive personal data relating to him or her which were prior provided to a data controller, in a structured, common and machine-readable format. S/he has the right to request the transfer of that information to another person, without interference from the data controller having being prior provided with such data, subject to the fact that the respective data processing is based on a consent or on a contract pursuant to Art. 6 (1) sentence 1 lit. b GDPR and the data processing is carried out using automated procedures.

In exercising the right to data portability, the data subject has the right to obtain the personal data to be transferred directly from one controller to another, where this is technically feasible. 

 

- Right to objection

The data subject has the right to revoke any consent granted, at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent given, until the revocation.

- Right of appeal to a supervisory authority

Any data subject shall have the right to complain to a supervisory authority, in particular in the Member State of his or her residence, place of work or place of alleged infringement, if the data subject considers that the processing of personal data concerning him/her violates this Regulation.

The data protection supervisory authority responsible for us is:  
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2-4
40213 Düsseldorf

 

- Separate reference to the right of objection pursuant to Art. 21 para. 1, 2 GDPR

For reasons arising from your particular situation, you have the right, at any time, to object against the Processing of personal data related to you, which was carried out pursuant to Art. 6 para. 1 lit. e or f GDPR. This also applies to profiling based on these provisions. If you object, your personal data will no longer be processed, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms of the data subject, or the processing is carried out for the purposes of asserting, exercising or defending legal claims.

If personal data is processed in order to operate Direct mail activities, you have the right to object at any time against the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct mail activities. 

 


VI. Additional data protection information on our portals on social networks

- This privacy policy applies to the following social media presence

https://www.facebook.com/metten.de/
https://www.instagram.com/metten_stein_und_design/
https://www.pinterest.de/mettensteine
https://www.xing.com/pages/mettenstein-designgmbh-co-kg
https://www.youtube.com/user/mettennews

 

- Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, Twitter etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

  • If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
  • Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
  • Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

- Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

 

- Responsibility and assertion of rights

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

 

- Storage time

Die unmittelbar von uns über die Social-Media-Präsenz erfassten Daten werden von unseren Systemen gelöscht, sobald Sie uns zur Löschung auffordern, Ihre Einwilligung zur Speicherung widerrufen oder der Zweck für die Datenspeicherung entfällt. Gespeicherte Cookies verbleiben auf Ihrem Endgerät, bis Sie sie löschen. Zwingende gesetzliche Bestimmungen – insb. Aufbewahrungsfristen – bleiben unberührt.
Auf die Speicherdauer Ihrer Daten, die von den Betreibern der sozialen Netzwerke zu eigenen Zwecken gespeichert werden, haben wir keinen Einfluss. Für Einzelheiten dazu informieren Sie sich bitte direkt bei den Betreibern der sozialen Netzwerke (z. B. in deren Datenschutzerklärung, siehe unten).

 

- Your rights

You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.

 

- Individual social networks

Facebook
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.
We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.

Instagram
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal information, see the Instagram Privacy Policy: https://help.instagram.com/519522125107875.

Pinterest
We have a profile at Pinterest. The operator is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. Details on how they handle your personal data can be found in the privacy policy of Pinterest: https://policy.pinterest.com/de/privacy-policy.

XING
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on their handling of your personal data can be found in the XING Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in the YouTube privacy policy: https://policies.google.com/privacy?hl=en.

 


VII. QUESTIONS AND CONTACT PERSONS

For questions about the processing of personal data and for asserting the stipulations under para. IV., please contact our data protection officer:

METTEN Stein+Design GmbH & Co. KG

Datenschutzbeauftragte
Industriegebiet Hammermühle
51491 Overath
Phone: 02206 / 603-0
Telefax: 02206 / 603-80
E-Mail: datenschutz@metten.de