PRIVACY POLICY

Date: 14.03.2023
Deutsche Version

We are very pleased that you are interested in our company. Data protection is of a particularly high priority for the management. The use of the website is basically possible without any indication of personal data. However, if a data subject wants to use special company services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject is always in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations that apply to us. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of the rights to which they are entitled by means of this data protection declaration.

As the person responsible for processing, we have implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us in alternative ways, for example by telephone.

1. General

The data protection declaration is intended to inform the users of the website about the type, scope and purpose of the collection and use of personal data by the operator. The operator takes your data protection very seriously and treats your personal data confidentially and in accordance with legal regulations.

The operator and responsible body of the site is the

6PAC Bricks GmbH
Represented by the managing director: Leif Bräuer
Friedensallee 120, 22767 Hamburg
Telephone: 040 398 03 3 – 0
Email: info@6pac-bricks.de

The responsible body has appointed a data protection officer for the company:

Tobias Lange
External Data Protection Officer
Berner Heerweg 246, 22159 Hamburg
Telephone: 040 5700 3925
Email: info@tl-datenschutz.de

Changes in the organization of the operator, the further development of technologies and changes to the website or the entire website of the operator can lead to updates to this data protection declaration at any time. We recommend that you read the data protection declaration again at regular intervals.

Definitions of the terms used (e.g. “personal data” or “processing”) can be found in Art. 4 GDPR. In addition to the GDPR, the legal basis is also the new BDSG, the requirements of Article 13 of the Telemedia Act and the TTDSG.

In principle, it is possible to visit this website without providing personal data. We have preset the data protection conditions of our website to be user-friendly, so that no personal data is collected and processed without your express consent. The following applies to the use of the social media icons on our site: Only when you decide to make use of these services (e.g. by clicking on the Facebook icon) can personal data be collected by the respective third-party provider. This is then no longer our responsibility.

The above-mentioned responsible bodies work in the network with other companies, service providers, lawyers, etc. Personal data will not be passed on unless this is required by law or consent has been given.

2. Your Rights

If you are a data subject within the meaning of Art. 4 No. 1 DS-GVO, you have the following rights with regard to the processing of your personal data. The legal text of the rights listed below can be found here: DS-GVO law

According to Art. 15 DS-GVO, you have the right to request confirmation from the responsible body as to whether personal data is being processed and to receive free information about the personal data stored about you.

According to Art. 16 DS-GVO you have the right to demand the immediate correction of incorrect personal data. You also have the right, with regard to processing, to request the completion of incomplete personal data.

According to Art. 17 GDPR, you have the right to demand that the responsible body delete your personal data immediately if one of the reasons stated in Art. 17 GDPR applies and insofar as processing is no longer necessary.

According to Art. 18 DS-GVO, you have the right to request the restriction of processing if one of the conditions specified in Art. 18 DS-GVO is met.

According to Art. 20 DS-GVO, you have the right to receive your personal data in a structured, common and machine-readable format, and you have the right, insofar as not restricted in Art. 20 DS-GVO, to transfer this data to another person responsible without hindrance to be transmitted by us.

You also have the right to revoke your consent to the processing of personal data at any time. The revocation only has an effect for the future. Please address the revocation to the contact details given above for the responsible body.

According to Art. 21 DS-GVO, you have the right to object to the processing of your personal data at any time if this processing is based on a public or legitimate interest. If the requirements for an effective objection are met, the personal data may no longer be processed.

In addition to other administrative or judicial remedies, you have the right to lodge a complaint with a competent supervisory authority if you believe that the processing of your personal data violates the provisions of the GDPR. The complaint can be made online on the website of the supervisory authority. The responsible supervisory authority for our company is:

The Hamburg data protection officer
Ludwig-Erhard-Str 22, 7th floor
20459 Hamburg
Tel.: 040 / 428 54 – 4040
Fax: 040 / 428 54 – 4000E-mail: mailbox@datenschutz.hamburg.de
Website: https://datenschutz -hamburg.de

3. Purpose of Processing

Personal data transmitted to us will only be processed for the purpose for which you provided the data. A processing, in particular a transfer for other purposes, does not take place.

4. Duration of storage

Personal data will be deleted as soon as their storage is no longer required to fulfill the original purpose and there are no longer any statutory retention periods. The final duration of the storage of personal data depends on the statutory retention periods. After expiry of the legal deadlines, the corresponding data will be deleted. If there are retention periods and there is no longer a purpose for processing the data, the processing of the personal data will be restricted.

5. Security of the Website

The operator of the website makes it available in accordance with current technical standards and updates the website regularly. It is pointed out that absolute security against errors and unauthorized access, especially when using criminal energy, cannot be guaranteed.

In order to protect the transmitted data in the best possible way, SSL encryption is used. You can recognize such encrypted connections by the prefix “https://” in the page link in the address line of your browser.

The website is based on WordPress. The operator of the website updates updates promptly, in particular security updates, and is regularly informed about possible security risks. You can find more information about WordPress at: https://de.wordpress.org/

The hosting and technical administrator is “Alfahosting GmbH” in 06109 Halle (Saale). You can reach them directly at info@alfahosting.de. The technical administrator protects servers and connections according to current technical standards and EU guidelines.

6. Log files/access data

The operator of the website collects data about access to this website based on a legitimate interest (see Art. 6 Para. 1 lit. f. DS-GVO) and saves this as “server log files” on the server of the website .

The following data is stored:

  • name of retrieved file,
  • date and time of retrieval,
  • amount of data transferred,
  • notification of successful retrieval,
  • operating system used,
  • browser and browser type,
  • the website from which the link was forwarded,
  • visited pages
  • requesting domain.
  • IP addresses in anonymous form

The IP addresses are anonymized before they are stored on the server and processed further. Complete, traceable IP addresses are neither collected nor processed. With the anonymization, the visitor to the website is no longer traceable. The data stored in this way no longer refers to a natural person who can be assigned and accordingly the provisions of the GDPR are no longer relevant after anonymization.

The data is stored for security reasons, for example to be able to clarify cases of misuse, to analyze the use of the website and to ensure proper functionality. The operator of the website and the technical administrator protect access to the log files with appropriate technical and organizational means to ensure the security of the data.

For security reasons, the technical administrator of the website can store IP addresses in non-anonymous form for a maximum of 30 days in order to track improper use of the website.

The log file data is only released to third parties on a legal basis, for example in the event of a court order to release it. If it is no longer necessary to store the log files, they will be irretrievably deleted.

7. Contact option via email

On our site we offer you the opportunity to contact us by e-mail. In this case, the information you provide will be stored for the purpose of processing the contact. A transfer to third parties does not take place.

When using e-mail services, personal data such as IP addresses and e-mail addresses are transmitted. Furthermore, the personal data that you provide us with the request. We work with SSL encryption for e-mail traffic and ensure the security of our e-mail server according to generally accepted standards. We cannot influence the security of your e-mail service. We would like to point out that encryption with SSL does not represent end-to-end encryption and absolute security cannot be guaranteed.

If you contact us via e-mail, we will only process your transmitted data for the purpose you have requested, will not pass them on and, if the purpose has been fulfilled, will delete them if there are no retention periods.

We ask that you be able to send us secure e-mails encrypted via S/MIME. Please contact us to get our public keys.

8. Contact option via contact form

On our website we offer you the opportunity to contact us via contact forms. In this case, the information provided by the user will be stored for the purpose of processing the contact and processed for the purpose for which contact was made with us. The legal basis is your consent in accordance with Article 6 Paragraph 1 lit.

The upload of the data, if you upload attachments, and the sending of all data from our web servers takes place via a secure SSL connection directly to our Microsoft Exchange server. No third-party services are used to send and technically process the data contained in the contact form. It is a secure end-to-end data transfer.

If you contact us via the contact form, we will only process your transmitted data for the purpose you have requested, will not pass them on and, if the purpose has been fulfilled, will delete them if there are no retention periods.

9. General information about social media components

Social media components are used on the website, as detailed below. These are not active integrations, which lead to a connection to and/or transmission of data to the respective server of the referring component when the website is loaded. All components work “on-click” and are only opened and then connected to the corresponding server when you click and activate them with the mouse/pointer or by touch. With your activation, you open the website of the respective recommendation component and submit to the data protection guidelines applicable there. These data protection rights can be significantly below the standard under the GDPR and also lead to the transfer of personal data to third countries. This is no longer the responsibility or control of the operator of this website and no liability can be accepted for this. Activation of the recommendation components provided on this website is at your own risk.

10. Use of Xing

We use components of the XING.com network on our website. These components are a service of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.

We do not use any components that connect to XING and transmit data when the website loads. A connection to XING is only established when you click on a recommendation component. You decide whether you want to use this component or not. By clicking you expressly consent to the transfer. We are then no longer responsible for the processing of personal data by XING. Further information on this can be found in Xing’s data protection information at: https://www.xing.com/app/share?op=data_protection

11. Use of LinkedIn

We use components of the LinkedIn network on our website. LinkedIn is a service of the LinkedIn Corporation in the USA.

We do not use components that connect to LinkedIn and transmit data when the website loads. A connection to LinkedIn is only established when you click on a recommendation component. You decide whether you want to use this component or not. By clicking you expressly consent to the transfer. We are then no longer responsible for the processing of personal data by LinkedIn. Details on data collection by LinkedIn and on your rights and setting options can be found in LinkedIn’s data protection information. You can find these notices at http://www.linkedin.com/legal/privacy-policy

12. Use of Advertisements on the Internet

We use ads on Google, Bing or other search engines to promote our website. Also ads on other websites of third parties. For this purpose, we only use scripts from the respective third party providers, which collect and process personal data to analyze the advert if you have previously given your express, informed consent. The terms of use and data protection regulations of the respective third-party provider on whose website you can find our advertisements apply to the corresponding advertisements. We endeavor to only place ads where the operator of the website ensures data protection in accordance with DSGVO. To do this, we regularly check the websites of third-party providers on which we place advertising. Nevertheless, we cannot assume any liability for the data protection of third-party websites.

13. Social Media Appearances and Directory Listings

For the purposes of presentation and advertising or to communicate with you as a user, with our customers or with interested parties, as well as to be able to inform you about the services we offer, we have presences in social networks:

  • LinkedIn
  • XING
  • BING
  • Google Business

The data protection regulations of the respective providers apply to the services. You use and contact us via social media services at your own risk. We are not responsible for the data protection of the respective providers.

When using social networks, data is usually processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection as in the EU cannot be guaranteed in all countries outside the EU/EEA.

In this context, there can be risks for you as a user if the transmitted data is processed in so-called third countries with an inadequate level of data protection. This makes it difficult to enforce user rights. In addition, it may happen that your data is not processed in your interest by the provider in the third country.

The processing purposes pursued by the social networks usually differ from ours. It usually happens that the data collected from you in social networks is processed for the purposes of market research, advertising, creation of user profiles and personalized advertising (e.g. Facebook, Google, Instagram, etc.).

In order to realize this, cookies are often used, which record user behavior and enable a profile to be created for the user. Other tracking methods can also be used. You will find a specific list of the processing purposes of the user data in the data protection notices of the respective providers. By making the appropriate settings in your user account, you can restrict the creation of your profile, at least in part. For the exact procedure, please read the relevant provisions of the respective provider.

You may also find our company in other social media services or databases. These presences were automatically created by the respective operator. We cannot assume any liability for such content and pages, nor can we make any statements on the data protection of these providers. In such cases, please inform yourself on the respective pages about the data protection regulations of the responsible bodies.

If you contact us via social media portals, we store and process the data transmitted to us only for the purpose of establishing contact for which the data was transmitted and according to the provisions of the respective portals. If there is no longer a purpose for storing the corresponding data, we will delete it. Deletion on our part does not necessarily have to mean deletion on the corresponding social media portal. We cannot influence the latter.

14. Use of Matomo

We use the “Matomo” tool on our websites. Matomo is an “open source tool” that analyzes user behavior on the website and records it for marketing purposes. We use this tool in the configuration that we anonymize your IP address by the last two digits before saving the data and without the use of cookies. Your IP address is therefore no longer traceable and the data on user behavior stored by us is anonymous. They are therefore no longer subject to the provisions of the GDPR or other data protection laws, since there is no personal characteristic.

Furthermore, the “Matomo” tool does not transfer any data to third-party servers or locations. It runs as a Java Script routine on the website operator’s own web servers. Under various conditions, the tool can recognize short-term recurring visits by users to our website and take such visits into account in the processing. In this case, too, IP addresses are only stored and processed anonymously. The legal basis for data processing is a legitimate interest pursuant to Article 6 Paragraph 1 Letter f) of the GDPR in conjunction with Recital 47. We have weighed your legitimate property rights against our legitimate interests and used suitable technical means to anonymise the IP address used, which guarantee you a level of data protection at the level of the DS-GVO.

Data is processed by “Matomo” in particular to protect our website from misuse and to identify errors on the site. This enables us to guarantee and constantly improve the security and user-friendliness of the website. The use of a service such as “Matomo” is absolutely necessary for this and is in the interest of the visitors to the website. The application therefore also represents an expressly requested service within the meaning of Section 25 (2) sentence 2 TTDSG.

15. Cookies and Scripts

In principle, you can access our website without the use of cookies or scripts that collect and process personal data. Where necessary, our site uses session and technical cookies to implement various usage options. Such cookies do not store or process any data outside of the end device you are using. Likewise, no personal data is collected and transmitted to us or third parties.

Cookies and scripts can also be used by third parties, such as social media platforms. We provide links to such services on our website. Please only click on these links or icons if you have previously taken note of the corresponding data protection declaration of the respective provider. You use third party sites at your own risk. We cannot assume any liability for data protection on third-party sites.