Privacy Policy

You can trust in the protection and security of your personal data: The safeguarding of your privacy during the processing of personal data is an important concern for HSP Schwahlen GmbH, which we consider in all our business processes. With this privacy notice, we would therefore like to explain the basic rules of our handling of personal data – which, of course, takes place in compliance with the applicable European and national data protection regulations.

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

When processing personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person necessitate the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and the interests, fundamental rights and freedoms of the data subject do not override those interests, then Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.

When you access our websites, your browser transmits certain data to our web server due to technical reasons. We use this technical access information to continuously improve the attractiveness and usability of our internet pages and their content, and to identify potential technical problems in our internet offering. Furthermore, to protect our legitimate interests, we store this data for a limited time to enable the derivation of personal data in the event of unauthorized access or attempted access to our servers. You can find details on what specific information this entails on the following pages.

On our website, we use so-called “cookies”. Details on this can be found in our Cookie Policy under section 5 below.

In addition to automatically collected data, we also process the data that you have voluntarily provided to us, for example, through newsletter registrations, contact inquiries, or other online forms.

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device. This data is recorded in log files.

The following data is collected:

• User’s IP address
• Date and time of access
• HTTP method
• HTTP version
• Websites from which the user’s system accesses our website
• Websites accessed by the user’s system via our website
• Browser agent
• HTTP status code of the server response
• Size of the response in bytes

This processing is technically necessary to display our website. We also use the data to ensure the security and stability of the website.

The processing of the aforementioned data is necessary for the provision of the website and serves to safeguard a legitimate interest of our company. The legal basis for this processing is therefore Art. 6 para. 1 lit. f GDPR.

Use of Contact Forms

A contact form is available on our website, which can be used for electronic contact. If a user avails themselves of this option, the data entered into the input form will be transmitted to us and stored. No further data beyond the information you enter into the respective input form will be recorded.

In this context, no data is disclosed to third parties. The data is used exclusively for processing the conversation, i.e., the processing of personal data from the input form serves solely for us to handle the contact inquiry. In the case of a contact inquiry, this also constitutes the necessary legitimate interest in processing the data, so the legal basis for processing is Art. 6 para. 1 lit. f GDPR.

The data will be deleted by us as soon as it is no longer necessary for the purpose for which it was collected. For personal data from the contact form’s input mask and those sent via email, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter concerned has been conclusively clarified.

Online Presences on Social Media, External Services and Content on Our Website

We maintain online presences within social networks to communicate with interested parties and users active there and to inform them about our events and news. In this context, we integrate external services or content by linking them on our website. If you use such a service (clicking the link and opening the platform) or if third-party content is displayed to you, communication data (such as IP addresses or general device information) will be exchanged between you and the respective provider due to technical reasons.

Furthermore, it is possible that the provider of the respective external services or content collects personal data about you – for example, by means of corresponding cookies – and subsequently processes it for its own further purposes. Services or content from providers known to process data for their own purposes have been configured by us to the best of our knowledge and belief such that either communication for purposes other than displaying the content or services on our website is omitted, or communication only takes place when you actively decide to use the external service. However, since we generally have little or no influence over the data collected by third parties and their processing by these parties, we cannot make binding statements regarding the purpose and scope of the processing of your data.

Further information on the purpose and scope of the collection and processing of your data by the providers of the corresponding external services, as well as information on the privacy notices of the respective providers of the external services or content integrated by us, can be found via the following links:

LinkedIn:
Privacy Notice: https://www.linkedin.com/legal/privacy-policy?_l=de_DE

Google Maps:
Privacy Notice: https://policies.google.com/privacy?hl=de

LinkedIn:
HSP Schwahlen GmbH maintains a profile on LinkedIn. LinkedIn is a social network and an online platform for professionals, specialists, and executives.

For the use of Page Insights in the operation of our LinkedIn profile, we are jointly responsible with LinkedIn in accordance with Art. 26 GDPR. To this end, LinkedIn has stipulated in an agreement with us who fulfills which obligations regarding data protection. This agreement can be accessed here. LinkedIn is primarily responsible for providing the data subject with information about the joint processing and enabling them to exercise their data protection rights. Irrespective of this, we hereby inform you about your visit to our profile and thus provide you with the legally required data protection information.

You can reach LinkedIn at:

LinkedIn Ireland Unlimited Company
Wilton Place,
Dublin 2, Ireland

You can reach LinkedIn online here.

You can reach LinkedIn’s Data Protection Officer at
https://www.linkedin.com/help/linkedin/ask/TSO-DPO

Further information and LinkedIn’s applicable data protection regulations can be accessed at https://www.linkedin.com/legal/privacy-policy?_l=de_DE.

a) Data collected by LinkedIn

If you are a LinkedIn user, LinkedIn collects the data described in the LinkedIn Data Policy under “Information We Collect”. For members who have not logged into LinkedIn, a LinkedIn cookie is not set, so identification is not possible. Further information can be found in the LinkedIn Cookie Policy at https://de.linkedin.com/legal/cookie-policy?

As a rule, user data is also processed by LinkedIn for market research and advertising purposes when visiting LinkedIn. Based on user behavior (including when visiting our LinkedIn profile), complex user profiles are created, which LinkedIn can use to display personalized advertisements to the visitor both within and outside of LinkedIn. Further information on this can also be found in the LinkedIn Data Policy.

b) Data used by us and legal basis

LinkedIn provides us with statistics and usage data, based on which we can analyze the use of our LinkedIn page (so-called “Page Insights”). This enables us to continuously improve our offering on LinkedIn. As operators, we make no decisions regarding the processing of Insights data and all other information resulting from Art. 13 GDPR, such as the storage duration of cookies on user devices. The primary responsibility under GDPR for the processing of Insights data lies with LinkedIn. In this regard, we also refer to the agreement on joint controllership pursuant to Art. 26 GDPR, which LinkedIn has concluded with us, and to the obligations subsequently assumed by LinkedIn.

As page administrators, we have no other way to evaluate user behavior on our LinkedIn page, not even through user tracking. It is also fundamentally not possible for us to identify visitors to our LinkedIn page based on Page Insights. In particular, according to the agreement with LinkedIn, we have no right to demand the disclosure of individual visitor data from LinkedIn.

In addition to any personal data directly transmitted to us by users, information about their profile, likes, and posts is visible to us, depending on the user’s privacy settings.

You can view what information LinkedIn uses to create Page Insights here.

The operation of the LinkedIn profile and the use of Page Insights serves our legitimate interest in an effective external presentation and communication with our interested parties. This interest justifies the operation of the page both vis-à-vis the legitimate interests of LinkedIn users and vis-à-vis visitors to our profile who do not have a LinkedIn account. The legal basis is accordingly Art. 6 para. 1 lit. f GDPR.

Google Maps

We use Google Maps on our website. This allows you to view the location of our company, receive reviews and further information about us, and find the best possible route to us. The following additional data protection provisions apply to Google Maps.

Google Maps is an offering from Google Ireland Limited (“Google”). We have concluded a data processing agreement with Google, in which Google has committed to safeguarding the security and confidentiality of your personal data.

You can reach Google at:

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland

Phone: +353 1 543 1000
Fax: +353 1 686 5660
Email: support-deutschland@google.com

You can reach Google’s privacy team here.

Collection and Storage of Personal Data, as well as Type, Purpose, and Use

Further information on the processing of personal data by Google can be found here.

Google collects data regardless of whether you are logged into a Google account or not.

If you are not logged in, information such as your IP address, information about the visited website including unique identifiers, and technical information such as browser type and operating system are stored. If you use Google Maps for route planning to us, the starting point will also be stored.

If you are logged into Google, your name, and possibly phone number, payment information, and other information you provide will also be processed.

When using Google Maps, there is a risk that personal data will be transferred to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The United States does not have a level of data protection comparable to the GDPR. Therefore, Google Ireland Limited uses Standard Contractual Clauses along with additional measures for the transfer, which ensure an adequate level of data protection.

The legal basis for the use of Google Maps is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

On our website, we use cookies – exclusively with your consent (opt-in). These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site and agree to the cookies according to our cookie banner. A cookie stores information that arises in connection with the specifically used end device. However, this does not mean that we thereby gain knowledge of your identity. The use of cookies serves, on the one hand, to make the use of our offering more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offering for you.

You can change your preferences for setting cookies on our website here at any time. The changes will be effective immediately.

[Link to Cookie User Settings]

We use a technical cookie that reflects your selection regarding the use of cookies. The cookie (“cookie-agreed”) prevents the repeated display of the cookie banner on each individual page of our website and adjusts our website’s cookie banner to display the cookie settings you have made.

The technical cookie is automatically deleted when the local browser is closed or a certain period (24h) has passed without the user performing any actions on the website.

You can manage the cookies set on our site with your consent here at any time and have the option to change the acceptance or rejection of cookies there.

[Link to Cookie User Settings]

You can opt out of already set cookies here with immediate effect. If you change your settings and reject cookies, certain functions and features of our website may not work as intended.

Use of Google Analytics

We use the web analytics service Google Analytics to analyze and improve the use of our website. This allows us to improve our offering for you.

Google Analytics is an offering from Google Ireland Limited (“Google”). We have concluded a data processing agreement with Google, in which Google has committed to safeguarding the security and confidentiality of your personal data.

You can reach Google at:

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland

Phone: +353 1 543 1000
Fax: +353 1 686 5660
Email: support-deutschland@google.com

You can reach Google’s privacy team here.

Google Analytics stores cookies on your end device for evaluation. These are only stored with your consent. Further information on data protection at Google Analytics can be found here.

When using Google Analytics, the following data is collected:

• Pages visited and interaction with the page (e.g., contact inquiries)
• Your behavior on the pages (e.g., time spent, clicks, scrolling behavior)
• Your IP address and, based on that, the location
• Technical information such as browser, internet provider, device, and screen resolution
• The website from which you accessed our site (referrer)
• The IP address is shortened immediately after it is collected. This makes it impossible to identify you, and the IP address is anonymized.
• Furthermore, a cookie from Google Analytics contains a randomly generated ID that can be used to recognize you when you visit the website again.

When using Google Analytics, there is a risk that personal data will be transferred to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The United States does not have a level of data protection comparable to the GDPR. Therefore, Google Ireland Limited uses standard contractual clauses and additional measures to ensure an appropriate level of data protection for the transfer.

If you wish to prevent further data processing by Google Analytics, you can do so with a browser plugin or revoke your consent.

The legal basis for the use of Google Analytics is your consent, Art. 6 para. 1 lit. a GDPR.

Personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also be necessary if this has been provided for by the European or national legislator in Union regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract. For technical reasons, we automatically delete stored data after 7 days.

The user has the option to revoke their consent to the processing of personal data at any time (see also Rights of data subjects). If the user contacts us by e-mail, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

If your personal data is processed, you are a data subject within the meaning of the GDPR, and you have the following rights vis-à-vis the controller:

• Right to information about the data stored about you by us, Art. 15 GDPR;
• Right to rectification, erasure, or restriction of the processing of your personal data, Art. 16-18 GDPR;
• Right to object to processing that serves our legitimate interest, a public interest, or profiling, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims, Art. 21 GDPR;
• Right to data portability, Art. 20 GDPR;
• Right to lodge a complaint with a supervisory authority, Art. 77 GDPR;
• Right to revoke your granted consent to the collection, processing, and use of your personal data at any time with effect for the future, Art. 7 para. 3 GDPR.

Further information on this can be found in the respective sections above, where data processing is described based on your consent.

If you would like to exercise your rights, you can address your concerns, for example, to the data protection officer named below, use our contact form on the website, or send an e-mail to hsp@hsp-components.com.

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

HSP Schwahlen GmbH
Industriestr. 33
40764 Langenfeld
Germany

Tel.: 02173 – 399 18-0
Fax: 02173 – 399 18-10

E-Mail: hsp@hsp-components.com
Website: www.hsp-components.com

Contact details of the data protection officer

You can contact the data protection officer at:

Data Protection Officer
HSP Schwahlen GmbH
Industriestr. 33
40764 Langenfeld
Germany

datenschutz@hsp-components.com

We may amend this privacy policy at any time to reflect changes on our website.

Thank you for reading this data protection information.

Status: October 2022