We are very pleased that you are interested in our company. Data protection is particularly important to
the Management at CIMCO Werkzeuge GmbH & Co. KG. In principle, it is possible to use CIMCO Werkzeuge GmbH & Co. KG website without providing any personal data. However, if a data subject would like to make use of particular services provided by our company via our website, it may be necessary for us to process personal data. If processing personal data is necessary and if there is no legal basis for such data processing, then as a general rule, we will obtain permission from the data subject.
Processing personal data, for example the name, address, e-mail address or telephone number of a data subject, will always be carried out in accordance with the General Data Protection Regulation and with the country-specific data protection regulations applicable for CIMCO Werkzeuge GmbH & Co. KG. Our
company would like to use this data protection declaration to inform the public about the nature, extent, and purpose of collecting, using, and processing personal data. Furthermore, data subjects are informed by means of this data protection declaration about the rights they are entitled to.
As the controller, CIMCO Werkzeuge GmbH & Co. KG has implemented numerous technical and organisational measures to ensure protection which is as comprehensive as possible of personal data processed via this website. Despite this, in principle, Internet-based data transmissions can have security gaps which means that absolute protection cannot be ensured. For this reason, every data subject has the option of transmitting personal data to us using an alternative method, for example by telephone.
1. Definition of terms
The CIMCO Werkzeuge GmbH & Co. KG data protection declaration is based on the terms used by the European legislator when passing the General Data Protection Regulation (GDPR). Our data rotection declaration is intended to be easy to read and understand both for the general public and also for our customers and business partners. To ensure this happens, we would like to explain the terms used beforehand.
In this data protection declaration, we use the following terms among others:
a) Personal data
Personal data is all the information which refers to an identified or identifiable natural person (in the following “data subject”). A natural person is considered to be identifiable if they can be identified directly or indirectly,
in particular through assignment to an ID such as a name, to an identification code, to location data, to an online ID or to one or more particular characteristics, which can be identified as an expression of the physical, physiological, genetic, psychic, economic, cultural or social identity of this natural person.
b) Data subject
The data subject is every identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing is every process executed with or without the assistance of automated procedures or every such sequence of procedures in association with personal data, such as acquiring, collecting, organising, sorting, saving, adapting or changing, reading, querying, using, publishing through transmission, distribution or another form of provision, comparison or linking, limiting, deleting or destroying.
d) Limiting processing
Limiting processing is marking saved personal data with the aim of limiting its future processing.
e) Profiling
Profiling is any kind of automated processing of personal data which consists of using this personal data to evaluate specific personal aspects which refer to a natural person, in particular, to analyse or predict aspects regarding job performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location of this natural person.
f) Pseudonymisation
Pseudonymisation is processing personal data in such a ways which means the personal data can no longer be assigned to a specific data subject without resorting to additional information, providing this additional information is stored separately and is subject to technical and organisational measures which ensure that the personal data cannot be assigned to an identified or identifiable person.
g) Controller
The controller is the natural or legal person, public authority, agency or any other body who makes decisions alone or together with others regarding the purpose and means of processing personal data. Where the purposes and means of processing are determined by Union law or the law of Member States, the controller or the specific criteria for its nomination may be provided for by the Union law or Member State law.
h) Processor
Processor is a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller.
i) Recipient
Recipient is a natural or legal person, public authority, agency or any other body to whom data are disclosed, whether a third party or not. Public authorities which may receive data in the framework of a particular inquiry in accordance with Union law or Member State law shall not be regarded as recipients.
j) Third party
Third party is a natural or legal person, public authority, agency or another body other than the data subject, controller, processor and persons who, under the direct authority of the controller or the processor, are uthorised to process the personal data.
k) Consent
Consent is any freely given specific and informed indication of his or her wishes regarding the specific case in the shape of a declaration or other unambiguous confirmatory act by which the data subject signifies his or her agreement to personal data relating to him or her being processed.
2. Name and address of controller
The controller within the meaning of the General Data Protection Regulation, other data protection laws
in the Member States of the European Union and other regulations pertaining to data protection is:
CIMCO Werkzeuge GmbH & Co. KG
Hohenhagener Str. 1-5
42855 Remscheid
Tel.: +49 2191 / 37 18 - 01
E-Mail: info@cimco.de
Website: www.cimco.de
3. Name and address of data protection officer
The data protection officer of the controller is:
Pascal Kurschildgen
CIMCO Werkzeuge GmbH & Co. KG
Hohenhagener Str. 1-5
42855 Remscheid
Tel.: +49 2191 / 37 18 - 01
E-Mail: datenschutz@cimco.de
Every data subject can contact our data protection officer directly with any questions or suggestions regarding data protection.
4. Cookies
CIMCO Werkzeuge GmbH & Co. KG websites use cookies. Cookies are text files which are filed and saved by an Internet browser on a computer system.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID: A cookie ID is a clear identification of the cookie. It consists of a series of characters which can be assigned to the specific Internet browser that the cookie was saved in by websites and servers. This allows the websites and servers visited to distinguish between the individual browser of the data subject and other Internet browsers. A specific Internet browser can be recognised by the unique cookie ID and can be identified.
By using cookies, CIMCO Werkzeuge GmbH & Co. KG can make more user-friendly
services available to the users of this website which would not be possible without placing cookies.
A cookie allows us to optimise the information and offers on our website in the user's best interests. Cookies allow us, as already mentioned, to recognise the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website which uses cookies does not have to enter their login data every time they visit the site, because this is handled by the website and the cookie saved on the user's computer system. Another example is the cookie of a basket in an online shop. The online shop remembers
the items which a customer has placed in the virtual basket by using a cookie.
The data subject can prevent cookies being placed by our website at any time through a corresponding setting on the Internet browser used and can thereby permanently prevent cookies being placed. Furthermore, cookies that have already been placed can be deleted using an Internet browser or other software at any time. This is possible in all popular Internet browsers. If the data subject deactivates cookies being placed in the Internet browser used, then it is possible that not all the functions of our websites will be fully useable.
5. Collecting general data and information
The CIMCO Werkzeuge GmbH & Co. KG website collects a range of general data and information every time that the website is accessed by a data subject or an automated system. This general data and information is saved in the log files on the server. The (1) types of browser used and version, (2) the operating
system used by the accessing system, (3) the website from which an accessing system gets to our website (so-called referrer), (4) the subsites which direct an accessing system to our website, (5) the date and time of accessing the website, (6) an Internet protocol address (IP-address), (7) the Internet Service Provider of the accessing system and (8) other similar data and information can be collected which are used to ward off danger in the event of attacks on our information technology systems.
When using this general data and information, CIMCO Werkzeuge GmbH & Co. KG does not draw any conclusions on the data subject. In fact this information is used to (1) correctly deliver the content of our website, (2) optimise the content of our website and the advertising for it, (3) ensure that our information technology systems and the technology of our website are always working, as well as (4) to provide the law enforcement authorities with the necessary information for prosecution in the event of a cyber attack. For this
reason, CIMCO Werkzeuge GmbH & Co. KG evaluates this data and information acquired anonymously on the one hand statistically and on the other hand with the aim of increasing the data protection and data security in our company, with the ultimate aim of providing an optimal level of protection for the personal data processed by us. The anonymous data from the server logfiles is stored separately from all the personal data provided by the data subject.
6. Subscription to our newsletter
On the CIMCO Werkzeuge GmbH & Co. KG website, the users are given the opportunity to subscribe to our company's newsletter. What personal data is transmitted to the controller when subscribing to the newsletter depends on what is entered in the input screen used for this purpose.
CIMCO Werkzeuge GmbH & Co. KG informs its customers and business partners at
regular intervals about company offers in a newsletter. As a general rule, our company newsletter can be only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject has egistered to receive the newsletter. For legal reasons, to receive the newsletter, a confirmation e-mail is sent out in the double-opt-in process to an e-mail address provided by a data subject for the first time. This confirmation e-mail is to confirm whether the owner of the e-mail address authorised receipt of the newsletter as the data subject.
When registering for the newsletter, we also save the IP address provided by the Internet Service Provider (ISP) of the computer system used by the data subject at the time of registration as well as the date and time of registration. It is necessary to acquire this data to be able to trace any possible misuse of the e-mail address
of a data subject at a later point in time and is therefore used to legally protect the controller.
The personal data collected in regard to registration for the newsletter will only be used to send out the newsletter. Furthermore, subscribers to the newsletter can be informed by e-mail providing this is necessary for operating the newsletter service or this type of registration is required, for example as could be the case with changes to the newsletter offering or changes to technical conditions. No personal data collected in regard to the newsletter service will be passed on to any third party. The subscription to our newsletter can be cancelled at any time. The consent to saving personal data which the data subject issued us with to send out the newsletter can be revoked at any time. There is a corresponding link in every newsletter for the purpose of revoking consent. Furthermore there is the option of unsubscribing directly on the website of the controller for newsletter distribution or the controller can be informed of this in other ways.
7. Newsletter tracking
The CIMCO Werkzeuge GmbH & Co. KG newsletters contain so-called tracking pixels. A tracking pixel is miniature graphics embedded in such e-mails which are sent in HTML format to allow recording of a log file and log file analysis. This then allows a statistical evaluation of the success or lack of success of
online marketing campaigns. On the basis of the embedded tracking pixel, CIMCO Werkzeuge GmbH & Co. KG can see when an e-mail has been opened by a data subject and which links in the e-mail that the data subject opened.
Personal data obtained from such tracking pixels in the newsletters is saved and evaluated by the controller to optimise newsletter dispatch and to adapt the content of future newsletters even better to the interests of the data subject. This personal data will not be passed onto third parties. Data subjects are entitled at any time to revoke this specific, separate informed consent given using the double-opt-in process. After revocation, this personal data will be deleted by the controller. CIMCO Werkzeuge GmbH & Co. KG will
automatically interpret unsubscribing from receiving the e-mail as a revocation.
8. Contact options via the website
Due to statutory provisions, the CIMCO Werkzeuge GmbH & Co. KG website contains information which quickly allows contact to be made electronically with our company as well as indirect communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject makes contact with the controller via e-mail or a contact form, then the personal data transmitted by the data subject will be automatically saved. Personal data made available in this way to the controller on a voluntary basis will be saved for the purpose of processing or making contact with the data subject. This personal data will not be passed on to third parties.
9. Routine deletion and locking of personal data
The controller only processes and saves personal data from the data subject for the time period required to reach the purpose of saving it or, as provided for where this is subject to laws or regulations from the European legislator or another legislator that the controller is subject to.
If the storage purpose is cancelled or if a storage period is limited by the European legislator or another responsible legislator expires, then the personal data is routinely blocked or deleted in accordance with statutory provisions.
10. Rights of the datasubject
a) Right to confirmationEvery data subject has the right granted by the European legislator to request a confirmation from the controller as to whether they will process respective personal data. Should a data subject wish to make use of this right to
confirmation, then they can contact a member of staff of the controller at any time.
b) Right to information
Every data subject affected by personal data being processed has the right granted by the European legislator at any time to obtain information free of charge from the controller on personal data saved about them and to receive a copy of this information. Furthermore, the European legislator must provide disclosure to the data subject on the following information:
· the processing purposes
· the categories of personal data processed
· the recipients or categories of recipients to whom the personal data was disclosed, in particular with regards to recipients in third countries or at international organisations
· if possible, the planned duration for which the personal data will be saved, or, if this is not possible, the criteria for defining this period
· the existence of a right to correct or delete the personal data which they are the subject of, or to limitation of processing by the controller, or a right to object to this processing
· the existence of a right to complain to a supervisory body
· if the personal data is not collected from the data subject: All available information about the source of the information
· the existence of automated decision-making including profiling in accordance with Section 22 paragraph 1 and 4 General Data Protection Regulation and - at least in these cases - meaningful information on the logic involved as well as the scope and desired effects of such processing for the data subject
· Furthermore, the data subject is entitled to information about whether personal data has been transmitted to a third country or an international organisation. If this is the case, then the data subject also has the right to information about suitable guarantees in connection with the transmission.
If a data subject would like to make use of this right to information, then they can contact the data protection officer of the controller.
c) Right to correction
Every data subject affected by personal data being processed has the right granted by the European legislator to demand that incorrect personal data concerning them be immediately corrected. Furthermore, the data subject has the right, taking into consideration the purposes of processing, to demand that incomplete personal data be completed – including by using a supplementary declaration.
If a data subject would like to make use of this right to correction, then they can contact a member of staff of the controller at any time.
d) Right to deletion (Right to be forgotten)
Every data subject affected by personal data being processed has the right granted by the European legislator to demand that personal data concerning them is immediately deleted, where one of the following reasons applies and inasmuch as processing is not necessary:
· The personal data was collected for a purpose or processed in another way that it is no longer required for.
· The data subject revokes their consent that processing in accordance with Art. 6 clause 1 letter a GDPR or Art. 9 clause 2 letter a GDPR was based on and there is no other legal basis for processing.
· In accordance with Art. 21 clause 1 GDPR, the data subject objects to the processing and there is no overriding legitimate reason for processing, or the data subject objects to the processing in accordance with Art. 21 clause 2
GDPR.
· The personal data has been illegally processed.
· The deletion of personal data is necessary to meet a legal obligation according to Union law or Member State law that the controller is subject to.
· The personal data was collected with reference to services offered by the information company in accordance with Art. 8 clause 1 GDPR.
Inasmuch as one of the above mentioned conditions is met and a data subject would like to demand the cancellation of personal data that is saved at CIMCO Werkzeuge GmbH & Co. KG, then they can contact a member of staff of the controller at any time. The staff member of CIMCO Werkzeuge GmbH & Co. KG will arrange for the request for deletion to be immediately dealt with.
If the personal data was published by CIMCO Werkzeuge GmbH & Co. KG, and if our company is obligated to delete the personal data as the controller in accordance with Art. 17 clause 1 GDPR, then taking the available technology and implementation costs into account, CIMCO Werkzeuge GmbH & Co. KG will take suitable measures, including technical ones, to inform others who are responsible for data processing who process the published personal data that the data subject has demanded from this other data controller that all links to this personal data or copies or replications of this personal data are deleted, providing processing is not necessary. The staff member of CIMCO Werkzeuge GmbH & Co. KG will arrange for the necessary steps to be taken in the individual case.
e) Right to limiting processing
Every data subject affected by personal data being processed has the right granted by the European legislator to demand that processing their data be limited if one of the following conditions applies.
· The accuracy of the personal data is disputed by the data subject, and that for a period, which allows the controller to check whether the personal data is correct.
· Processing is illegal, the data subject rejects deletion of the personal data and instead demands that use of personal data be limited.
· The controller no longer requires the personal data for the purpose of processing, the data subject however needs it to assert, exercise or defend legal rights.
· The data subject has objected to processing in accordance with Art. 21 clause 1 GDPR and it has not yet been decided whether the legitimate reasons of the controller override those of the data subject.
Inasmuch as one of the above mentioned conditions is met and a data subject would like to demand the limitation of personal data that is saved at CIMCO Werkzeuge GmbH & Co. KG, then they can contact a member of staff of the controller at any time. The staff member of CIMCO Werkzeuge GmbH & Co. KG will arrange for processing to be limited.
f) Right to data transmission
Every data subject affected by personal data being processed has the right granted by the European legislator to receive personal data concerning them which the data subject made available to a controller, in a structured, common and machine-readable format. They also have the right to transmit this data to another controller without being impeded by the controller to whom the personal data was made available, providing processing is based on consent in accordance with Art. 6 clause 1 letter a GDPR or Art. 9 clause 2 letter a GDPR or on a
contract in accordance with Art. 6 clause 1 letter b GDPR and that processing is carried out using automated procedures, providing processing is not required for performance of a task which is in the public interest or to exercise public authority which the controller was entrusted with.
Furthermore, the data subject has the right when exercising their right to data portability in accordance with Art. 20 clause 1 GDPR to effect that the personal data is transmitted directly from one controller to another controller, as far as this is technically feasible and providing this does not prejudice the rights and freedoms of other people.
The data subject can turn to the data protection officer at CIMCO Werkzeuge GmbH & Co. KG to assert their right to data portability.
g) Right to objection
Every data subject affected by personal data being processed has the right granted by the European legislator, for reasons which arise from their particular circumstances, to object at any time to personal data concerning them from being processed, which is being done on the basis of Clause 6 paragraph 1 letter e or f GDPR. This also applies to profiling based on these regulations.
CIMCO Werkzeuge GmbH & Co. KG will no longer process personal data in the event of revocation, unless we can provide compelling and legitimate reasons which outweigh the interests, rights and freedoms of the data subject, or if the processing is to assert, exercise or defend legal rights.
If CIMCO Werkzeuge GmbH & Co. KG processes personal data for direct advertising purposes, then the data subject has the right to object at any time to the personal data being processed for the purpose of such advertising. This also applies to profiling, inasmuch as it is associated with such direct advertising. If the data subject objects to CIMCO Werkzeuge GmbH & Co. KG processing for the purposes of direct advertising, then CIMCO Werkzeuge GmbH & Co. KG will no longer process the personal data for these purposes.
In addition to that, the data subject has the right for reasons which arise from their particular situation to object to processing of personal data which concerns them, which is being carried out by CIMCO Werkzeuge GmbH & Co. KG for scientific or historic research purposes or for statistical purposes in accordance with Art. 89 clause 1 GDPR, unless such processing is required to fulfil a task which is in the public interest.
To exercise the right to objection, the data subject can directly contact the data protection officer of CIMCO Werkzeuge GmbH & Co. KG or alternatively any staff member. The data subject is also free in association with the use of services from the information company, irrespective of Directive 2002/58/EC, to exercise their right to object via an automated procedure in which technical specifications are used.
h) Automated decisions in the individual case including profiling
Every data subject affected by personal data being processed has the right granted by the European legislator to not be subject to a decision only based on automatic processing – including profiling – which has a legal effect towards them or significantly impedes them in a similar way, providing the decision (1) is not required for the conclusion or fulfillment of a contract between the data subject and the controller or (2) is necessary on the basis of legislation by the Union or the Member State that the controller is subject to and this legislation contains appropriate measures to secure the rights and freedoms as well as legitimate interests of the data subject or (3) with express permission from the data subject.
If the decision (1) for concluding or fulfilling a contract between the data subject and the controller is required or (2) if it is made with express permission from the data subject, then CIMCO Werkzeuge GmbH & Co. KG will take suitable measures to protect the rights and freedoms as well as legitimate interests of the data subject, which involves at least the right to effect the intervention of a person on the side of the controller, to represent their own point of view and to challenge the decision.
If the data subject would like to assert rights with reference to automatic decisions, then they can contact a member of staff of the controller at any time.
i) Right to revoke consent under data protection law
Every data subject affected by personal data being processed has the right granted by the European legislator to revoke consent given to process personal data at any time.
If the data subject would like to assert their right to revoking consent, then they can contact a member of staff of the controller at any time.