Privacy policy

Data protection statement

1. General

2. Name and address of the controller

3. Contact details of the data protection officer

4. Collection, processing and storage of data

4.1. Processing for the fulfilment of a contract with you or within the framework of pre-contractual measures (Art. 6 (1b) GDPR)

4.1.1. Order

4.2. In the context of the balancing of interests (Art. 6 (1f) GDPR)

5. Notes on data services in the online shop

6. Consequences of not providing your personal data

7. Transfer to third countries (Art. 13 + 14 (1f) GDPR)

8. Period of storage (Art. 13 (2a) GDPR)

9. Rights of data subjects (rights of information, rectification, cancellation, limitation and objection under Art. 13 (2b) GDPR)

10. Right of withdrawal (Art. 13 (2c) GDPR)

11. Right to lodge a complaint with a supervisory authority (Art. 13 (2d) GDPR)

12. Processing of personal data for another purpose (Art. 13 (3) GDPR)

13. Secure data transmission

14. Changes to our privacy policy.

1. General

In the following we would like to comply with our obligation to inform you about your rights and our handling of your data.The GDPR has been binding since 25.05.18 and stipulates in detail which information on the processing of personal data must be made available to customers or data subjects. We are happy to comply with this legal obligation.

If necessary, this information will be updated, published here and can be viewed by you.

2. Name and address of the controller

The office responsible for the collection, processing and use of your personal data within the meaning of the Federal Data Protection Act is 

Depesche Vertrieb GmbH & CO. KG

Vierlander Str. 14

21502 Geesthacht

Germany

Tel. : +49 4152 936-0 Fax: +49 4152 936-159 E-mail: info@depesche.com

(hereinafter: Depesche).

3. Contact details of the data protection officer

You can reach our data protection officer Marco Schenkenberg at: datenschutz@depesche.com

4. Collection, processing and storage of data

We take data privacy very seriously. Therefore, we strictly adhere to the statutory provisions when collecting, processing and using your personal data. In principle, we only process data that we receive from you directly as a result of our business relationship with you or in order to initiate business with you. This happens in the event that you conclude a contract with us, request an offer, order our newsletter, create a customer account, take part in a competition, notify us of changes to your data, submit an enquiry to us or contact us with queries or complaints about an order. This data will only be used by our service providers to perform their tasks. Any other use of the information is not permitted and does not take place at any of the service providers instructed by us.

If we collect data about you from third parties, this is expressly stated in the following descriptions of the processing procedures.

4.1. Processing for the fulfilment of a contract with you or within the framework of pre-contractual measures (Art. 6 (1b) GDPR)

4.1.1. Order

In the course of processing an order, we collect and store the necessary personal data to fulfil the contract concluded with you. This data is personal master data, such as first and last name, address, date of birth, telephone number. Your data will be passed on to carriers for the purpose of shipping the goods.

If necessary, your data required for the processing of your order, including our billing of service providers, will be passed on to companies cooperating with us for this purpose. These companies include logistics companies or e-mail service providers. All personal data will of course be treated as confidential.

Purchasing receipts are kept for accounting reasons in accordance with the statutory period (6 or 10 years).

4.2. In the context of the balancing of interests (Art. 6 (1f) GDPR)

We shall process your data beyond the actual fulfilment of a contract or an enquiry only where necessary to protect our legitimate interests or those of third parties in the following circumstances:

  • Direct contact to existing customers for promotional purposes
  • Ensuring IT security in the company;
  • Prevention and investigation of possible criminal offences;
  • Measures for the further development of services
  • Business management measures
  • Pseudonymous storage of data via cookies

 

5. Notes on data services in the online shop

Log files are stored whenever you access our website. This data is not assigned to any individual person by us. Furthermore, we also do not merge this data with other data sources, nor are these compared. The anonymous data is used solely for the purpose of statistical evaluation of your visit to our website. After the statistical evaluation, this data is deleted.

6. Consequences of not providing your personal data

Your personal data is processed in accordance with the GDPR as applicable in the EU and the Federal Data Protection Act (FDPA) as well as all other relevant laws. We need the personal data provided by you in order to conclude the contract.

The conclusion or provision of a service or the dispatch of your goods is not possible if you do not provide your personal data!

7. Transfer to third countries (Art. 13 + 14 (1f) GDPR)

Personal data is not transferred to a country outside the European Economic Area (EEA).

In the case of customers who have placed an order in our online shop from outside the EU or the EEA, personal data will be transferred to the countries where the orders were placed in order to fulfil the contract with you, insofar as this is necessary to process your order or is legally required.

8. Period of storage (Art. 13 (2a) GDPR)

Unless otherwise specified above, as the data controller, we will store your personal data only for the period necessary to achieve the storage purpose or in accordance with the regulations, laws and directives of the European legislator or national laws.

If the period of storage prescribed by law expires or if storage is no longer necessary, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

The period of storage results from the duration of our contracts, due to statutory limitation periods, which generally last three years according to the German Civil Code (BGB) or detailed specifications from the German Tax Code (Abgabenordnung), the German Commercial Code (Handelsgesetzbuch) and other legal regulations.

If you wish to delete your customer account, the data available there will also be deleted from our data carriers within the legally prescribed periods as part of our backup.

9. Rights of data subjects (rights of information, rectification, cancellation, limitation and objection under Art. 13 (2b) GDPR)

You may exercise your legal rights at any time. These are essentially the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to data portability (Art. 20 GDPR)

You have the right to receive information about your personal data stored by us at any time. You also have the right to have your personal data corrected, blocked or deleted, apart from the prescribed data storage for processing business transactions. Your request for information will be answered by us in encrypted form in order to ensure data protection.

In order for data to be blocked at any time, this data must be kept in a blacklist for control purposes. You can also request the deletion of the data, unless there is a legal archiving obligation. If such an obligation exists, we will block your data on request.You can change or revoke your consent by notifying us accordingly with effect for the future.

Of course, we will also provide you with information about the personal data we have stored about you at any time. We will also be happy to correct or delete it at your request, provided that there are no legal storage obligations to the contrary. Requests for access, correction or deletion of data can be made as follows:

E-mail: datenschutz@depesche.com

By post:

Depesche Vertrieb GmbH & CO. KG

- Data protection -

Vierlander Str. 14

21502 Geesthacht

Germany

For the sake of completeness, we would like to take this opportunity to point out that there may be restrictions regarding the right to information or deletion in accordance with Section 34 and 35 of the Federal Data Protection Act (FDPA).

10. Right of withdrawal (Art. 13 (2c) GDPR)

You have the right to withdraw your consent to the processing of your data at any time. You will find more details in the box below: Right to object pursuant to Art. 21 GDPR:

Right to object pursuant to Art. 21 GDPR

You have the right to withdraw your consent to the processing of your personal data at any time.

Even if we process your data to protect legitimate interests, you may object to this processing if your particular situation gives rise to reasons that speak against data processing.

If you object, we will no longer process your personal data unless we can prove compelling legitimate grounds for doing so that outweigh your interests, rights and freedoms, or unless the processing is for the purposes of asserting, exercising or defending legal claims.

Your objection is effective for the future. This objection can be made in any form. If possible, please address your objection to the contact details of the controller mentioned above.

11. Right to lodge a complaint with a supervisory authority (Art. 13 (2d) GDPR)

If you are not satisfied with the way in which we have dealt with a concern, you have the right to contact the above data protection officer or the competent supervisory authority for data protection in your (federal) state or the state in which our head office is located.

12. Processing of personal data for another purpose (Art. 13 (3) GDPR)

Such processing is generally not planned by us.

In the event that we should plan to process your personal data for a purpose not mentioned above, we will inform you in advance within the framework of the statutory provisions.

13. Secure data transmission

We protect your data with a secure SSL connection. key length: RSA 2048 Bit/128 Bit. Depending on the browser functions, encryption of the user data takes place using a maximum of RC4 128 bits, Triple-DES 168 bits or AES 256 bits.

All data in the order process is encrypted, e.g.:

  • Customer number & e-mail address

In addition, we secure our website and other systems against the loss, destruction, access, modification or dissemination of your data by unauthorised persons by means of technical and organisational measures.

14. Changes to our privacy policy.

We reserve the right to change our privacy policy from time to time in order to comply with current legal requirements or to adapt it to changes in our services (e.g. introduction of new services).

Therefore, the most recent version of the privacy policy shall apply whenever you visit our website.