Privacy Policy

Responsible Party

The responsible party in terms of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Finnsa GmbH
Marburger Straße 35
36304 Alsfeld
Germany

Phone: +49 (0) 6631 96 88 - 0
Fax: +49 (0) 6631 96 88 - 96
Email: info@finnsa.de

Data Protection Officer

We have appointed the following as our data protection officer:

Datenschutzbüro Rößner
Karl-Bröger-Straße 10
36304 Alsfeld
Germany

Email: hallo@dsb-roessner.de

Your rights as a data subject

You can exercise the following rights at any time in accordance with the EU General Data Protection Regulation (GDPR) using the contact details provided:

• Information about your data stored by us and its processing (Art. 15 GDPR),
• Correction of inaccurate personal data (Art. 16 GDPR),
• Deletion of your data stored by us (Art. 17 GDPR),
• Restriction of data processing if we are not yet permitted to delete your data due to legal obligations (Art. 18 GDPR),
• Object to the processing of your data by us (Art. 21 GDPR) and
• Data portability, provided that you have consented to data processing or have concluded a contract with us (Art. 20 GDPR).

If you have given us your consent, you can revoke it at any time with effect for the future.

You can lodge a complaint with a supervisory authority at any time, e.g., the competent supervisory authority of the federal state in which you reside or the authority responsible for us as the controller.

A list of supervisory authorities (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Processing activities

Collection of general information when visiting our website

Type and purpose of processing

When you access our website, i.e., if you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address, and similar information.

It is processed for the following purposes in particular:

• Ensuring a smooth connection to the website
• Ensuring smooth use of the website
• Ensuring and evaluating system security and stability, in particular for the detection of misuse
• For the technically error-free display and optimization of the website

We do not use your data to draw conclusions about your person. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

Legal basis and legitimate interest

Processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website and ensuring system security and misuse detection.

Recipients

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Storage Period

Data is stored in server log files in a form that allows the identification of the data subjects for a maximum of 90 days, unless a security-related event occurs (e.g., a DDoS attack).

In the event of such an incident, server log files will be stored until the security-related incident has been resolved and fully investigated.

Provision mandatory or necessary

The provision of the aforementioned personal data is neither legally nor contractually mandatory. However, without the IP address, the service and functionality of our website cannot be guaranteed. In addition, individual services may be unavailable or restricted.

Objection

Please read the information below about your right to object under Art. 21 GDPR.

Contacting us

Type and purpose of processing

Our website features a contact form that can be used to contact us electronically. If a user chooses to do so, the data entered in the input mask will be transmitted to us and stored.

The following data is also stored when the message is sent:

• Date and time of the request

You can contact us via the email addresses provided. In this case, the user's personal data transmitted with the email will be stored. This includes the date and time the email was sent, the email address, IP addresses, and information about the servers involved in the email communication.

You can contact us via the telephone numbers provided. In this case, we collect log data that includes your telephone number and the duration of the call.

Regardless of the type of communication you choose, we collect the content of your request. Your data is stored for the purpose of individual communication with you.

Legal basis

The data is processed on the basis of a legitimate interest (Art. 6 (1) (f) GDPR).

Our legitimate interest in processing your data is to enable you to contact us easily.

If you contact us to request a quote, the data will be processed for the purpose of implementing pre-contractual measures (Art. 6 (1) (b) GDPR).

Recipients

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Storage period

Data will be deleted no later than 90 days after processing the contact request.

If a contractual relationship is established, we are subject to the statutory retention periods. These are generally 6 or 10 years for reasons of proper accounting and tax law requirements.

Provision mandatory or required

The provision of your personal data is voluntary. However, we can only process your request if you provide us with the necessary data and the reason for your request.

Objection

Please read the information below about your right to object under Article 21 of the GDPR.

Newsletter

Type and purpose of processing

To deliver our newsletter or similar information, we collect personal data that is transmitted to us via an input mask.

We require a valid email address for effective registration. We use the double opt-in procedure to verify that a registration is actually made by the owner of an email address. For this purpose, we log the registration for the newsletter, the sending of a confirmation email, and the receipt of the requested reply. No further data is collected.

When the registration form is submitted, the following data is also stored:

Legal basis

Based on your express consent (Art. 6 (1) (a) GDPR), we will regularly send you our newsletter or similar information by email to the email address you have provided.

Recipient

We use a service provider (BREVO) to send the newsletter, who acts as our processor.

Storage period

In this context, the data will only be processed as long as the relevant consent has been given.

Provision mandatory or necessary

The provision of your personal data is voluntary, based solely on your consent. Without your consent, we cannot send you our newsletter.

Revocation of consent

You can revoke your consent to the storage of your personal data and its use for sending newsletters at any time with future effect. You can unsubscribe by clicking on the link contained in every email or by using the contact information provided in this privacy policy.

Creating a customer account

Type and purpose of processing

You have the option of creating a customer account on our website. To do this, we collect your contact details and link your purchases to your account.

In addition to the data you provide, the following data is stored when you create a customer account:

• Date and time of registration

Legal Basis

The data entered during registration is processed on the basis of the user's consent (Art. 6 (1) (a) GDPR).

Recipients

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Storage Period

Data is only processed in this context as long as the relevant consent has been given.

Provision mandatory or necessary

The creation of a customer account is voluntary. It is advantageous but not necessary for the fulfillment of a contract with you or for the implementation of pre-contractual measures. You have the option of placing orders as a guest at any time.

Revocation of consent

Your customer account can be deleted at any time and can be requested using the contact information listed below.

Cookies

A cookie is a small data file that is created when you visit a website and is temporarily stored on the website visitor's system. If the user of the website visits the server of this website again, the browser of the website user sends the previously received cookie back to the server. The server can evaluate the information obtained through this process. Cookies can make navigating a website easier.

Detailed information about cookies and which cookies are used on this website for what purpose can be found at any time in the cookie settings.

Deleting cookies

You can delete individual cookies or your entire cookie inventory. In addition, you will receive information and instructions on how to delete these cookies or block their storage in advance. Depending on your browser provider, you will find the necessary information under the following links:

• Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
• Microsoft Edge: https://support.microsoft.com/de-de/windows/verwalten-von-cookies-in-microsoft-edge-anzeigen-zulassen-blockieren-l%C3%B6schen-und-verwenden-168dab11-0753-043d-7c16-ede5947fc64d
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
• Opera: http://www.opera.com/de/help
• Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=de_DE

In addition, you can prevent the loading of scripts by default. NoScript only allows JavaScript, Java, and other plugins to run on trusted domains of your choice.

Information and instructions on how to edit this function can be obtained from your browser provider (e.g., for Mozilla Firefox: https://addons.mozilla.org/de/firefox/addon/noscript/).

Technically necessary cookies

Type and purpose of processing

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change.

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

Legal basis and legitimate interest

Data processing is carried out solely on the basis of our legitimate interest in a user-friendly design of our website and in the documentation of consent in accordance with Art. 6 (1) lit. f GDPR in conjunction with a weighing of interests pursuant to §25 (2) TDDDG.

Recipients

The recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Storage Period

Provision mandatory or necessary

The provision of the aforementioned personal data is neither legally nor contractually mandatory. However, without this data, the service and functionality of our website cannot be guaranteed. In addition, individual services may be unavailable or restricted.

Objection

Please read the information below about your right to object under Art. 21 GDPR.

Provision mandatory or necessary

The provision of your data is voluntary, based solely on your consent. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

Revocation of consent

You can revoke your consent in the cookie consent tool for the future.

Profiling

With the help of cookies that are not technically necessary, the behavior of website visitors can be evaluated and their interests analyzed. For this purpose, we create a pseudonymous user profile.

Information about your right to object under Art. 21 GDPR

Right to object in individual cases

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(f) GDPR (data processing based on a balancing of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

Recipient of an objection

Datenschutzbüro Rößner
Karl-Bröger-Straße 10
36304 Alsfeld
Germany

Email: hallo@dsb-roessner.de

Changes to our privacy policy

We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.

Questions about data protection

If you have any questions about data protection, please send an email to the person responsible mentioned above.

Copyright information

This privacy policy was created with the help of activeMind AG – the experts for external data protection officers (version #2024-10-25).