Name and contact details of the controller in accordance with Article 4 (7) of the of the GDPR
Company: HT Group GmbH
Address: Rambacher Straße 2
Telephone: 09177 98-0
Telefax: 09177 98-336
Data Protection Officer
Security and the Protection of your Personal Data
We regard it as our mission to observe the confidentiality of the personal data which you supply to us and to protect them against unauthorised access. Therefore, we take extreme care and employ the latest safety standards in order to guarantee maximum protection of your personal data.
As a company governed by private law we are subject to the EU General Data Protection Regulation (GDPR) and the regulations of the German Federal Data Protection Act. We have taken technical and organisational measures to ensure that the data protection regulations are complied with both by us and by our external service providers.
Lawfulness of Processing
The processing of personal data is only lawful if a legal basis for the processing exists. A legal basis for processing may be, in particular, according to Article 6 (1)
lit. a - f of the GDPR:
- The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for the performance of a contract to which the data subject is party;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Information on the Collection of Personal Data
(1) We inform you below about the collection of personal data when using our website. Personal data are such items as your name, address, e-mail addresses, user behaviour.
(2) When contacting us by e-mail or via a contact form, the data communicated by you (your e-mail address and possibly your name and telephone number) are stored by us in order to answer your questions. We delete the data generated in this context once storage is no longer necessary or the processing is restricted should statutory storage obligations exist.
Collection of Personal Data when Visiting our Website
During the pure use of our website for information purposes, i.e. if you do not register or communicate information to us in any other way, we only collect those personal data which your browser communicates to our server. If you wish to view our website, we collect the following data which are required by us for technical reasons in order to display our website to you and to guarantee its stability and security (the legal basis is art. 6 (1) p. 1 lit. f of the GDPR):
- IP address
- Date and time of the enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- The volume of data transmitted in each case
- The website from which the request was made
- Operating system and its user interface
- Language and version of the browser software.
The server logfiles are stored for a maximum of [REQUESTED ON 24.05. FROM MR HEINLEIN] days and then erased. The storage of the data is made for security reasons in order to be able to resolve such as cases of misuse. Should data have to be maintained for reasons of evidence, they are exempted from erasure until the case has been finally resolved.
(1) Cookies are stored on your computer during your usage of our website in addition to the data mentioned above. Cookies are small text files which are stored on your hard disk and which are assigned to your internet browser and through which the placer of the cookie receives certain information. Cookies can neither execute any programs nor transfer viruses onto your computer. They are used to make the internet presence as a whole more user-friendly and more effective.
(2) This website uses the following types of cookies whose scope and functionality is explained below:
- Transient cookies (see a.)
- Persistent cookies (see b.).
- Transient cookies are automatically erased when you close the browser. They include, in particular, session cookies. They store a so-called session ID with which various tasks of your browsers may be assigned to the common session. Your computer is able to be detected as a result if you return to our website. The session cookies are erased if you log out or close the browser.
- Persistent cookies are erased automatically after a given duration in time which differs depending on the cookie in question. You can erase the cookies in the security settings of your browser at any time.
- You can configure your browser setting in line with your wishes and,
for example, reject the acceptance of third-party cookies or all cookies. So-called "third-party cookies" are cookies which are placed by a third party and subsequently not by the actual website where you are currently located. We would like to point out that, where you deactivate cookies, this may result in you being unable to fully utilise all of this website's functions.
- Flash cookies which are used are not recorded by your browser but by your Flash-plug-in. Additionally, we use HTML5 storage objects which are placed onto your end device. These objects store the required data irrespective of the browser you use and do not have an automatic expiry date If you do not wish to have any processing of Flash cookies, you must install an appropriate add-on, e.?g. "Better Privacy" for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using the private mode in your browser. We additionally recommend a manual deletion of your cookies and the browser history.
Further Functions and Provisions of our Website
(1) In addition to the pure use of our website for information purposes we offer various services which you may use should you have interest. For these you must generally give additional personal data which we use for the provision of each service and for which the data processing principles given above apply.
(2) At times we use external service providers for the processing of your data. They have been carefully selected and commissioned, are bound to our instructions and are regularly checked.
(3) Where our service providers or associates are located outside the European Economic Area (EEA), we will inform you in advance about the consequences of this condition in the offer description.
If you contact us in relation to any form of question by e-mail or via a contact form, you grant us your voluntary consent for the purpose of making contact. The giving of a valid e-mail address is necessary for this. This is used to assign an enquiry and for its subsequent reply. The giving of further data is optional. The information given by you will be stored for the purpose of processing of the enquiry and for any possible follow-up questions. Personal data are automatically erased after the enquiry placed by you has been dealt with.
(1) If you grant us your consent, you can subscribe to our newsletter in which we give you information about our latest attractive product range, information on the company, our products, developments, projects, training, workshops, trade fairs and events.
(2) We use the so-called double-opt-in procedure for registration for our newsletter. This means that, after your registration, we send you an e-mail to the e-mail address which you give us in which we ask you to confirm that you wish to have the newsletter sent to you. If you do not confirm your registration within 24 hours, your information will be blocked and automatically erased after one month. In addition, we store the IP addresses used by you and the time of the registration and confirmation. The purpose of this process is to show proof of your registration and to be able, where necessary, to explain a possible misuse of your personal data.
(3) Mandatory information for the sending of the newsletter is solely your e-mail address. The giving of further, separately marked data is voluntary and is used in order to be able to address you personally. After receiving your confirmation, we store your e-mail address for the purpose of sending the newsletter. The legal basis is art. 6(1( p. 1 lit. a of the GDPR.
(4) You can at any time withdraw your consent for the sending of the newsletter and unsubscribe from the newsletter. You can declare your withdrawal either by clicking on the link provided in every newsletter e-mail, via this form in the website by e-mail to email@example.com or by a message using the contact data given in the masthead.
[THE FOLLOWING PARAGRAPH WILL POSSIBLY BE OMITTED. IF NOT, §3 WHICH IS QUOTED IS A PROBLEM AS IT HAS NO CORRELATION]
(5) We would like to point out that we evaluate your user behaviour when we send you the newsletter. The e-mails which are sent out contain so-called web beacons for this analysis or tracking pixels which are single-pixel image files which are stored on our website. For the analyses we create a link with the data given in § 3 and the web beacons with your e-mail address and an individual ID. The data are collected solely under a pseudonym, the IDs are therefore interlinked with your other personal data and a direct reference to an individual person is thus eliminated. You may object to the use of this tracking at any time by clicking on the separate link which is provided in each e-mail or by informing us using another contact path. The information is stored as long as you subscribe to the newsletter. After a deregistration we store the data purely for statistical purposes and anonymously.
Our product range is essentially aimed at adults. People under 18 years of age should not communicate any personal data to us without the approval of their parents or guardians.
Rights of the Data Subject
(1) Withdrawal of Consent
Where the processing of the personal data is based on given consent, you have the right at any time to withdraw the consent. The lawfulness of any processing which is carried out before the withdrawal as a result of the granting of consent is not affected by the withdrawal of the consent.
You may contact us at any time regarding the exercising of the right of withdrawal.
(2)Right of Confirmation
You have the right to demand a confirmation from the controller whether we process personal data which affects you. You may demand the confirmation at any time by using the above-mentioned contact data.
(3) Right of Access
Where personal data are processed, you may demand at any time confirmation whether or not personal data concerning you are being processed, and where that is the case, access to the personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Where personal data are transferred to a third country or to an international organisation, the data subject shall have the right to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR relating to the transfer. We provide a copy of the personal data which are the object of the processing. We are permitted to demand an appropriate payment based on administrative costs for the provision of all other additional copies which you personally request. Where you make the request by electronic means, and unless otherwise requested by you, the information shall be provided in a commonly used electronic form. The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights and freedoms of others.
(4) Right to Rectification
You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
(5) Right to Erasure ("right to be forgotten")
You shall have the right to obtain from the controller the erasure of personal data concerning you without undue delay and we shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) a of the GDPR, and where there is no other legal ground for the processing;
- the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
- the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The right to erasure ("right to be forgotten") shall not exist in cases where the processing of personal data is required:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3) of the GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
- for the establishment, exercise or defence of legal claims.
(6) Right to Restriction of Processing
You shall have the right to obtain from the controller restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims, or
- the data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
Where processing has been restricted under the conditions given above, such personal data shall, with the exception of storage, only be processed with the data subject's consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
The data subject may contact us at any time by using the contact data given above in order to submit a claim to a restriction of processing.
(7) Right to data portability
You shall have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
- the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1) of the GDPR and
- the processing is carried out by automated means.
In exercising your right to data portability pursuant to paragraph 1, you shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible. The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to the right to erasure ("right to be forgotten"). That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
(8) Right of Objection
You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 (1) lit. e or f of the GDPR; this includes profiling based on these provisions. The controller will no longer process the personal data relating to you unless he is able to prove compelling legitimate grounds for the processing which outweigh the interests, rights and freedom of the data subject or where the processing is necessary for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Should you object to the processing for direct advertising purposes, the personal data shall no longer be processed for these purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1), you, on grounds relating to your particular situation, shall have the right to object to processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
You may exercise the right to object at any time by contacting the relevant controller.
(9) Automated Individual Decision-Making, Including Profiling
You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:
- is necessary for entering into, or performance of, a contract between the data subject and a data controller;
- is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests or
- is based on the data subject's explicit consent.
The data controller shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
The data subject may exercise the right to object at any time by contacting the relevant controller.
(10) Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes this regulation.
(11) Right to an Effective Judicial Remedy
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR, the right to an effective judicial remedy if you consider that your rights under this Regulation have been infringed as a result of the processing of your personal data in non-compliance with this regulation.
Use of Matomo (formerly Piwik)
(1) This website uses the web analysis service, Matomo, in order to be able to analyse the usage of our website and carry out regular improvements. We are able to improve our products and services through the statistics gained and to design it for you as a user in a more interesting manner. The legal basis for the use of Matomo is Article 6(1) p. 1 lit. f of the GDPR.
(2) Cookies are stored on your computer for this analysis. The information thus collected is exclusively stored by the data controller on a server in [Germany]. You may stop the analysis by deleting any existing cookies and by preventing the storage of cookies. If you prevent the storage of the cookies, we wish to point out that you may possibly not be able to make full use of all of the functions of this web-site. A prevention of the storage of cookies is possible through the setting in your browser. A prevention of the usage of Matomo is possible by removing the following tick and thus activating the opt-out plug-in.
(3) This website uses Matomo with the extension "AnonymizeIP". IP addresses are processed as a result in an abbreviated form and a direct personal reference can be thus excluded. The IP address communicated by your browser through Matomo will not be combined with other data collected by us.
(4) The program, Matomo, is an open-source project. Information on the third party provider: for data protection may be obtained under matomo.org/privacy-policy/.
We employ external service providers (processors) with whom separate contracts for processing have been concluded in order to guarantee the protection of your personal data. We collaborate with processors within the following categories:
Hosting of the website