Data protection

Data protection

We take the protection of your personal data very seriously when using the websites of our domain "peterkoelln.de" as well as all subdomains (hereinafter referred to as the "website"). In the following, we will inform you about the collection, processing and use of your personal data when you visit these websites and use the services offered. "Personal data" is information about a person or information that relates to a person (e.g. name, address, postal address, telephone number, IP address) and which can be used to find out persons’ identities. Personal data is all information that refers to an identified or identifiable natural person. A natural person is considered to be identifiable if he or she can be identified directly or indirectly - in particular by assigning an identifier such as a name, identification number, location data or an online identification. The data protection law of the Federal Republic of Germany protects personal data, in particular by the General Data Protection Regulation ("GDPR").

1. Data Controller Responsible

Data Controller responsible pursuant to the General Data Protection Regulation (GDPR) is:

Peter Kölln GmbH & Co. KGaA
Westerstraße 22-24
D-25336 Elmshorn
+49 (0) 41 21 6480
+49 (0) 41 21 66 39
contact[at]peterkoelln.de

2. Data subject rights

Insofar as we store and process your personal data, you are entitled to the following rights:

(1) Right to information pursuant to Art. 15 GDPR about the processing of your personal data by us for processing purposes, categories of processed data, recipients or recipient categories, duration of storage or criteria for determining the duration, right to correction, deletion, restriction to processing or objection to the processing, the right to lodge a complaint with the supervisory authority, information about the origin of the data and the existence of automated decision-making and, if applicable, information about guarantees pursuant to Art. 46 GDPR when transmitted to a third country or international organisations;

2) Right to immediate rectification of incorrect or incomplete personal data pursuant to Art. 16 GDPR;

(3) Right to deletion of the stored personal data pursuant to Art. 17 GDPR if the data are no longer required in relation to the purposes for which they were collected or otherwise processed, if a given consent has been revoked and where there is no other legal ground, if there is an objection to the processing, and the data may no longer be processed pursuant to Art. 21(1) or (2) GDPR, if the data have been unlawfully processed, if the data have to be deleted for compliance with a legal obligation or if the data have been collected in relation to the offer of information society services pursuant to Art. 8 (1). This shall not apply to the extent that processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

(4) Right to restriction of processing pursuant to Art. 18 GDPR if you dispute the accuracy of the data (for the period required enabling to verify the accuracy), if the processing is unlawful, but you oppose to deletion and request the restriction of their use instead, if we no longer need the data for the purposes of processing, but you need the data to establish, exercise or defend legal claims, or if you have objected to the processing pursuant to Art. 21 (1) GDPR and pending the verification whether our legitimate reasons prevail.

5) Right to object to the processing of your personal data pursuant to Art. 21(2) GDPR (if the data are processed for direct marketing purposes or pursuant to Art. 21(1e) or (f) GDPR) takes place on grounds relating to your particular situation unless we demonstrate compelling legitimate grounds for the processing which override your interests, or the processing serves to establish, exercise or defend legal claims ).

(6) Right to data portability pursuant to Art. 20 GDPR, i.e., to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to transmit those data to another controller;

(7) Right to withdraw consent at any time pursuant to Art. 7(3) GDPR. As a result of the revocation of consent, we are no longer allowed to carry out data processing in future from the date of the revocation.

(8) Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. The supervisory authority responsible for us can be found under clause 4.

(9) All requests for information, information inquiry or objections to data processing should be directed to the address mentioned under clause 1.

3. Automated decision-making

An automated decision-making is not used here.

4. Supervisory authority

The address of the supervisory authority responsible for us is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Holstenstrasse 98
24103 Kiel
mail[at]datenschutzzentrum.de
+49 (0) 431 988-1200
+49 (0) 431 988-1223

5. Storage of access data

(1) Each time our website is accessed, access data are stored in a log file on our provider's server.

(2) This data set includes for example your IP address, directory protection user, date, time of request, pages viewed, protocols, status code, amount of data, referrer, user agent and host name called up.

(3) These data are collected for technical reasons. Deletion takes place automatically after 7 days at the latest. The legal basis for the collection of this data is Art. 6 (1 f) GDPR. Our legitimate interest is to ensure the security and stability of our website.

6. Collection of personal data for informational use

(1) If you use the website for informational purposes only, i.e. if you do not log in, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data mentioned under 5.2, which your browser transmits to technically enable the visit to the website.

(2) When using the website, so-called cookies are stored on your computer. Cookies are text files which are stored on your hard drive (assigned to the browser you are using) and through which certain information flows to the person who sets the cookie (in this case, to us). Cookies cannot run programmes or transmit viruses / malware to your computer.
E.g. we use cookies to identify you for subsequent visits if you have an account with us. Otherwise you would have to log in again for each visit.

This website uses cookies to the following extent:

  • Session cookies (temporary use)
  • Persistent cookies
  • Third-party cookies (from third-party providers)

Session cookies are automatically deleted when you close the browser.
The legal basis for the use of session cookies is Art. 6 (s 1. 1 f) GDPR. It is our legitimate interest to be able to use cookies to optimise our website for users. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.

The legal basis for persistent cookies and third-party cookies is Art. 6 (1 S. 1 a) GDPR, i.e.  your express consent that we may set cookies on your terminal. You may give us your consent by approval to the cookie notification banner.

Persistent and third-party cookies remain on your terminal until you delete them. They allow your end device to be recognised when you return to the website.

You can delete the cookies in the security settings of your browser at any time.
You can configure your browser settings according to your wishes and, e.g. refuse acceptance of cookies. However, we would like to point out that you may then not be able to use all functions of this website.

7. Use of functions of our website

(1) In addition to the purely informational use of our website, we can offer other services on the website to you which you can use if you are interested in. To do so, you usually have to provide personal data that we need and use to provide the respective service. If additional voluntary information are possible and requested by us, they are marked accordingly.

(2) When you contact us by e-mail, your e-mail address and, if you indicate this, your name, your telephone number and, if you select "Product complaint", optionally your country, street, house number and place of residence are stored with us in order to answer your questions and to enable us to remedy defects in the event of justified notices of defects.

(3) If you send us inquiries via the contact form, your details from the request form including the contact details you provided there for the purpose of processing the request are stored. We will not pass this data on to external third parties without your consent.
If your request is related to the fulfilment of a contract or is required to carry out pre-contractual measures these data are processed on the basis of Art. 6 (1 lit. b) GDPR. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6(1 lit. f) GDPR) or on your consent (Art. 6(1 lit. a) GDPR) if this was queried.
The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - especially retention periods - remain unaffected.

8. Integration of services and social media

We use the internet presence in social networks (including Facebook and Instagram, see below) to communicate with the customers, interested parties and users active there and to be able to provide them with information on us and our products.

It is possible that user data are also processed outside of the European Union. This could result in risks for the user, e.g. because it may be difficult to enforce your own rights. With regard to US providers which are certified under the EU-US Privacy Shield, we would like to point out that they are committed to complying with EU data protection standards.

Furthermore, the data of the users may possibly be processed for analysis purposes, namely by

- Google Analytics;

This way, profiles can be created from the usage behaviour and the interests of the users derive thereof. These profiles can be used to, e.g. for placing of advertisements inside and outside the platforms that are likely to serve the interests of the users. For these purposes, cookies may be stored on the users' computers, through which the usage behaviour, the interests of the users and / or the length of stay are saved.

In the event of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted with the respective providers. The providers only have access to the relevant data of the users and can directly take appropriate measures and provide concrete information.

For a detailed description of the respective processing, we refer to the following information on the respective providers.

Facebook

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).
According to Facebook, only an anonymised IP address is saved in Germany. In addition to presenting information and news about our group of companies, we also use Facebook to evaluate the Insights service. This is based on a shared responsibility. Further information is listed below:
https://www.facebook.com/legal/terms/page_controller_addendum

Privacy policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads

Facebook is certified under the EU-US Privacy Shield Agreement and is committed to complying with European data protection law.
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Instagram

Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland).
We use Instagram to provide information about our company and related events.

Privacy Policy: https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc

Pinterest

We have a Pinterest profile. The operator is Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, USA ("Pinterest"). You can find details on how they handle your personal data in Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy

YouTube

We have a profile on YouTube. YouTube is operated by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. For details on how they handle your personal data, please refer to the data protection declaration of YouTube or Google: policies.google.com/privacy.

If a YouTube video is started, the provider uses cookies which collect information about user behaviour.

If you have deactivated the storage of cookies for the Google-Ad programme, you will not have to expect such cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser.

YouTube videos possibly integrated on peterkoelln.de

In our YouTube Channel linked on our website we present, among other things, own videos. When using YouTube through clicking on links on our website (starting with "youtu.be"), you will be directed to the YouTube website. For details on how YouTube handles your personal data, please refer to the YouTube or Google privacy policy:

https://policies.google.com/privacy
Opt-Out: https://adssettings.google.com/authenticated

Google is certified according to the EU-US Privacy Shield Agreement and is committed to complying with European data protection law.
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited (hereinafter referred to as "Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer or mobile device and enable an analysis of your use of the website. The information collected by cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

The storage of Google Analytics cookies and the use of any analysis tools only take place on the basis of a consent you may have given us as a user with a click of the mouse (e.g. consent to the storage of cookies); processing is therefore carried out exclusively on the basis of Art. 6 (1 lit. a) GDPR. You as a user can revoke this consent at any time, either by clicking the link below (see below in the section "Objection to data collection") or by making a corresponding declaration to us, Peter Kölln GmbH & Co. KGaA, Elmshorn

IP anonymisation

We have activated the IP anonymisation function on the website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. The full IP address is transferred to a Google server in the USA and abbreviated there in exceptional cases only. On our behalf, Google will use this information to evaluate the use of the website by all website visitors, to compile reports on website activities and to provide other services related to website and internet use to us as the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can manage browser cookies via your browser settings. The help function of most web browsers explains how to prevent your browser from accepting new cookies, how to let your browser notify you when you receive a new cookie, how to deactivate cookies and when cookies expire. If you deactivate all cookies in your browser, neither we nor third parties will transfer cookies to your browser. In this case, you may not be able to fully use all functions of this website. However, if you do so, you may have to manually adjust some settings each time you visit a website, and some features and services may possibly not work.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on the handling of user data at Google Analytics in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We, Peter Kölln GmbH & Co. KG as the operator of the website, have concluded a processing contract with Google, under which Google has undertaken to strictly comply with the requirements of German data protection law and, if required, any other applicable data protection standards. We ourselves comply with the legal requirements of all applicable data protection standards, in particular the requirements of the GDPR, when using Google Analytics and the data collected and stored within the scope of using Google Analytics.

Demographic characteristics on Google Analytics
The website uses "demographic features" function of Google Analytics. This allows reports to be created that contain information about the age, gender and interests of website visitors.
These data come from interest-based advertising from Google and visitor data from third-party providers. These data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown under "Objection to data collection".

Storage period
Data stored at Google at user and event level which are linked to cookies, user identifications (e.g. user ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymised or deleted after 38 months. For details, see the following link: https://support.google.com/analytics/answer/7667196?hl=de

OpenStreetMap

We use the map service from OpenStreetMap (OSM). The provider is the Open Street Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, Great Britain.

If you visit a website which includes OpenStreetMap, your IP address and further information about your behaviour on this website will be forwarded to OSMF. For this reason, OpenStreetMap may save cookies on your browser. These are text files which are stored on your computer and enable an analysis of your use of the website. You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may possibly not be able to use all functions of this website to their full extent.

In addition, your location can also be collected if you have approved so in your device settings - e.g. on your mobile phone. The provider of this site has no influence on such data transmission. Details can be found in the privacy policy of OpenStreetMap under the following link: https://wiki.osmfoundation.org/wiki/Privacy_Policy.

OpenStreetMap is used in the interest of an attractive presentation of our online offers and to easily find the places we have indicated on the website. This represents a legitimate interest within the meaning of Art. 6 (1 lit. f) GDPR. If a corresponding consent was requested (e.g. consent to the storage of cookies), the processing takes place on the basis of Art. 6 (1 lit. a) GDPR exclusively; the consent can be revoked at any time.

Google Tag Manager

Google Tag Manager is a programme with which we can manage so-called website tags via a surface (and thus integrate e.g. Google Analytics and other Google marketing services into our online offer). The tool 'Google Tag Manager' itself is a cookie-free domain and does not collect any personal data. When you visit our website, however, provided you have given us your consent on the cookie notice banner, your IP address will be transmitted to Google as a prerequisite for the technical process.

With regard to the processing of users' personal data, reference is made to the following information about Google services. Google Tag Manager usage guidelines: www.google.com/intl/de/tagmanager/use-policy.html 

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is intended to check whether the data entry on our websites (e.g. in a contact form) is carried out by a person or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics.

If you have given us your consent on the cookie notification banner, the analysis begins automatically as soon as the website visitor enters the website. For analysis, reCAPTCHA evaluates various information (e.g. IP address, length of time the website visitor stays on the website or mouse movements made by the user). The data collected during the analysis are forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed about an analysis taking place.

Further information on Google reCAPTCHA and Google's privacy policy can be found at the following links: www.google.com/intl/de/policies/privacy/ und www.google.com/recaptcha/intro/v3beta.html.

9.  Applications

The controller collects and processes the personal data of applicants for the purpose of processing the application process. These data are processed on the basis of § 26 (1) sentence 1) BDSG (decision on the establishment of an employment relationship).
If the data controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted six months after receipt of the application; provided no other legitimate interests of the data controller are opposing to deletion. Other legitimate interests pursuant to Art. 6 (1 f), could for example be an obligation to provide evidence in a procedure under the General Equal Treatment Act (AGG).

10. Liability for contents

The contents of our pages were created with great care. However, we cannot guarantee that the content is correct, complete and up to date. As a service provider, we are responsible for our own content on these pages in accordance with general laws pursuant to § 7 (1) TMG. Pursuant to §§ 8 to 10 TMG, we as a service provider are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this regard is only possible from the time we become aware of a specific legal violation. As soon as we become aware of such violations, we will remove such contents immediately.

11. Liability for links

Our pages may contain links to external third party websites, on whose content we have no influence. For this reason, we cannot accept any liability for this external content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time the link was created. No illegal content was discernible at the time the link was created. A permanent control of the content of the linked pages is not reasonable without concrete evidence of an infringement. As soon as we become aware of legal violations, we will remove such links immediately.

12. Data security

We secure our website and other systems with suitable technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. Despite regular checks, complete protection against all risks is not possible.
Our website uses the industry standard TLS / SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal data on the Internet. You can see whether an encrypted transmission is taking place by the closed key or lock symbol in the display of your browser.

We would like to point out that data transmission on the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third-party access.

13. Disclosure of data

Your personal data will only be disclosed to third parties if you have given your express consent pursuant to Art. 6 (1 clause 1 a) GDPR;
if the disclosure is required to fulfil contractual obligations pursuant to Art. 6 (1 clause 1 b) GDPR

  • if we are legally obliged to disclose the data for the purpose of Art. 6 (1 sentence 1 c) GDPR;
  • if disclosure of the data is in the public interest for the purpose of Art. 6 (1 e) GDPR or;
  • if disclosure of the data is required pursuant to Art. 6 (1 s. 1 f) GDPR in order to protect our    legitimate interest or the legitimate interests of a third party, unless your interests in the protection of your data outweigh them.

14. Third party recipients

To deal with complaints and customer support and to enable us to process your concerns satisfactorily, we may have to pass on your personal data to third-party recipients. Third parties can be our suppliers, transport and logistics partners and our trading partners.

15. Duration of storage of personal data

Your data will be stored by us for as long as required for the respective purposes the processing is based on. In addition, we only store data if we are legally obliged to do so, e.g.  due to statutory retention requirements

16. Information on the right to object

An objection to the processing of your personal data, based on Art. 6 (1 e) (data processing in the public interest) or (f) (data processing to protect legitimate interests based on balancing of interests) is possible at any time pursuant to Art. 21 GDPR. In the event of an objection, the personal data shall no longer be processed, unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.
Please direct your objection to the contact named under point 1 of this privacy policy ("Data Controller responsible").

17. Information on the right of revocation

If you have given us your consent to the processing of personal data, you can revoke this at any time. Of course, this also applies to declarations of consent given to us before May 25, 2018 (before the GDPR was in effect). The revocation of consent can only apply for the future. The lawfulness of the processing is not retrospectively removed by revocation. Please direct your revocation to the address mentioned under point 1.

18. Timeliness

This data protection declaration was last updated on April 14th, 2020. It is the current and valid version of our privacy policy.
However, we would like to point out that from time to time it may be necessary to revise this privacy policy due to actual or legal changes.

19. Data Protection Officer

If you have specific questions about the protection of your data, please contact the data protection officer of Peter Kölln GmbH & Co. KGaA:

Mrs Kerstin Lange
c / o Vater Solution GmbH
Liebigstrasse 26
24145 Kiel

Email: dataprotection@peterkoelln.de