Privacy statement
The protection of your personal data is important to us. We naturally guarantee their protection within the context of legal requirements and handle your personal data carefully. With this statement we inform you about the types of personal data we collect, the purposes for which these data are collected, how they are processed and which rights you have in this regard.
1. Responsible body
Responsible body within the meaning of the data protection laws is
Döttling Luxury Safes GmbH
Margret-Fusbahn-Straße 5
71063 Sindelfingen, Germany
E-mail: info@doettling.com
Tel: +49 (0)7031 437456-0
2. Collection and storage of personal data and type and purpose of their use
We collect and store personal data in the following cases. We use these exclusively in the manner and for the purposes described below.
a) Visiting our website
When you visit our website www.doettling.com, the browser used on your device automatically sends information to the server of our website, which is temporarily stored by the server in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
Log files are important sources of information for making the processes on a system traceable. They can be used, for example, for problem analysis or the reconstruction of lost data. We use the data stored with the log files in this context:
Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest in data processing is derived from the purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. The IP address of the requesting computer is evaluated only in the event of attacks on the network infrastructure and for statistical purposes.
b) Use of contact form
You can contact us via a form provided on our website. Your name, a valid e-mail address and the background of your contact are required. By providing your contact details, you agree that we may use them to respond to your request.
We process the data you make available to us exclusively for the purpose of processing and responding to your request.
The legal basis for data processing is our legitimate interest in processing your request (Art. 6 para. 1 sentence 1 lit. f GDPR), and your consent to the processing of the data you have entered in the contact form (Art. 6 para. 1 sentence 1 lit. a GDPR).
Please note that the use of our contact form is not necessary to contact us. We will also be happy to answer your questions using the other contact details provided on our website. The personal data collected by us to process your request will be automatically deleted after the request you have made has been dealt with.
c) Newsletter registration
In addition to information about our product range and our new products, our electronic newsletter provides you with regular information about our company.
You can register via our website to receive our electronic newsletter. We use the so-called double opt-in procedure for your registration, i.e. registration is completed only when you confirm your wish to receive our electronic newsletter via a link, which you will receive by e-mail, which we will send to you at your request. In this case we collect the following personal data from you:
These data are processed in order to
The legal basis for data processing is your consent, which you give when registering for our newsletter (Art. 6 para. 1 sentence 1 lit. a GDPR).
With your consent, you also consent to the dispatch of our newsletter via TYPO3 GmbH, Am Wehrhahn 41, 40211 Düsseldorf, hereinafter referred to as “dispatch service provider”. The data protection regulations of the dispatch service provider can be viewed here: https://www.typo3.com.
According to its own information, the dispatch service provider can use data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter, or for statistical purposes in order to determine from which countries the recipients come. It has a legitimate interest in this (Art. 6 para. 1 sentence 1 lit. f GDPR). However, the dispatch service does not use the data of our newsletter recipients to write them down or pass them on to third parties.
d) Cookies and analysis services
Finally, we use cookies and analysis services when you visit our website. You will find more detailed explanations in Sections 4 ff. of this privacy statement.
3. Disclosure of your data to third parties
Your personal data will not be disclosed to third parties for purposes other than those listed below.
We will pass on your personal data to third parties only if:
4. Cookies
Like many other websites, we use so-called “cookies”. Cookies are small text files that your web browser automatically stores on your computer’s hard drive when you visit our website. We automatically receive certain data, such as the IP address and the browser you use, and can analyze your usage behavior in anonymous form when you visit our website. Cookies cannot cause any damage to your hard disk. In particular, they cannot be used to start programs and/or transmit viruses. We do not receive personal data about you through the cookies. It is not possible for us to assign the information stored in the cookies to an identified or identifiable natural person.
Cookies help us in many ways to make your visit to our website easier, more pleasant and more meaningful. For example, by analyzing the usage behavior of visitors to our website, we are able to tailor our services to your needs.
If personal data are processed by individual cookies, this is justified by our legitimate interest in offering you optimum functionality of our website and in operating our website as efficiently and economically as possible (Art. 6 para. 1 sentence 1 lit. f GDPR).
Of course, you can also view our website without cookies. Most Internet browsers are configured to accept cookies automatically. However, you can deactivate this function at any time or configure your browser to display a message whenever you receive a new cookie. You can delete cookies that have already been stored. However, we would like to point out that the deactivation of cookies may mean that you cannot use all functions of our website.
5. Social media plugins
We use so-called plugins (buttons) of different social networks on our website, so that you can also use the interactive possibilities of the social networks you use on our website. With these plugins different functions are provided, whose subject and extent is determined not by us but by the operators of the social networks.
Please note that we are not providers of social networks and have no influence on the data processing and content of the respective service providers. If personal data is processed when linked via social media plugins, it is in our legitimate interest to enable you to interact directly with social networks of which you are a member through the design of our website, as well as to provide opportunities for interaction for the purpose of advertising (Art. 6 para. 1 lit. f GDPR).
The following social media plugins are used by us. We would like to inform you about how they work as follows:
a) Facebook
Our website includes plugins of the social network “Facebook”, 1601 South California Avenue, Palo Alto, CA 94304, USA. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our page. An overview of the Facebook plugins can be found here.
When you activate the plugin, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our website with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can refer to the content of our pages in your Facebook profile.
We would like to point out that we are not aware of the content of the data transmitted or how it is used by Facebook and that we are not responsible for Facebook’s data processing. For more information, please see Facebook's Privacy Policy.
b) Instagram
Our website uses plugins of Instagram, operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. An overview of the Instagram plugins and their appearance can be found here.
When you activate the plugin, the plugin establishes a direct connection between your browser and the Instagram server. Instagram receives the information that you have visited our website with your IP address. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there.
If you are logged in to Instagram, Instagram can immediately associate your visit to our website with your Instagram account. If you interact with the plugins, for example by pressing the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed to your contacts.
We would like to point out that we are not aware of the content of the data transmitted or how Instagram uses it and that we are not responsible for Instagram’s data processing. Please refer to Instagram's Privacy Policy for more information.
6. Social networks
We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services. When the respective networks and platforms are accessed, the terms and conditions and the data processing guidelines of their operators apply.
Unless otherwise stated in our privacy policy, we will process the data of users who communicate with us within social networks and platforms, e.g. write articles on our websites or send us messages.
If users leave comments or other contributions on our social media presences, their IP addresses will be used on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR for seven days. This takes place for our safety if illegal contents are left in comments and contributions (insults, forbidden political propaganda, etc.). In this case we can be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.
7. Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) in the context of our processing, transmit the data to them or otherwise grant them access to the data, this shall take place only on the basis of legal permission (e.g. transmission of the data to third parties, such as payment service providers, in accordance with Section 6 of the German Data Protection Act – Art. 6 para. 1 lit. b GDPR is required for contract fulfillment), if you have consented (Art. 6 para. 1 lit. a GDPR), if a legal obligation provides for this (Art. 6 para. 1 lit. c GDPR), or on the basis of our legitimate interests, e.g. when using agents, web hosters, etc. (Art. 6 para. 1 lit. f GDPR). If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
8. Data security
We use the most common TSL or SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or padlock symbol in the lower status bar of your browser. If SSL or TSL encryption is activated, the data you transmit to us cannot be read by third parties.
9. Duration of data storage
In accordance with the principles of data avoidance and economy, your information will not be processed by us for longer than is necessary for the purpose for which it was collected or as provided for by law. As soon as the purpose of data processing has expired and/or legal storage periods have expired, the data stored by us will be deleted.
10. Rights of the data subject
Insofar as you are affected by the processing of personal data, you have the following rights:
a) Right to information, Art. 15 GDPR
Pursuant to Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details.
b) Correction and completion, Art. 16 GDPR
Pursuant to Art. 16 GDPR, you have the right to immediately request the correction of incorrect or incomplete personal data stored by us.
c) Deletion, Art. 17 GDPR
Pursuant to Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest, or to assert, exercise or defend legal claims.
d) Restriction of processing, Art. 18 GDPR
Pursuant to Art. 18 GDPR, you have the right to demand restriction of the processing of your personal data if you dispute the accuracy of the data or if the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have filed an objection against the processing in accordance with Art. 21 GDPR.
e) Provision of stored data, Art. 20 GDPR
Pursuant to Art. 20 GDPR, you have the right to receive the personal data you have provided to us in a structured, current and machine-readable format or to request its transfer to another responsible person.
f) Revocation of consent granted, Art. 7 para. 3 GDPR
Pursuant to Art. 7 para. 3 GDPR you have the right to revoke your consent at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future.
g) Right of appeal, Art. 77 GDPR
Pursuant to Art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our office.
11. Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to make use of your right of revocation or objection, simply send an e-mail to datenschutzbeauftragter@doettling.com
12. Changes to our privacy statement
We reserve the right to adapt our privacy statement to ensure that it always complies with applicable legal requirements, especially in the event of changes to our services. When you visit our website, the current version of the privacy statement published on our website always applies.
13. Questions to the data protection officer
If you have any questions about our data protection, please contact our data protection officer direct at datenschutzbeauftragter@doettling.com.
Contact us now!