The entity responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states as well as other provisions of data protection law is the:
Sturm Holding GmbH
Telephone: +49 9421 5520 – 0
We shall only process the personal data of our users where this is necessary to enable our website and content and services to operate. We only process the personal data of our users on a regular basis with the consent of the user. An exception shall apply in cases where prior consent cannot be obtained for practical reasons and processing the data is permitted by law.
If we obtain consent for processing personal data from the data subject, Art. 6 Para. 1 lit. a EU General Data Protection Regulation (GDPR) shall apply as the legal basis.
When processing the personal data necessary for performing a contract to which the data subject is a party, Art. 6 (1) lit.b GDPR shall apply as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.
Where the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit.c GDPR shall apply as legal basis.
In the event that the vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 para lit.d GDPR shall apply as the legal basis.
If processing the data is necessary to safeguard the legitimate interests of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the previously mentioned interest, Art. 6 para lit.f GDPR shall apply as legal basis for processing.
The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage ceases to apply.
The data may be stored beyond this time if there is provision for this according to the European or national legislator in EU regulations, laws or other regulations to which the supervisor is subject.
The data shall also be blocked or deleted when the storage period stipulated by the aforementioned standards expires, unless there is a need to continue storing the data to conclude or fulfil the contract.
Each time our website is accessed, our system automatically collects data and information from the computer system of the visiting computer.
The following data are collected:
The data is also stored in the log files of our system. Storage of these data together with other personal data of the user does not take place.
The temporary storage of data and logfiles shall be subject to Art. 6 (1) lit.f GDPR as the legal basis.
The data is stored in log files to ensure the website functions. The data is also used to optimise the website and to ensure that our information technology systems are secure. The data is not evaluated for marketing purposes in this connection.
Our legitimate interest also lies in the data processing according to Art. 6 lit.f GDPR as the legal basis.
Any data stored in log files are stored for no more than seven days. Additional storage is available. In this case, the IP addresses of the users are anonymised, so that it is no longer possible to assign the data to the visiting client.
Collecting data for the provision of the website and storing the data in log files is essential for the website to operate. It is therefore not possible for the user to object.
Our website also contains links to the Internet sites of other companies which are clearly recognisable. Where there are links to the websites of other providers, we have no influence on the content of these websites. Therefore, no guarantee can be given or liability accepted for their content. The providers or operators of the pages themselves are always responsible for the content of these pages. The linked pages were checked for possible legal violations and identifiable infringements at the time the links were created. No illegal content was recognised at the time the links were created. However, it is not reasonable to expect the linked pages to be constantly monitored without concrete evidence of an infringement. The relevant links will be removed immediately after we have been notified of any infringements.
Contact can be established via the respective e-mail addresses provided. In this case, the personal data of the user transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties The data is used exclusively for the processing of the conversation.
The legal basis for the processing of the data is Art.6 Para.1 lit.a GDPR (General Data Protection Regulation) if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art.6 Para. 1 lit.f GDPR. If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for the processing is Art.6 Para. 1 lit.b GDPR.
The processing of personal data serves us solely to process the establishment of contact. In case of contacting us by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected The conversation ends when it can be inferred from the circumstances that the facts in question have been conclusively clarified.
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
The revocation of the consent and the objection of the storage of the data are to be addressed by post or by e-mail to the contact data of the person responsible (see imprint). In this case, all personal data stored in the course of establishing contact will be deleted.
This site uses SSL or TLS encryption for security purposes and for protecting the transmission of confidential content, such as orders or requests which you send to us as the site operator.
You can recognise an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the lock symbol in your browser line. When SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
If you process personal data, you are the data subject according to the GDPR and you are entitled to the following rights in respect of the supervisor:
If you have the right of rectification, deletion or restriction of processing by the supervisor, they are obliged to notify all recipients, to whom your personal data have been disclosed, of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have a right to be informed by the supervisor about these recipients.
You may ask the supervisor to confirm if we have processed your personal data.
If we have processed such data, you can request the following information from the supervisor:
If your processed personal data are incorrect or incomplete, you have a right to rectification and/or completion by the supervisor. The supervisor must make the correction without delay.
You may demand the restriction of processing of your personal data under the following conditions:
If processing your personal data has been restricted, these data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important reasons of public interest to the Union or a Member State.
If the restriction on processing has been restricted in accordance with the above conditions, the supervisor shall inform you before the restriction is lifted.
You may demand that the supervisor delete your personal data without delay, and the supervisor is required to delete these data immediately if one of the following is true:
If the supervisor has made your personal data public and is obliged to delete them in accordance with Art. 17 Par. 1 GDPR, then they shall take appropriate measures, including technical measures, taking into account the technological and implementation costs, to inform the person responsible for data processing who is processing your personal data that you, as the person affected, have demanded that they delete all links to these personal data or copies or replications of these personal data.
The right to delete does not exist if the processing is necessary
You have the right to receive personal data relating to you which you have supplied to the supervisor in a structured, common and machine-readable format. You also have the right to transfer these data to another supervisor without hindrance from the supervisor to whom the personal data was supplied, provided that
In exercising this right, you also have the right to have your personal data transmitted directly from one person to another where this is technically feasible. The freedoms and rights of other persons may not be affected.
The right to data portability does not apply to the processing of personal data necessary for carrying out a task performed in the public interest or in the exercise of official authority which is conferred on the supervisor.
You have the right at all times to object to your personal data being processed for reasons arising from your particular situation according to Art. 6 para. 1 lit , e or f GDPR; this also applies to any profiling based on these provisions.
The supervisor shall no longer process your personal data unless he can demonstrate that he has compelling legitimate reasons for processing the data which outweigh your interests, rights and freedoms or that the processing of your data is for the purpose of asserting, exercising or defending legal claims.
If your personal data are processed for direct advertising purposes, you shall have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to your data being processed for direct advertising purposes, your personal data will no longer be processed for these purposes.
Regardless of Directive 2002/58/EG, you have the option in relation to using the information society services to exercise your right to object through automated procedures where technical specifications are used.
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of your consent does not affect the legality of the processing carried out on the basis of your consent before it was revoked.
You shall have the right not to be subject to a decision relating exclusively to automated processing (including profiling) which produces legal effects concerning you or significantly affects you in a similar manner.
This does not apply if the decision
However, these decisions must not be based on specific categories of personal data according to Art. 9 Par. 1 GDPR, unless Art. 9 Para. 2 lit, a or g GDPR applies and reasonable measures have been taken to protect the rights and freedoms and your legitimate interests.
With regard to the cases referred to in (1) and (3), the supervisor shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the supervisor, to state their own position and to challenge the decision.
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its residence, its place of work or the place of alleged violation, if you believe that the processing of your personal data is in violation of the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy according to Art.78 GDPR.