Data protection
We only process personal data (hereinafter referred to as “data”) only to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.
According to Article 4, Paragraph 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as “GDPR”), “processing” is considered to be any process carried out with or without the help of automated processes or any series of processes carried out in this context with personal data, such as collecting, recording, organizing, arranging, storing, adapting or changing, reading, querying, using, disclosing by transmission, dissemination or any other form of provision, comparison or linking, restricting, deleting or destroying.
With the following data protection declaration we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide on the purposes and means of processing either alone or jointly with others. We will also inform you below about the third-party components we use for optimization purposes and to increase the quality of use, insofar as third parties process data under their own responsibility.
Our data protection declaration is structured as follows:
I. Information about us as controllers
II. Rights of users and those affected
III. Information on data processing
I. Information about us as controllers
The responsible provider of this website in terms of data protection law is:
STEJA lighting Jasinski & Szymendera GbR
Bredentiner Weg 4a
18273 Güstrow
Germany
Telephone: +49 (0)3843 / 7289199
Email: info@STEJAlighting.de
The data protection officer at the provider is:
Stefan Jasinski
II. Rights of users and those affected
With regard to the data processing described in more detail below, users and those affected have the right
- for confirmation as to whether data concerning you is being processed, for information about the data processed, for further information about data processing and for copies of the data (see also Article 15 GDPR);
- to correct or complete incorrect or incomplete data (see also Art. 16 GDPR);
- to the immediate deletion of the data concerning you (see also Art. 17 GDPR), or, alternatively, to the extent that further processing is necessary in accordance with Art. 17 Para. 3 GDPR, to restriction of processing in accordance with Art. 18 GDPR;
- to receive the data concerning you and provided by you and to transmit this data to other providers/responsible parties (see also Art. 20 GDPR);
- to complain to the supervisory authority if you are of the opinion that the data concerning you is being processed by the provider in violation of data protection regulations (see also Art. 77 GDPR).
In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or the restriction of processing that takes place on the basis of Articles 16, 17 Paragraph 1, 18 GDPR teach. However, this obligation does not apply if this notification is impossible or involves disproportionate effort. Without prejudice to this, the user has the right to information about these recipients.
According to Article 21 of the GDPR, users and those affected also have the right to object to the future processing of data concerning them, provided that the data is processed by the provider in accordance with Article 6 (1) (f) of the GDPR. In particular, an objection to data processing for the purpose of direct advertising is permitted.
As soon as we process personal data for direct marketing based on legitimate interests, you can object to this processing with future effect as mentioned above. (Here we refer to recital 47 according to the GDPR)
III. Information on data processing
Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any legal retention obligations and no different information is subsequently provided about individual processing procedures.
Server data
For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or our web space provider through your Internet browser. These so-called server log files contain, among other things, the type and version of your internet browser, the operating system, the website from which you switched to our website (referrer URL), the website(s) of our website that you visit, the date and time of the respective access as well as the IP address of the Internet connection from which our website is used.
The data collected in this way will be stored temporarily, but not together with other data about you.
This storage takes place on the legal basis of Article 6 Paragraph 1 Letter f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.
The data will be deleted after seven days at the latest, unless further storage is required for evidentiary purposes. Otherwise, the data will be completely or partially excluded from deletion until an incident has been finally clarified.
Cookies
a) Session cookies/session cookies
We use so-called cookies on our website. Cookies are small text files or other storage technologies that are stored and stored on your device by the Internet browser you use. These cookies process certain information about you on an individual basis, such as your browser or location data or your IP address.
This processing makes our website more user-friendly, effective and secure, as the processing enables, for example, the reproduction of our website in different languages or the offering of a shopping cart function.
The legal basis for this processing is Art. 6 Para. 1 lit b.) GDPR, provided that these cookies data are processed for the purpose of initiating or executing a contract.
If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Article 6 Paragraph 1 Letter f) GDPR.
When you close your internet browser, these session cookies are deleted.
b) Third-party cookies
Our website may also use cookies from partner companies with whom we work for the purposes of advertising, analysis or the functionality of our website.
Please see the information below for details, in particular the purposes and legal basis for processing such third-party cookies.
c) Possibility of elimination
You can prevent or restrict the installation of cookies by setting your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you use. If you have any questions, please use the help function or documentation of your Internet browser or contact the manufacturer or support. However, with so-called Flash cookies, the processing cannot be prevented via the browser settings. Instead, you have to change the settings of your Flash player. The steps and measures required for this also depend on the specific Flash player you are using. If you have any questions, please use the help function or documentation of your Flash player or contact the manufacturer or user support.
However, if you prevent or restrict the installation of cookies, this may result in not all functions of our website being fully usable.
Contract execution
The data you provide to use our range of goods and/or services will be processed by us for the purpose of contract processing and is necessary to this extent. Contract conclusion and contract processing are not possible without providing your data.
The legal basis for processing is Article 6 Paragraph 1 Letter b) GDPR.
We delete the data once the contract has been fully processed, but we must observe the tax and commercial law retention periods.
As part of the contract processing, we pass on your data to the transport company commissioned to deliver the goods or to the financial service provider, if the transfer is necessary for the delivery of goods or for payment purposes.
The legal basis for passing on the data is then Article 6 Paragraph 1 Letter b) GDPR.
Customer account / registration function
If you create a customer account with us via our website, we will use the data you entered during registration (e.g. your name, address or email address) exclusively for pre-contractual services, for the fulfillment of the contract or for the purpose of Customer care (e.g. to provide you with an overview of your previous orders with us or to be able to offer you the so-called wish list function) collect and save. At the same time, we then save the IP address and the date of your registration and time. Of course, this data will not be passed on to third parties.
As part of the further registration process, your consent to this processing will be obtained and reference will be made to this data protection declaration. The data we collect is used exclusively to provide the customer account.
If you consent to this processing, Article 6 Paragraph 1 Letter a) GDPR is the legal basis for the processing.
If the opening of the customer account also serves pre-contractual measures or the fulfillment of the contract, the legal basis for this processing is also Art. 6 Para. 1 lit. b) GDPR.
You can revoke your consent to open and maintain your customer account at any time with future effect in accordance with Art. 7 Para. 3 GDPR. To do this, you simply need to inform us of your revocation.
The data collected in this respect will be deleted as soon as processing is no longer necessary. However, we must observe retention periods under tax and commercial law.
Checking creditworthiness and scoring
If we give you the basic option of paying by invoice as part of our range of goods or services and you make use of this, we reserve the right to provide a credit rating report on a mathematical basis from a credit agency (such as Creditreform, Schufa, Bürgel or infoscore). -statistical procedures. For this purpose, your data, to the extent that it is contractually relevant, such as your name and address, will be forwarded to the credit agency. We use the subsequent information about the statistical probability of non-payment to decide whether we offer you payment by invoice.
The legal basis for this processing is our legitimate interest in the reliability of the claim in accordance with Article 6 Paragraph 1 Letter f) GDPR.
Newsletter
If you register for our free newsletter, the data requested from you, i.e. your email address and – optionally – your name and address, will be transmitted to us. At the same time, we store the IP address of the Internet connection from which you access our website as well as the date and time of your registration. As part of the further registration process, we will obtain your consent to send the newsletter, describe the content specifically and refer you to this data protection declaration. We use the data collected exclusively for sending newsletters – which is why they are not passed on to third parties.
The legal basis for this is Article 6 Paragraph 1 Letter a) GDPR.
You can revoke your consent to receive the newsletter at any time with future effect in accordance with Art. 7 Para. 3 GDPR. To do this, you simply need to inform us of your revocation or click on the unsubscribe link contained in every newsletter.
Contact inquiries/contact options
If you contact us via contact form or email, the data you provide will be used to process your request. Providing the data is necessary to process and answer your request – without it, we cannot answer your request or at best respond to a limited extent.
The legal basis for this processing is Article 6 Paragraph 1 Letter b) GDPR.
Your data will be deleted if your request has been answered conclusively and deletion does not conflict with any legal retention obligations, such as in the event of any subsequent contract processing.
User contributions, comments and ratings
We offer you the opportunity to publish questions, answers, opinions or reviews, hereinafter referred to as “contributions,” on our website. If you take advantage of this offer, we will process and publish your contribution, the date and time of submission and the pseudonym you may have used.
The legal basis for this is Article 6 Paragraph 1 Letter a) GDPR. You can revoke your consent at any time with future effect in accordance with Art. 7 Para. 3 GDPR. To do this, you simply need to inform us of your revocation.
We also process your IP and email address. The IP address is processed because we have a legitimate interest in taking or supporting further steps if your contribution encroaches on the rights of third parties and/or is otherwise unlawful.
The legal basis in this case is Article 6 Paragraph 1 Letter f) GDPR. Our legitimate interest lies in the legal defense that may be necessary.
Subscription to posts
If you publish posts on our website, we also offer you the opportunity to subscribe to any follow-up posts from third parties. In order to be able to inform you about these follow-up posts by email, we process your email address.
The legal basis for this is Article 6 Paragraph 1 Letter a) GDPR. You can revoke your consent to this subscription at any time with future effect in accordance with Art. 7 Para. 3 GDPR. To do this, you simply need to inform us of your revocation or click on the unsubscribe link contained in the respective email.
To advertise our products and services and to communicate with interested parties or customers, we maintain a company presence on the Facebook platform.
We are responsible for this social media platform together with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
Facebook’s data protection officer can be reached via a contact form:
https://www.facebook.com/help/contact/540977946302970
We have regulated joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, from which the mutual obligations arise, is available at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum
The legal basis for the resulting processing of personal data and described below is Article 6 Paragraph 1 Letter f of the GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services.
The legal basis can also be the user’s consent to the platform operator in accordance with Article 6 Paragraph 1 Letter a of the GDPR. The user can revoke his consent to this at any time in the future in accordance with Art. 7 Para. 3 GDPR by notifying the platform operator.
When you access our online presence on the Facebook platform, Facebook Ireland Ltd. as the operator of the platform in the EU, processes user data (e.g. personal information, IP address, etc.).
This user data serves to provide statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. For example, it is possible to advertise to users within and outside of Facebook based on their interests. If the user is logged into their Facebook account at the time of access, Facebook Ireland Ltd. also link the data to the respective user account.
If the user contacts you via Facebook, the user’s personal data entered on this occasion will be used to process the request. We will delete the user’s data as long as the user’s request has been answered conclusively and there are no legal retention obligations, such as in the event of subsequent contract processing.
To process the data, Facebook Ireland Ltd. Cookies may also be set if necessary.
If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. With Flash cookies, processing cannot be prevented via the browser settings, but rather by setting the Flash player accordingly. If the user prevents or restricts the installation of cookies, this may result in not all of Facebook’s functions being fully usable.
Further information about the processing activities, how to prevent them and how to delete the data processed by Facebook can be found in Facebook’s data policy:
https://www.facebook.com/privacy/explanation
It cannot be ruled out that processing by Facebook Ireland Ltd. also via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.
Facebook Inc. has submitted to the “EU-US Privacy Shield” and thereby declares compliance with EU data protection regulations when processing data in the USA.
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
To promote our products and services and to communicate with interested parties or customers, we maintain a company presence on the Instagram platform.
We are responsible for this social media platform together with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
Instagram’s data protection officer can be reached via a contact form:
https://www.facebook.com/help/contact/540977946302970
We have regulated joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, from which the mutual obligations arise, is available at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum
The legal basis for the resulting processing of personal data and described below is Article 6 Paragraph 1 Letter f of the GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services.
The legal basis can also be the user’s consent to the platform operator in accordance with Article 6 Paragraph 1 Letter a of the GDPR. The user can revoke his consent to this at any time in the future in accordance with Art. 7 Para. 3 GDPR by notifying the platform operator.
When you access our online presence on the Instagram platform, Facebook Ireland Ltd. as the operator of the platform in the EU, processes user data (e.g. personal information, IP address, etc.).
This user data serves to provide statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Based on these profiles, Facebook Ireland Ltd. For example, it is possible to advertise to users within and outside of Instagram based on their interests. If the user is logged into their Instagram account at the time of access, Facebook Ireland Ltd. also link the data to the respective user account.
If the user contacts you via Instagram, the user’s personal data entered on this occasion will be used to process the request. We will delete the user’s data as long as the user’s request has been answered conclusively and there are no legal retention obligations, such as in the event of subsequent contract processing.
To process the data, Facebook Ireland Ltd. Cookies may also be set if necessary.
If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. With Flash cookies, processing cannot be prevented via the browser settings, but rather by setting the Flash player accordingly. If the user prevents or restricts the installation of cookies, this may result in not all of Facebook’s functions being fully usable.
Further information about the processing activities, how to prevent them and how to delete the data processed by Instagram can be found in Instagram’s data policy:
https://help.instagram.com/519522125107875
It cannot be ruled out that processing by Facebook Ireland Ltd. also via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.
Facebook Inc. has submitted to the “EU-US Privacy Shield” and thereby declares compliance with EU data protection regulations when processing data in the USA.
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Linking social media via graphic or text link
We also advertise presences on the social networks listed below on our website. The integration takes place via a linked graphic of the respective network. The use of this linked graphic prevents a connection from being automatically established to the respective server of the social network when you access a website that has a social media application in order to display a graphic of the respective network itself. Only by clicking on the corresponding graphic will the user be redirected to the service of the respective social network.
After the user is redirected, information about the user is collected by the respective network. It cannot be ruled out that the data collected in this way will be processed in the USA.
First of all, this is data such as IP address, date, time and page visited. If the user is logged into their user account of the respective network, the network operator may be able to assign the collected information from the user’s specific visit to the user’s personal account. If the user interacts via a “share” button on the respective network, this information can be saved in the user’s personal user account and, if necessary, published. If the user wants to prevent the collected information from being directly assigned to his user account, he must log out before clicking on the graphic. It is also possible to configure the respective user account accordingly.
The following social networks are integrated into our site through links:
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
Data protection declaration: https://www.facebook.com/policy.php
Certification EU-US data protection (“EU-US Privacy Shield”) https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
Google Maps
On our website we use Google Maps to display our location and to create directions. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.
Through certification according to the EU-US Privacy Shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that the EU data protection regulations will also be adhered to when processing data in the USA.
In order to enable the display of certain fonts on our website, a connection is established to the Google server in the USA when our website is accessed.
If you access the Google Maps component integrated into our website, Google stores a cookie on your device via your Internet browser. In order to display our location and create directions, your user settings and data are processed. We cannot rule out that Google uses servers in the USA.
The legal basis is Article 6 Paragraph 1 Letter f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.
Through the connection to Google established in this way, Google can determine from which website your request was sent and to which IP address the directions should be sent.
If you do not agree to this processing, you have the option of preventing the installation of cookies by using the appropriate settings in your internet browser. You can find details on this under “Cookies” above.
In addition, the use of Google Maps and the information obtained via Google Maps is subject to the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Terms and Conditions for Google Maps https://www.google. com/intl/de_de/help/terms_maps.html.
In addition, Google offers at
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
further information.
Google reCAPTCHA
On our website we use Google reCAPTCHA to check and prevent interactions on our website through automated access, for example by so-called bots. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.
Through certification according to the EU-US Privacy Shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that the EU data protection regulations will also be adhered to when processing data in the USA.
Through this service, Google can determine from which website a request is sent and from which IP address you use the so-called reCAPTCHA input box. In addition to your IP address, Google may also collect other information that is necessary to offer and guarantee this service.
The legal basis is Article 6 Paragraph 1 Letter f) GDPR. Our legitimate interest lies in the security of our website and in preventing unwanted, automated access in the form of spam or similar.
Google offers under
https://policies.google.com/privacy
further information on the general handling of your user data.
Google Fonts
On our website we use Google Fonts to display external fonts. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.
Through certification according to the EU-US Privacy Shield (“EU-US Privacy Shield”)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google guarantees that the EU data protection regulations will also be adhered to when processing data in the USA.
In order to enable the display of certain fonts on our website, a connection is established to the Google server in the USA when our website is accessed.
The legal basis is Article 6 Paragraph 1 Letter f) GDPR. Our legitimate interest lies in the optimization and economic operation of our website.
By connecting to Google when you access our website, Google can determine from which website your request was sent and to which IP address the display of the font should be sent.
Google offers under
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
further information, particularly on the options for preventing data use.
GOOGLE search function (“CSE”)
We use the “Google Custom Search Engine” (Google Custom Search Engine “CSE”) for full-text searches on the website. “CSE” is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”.
Google is certified according to the “EU-US Privacy Shield” and thereby guarantees compliance with EU data protection regulations when processing data in the USA.
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
“CSE” enables a full-text search for content on our website. This search function is accessed via a “Google Custom Search” search box.
The legal basis for this is Article 6 Paragraph 1 Letter f GDPR. Our legitimate interest lies in the user-friendliness of the website.
The function is integrated unchanged on our website as a software module from Google.
If the search is activated by entering a search term, Google uses a plugin to load the information you are looking for. At the same time, to carry out the search and display the search results, the terms entered by the user and the user’s IP address are transmitted to Google.
If the user is logged into their existing Google account at the time of the search process, Google can assign the information collected to the associated user profile.
Google offers further information, in particular on the options for preventing data use, under the following links:
https://policies.google.com/privacy
https://adssettings.google.com/authenticated
Currentness and changes to this data protection declaration
This data protection declaration is currently valid as of May 2018. Due to official requirements or changes in the law, it may become necessary to change the data protection declaration. You can access and print out the current data protection declaration at any time on the website at www.STEJAlighting.de.
Sample data protection declaration from the law firm Weiß & Partner