Data Protection Statement

This data protection statement (version DSGVO 1.0, dated 11/05/2018) has been drafted by Deutsche Datenschutzkanzlei Datenschutz-Office München – www.deutsche-datenschutzkanzlei.de.

Data protection

We, ASISTA Teile fürs Rad GmbH & Co. KG, are liable for this web site and are required as the supplier of this teleservice to inform you at the beginning of your visit about the nature, scope and purpose of the collection and use of personal data in a precise, transparent, understandable and easily accessible way as well as in a clear and simple language. The contents of the said information must be available to you at all times. We are therefore obliged to inform you which personal data is collected and used. Personal data constitutes any data that refers to an identified or identifiable person. 

We attach great importance to the security of your data and compliance with data protection regulations. The collection, processing and use of personal data is subject to the provisions of the current applicable European and national laws. 

We would like to use the following data protection statement to demonstrate how you and your personal data is handled and how you can contact us:

ASISTA Teile fürs Rad GmbH & Co. KG
Zeppelinstr. 48
88299 Leutkirch
Germany

E-mail: info@asista.de 
Web: www.asista.de 

Telephone: +49 7561 9869-0
Fax: +49 7561 9869-68

Reg. No.: HRA 610331
Managing director: Jürgen Stölzle

Our data protection officer

In case you have any questions, you can reach our data protection officer as per the details below:

Sven Lenz
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
D-87435 Kempten

E-Mail: lenz@deutsche-datenschutzkanzlei.de 

A. General 

To ensure better understanding of our data protection statement, references to persons are not gender-specific. For the purposes of equal treatment, the corresponding terms are valid for both sexes. The exact meaning of the terms used, for example, „personal data“ or „processing“, can be derived from Article 4 of the EU General Data Protection Regulation (GDPR). The personal data processed in the context of this web site include inventory data (such as the names and addresses of customers), contract data (such as the services used, names of clerks, payment information), usage data (such as visited pages of our web site, interest in our products) and content data (such as entries in the contact form). The „user“ here includes all categories of persons affected by data processing. These include, for example, our business partners, customers, interested parties and other visitors to our web site.

B. Specific

Data protection statement

We guarantee that we only collect, process, store and use your accumulated data in connection with the processing of your enquiries as well as for internal purposes and to provide you the services or content requested by you.

Principles of data processing

We process the personal data of users only in compliance with the relevant data protection regulations. The data of the users are only processed if the following legal permissions are present:

• To provide our contractual services (such as processing of orders) as well as online services
• The processing is required by law
• If your consent is given
• Due to our legitimate interest (that is, interest in analysis, optimisation and economic operation and security of our web site in the sense of Article 6, paragraph 1, lit. f GDPR, especially range measurement, creation of profiles for advertising and marketing purposes as well as collection of access data and use of third-party services)

We would like to show you where the above-mentioned legal principles are regulated in GDPR:

• Consent: Article 6, paragraph 1 lit. a and Article 8 GDPR
• Processing to provide our services and carry out contractual activities: Article 6, paragraph 1 lit. b GDPR
• Processing to fulfil our legal obligations: Article 6, paragraph 1, lit. c GDPR
• Processing for the protection of our legitimate interests: Article 6, paragraph 1, lit. f GDPR

Data transmission to third parties

A transfer of data to third parties takes place only in the scope of the legal requirements. We only pass on the users’ data to third parties if that is, for example, required for contractual purposes or is based on our legitimate interests in the economic and effective operation of our business.

If we use subcontractors to provide our services, we take appropriate legal precautions as well as technical and organisational measures in order to protect personal data in accordance with applicable law.

Data transmission to a third country or an international organisation

Third countries are countries in which the GDPR is not directly applicable law. In general, this includes all countries outside the EU or the European Economic Area. 

A transfer of data to a third country or an international organisation does take place. It should be taken into account that appropriate/adequate guarantees are in place and that you have enforceable rights and effective remedies. 

A copy of the appropriate guarantees can be obtained using the following link:
Privacy Shield: https://www.privacyshield.gov/list 

Standard contract clauses:

eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF 

Storage period of your personal data

We adhere to the principles of data economy and data avoidance. This means that we store your data provided to us only for the period of time needed to fulfil the aforementioned purposes or as per the various periods of storage determined by the legislative authorities. Should the respective purpose not apply anymore, for example, in case of expiration the respective storage periods, your data is routinely blocked or deleted according to the legal regulations. 

To ensure this approach, an internal company concept has been created.

Contact

Should you contact us via e-mail or via a contact form, you agree to use electronic communication. When you contact us, personal data is collected. Which data is collected in case a contact form is used can be seen from the respective contact form. Your data is transmitted using SSL encryption. The information you provide will be stored solely for the purpose of processing the request and for possible follow-up questions. 

We would like to refer to the legal provisions for this:

• Processing to provide our services and carry out contractual activities: Article 6, paragraph 1 lit. b GDPR
• Processing for the protection of our legitimate interests: Article 6, paragraph 1, lit. f GDPR

We would like to point out that e-mails can be read or changed without authorisation or notice as they are transmitted. Furthermore, we would like to point out that we use software for filtering unsolicited e-mail (spam filter). The spam filter can reject e-mails if they have been identified as spam due to certain features. 

What rights do you have?

• a) Right to information
  You have the right to obtain information about your stored data free of charge. Upon request, we will inform you in writing in accordance with the applicable law, which personal data we have stored about you. This also includes the origin and recipients of your data as well as the purpose of the data processing.
• b) Right to rectification
  You have the right to have your data stored by us corrected in the event of inaccuracy. At the same time, you can restrict the processing, for example, if the accuracy of your data is denied.
• c) Right of blocking
  Furthermore, you can have your data blocked. In order to be able to take into account the blocking of your data at all times, we must store this data in a lock file for control purposes. 
• d) Right to erasure
  You can also request the deletion of your personal data, as long as there are no statutory storage requirements. As long as such an obligation exists, we block your data upon request. If the corresponding legal prerequisites are met, we will delete your personal data even without a corresponding request from you.
• e) Right to data transferability
  You are entitled to demand the provision of the personal data transmitted to us in a format that allows the transfer to another location. 
• f) Right of appeal to a supervisory authority
  You have the opportunity to submit a complaint to one of the supervisory data protection authorities:
  The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
  Postal address: P.O. Box 10 29 32, D-70025 Stuttgart
  Address: Königstraße 10a, D-70173 Stuttgart
  Telephone +49 711 615541-0
  Fax: +49 711 615541-15
  E-mail: poststelle@lfdi.bwl.de 
  Web: https://www.baden-wuerttemberg.datenschutz.de 
  The complaint form can be opened via the following link:
  https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde 
• g) Right to revocation
  At any time, you have the opportunity to revoke the use of your data for internal purposes with future effect. To do that, it is sufficient to send a corresponding e-mail to datenschutz@asista.de. However, such a revocation does not affect the legality of the processing operations already carried out by us. This does not affect the data processing with respect to all other legal provisions, such as contract initiation (see above).

Protection of your personal data

We take contractual, organisational and technical security measures according to the state-of-the-art standards in order to ensure that the provisions of the data protection laws are adhered to and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.

One of the security measures is the encrypted transfer of data between your browser and our server.

Your personal data will be protected as described in the following points (excerpt):

• a) Preservation of the confidentiality of your personal data
  To maintain the confidentiality of your personal data stored with us, we have taken various measures for access and access control.
• b) Maintaining the integrity of your personal information
  To maintain the integrity of your personal information stored with us, we have taken various measures for transfer and input control. 
• c) Maintaining the availability of your personal information
  To maintain the availability of your personal data stored with us, we have taken various measures for order and availability control.

The security measures in use are continuously improved in line with technological developments. Despite these precautions, due to the unsafe nature of the Internet, we cannot guarantee the security of the transfer of your data to our web site. Because of this, any transfer of data from you to our web site is at your own risk.

Protection of minors

Persons under the age of 16 may not submit any personal data to us without the consent of their legal guardians. Personal information may only be provided to us by persons under the age of 16 only if there is an express consent of their legal guardians or the persons are 16 years of age or older. This data is processed according to this data protection statement.

Cookies

We use cookies. Cookies are small text files that are stored locally in the cache of your Internet browser. Cookies enable recognition of the Internet browser. The files are used to help the browser to navigate through the web site and to be able to use all the functions.

Our web site uses: browser cookies

Control of cookies by the user
Browser cookies: you can set all your browsers to accept cookies only upon request. Also, you can change the settings to only accept cookies from pages you are currently visiting. All browsers provide the functionality that allows selective deletion of cookies. Acceptance of cookies can also be generally turned off, but it has to be taken into account that this will lead to limited user-friendliness of this web site. 

Lifetime of the cookies used
The cookies are managed by the web server of our web site. This web site uses: transient cookies/session cookies (single use), lifetime: until this web site is closed

Disable or remove cookies (opt out)
Every web browser offers ways to restrict and delete cookies. For more information, visit the following websites:

• Internet Explorer:
  windows.microsoft.com/en-GB/windows7/How-to-manage-cookies-in Internet Explorer 9
• Firefox:
  support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer? redirectlocale = en-US & redirectslug = Cookies
• Google Chrome:
  support.google.com/chrome/answer/95647
• Safari:
  support.apple.com/de-de/HT201265

Use of YouTube

Features of the YouTube service for video display and playback are embedded in our web site. These features are provided through YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA. For more information, see the YouTube data protection statement. 

When the playback of embedded YouTube videos starts, YouTube uses cookies to gather information about user behaviour. According to YouTube, these cookies aim, among other things, to gather video statistics, improve user-friendliness and prevent abusive practices. Regardless of any playback of the embedded videos, each time you access our web site, a connection to the Google network Double Click is established, which network can, without our influence, trigger further data processing. More details about the use of cookies on YouTube can be found in the YouTube data protection statement at www.youtube.com/t/privacy_at_youtube.

Newsletter

When you sign up for our e-mail newsletter, personal information is collected. This data is used by us for our own advertising purposes in the form of your e-mail newsletter, provided that you have expressly consented to that as follows: 

„Yes, I would like to subscribe to the newsletter! I accept the data protection statement“.

You can cancel the newsletter at any time using the link provided in the newsletter itself or by sending an e-mail to us at datenschutz@asista.de. Once you are unsubscribed, your e-mail address will be permanently deleted from our newsletter mailing list and included in a lock file to ensure revocation.

Newsletter tracking

In case you have previously expressly consented, newsletter tracking (also known as web beacons or tracking pixels) will be used. Upon delivery of our newsletter, the external server can then capture certain data of the recipient, such as the time retrieval, the IP address or information about the e-mail software used (client). The name of the picture file is personalised for every recipient by appending a unique ID. The sender of the e-mail keeps a record of which ID corresponds to which e-mail address and can thus determine, when the image is retrieved and which newsletter recipient has just opened the e-mail.

The user behaviour is pseudonymised when it comes to newsletter tracking. These are the pseudonymised data in question: recipients, recipients excluding bounces, recipients in queue, recipient skip, unique unsubscribe rate, unique abandonments, bounces (including hard and soft bounces), unique open rates, unique openings, openings, unique click rates, unique clicks, click rates, clicks, effective unique click rate, clicks to segment audiences. 

To deliver the newsletter, we work with an external service provider, Newsletter2Go GmbH, Köpernicker Str. 126, 10179 Berlin, Germany. Your personal data is transmitted to Newletter2Go in order to send the newsletter and is processed by the latter exclusively according to our instructions.

MyFonts Counter web analysis service

We use MyFonts Counter, a web analysis service of MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA. Page view tracking is carried out based on the licence terms and conditions by counting the number of visits to our website for statistical purposes and transmitting this to MyFonts. MyFonts collects anonymous data in this context.
The data is transferred by activating JavaScript code in your browser. To prevent the execution of JavaScript code by MyFonts in general, you can install a JavaScript blocker (e.g. www.noscript.net).
Further information on data protection and on cookies can be found on the Internet at:
https://www.myfonts.com/info/terms-and-conditions/#Privacy.

Transfer of personal data for order processing

The personal data collected by us is passed on to the transport company commissioned with the delivery within the scope of the contract, insofar as this is necessary for the delivery of the goods. We pass on payment data to the commissioned credit institution in the course of processing payments. 

Changes to our data protection statement

We reserve the right to occasionally adjust our data protection statement to comply with current legal requirements or to reflect changes in our services in the data protection statement. This could, for example, have to do with the introduction of new services. Your new visit will be subject to the new data protection statement.

Trademark

Every company logo or trademark mentioned here is the property of the respective company. The mention of brands and names is purely for informative purposes.

C. Russia-specific provisions

For users based in the Russian Federation:

The above services of our web site are not intended for citizens of the Russian Federation who are residents in Russia. 

If you are a Russian-based Russian citizen, you are hereby expressly informed that any personal data provided to us by you through this web site is on your own responsibility and at your own risk. You further agree that you will not hold us responsible for any failure to comply with the laws of the Russian Federation.