Privacy Policy - Paul Gothe GmbH
Version 1.0: May 2018
We are pleased that you are interested in our web service www.paulgothe.com. The protection of your privacy is very important to us.
Paul Gothe GmbH, Wittener Str. 82, 44789 Bochum, Germany (hereinafter referred to as “Paul Gothe GmbH”).
Paul Gothe GmbH sees it as a matter of corporate responsibility to protect data entrusted to the company. To ensure that you feel secure when visiting our website, we strictly observe the statutory provisions during the processing of your personal data and would like to provide you with detailed information on how your data is handled.
1. Who is responsible for the processing of my data?
The responsibility for the processing of your data when you are visiting this website, in accordance with the EU General Data Protection Regulation (GDPR) lies with
Paul Gothe GmbH, Wittener Str. 82, 44789 Bochum
Phone: ++49 234 33 51 80
E-Mail: service@paulgothe.de
For all questions regarding data protection in connection with our products or the use of our website you can also contact our data protection officer at any time. The data protection officer can be contacted at the above postal address as well as the previously specified e-mail address (heading: “FAO Data Protection Officer”).
2. When and for what purpose does Paul Gothe GmbH collect data concerning you?
2.1. Access data
Each time our website is used, we collect access data, which is automatically transmitted by your browser to enable you to visit the website. The access data includes in particular:
The processing if this access data is required to facilitate the visit to the website and to ensure the long-term functionality and security of our systems. The access data is temporarily stored in internal log files for the previously mentioned purposes, to prepare statistical information on the utilization of our website, to enhance our website in view of the usage habits of our visitors (e.g. if the proportion of mobile devices calling up the pages increases) and to generally administratively maintain our website. The legal basis is Art. 6, Para. 1, Sentence 1 b GDPR.
The information stored in the log files does not allow any direct conclusions as to your person.
2.2. Making contact
There are various options for contacting us. These include the contact and service request form as well as contact via e-mail. It is evident from the respective input forms, as to which data is collected in each case. In this connection, we process data solely for the purpose of communicating with you. The legal basis is Art. 6, Para. 1 b GDPR. The data we collect when using the contact form is automatically deleted when your enquiry has been completely processed, unless we still require your request to fulfil contractual or statutory obligations (see section “When will your data be deleted?”).
2.3. Registration in online shop
You have the opportunity to register for our login area in the online shop, to enable you to benefit from the full range of functions of our website. It is evident from the respective input forms, as to which data is collected in each case. We have indicated which data is mandatory by marking the respective fields as required fields. Without this data it is not possible to register. The legal basis of the processing is Art. 6, Para. 1 b GDPR.
2.4. Ordering in the online shop
During the order process, we collect the mandatory information required for the processing of the contract:
Details such as customer number, company details and your function can be optional, to enable us to assign your order to a suitable account manager. The legal basis of the processing is Art. 6, Para. 1, Sentence 1 b GDPR.
For the purpose of contract performance, we pass your details to the shipping company instructed with the delivery, to the extent that this is required for the delivery of the goods ordered. Depending on which payment service provider you select during the order process, we pass the payment details collected for the purpose of payment processing to the financial institution instructed to process the payment and, if appropriate, to the payment service provider instructed by us, or to the selected payment service.
If Paul Gothe GmbH is providing payment in advance, e.g. in the case of a purchase on account, to protect our legitimate interests, Paul Gothe GmbH reserves the right to make enquiries on identity and creditworthiness with service providers specialized in this or to make the granting of certain payment terms contingent upon a credit check. The credit report can contain probability values (score values), which are calculated on the basis of scientifically proven mathematical-statistical procedures, where the address data, among other information, flows into the calculation. The information received regarding the statistical probability of a payment default is used by us for a balanced decision on the rationale, implementation or termination of the contractual relationship. Your legitimate interests are considered in accordance with the statutory provisions.
When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "payment by instalments" via PayPal, we transmit your payment data to
PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
The transfer takes place in accordance with Art. 6 (1) point b GDPR and only insofar as this is necessary for payment processing.
PayPal reserves the right to carry out credit checks for the payment methods credit card via PayPal, direct debit via PayPal or, if offered, "purchase on account" or "payment by installments" via PayPal. For this purpose, your payment data may be passed on to credit agencies on the basis of PayPal's legitimate interest in determining your solvency pursuant to Art. 6 (1) point f GDPR. PayPal uses the result of the credit assessment in relation to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on recognized scientific, mathematical-statistical methods. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including the credit agencies used, please refer to PayPal's data protection declaration at: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full.
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.
2.5. Newsletter by Paul Gothe GmbH
You have the opportunity to order our newsletter where we inform you about new features in our products and promotions.
To order our newsletter, we use the so-called double opt-in procedure, i.e. we send you newsletters via e-mail only when you confirm in our notification e-mail that you are the holder of the specified e-mail address by clicking a link. If you confirm your e-mail address, your e-mail address, the time of registration and the IP address used for registration will be stored by us until you cancel the newsletter subscription. The purpose of the storage is solely to send you the newsletter and be able to verify your registration. You can cancel the newsletter subscription at any time. An appropriate “unsubscribe” link for this purpose is provided in each newsletter. A notification to the contact as provided above or in the newsletter (e.g. via e-mail or letter) is of course also sufficient. The legal basis for the processing is your consent in accordance with Art. 6, Para. 1 a GDPR.
The newsletter subscription can be cancelled anytime, e.g. via the unsubscribe link contained in each newsletter. Alternatively, you can also address your wish to cancel the newsletter to the above-mentioned contact data.
3. Disclosure of your data
Insofar as external service providers are used (hosting providers, shipping service provider etc.) to operate this website or to provide services the companies concerned receive the access to your data only to the extent necessary for the fulfilment of their respective tasks and functions.
4. Why does this website use cookies?
We use cookies to design the navigation and use of our websites to be as user-friendly as possible. Cookies are smaller files with text information, which are filed on your hard drive when the website is called up. Cookies are used for the temporary storage of information - for example for statistical analysis or to control the connection during the visit to a website. Cookies are also used to store the preferences of the visitors. Thus, we can match the contents of our website specifically to your requirements and therefore improve our service for you. We are unable to create any references to users with the cookies.
You can deactivate the option to store these cookies at any time in the system settings of your browser and delete existing cookies. Every user can also view the website without cookies. If you do not accept any cookies, this can, however, lead to a restriction in the functionality of our website.
Some of the cookies used by us are automatically deleted from your hard drive (session cookies) after the end of the browser session (end of session). In addition, we also use cookies, which remain on your hard drive for a specific time beyond the browser session. These persistent cookies are stored on your hard drive and deleted by the browser after the specified time. The cookies can also be from third-party service providers.
Cookies required to carry out the electronic communication process or to provide specific functions you requested (e.g. use of the shopping basket), are stored on the basis of Art. 6, Para. 1 f. The operator of the website has a legitimate interest in storing cookies for the purpose of the technically smooth and optimized provision of its services. Insofar as other cookies (e.g. cookies for the analysis of surfing habits) are stored, these are dealt with separately in this privacy statement in the following section.
5. Use of Google Maps
On our website can be used the map service Google Maps, by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). This service is activated only after the customer has clicked on it. Only then the Google map data we used can be integrated and shown in your web browser, and your web browser will establish a connection to a Google server, which can also be located in the USA. In the rule no personal data will be transmitted and in the event that personal data is transmitted to the USA, Google has subjected itself to the EU-US Privacy Shield. Google hereby receives the information that the contact page of our website has been called up by the IP address of your device. The legal basis is Art. 6, Para. 1, Sentence 1 f GDPR, based on our legitimate interest in the integration of a map service to establish contact.
If you are calling up the Google map service on our website while you are logged into your Google profile, Google is also able to link this event to your Google profile. If you do not want this link to your Google profile to be made, you need to log out of Google before calling up our contact page. Google stores your data and uses it for the purposes of advertising, market research and personalized presentation of Google Maps. You can object to the collection of this data by Google.
Further information for this purpose can be found in the privacy statement by Google and the additional terms and conditions of use for Google Maps.
6. When will your data be deleted?
In principle, we store personal data only as long as this is required for the fulfilment of contractual or legal obligations which are the reason for the collection of the data. After that, we delete the data immediately, unless we require the data until the expiry of the legal limitation periods for the purposes of evidence in civil claims or due to statutory retention requirements.
For evidentiary purposes, we have to retain contract data for three years after the end of the year the business relationship with you ends. According to statutory limitation periods, potential claims become time-barred no earlier than at this point in time.
After that, we still have to store part of your data for accounting purposes. We have an obligation to do so due to legal documentation requirements, which can arise from the Commercial Code, the Tax Code, the Banking Act, the Money Laundering Act and the Securities Trading Act. The retention periods for documents specified in the above legislation are two to ten years.
7. What are your data protection rights?
You have the right at any time to request information on the processing of your personal data by us. We will explain the data processing to you within the course of providing this information and furnish you with an overview of your stored personal data.
If data stored by us should be incorrect or no longer up-to-date, you have the right for this data to be corrected.
You can also request the deletion of your data. Should the deletion exceptionally not be possible due to other legal provisions, then the data is blocked, so that it is only available for this legal purpose.
Furthermore, you can restrict the processing of your data, e.g. if you are of the opinion that the data stored by us is not correct. You also have the right to data portability, in other words, upon your request, we forward a digital copy to you, containing the personal data that you have provided.
In order to assert the rights described here, you may contact us at any time, via the above-mentioned contact details. This also applies if you wish to receive copies of guarantees for evidence of a reasonable level of data protection.
Furthermore, you have the right to object to the data processing, which is based on Art. 6, Para. 1 e or f GDPR. Finally, you have the right to lodge a complaint at the data protection supervisory authority responsible for us. You can exercise this right at a supervisory authority in the member state of your residence, your employment or the place of the suspected breach.
8. Right of revocation and objection
You have the right, in accordance with Article 7, Para. 3 GDPR, to revoke consent once granted to us, at any time. As a consequence, we shall in future no longer continue to process the data that is the object of the consent. The revocation of the consent does not affect the lawfulness of the processing based on the consent up to the time of the revocation.
Insofar as we are processing your data on the basis of legitimate interests in accordance with Art. 6, Para. 1, Sentence 1 f GDPR, you have the right in accordance with Art. 21 GDPR, to raise an objection against the processing of your data, insofar as there are grounds for this, which arise from your special situation or where the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we shall implement also without the need for you to give reasons.
If you wish to use your right to revoke or your right of objection, an informal notification to the above-mentioned contacts is sufficient.
9. Data security
We maintain current technical measures to safeguard data security, in particular for the protection of your personal data against risks during data transmissions as well as against third parties acquiring knowledge of your personal data. These are correspondingly adjusted to the current state of the art. To secure the personal data specified by yourself on our website, we use Transport Layer Security (TLS) which encrypts the information you enter.
10. Amendment of the Privacy Statement
We occasionally update this Privacy Statement, for example when we are adjusting our website or if the legal or official requirements change.