Privacy policy

Thank you for visiting our website gpw-group.com and for your interest in our company.

The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy policy is to inform you about the processing of your personal data that we collect from you when you visit our website. Our data protection practice is in accordance with the legal regulations of the EU's General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The following data protection declaration serves to fulfil the information obligations resulting from the GDPR. These can be found, for example, in Art. 13 and Art. 14 ff. GDPR.

Responsible person

The controller within the meaning of Art. 4 No. 7 GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data.

With regard to our website, the responsible person is:

GPW Group
Untertürkheimer Str. 15
66117 Saarbrücken
Germany
E-mail: info@gpw-group.com
Tel: +49 681 93669 0
Fax: +49 681 93669 36

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the device (e.g. computer, mobile phone, tablet, etc.) used to access it.

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;
(2) The operating system of the retrieval device;
(3) Host name of the accessing computer;
(4) The IP address of the retrieval device;
(5) Date and time of access;
(6) Websites and resources (images, files, other page content) accessed on our website;
(7) Websites from which the user's system accessed our website (referrer tracking);
(8) Message whether the retrieval was successful;
(9) Amount of data transmitted

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.

Legal basis for the processing of personal data

Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.

Purpose of the data processing

The temporary (automated) storage of the data is necessary for the course of a website visit to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimise the website and to generally ensure the security of our information technology systems.

Duration of storage

The deletion of the aforementioned technical data takes place as soon as they are no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Possibility of objection and deletion

You can object to the processing at any time in accordance with Article 21 of the GDPR and request the deletion of data in accordance with Article 17 of the GDPR. You can find out which rights you have and how to exercise them at the bottom of this privacy policy.

Integration of external web services and processing of data outside the EU

On our website, we use active content from external providers, so-called web services. When you visit our website, these external providers may receive personal information about your visit to our website. This may involve the processing of data outside the EU. You can prevent this by installing an appropriate browser plug-in or deactivating the execution of scripts in your browser. This may result in functional restrictions on websites that you visit.

We use the following external web services:

Gravatar

We use on our site the service Gravatar of the company Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, D02 AY86 Dublin, Ireland, e-mail: privacypolicyupdates@automattic.com, website: https://de.gravatar.com/. Personal data is also transferred to the U.S. With regard to the transfer of personal data to the U.S., there is an adequacy decision on the EU-US Data Privacy Framework of the EU Commission within the meaning of Art. 45 of the GDPR (hereinafter: DPF - https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en ). The operator of the service is certified under the DPF, so that the usual level of protection of the GDPR applies to the transfer.

The legal basis for the processing of personal data is your consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

Gravatar is a service for providing avatars across websites.

The certification of the parent company Automattic Inc. within the framework of the EU-US Data Privacy Framework can be found at https://www.dataprivacyframework.gov/list.

You can revoke your consent at any time. You will find more information on revoking your consent either with the consent itself or at the end of this privacy policy.

For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://automattic.com/privacy/.

The provider also offers an opt-out option at https://automattic.com/privacy/.
Rechtstextsnippet und Module

We use on our site the service Rechtstextsnippet und Module of the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, e-mail: support@website-check.de, website: https://www.website-check.de/. Personal data is transmitted exclusively to servers in the European Union.

The legal basis for the processing is Art. 6 para. 1 lit. c GDPR. The use of the service helps us to comply with our legal obligations.

With the help of the service, the contents of our legal texts are reloaded on our website. The respective current legal texts are reloaded via the integration on our page. This integration may also be used to reload further technical modules with regard to the legal texts or legally required elements.

You can find out what rights you have with regard to processing at the end of this privacy policy.

For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.website-check.de/datenschutzerklaerung/.
Website-Check Siegel

We use on our site the service Website-Check Siegel of the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, e-mail: support@website-check.de, website: https://www.website-check.de/. Personal data is transmitted exclusively to servers in the European Union.

The legal basis for the processing of personal data is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in achieving the purpose described below.

The script of Website-Check GmbH is the technical integration of the Website-Check seal. With this seal, we would like to show that we take the issue of data protection very seriously. The transmission of data to Website-Check GmbH takes place for the delivery and display of the seal on our site.

With regard to the processing, you have the right to object as set out in Art. 21. You can find more information at the end of this privacy policy.

For further information on the handling of transmitted data, please refer to the provider's privacy policy at https://www.website-check.de/datenschutzerklaerung/.

Information about the use of cookies

What personal data is collected and to what extent is it processed?

We integrate and use cookies on various pages to enable certain functions of our website and to integrate external web services. The so-called "cookies" are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as "setting a cookie". Cookies can be set both by the website itself and by external web services. Cookies are set by our website or external web services in order to maintain the full functionality of our website, to improve the user experience or to pursue the purpose stated with your consent. Cookie technology also allows us to recognise individual visitors by pseudonyms, e.g. a unique or random ID, so that we can provide more personalised services. Details are shown in the table below.
Legal basis for the processing of personal data

Insofar as the cookies are processed on the basis of consent pursuant to Art. 6 para. 1 lit. a GDPR, this consent is also deemed to be consent within the meaning of Section 25 para. 1 TDDDG for the setting of the cookie on the user's terminal device. Insofar as another legal basis is stated in accordance with the GDPR (e.g. to fulfil a contract or to fulfil legal obligations), the storage or setting is based on an exception in accordance with Section 25 (2) TDDDG. This is the case "if the sole purpose of storing information in the end user's terminal equipment or the sole purpose of accessing information already stored in the end user's terminal equipment is to carry out the transmission of a communication over a public telecommunications network" or "where the storage of information in the end-user's terminal equipment or access to information already stored in the end-user's terminal equipment is strictly necessary to enable the provider of a digital service to provide a digital service explicitly requested by the user". The relevant legal basis can be found in the cookie table listed later in this section.
Purpose of the data processing

The cookies are set by our website or the external web services in order to maintain the full functionality of our website, to improve the user-friendliness or to pursue the purpose stated with your consent. Cookie technology also allows us to recognise individual visitors by pseudonyms, e.g. an individual or random IDs, so that we can offer more personalised services. Details are provided in the table below.
Duration of storage

Our cookies are stored until they are deleted in your browser or, if they are session cookies, until the session has expired. Details are listed in the following table.
Possibility of objection and removal

You can set your browser according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or accept cookies in principle. Cookies can be used for various purposes, e.g. to recognise that your access device is already connected to our website (permanent cookies) or to save recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by this.

Cookie name	Server	Provider	Purpose	Legal basis	Storage period	Type
cookieyes-consent	gpw-group.com	Website operator](#responsible-entity)	The cookie stores the cookie banner settings and the site user's decision regarding cookies.	Art. 6 para. 1 lit. c GDPR (fulfilment of legal obligation)	approx. 12 months	Cookie banner
wordpress_	gpw-group.com	Website operator](#responsible-entity)	With the help of this cookie, Wordpress recognises that a user is logged in and assigns the user individual rights to use the website.	Art. 6 para. 1 lit. f GDPR (legitimate interests)	Session	Comfort
wordpress_logged_in	gpw-group.com	Website operator](#responsible-entity)	This cookie is used to determine whether you have already been logged in to Wordpress and allows you to log in without entering your login details.	Art. 6 para. 1 lit. f GDPR (legitimate interests)	Session	Comfort
wordpress_sec_	gpw-group.com	Website operator](#responsible-entity)	This cookie is needed to keep the user logged in to the Wordpress site, if he or she wishes to do so. This way, the user does not have to log in again.	Art. 6 para. 1 lit. f GDPR (legitimate interests)	Session	Comfort
wordpress_test_cookie	gpw-group.com	Website operator](#responsible-entity)	This cookie checks on the WordPress login page whether the user's browser generally allows or rejects cookies. WordPress needs this information to determine whether a WordPress login is supported by the browser.	Art. 6 para. 1 lit. f GDPR (legitimate interests)	Session	Cookie banner
wordpresspass_	gpw-group.com	Website operator](#responsible-entity)	The cookie ensures that it is recognised whether a login attempt has been made with the necessary authentication features.	Art. 6 para. 1 lit. f GDPR (legitimate interests)	Session	Security
wordpressuser_	gpw-group.com	Website operator](#responsible-entity)	This cookie is used to assign an individual ID to the page visitor. Wordpress then assigns the interactions of the page user under this ID.	Art. 6 para. 1 lit. f GDPR (legitimate interests)	Session	Configuration
wp-postpass	gpw-group.com	Website operator](#responsible-entity)	The cookie checks whether cookies from Wordpress or another website CMS are already present.	Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR (consent)	Session	Configuration
wp-settings	gpw-group.com	Website operator](#responsible-entity)	This cookie is used to store user settings of the respective Wordpress site users. In this way, the website can remember the user's individual settings.	Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR (consent)	Session	Comfort
wp-settings-time	gpw-group.com	Website operator](#responsible-entity)	This cookie is used to store user settings of the respective Wordpress site users. In this way, the website can remember the user's individual settings.	Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR (consent)	Session	Comfort

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organisational measures during collection, storage and processing so that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so that we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

Right to information and correction requests - Deletion & restriction of data - Revocation of consent - Right to object

Right to information

You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have the right to be informed about the information named in Art. 15 (1) of the GDPR, insofar as the rights and freedoms of other persons are not affected (cf. Art. 15 (4) of the GDPR). We will also be happy to provide you with a copy of the data.

Right of rectification

In accordance with Article 16 of the GDPR, you have the right to have any incorrect personal data stored with us (e.g. address, name, etc.) corrected at any time. You can also request that the data stored with us be completed at any time. A corresponding adjustment will be made immediately.

Right to erasure

Pursuant to Art. 17 (1) of the GDPR, you have the right to demand that we delete the personal data we have collected about you if

the data is either no longer required;
the legal basis for the processing has ceased to exist without replacement due to the withdrawal of your consent;
You have objected to the processing and there are no legitimate grounds for processing;
Your data is processed unlawfully;
a legal obligation requires this or a collection pursuant to Art. 8 (1) GDPR has taken place.

Pursuant to Article 17 (3) of the GDPR, this right does not exist if

processing is necessary for the exercise of the right to freedom of expression and information;
Your data have been collected on the basis of a legal obligation;
processing is necessary for reasons of public interest;
the data are necessary for the assertion, exercise or defence of legal claims.

Right to restriction of processing

According to Art. 18 (1) GDPR, you have the right in individual cases to demand the restriction of the processing of your personal data.

This is the case when

the accuracy of the personal data is disputed by you;
the processing is unlawful and you do not consent to its erasure;
the data is no longer needed for the purpose of processing, but the collected data is used for the assertion, exercise or defence of legal claims;
an objection to the processing has been lodged pursuant to Art. 21 (1) GDPR and it is still unclear which interests prevail.

Right of withdrawal

If you have given us express consent to process your personal data (Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR), you can revoke this consent at any time. Please note that the lawfulness of the processing carried out on the basis of the consent until the revocation is not affected by this.

Right to object

In accordance with Art. 21 of the GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Art. 6 (1) (f) (in the context of a legitimate interest). You only have this right if there are special circumstances against the storage and processing.

How do you exercise your rights?

You can exercise your rights at any time by contacting us using the contact details below:

GPW Group
Untertürkheimer Str. 15
66117 Saarbrücken
Germany
E-mail: info@gpw-group.com
Tel: +49 681 93669 0
Fax: +49 681 93669 36

Right to data portability

Pursuant to Article 20 of the GDPR, you have a right to the transfer of personal data relating to you. We will provide the data in a structured, common and machine-readable format. The data can be sent either to you or to a person responsible named by you.

We provide you with the following data upon request pursuant to Art. 20 para. 1 GDPR:

Data collected on the basis of explicit consent pursuant to Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR;
Data that we have received from you in accordance with Art. 6 Para. 1 lit. b GDPR within the scope of existing contracts;
Data that has been processed within the scope of an automated procedure.

We will transfer the personal data directly to a data controller of your choice as far as this is technically feasible. Please note that we are not permitted to transfer data that interferes with the freedoms and rights of other persons pursuant to Art. 20 (4) of the GDPR.

Right of appeal to the supervisory authority pursuant to Art. 77 para. 1 GDPR

If you suspect that your data is being processed illegally on our site, you can of course have the issue clarified by the courts at any time. In addition, any other legal option is open to you. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Article 77 (1) of the GDPR. The right of complaint pursuant to Art. 77 GDPR is available to you in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the above-mentioned places. The supervisory authority to which the complaint has been submitted will then inform you of the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Privacy policy

Responsible person

Provision of the website and creation of log files

What personal data is collected and to what extent is it processed?

Legal basis for the processing of personal data

Purpose of the data processing

Duration of storage

Possibility of objection and deletion

Integration of external web services and processing of data outside the EU

Gravatar

Rechtstextsnippet und Module

Website-Check Siegel

Information about the use of cookies

What personal data is collected and to what extent is it processed?

Legal basis for the processing of personal data

Purpose of the data processing

Duration of storage

Possibility of objection and removal

Data security and data protection, communication by e-mail

Right to information and correction requests - Deletion & restriction of data - Revocation of consent - Right to object

Right to information

Right of rectification

Right to erasure

Right to restriction of processing

Right of withdrawal

Right to object

How do you exercise your rights?

Right to data portability

Right of appeal to the supervisory authority pursuant to Art. 77 para. 1 GDPR