1. Data protection at a glance
The following information gives a simple overview of what happens to your personal data when you visit our website. Personal data is any data that would allow you to be identified personally. Detailed information about data protection can be found in our data protection statement below.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. The website operator’s contact details can be found in the legal notice on this website.
How do we collect your data?
Some of the data we collect about you will be data that you provide us with yourself. This may, for example, involve data that you enter in a contact form.
Other data shall be collected automatically by our IT systems when you visit the website. This is technical data in particular (e.g. about your internet browser, operating system or time that you access our website). This data shall be collected automatically as soon as you go on to our website.
What do we use your data for?
Some of the data will be collected so that we can ensure that you do not encounter any problems during your time on the website. Other data may be used to analyse your behaviour as a user of the website.
What rights do you have regarding your data?
You have the right to obtain, free of charge and whenever you choose, information about the source of the personal data kept about you, the recipient of the data and the reason why your personal data has been processed. You also have the right to request that incorrect data is rectified, that access to your data is blocked or that your data is erased. You can contact us at any time about this and any other questions regarding personal data at the address given in the legal notice. You also have a right of appeal to the competent supervisory authority regarding anything to do with your personal data.
Analysis tools and tools belonging to third-party providers
When you visit our website, your browsing behaviour may be statistically analysed. This will mostly be done by cookies and so-called analytics programs. Your browsing behaviour will usually be analysed anonymously; there will be no way of tracing it back to you. You can object to your browsing behaviour being analysed or you can prevent it happening by not using certain tools. You can find detailed information about this in the following data protection statement.
You can object to analysis of your browsing behaviour. You will be informed about the opportunities to object in this data protection statement.
2. General information and mandatory information
The operators of these pages take the protection of your personal data very seriously. We will process your personal data in confidentiality and in accordance with statutory data protection requirements and this data protection statement.
When you use this website, a variety of personal data will be collected. Personal data is any data that would allow you to be identified personally. This data protection statement explains what data we collect and what we use it for. It also explains how and for what purpose we do this.
Please note that data transfer over the internet (e.g. through email communication) may feature vulnerabilities. It is not possible to protect data completely against third party access.
Information about the data controller
The controller responsible for data processing on this website is:
Ferdinand Bilstein GmbH + Co. KG
Telefon: 02333 911-0
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (such as names, email addresses, etc.).
Withdrawing your consent to data processing
A lot of data processing operations can only take place with your express consent. You can withdraw your consent at any time. All you have to do is send us a simple email. The legality of any data processing carried out before you withdraw your consent will not be affected by withdrawal of your consent.
Right to lodge a complaint with the competent supervisory authority
The data subject has the right to lodge a complaint with a supervisory authority regarding any infringement of data protection legislation. The responsible supervisory authority in data protection matters is the state data protection officer of the federal state in which our company has its registered office. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process by automated means with your consent or for the performance of a contract to be transmitted to you or to a third party in a commonly used, machine-readable format. If you require the data to be transferred directly to another controller, this will only be done if it is technically feasible.
SSL and TLS encryption
For reasons of security and to protect the transfer of confidential content, such as the orders or enquiries that you send to us as the website operators, this site uses SSL and TLS encryption. An encrypted connection can be recognised by the fact that the browser’s address bar changes from "http://" to "https://" and the appearance of the padlock icon in your browser bar.
If SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.
Access, blocking and erasure
You have the right to be given, free of charge and whenever you choose, information about any personal data kept about you, the source of the data, the recipient of the data, and the reason why your personal data was processed, and you have the right to ask for the data to be rectified or erased, and access to it blocked. If you have any questions about this or any other matters relating to personal data, you can contact us at the address given in the legal notice.
3. Data protection officer
Legally prescribed data protection officer
We have appointed a data protection officer for our company.
4. Data collection on our website
The websites may use so-called cookies. Cookies do not cause any damage to your computer and do not contain any viruses. The aim of cookies is to make our content more user-friendly, more effective and more secure. Cookies are small text files that are saved by your browser onto your computer.
Most of the cookies used by us are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies may be saved on your end device until you delete them. These cookies enable us to recognise your browser the next time you visit.
You can configure your browser in order to be informed of the usage of cookies and only accept cookies on a case-by-case basis, to block acceptance of cookies in specific cases or in general and to enable the automatic deletion of cookies when the browser is closed. The functionality of this website may be impaired if cookies are deactivated.
Cookies that are needed to carry out electronic communication processes or to provide certain functions that you wish to use (such as the shopping cart function) are stored on the basis of Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in storing cookies on your computer to allow it to provide you with a technically flawless, streamlined service. If other cookies (such as cookies for analysing your browsing behaviour) are stored on your computer, they will be treated separately in this protection statement.
Server log files
The site provider automatically collects and stores information in so-called “server log files”, which your browser sends to us automatically. This information includes:
• browser type and version
• operating system used
• referrer URL
• time of the server enquiry
• IP address
This data will not be cross-referenced with other data sources.
The legal basis for processing the data is Article 6(1)(f) GDPR. Our legitimate interest follows from the data collection purposes listed below: System security and stability.
If you submit queries to us using the contact form, the information you provide in the query form, including the contact data indicated by you therein, will be stored by us in order to process the query and for any follow-up questions. We shall not pass on this data without your consent.
The data entered into the contact form will therefore be processed solely with your consent (Article 6(1)(a) of the GDPR). You may withdraw your consent at any time. All you have to do is send us a simple email. The legality of any data processing operations already carried out before you withdraw your consent will not be affected by withdrawal of your consent.
The data you provide in the contact form will remain with us until you ask us to erase it, until you withdraw your consent to your data being stored or until the data no longer needs to be stored (once your enquiry has been processed, for example). Mandatory legal regulations - particularly concerning retention periods - will not affected.
We use the ticketing system, Zendesk, a customer service platform of Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102, to process customer enquiries. To this end, essential data such as first name, surname, postal address, phone number, email address, are collected on our website, in order to be able to respond to your need for information. Zendesk is a certified participant in the “Privacy Shield Framework” and therefore fulfils the requirements for lawful contract data processing.
If you contact us by email or via the form on the website, we shall use the data transmitted by you only for processing your specific enquiry. The data provided shall be treated confidentially. The data provided and the message history with our service desk is stored for follow-up questions and contacting.
Use is optional and serves to improve and speed up our customer service. If you do not agree to data collection and data storage in Zendesk’s external system, we shall offer you alternative contact options for submitting service requests. You can find direct contact options via phone and post under the menu item “Contact” at the end of this page.
Salesforce Sales Cloud
force Sales Cloud to manage customer data. The provider is salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich (hereinafter "Salesforce").
Salesforce Sales Cloud is a CRM system and enables us, among other things, to manage existing and potential customers in addition to customer contacts and to organise sales and communication processes. The use of the CRM system also enables us to analyse our customer-related processes. Customer data is stored on Salesforce servers. In this process, personal data may also be transmitted to the parent company of salesforce.com Germany GmbH, salesforce.com inc, Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.
Details regarding the features of Salesforce Sales Cloud can be found here:https://www.salesforce.com/de/products/sales-cloud/overview/.
The use of Salesforce Sales Cloud is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Salesforce has Binding Corporate Rules (BCR) approved by the French Data Protection Authority. These are binding corporate rules that legitimise corporate data transfers to third countries outside the EU and EEA. Details can be found here: https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html.
Contract for Order Processing
We have concluded an order processing contract with Salesforce. This is a contract required by data protection law, which ensures that Salesforce only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
5. Social media
Sharing content via plugins (Facebook, Google+1, Twitter, etc.)
The content on our site can be shared on social networks such as Facebook, Twitter or Google+ in ways which comply with data protection regulations. This page uses the eRecht24 Safe Sharing Tool to do this. This tool does not establish direct contact between the social networks and users until the user actively clicks on one of these buttons.
This tool does not automatically transfer user data to the operators of these platforms. If the user is logged on to one of the social networks and uses the social buttons on Facebook, Google+1, Twitter etc., an information window will appear where the user can confirm the text before pressing send.
Our users can share the content of this site on social networks in ways which comply with data protection regulations, without allowing the social network operators to create full browser profiles.
6. Analytics tools and advertising
This website uses functions from the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files saved on your computer which make it possible to analyse how you use this website. The information generated by the cookie concerning your use of this website will as a rule be passed on to a Google server in the USA and saved at that location.
The basis for storing Google Analytics cookies is Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web content and the advertising shown with it.
We have activated the IP anonymisation function on this website. Google uses this to shorten your IP address within member states of the European Union or in other signatories to the Agreement on the European Economic Area before sending it to the USA. In exceptional cases only, the full IP address will be transmitted to a Google server in the USA and abbreviated at that location. Acting on behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide other services associated with website usage and internet usage to the website operator. The IP address of your browser transmitted in relation to Google Analytics will not be cross-referenced with other data held by Google.
You can prevent a cookie from being saved by selecting the appropriate setting in your browser software. However, please note that you will not be able to use all the functions of this website to their full extent in this case. In addition, you can prevent the data generated by the cookie relating to your usage of the website (including your IP address) from being by collected and processed by Google by downloading and installing the available browser plugin from the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Refusal of consent to data collection
You can prevent your data from being collected by Google Analytics by clicking on the following link. This will enable an opt-out cookie, which will prevent your data from being collected in the event of future visits to this website: Disable Google Analytics.
Demographics in Google Analytics
This website uses the “Demographics features” function in Google Analytics. Using this feature, reports can be produced that contain statements on the age, gender and interests of the visitors to the site. This data comes from Google’s personalised advertising and visitor data from third-party providers. This data cannot be matched to specific people. You can disable this feature at any time via the ad settings in your Google Account, or refuse to allow Google Analytics to collect your data at all, as outlined in the section “Objecting to having your data collected”.
Google AdWords and Google Conversion Tracking
Diese Website verwendet Google AdWords. AdWords ist ein Online-Werbeprogramm der Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
This website uses Google AdWords. AdWords is an online advertising programme of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). As part of Google AdWords we use so-called “conversion tracking”. If you click on an advert placed by Google, a cookie will be deposited for conversion tracking. Cookies are small text files that the Internet browser places on the user’s computer. These cookies lose their effectiveness after 30 days and cannot be used for personal identification of the user. If the user visits certain pages on this website and the cookie has not yet expired, we and Google are able to recognise that the user has clicked on the advert and has been forwarded to this page.
You can configure your browser to notify you of the usage of cookies and only accept cookies on a case-by-case basis, to block acceptance of cookies in specific cases or in general and to enable the automatic deletion of cookies when the browser is closed. The functionality of this website may be impaired if cookies are deactivated.
If you would like to receive the newsletter offered on the website, we will require your email address as well as information allowing us to verify that you are the owner of the specified email address and that you have agreed to receive the newsletter. Additional data shall only be collected on a voluntary basis or not at all. This data is used exclusively to send the requested information and will not be shared with third parties.
The data entered into the newsletter subscription form is processed solely with your consent (Article 6(1)(a) GDPR). You may withdraw your consent to the storage of data, your email address and use thereof for sending of the newsletter by following the “unsubscribe” link in the newsletter. The lawfulness of any data processing operations already carried out will not be affected by withdrawal.
We will store the data you provide us in order to receive the newsletter until you cancel your subscription, and we will erase the data when you unsubscribe from the newsletter. Data that we have stored for other purposes (e.g. email addresses for the members area) will not be affected.
This website uses MailChimp‘s services for sending newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp is a service which, amongst other features, allows the distribution of newsletters to be organised and analysed. If you provide data (such as your email address) so that you can be sent a newsletter, it will be stored on MailChimp’s servers in the USA.
MailChimp is certified according to the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is supposed to guarantee compliance with the European data protection standard in the USA.
With the help of MailChimp we will be able to analyse our newsletter campaigns. When you open an email sent with MailChimp, a file included in the email (a so-called web beacon) will connect to MailChimp‘s servers in the USA. This will establish whether a newsletter email has been opened and which links have been clicked on. Technical information will also be collected (such as time of visit, IP address, browser type and operating system). It will not be possible to match this information to specific recipients of the newsletter. It will be used solely for statistical analysis of newsletter campaigns. The results of these analyses can then be used to better tailor future newsletters to the interests of the recipients.
If you do not want your data analysed by MailChimp, you will need to unsubscribe from the newsletter. To allow you to do this, we provide a link in each newsletter email. You can also unsubscribe from the newsletter directly on the website itself.
The data collected in this way will be processed with your consent (Article 6(1)(a) GDPR). You can withdraw your consent at any time by unsubscribing from the newsletter. The lawfulness of any data processing operations already carried out will not be affected by withdrawal.
We will store the data you provide us in order to receive the newsletter until you cancel your subscription and erase it from both our servers and MailChimp’s servers when you unsubscribe from the newsletter. Data that we have stored for other purposes (e.g. email addresses for the members area) will not be affected.
Further details can be found in MailChimp’s data protection provisions at: https://mailchimp.com/legal/terms/.
Concluding a data processing agreement
We have concluded a so-called “data processing agreement” with MailChimp in which we have required MailChimp to protect our customers' data and not to share it with third parties. This agreement can be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
We use the function of the third-party provider, 123formbuilder (123FormBuilder, Flavia Palace, Vladimirescu n° 10, Ground Floor 300195, Timisoara, Romania, EU), on this website.
All contact forms have been or will be created with 123formbuilder.
123formbuilder uses the Amazon AWS server for its services, which are presumably located in the USA. That means that your data inputs are administered, processed and stored on this Amazon AWS server.
Amazon AWS is a certified participant in the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.
Amazon AWS has undertaken to handle all personal data received from members of the European Union (EU) or Switzerland in accordance with the applicable principles of the Privacy Shield Framework. You can find additional information about the Privacy Shield Framework on the Privacy Shield list of the US Department of Commerce at https://www.privacyshield.gov/welcome.
123formbuilder provides its services in compliance with the GDPR and makes suitable technical and organisational measures to protect your personal data.
For more information, please visit the following links:
Technical and organisational measures: https://www.123formbuilder.com/how-do-we-handle-service-security/
GDPR Compliance: https://www.123formbuilder.com/gdpr-compliance/
8. Plugins und Tools
Our website uses plug-ins from the Google-operated site YouTube. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit any of our pages featuring a YouTube plugin, a connection will be established with the YouTube servers. The YouTube server will thus be informed which of our pages you have visited.
If you are logged in to your YouTube account, you will allow YouTube to allocate your browsing history directly to your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in the interests of presenting our online services in an appealing fashion. This represents a legitimate interest within the meaning of Article 6(1)(f) GDPR.
Google Web Fonts
In order to ensure the uniform display of fonts, this website uses so-called Web Fonts provided by Google. When you visit a website, your browser loads the necessary Web Fonts in your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google’s servers. In this way, Google is informed that our website has been visited via your IP address. We use Google Web Fonts in the interest of displaying our online platform in a consistent, appealing fashion. This represents a legitimate interest within the meaning of Article 6(1)(f) GDPR.
If your browser does not support Web Fonts, your computer will use a standard font.
This website uses the Google Maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
It is necessary to store your IP address in order to use the functionality of Google Maps. This information is usually transferred to a Google server in the USA, where it is stored. The provider of this website does not have any influence on data transmission.
The use of Google Maps is done to ensure the attractive presentation of our online service and to make it easy to find one of the locations specified on our website. This represents a legitimate interest within the meaning of Article 6(1)(f) GDPR.