Data protection

The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP address of your Internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of your visit as standard. This information is essential for the technical transmission of the web pages and secure server operation. There is no personalised evaluation of this data.

If you send us data via the contact form, this data will be stored on our servers as part of our data backup process. We will use your data exclusively for the purpose of processing your request. Your data will be treated as strictly confidential. No data will be disclosed to third parties.

Responsible body

Herbert Meyer Maschinenfabrik GmbH

Herbert-Meyer-Str. 1
92444 Rötz

Commercial register: HRB 9309
Register court: Regensburg district court

Represented by

Dipl.-Ing. Thomas C. Meyer

Contact

Personal data

Personal data is data about you. This includes your name, address and email address. You do not need to disclose any personal data in order to visit our website. In some cases, we need your name and address as well as other information in order to provide you with the service you have requested.

The same applies if we supply you with information material on request or if we answer your inquiries. In these cases, we will always point this out to you. Furthermore, we only store the data that you have transmitted to us automatically or voluntarily.

When you use one of our services, we generally only collect the data that is necessary to provide you with our service. We may ask you for further information, but this is voluntary. Whenever we treat personal data, we do so in order to provide you with our service or to pursue our commercial targets.

Contact

When contacting us (e.g. via contact form, email, telephone or social media), the details of the enquirer will be processed to the extent necessary to respond to the contact enquiry and any requested measures.

We respond to contact requests within the scope of contractual or pre-contractual relationships in order to fulfil our contractual obligations or to respond to (pre-)contractual enquiries and, in all other cases, on the basis of our legitimate interest in responding to such enquiries.

Types of data processed: Inventory data (e.g. names, addresses), contact details (e.g. email addresses, telephone numbers), content data (e.g. entries in online forms).
Persons affected: Communication partners.
Purposes of processing: Contact requests and communication.
Legal basis: Contractual performance and pre-contractual enquiries (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR).

Automatically saved data

Server log data files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

Date and time of the request
Name of the requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Web browser and operating system used
full IP address of the requesting computer
amount of data transferred

This data is not merged with other data sources. The treatment is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short time. It is not possible for us to identify individual persons from this data. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a reference to the individual user. The data is also treated in anonymized form for statistical purposes; it is not compared with other databases or passed on to third parties, even in excerpts. The number of page views is only shown as part of our server statistics, which we publish every two years in our activity report.

Cookies

When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that allows websites and servers to be assigned to the specific Internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognised and identified via the unique cookie ID.

By using session cookies, the responsible party can provide users of this website with a user-friendly service that would not be possible without the use of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily agree to tracking and analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. These cookies will only be stored if you explicitly agree to this; the legal basis is then your consent in accordance with Art. 6 (1) (a) GDPR.

You can change your settings regarding the use of cookies at any time.

Cookiebot

Our website uses Cookiebot consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations. This technology is provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as ‘Cookiebot’).

When you visit our website, a connection is established to the Cookiebot servers in order to obtain your consent and other declarations regarding the use of cookies. Cookiebot then stores a cookie in your browser to assign the consents you have given or their revocation to you. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention obligations remain unaffected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) lit. c GDPR.

We have concluded a contract for order processing (AV) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistics tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies or perform independent analyses. It is used solely for the management and display of the tools integrated via it. However, Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The use of Google Tag Manager is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on its website. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables website operators to analyse the behaviour of website visitors. The website operator receives various usage data, such as page views, length of stay, operating systems used and user origin. This data is assigned to the user’s respective end device. It is not assigned to a device ID.

Furthermore, we can use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the data sets collected and employs machine learning technologies in data analysis.

Google Analytics uses technologies that enable user recognition for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and 25 (1) TDDDG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

https://privacy.google.com/businesses/controllerterms/mccs/.

We use Google Signals. When you visit our website, Google Analytics collects information such as your location, search history, YouTube history and demographic data (visitor data). This data can be used for personalised advertising with the help of Google Signals. If you have a Google account, the visitor data from Google Signals is linked to your Google account and used for personalised advertising messages. The data is also used to create anonymised statistics on the user behaviour of our users.

This website uses the ‘e-commerce measurement’ function of Google Analytics. With the help of e-commerce measurement, the website operator can analyse the purchasing behaviour of website visitors in order to improve their online marketing campaigns. This involves collecting information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product. This data can be summarised by Google under a transaction ID that is assigned to the respective user or their device.

Google Ads

The website operator uses Google Ads. Google Ads is an online advertising programme provided by Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters specific search terms in Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on user data available to Google (e.g. location data and interests) (target group targeting). As website operators, we can evaluate this data quantitatively, for example by analysing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Youtube

This website embeds videos from YouTube. The operator of the site is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily prevent data from being passed on to YouTube partners. YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store various cookies on your device after you start a video or use comparable recognition technologies (e.g. device fingerprinting). This allows YouTube to obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user-friendliness and prevent fraud attempts.

After a YouTube video has been started, further data processing operations may be triggered over which we have no control. The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=en.

Newsletter

If you subscribe to our newsletter, we will use your email address and any other data you provide exclusively for the regular dispatch of our newsletter.

Service provider Brevo

We use the Brevo service (formerly Sendinblue), provided by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany, to send our newsletter.

The data is processed on Brevo servers within the European Union. We have concluded a contract with Brevo for order processing in accordance with Art. 28 GDPR. Brevo processes your data only on our instructions and undertakes to comply with the applicable data protection regulations.

Brevo uses this information to send and statistically evaluate the newsletters on our behalf. The emails contain so-called tracking pixels (‘web beacons’), which can be used to evaluate whether an email has been opened and which links have been clicked on. This information is used exclusively to improve our newsletter service. Personal tracking only takes place with your express consent in accordance with Art. 6 (1) lit. a GDPR.

You can revoke your consent to receive the newsletter and to the processing of your data by Brevo at any time, e.g. via the unsubscribe link at the end of each newsletter. The legality of the processing carried out until revocation remains unaffected.

Further information on data protection at Brevo can be found at:
https://www.brevo.com/de/legal/privacypolicy

Use of Heyflow

We use the service ‘HeyFlow’, offered by Heyflow GmbH, Jungfernstieg 49, 20354 Hamburg, to create and display interactive forms and so-called ‘flows’ on our website.

HeyFlow enables us to integrate user-friendly forms directly into our website, for example to collect contact requests, appointment bookings or surveys. The data entered is processed for the respective purpose (e.g. to process your request) and stored on HeyFlow’s servers.

Legal basis for processing:
The processing of the data entered is based on Art. 6 (1) lit. b GDPR, insofar as it concerns pre-contractual measures or the fulfilment of a contract, or on Art. 6 (1) lit. a GDPR if consent has been given. For the use of cookies or other technologies for recognition or measurement of user behaviour, additional consent is required in accordance with Art. 6 (1) lit. a GDPR in conjunction with § 25 (1) TDDDG.

Data transfer and order processing:
HeyFlow acts as our order processor in accordance with Art. 28 GDPR. A corresponding contract for order processing has been concluded, which ensures that your data will only be processed in accordance with our instructions.

Withdrawal of consent:
If the processing is based on your consent, you can withdraw it at any time with effect for the future. The lawfulness of the processing carried out until the withdrawal remains unaffected.

Further information on data processing by HeyFlow can be found in HeyFlow’s privacy policy:
https://www.heyflow.app/privacy

Security

We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees and service providers working for us are obliged to comply with the applicable data protection laws.

Whenever we collect and treat personal data, it is encrypted before it is transferred. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our data protection declarations are constantly being revised. Please ensure that you have the latest version.

Rights of data subjects

You have the right to information, rectification, erasure or restriction of the processing of your stored data, the right to object to the treatment, the right to data portability and the right to lodge a complaint at any time in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we are treating your data.

Right to rectification:

If we treat your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

You can request that we delete your data if we process it unlawfully or if the treatment disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of statutory retention obligations.

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, unless there is a legal or statutory obligation to retain it.

Right to restriction of treatment:

You can request that we restrict the treatment of your data if

You dispute the accuracy of the data, for a period that allows us to verify the accuracy of the data.
the processing of the data is unlawful, but you refuse to have it deleted and instead request that its use be restricted,
we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
You have opted out of the processing of your data.

Right to data portability:

You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transmit this data to another controller without hindrance from us, provided that

we process this data on the basis of your revocable consent or to fulfil a contract between us, and
this processing is carried out using automated procedures.

If technically feasible, you can request that we transfer your data directly to another controller.

Right of objection:

If we process your data on the basis of legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. You can object to the processing of your data for direct marketing purposes at any time without giving reasons.

Right of appeal:

If you are of the opinion that we are violating German or European data protection law in the treatment of your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert one of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

Changes to this privacy policy

We reserve the right to change our privacy policy if this should be necessary due to new technologies. Please secure that you have the latest version. If fundamental changes are made to this privacy policy, we will announce these on our website.

All interested parties and visitors to our website can contact us regarding data protection issues at:

Herrn Gerald Lill
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

Tel.: 0941 2986930
Fax: 0941 29869316
E-Mail: anfragen@projekt29.de
Web: www.projekt29.de