Principle

BEVAB GmbH, hereinafter referred to as the Operator of this Website, takes the protection of your personal data very seriously and handles your personal data confidentially in accordance with the statutory data protection regulations and in accordance with this privacy policy. The following statement gives you an overview of how the Operator of this Website guarantees this protection and what kind of data is collected for which purpose.

Definitions

The privacy policy is based on the terminology used by the European legislature and lawmakers in the adoption of the General Data Protection Regulation (GDPR). This privacy policy should be easy to read and understand for both the public and our customers, visitors and business partners. To ensure this, we would like to explain in advance the terminology used.

Among other things, the Operator uses the following terms in this privacy policy:

a) Personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter the Data Subject). A natural person is considered to be identifiable who can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features expressing the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

b) Data Subject

Data Subject means any identified or identifiable natural person whose personal data is processed by the Controller.

c) Processing

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing means the marking of stored personal data with the aim of limiting its processing in the future.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

f) Pseudonymisation/Anonymisation

Pseudonymisation - or even anonymisation - means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific Data Subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.

i) Recipient

Recipient means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

j) Third party

Third party means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, Processor and persons who, under the direct authority of the Controller or Processor, are authorised to process personal data.

k) Consent

Consent of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Collection of data

The Operator of this Website collects and processes personal data only insofar as this is necessary for the establishment and content structure or change of legal relationship (user data). The Operator of this Website generally does not collect personal data on the use of the Internet pages (usage data).

Personal data is all information about the personal and factual circumstances of an identified or identifiable natural person. This includes, for instance, information such as your name, address, phone number or e-mail address. Information with the aid of which you are not identifiable is no personal data. This includes, for instance, the indication of age, gender or vocational training.

Name and address of the Controller

The Controller within the meaning of the European General Data Protection Regulation (GDPR), other data protection laws in the Member States of the European Union and other data protection provisions is:

BEVAB GmbH
Kürtener Str.75
D-51465 Bergisch Gladbach
Phone: +49-2202-39722
Fax: +49-2202-41668
E-mail: info@bevab.de

Inquiries by e-mail

If you send inquiries or messages to the Operator of this Website by e-mail, your details, including the contact details you provided there, will be stored for the purpose of processing the request and in case of follow-up questions. This data will not be shared without your consent. The data will be deleted after the legal retention period of 10 years. The period starts at the end of the calendar year in which the request or message was received. Information about the data you have stored can be found at info@bevab.de

Processing access data to this website

The web host of this website (Ionos SE, Elgendorfer Str. 57, D-56410 Montabaur) automatically collects and saves on the server/web space rented by BEVAB GmbH so-called "log files", i.e. information that your web browser automatically transmits to us. These are:

• Browser type / version

• Operating system used

• Referrer URL (the previously visited page)

• Host name of the accessing computer (anonymised IP address)

• Transferred amount of data

• Message if access/retrieval was successful

• Time of the server request

This data is not to be assigned to specific persons for the Website Operator. This data will not be merged with other data sources, the data is also erased after a statistical evaluation. The Website Operator has entered into a data processing agreement with Ionos SE (Elgendorfer Str. 57, D-56410 Montabaur).

Cookies

Cookies or other tracking functions are not used on this Website.

Right to confirmation and information

You have the right to free information on your personal data stored at the Operator of this Website, its origin and recipient and the purpose of data processing as well as a right to correct, block or erase this data at any time. However, the erasure takes place only after expiry of the time limits of currently 10 years as set out in the tax and commercial law provisions. The period begins at the end of the calendar year in which the transmission of your data (for example by e-mail) has been received.

Please contact BEVAB GmbH at the following e-mail address or via the contact data stated in the legal notice: info@bevab.de

You are entitled to obtain information on:

• the purposes of processing;

• the categories of personal data processed;

• the recipients or categories of recipients to whom the personal data has been disclosed or is still being disclosed, in particular to recipients in third countries or to international organisations;

• if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration;

• the existence of a right to rectification or erasure of the personal data concerning you or restriction of the processing of the data by the Controller or a right to object to such processing;

• the existence of a right to complain to a supervisory authority; if the personal data is not collected from you, all available information about the source of the data; the existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved and the implications and impact of such processing on you.

If personal data is transmitted to a third country (outside the European Union) or to an international organisation, you have the right to be informed of the appropriate safeguards under Article 46 of the GDPR in connection with the transfer.

Right to rectification

You have the right to demand immediate correction of incorrect personal data from BEVAB GmbH. In consideration of the purposes, you have the right to request the completion of incomplete personal data (also by means of a supplementary statement).

Right to erasure (Right to be forgotten)

You have the right to require BEVAB GmbH to erase personal data relating to your person without delay, unless it is subject to other statutory retention periods. BEVAB GmbH is obliged to erase personal data immediately if any of the following reasons applies:

• The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

• Sie widerrufen Ihre Einwilligung, auf die sich die Verarbeitung gemäß Artikel 6 Absatz 1 DSGVO Buchstabe a oder Artikel 9 Absatz 2 Buchstabe a DSGVO stützte, und es fehlt an einer anderweitigen Rechtsgrundlage für die Verarbeitung.

• Sie legen gemäß Artikel 21 Absatz 1 DSGVO Widerspruch gegen die Verarbeitung ein und es liegen keine vorrangigen berechtigten Gründe für die Verarbeitung vor, oder Sie legen gemäß Artikel 21 Absatz 2 DSGVO Widerspruch gegen die Verarbeitung ein.

• You revoke your consent on which the processing was based in accordance with Article 6 (1) letter a GDPR or Article 9 (2) letter a GDPR and there is no other legal basis for processing.

• You object to the processing in accordance with Article 21 (1) GDPR and there are no legitimate reasons for processing, or you object to processing in accordance with Article 21 (2) GDPR.

• The personal data was processed unlawfully.

• The erasure of personal data is required to fulfil a legal obligation under Union law or the law of the Member State to which we are subject.

• The personal data was collected in relation to information society services offered pursuant to Article 8 (1) GDPR.

If BEVAB GmbH has made the personal data public and BEVAB GmbH is obliged to erase it, BEVAB GmbH will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you have requested the erasure of all links to such personal data or the deletion of copies or replications of such personal data.

Right to restriction of data processing

You have the right to request the restriction of data processing if any of the following conditions has been met:

• If the accuracy of the personal data is disputed by you - for a period of time that allows BEVAB GmbH to verify the accuracy of the personal data,

• If the processing of personal data is unlawful and you refuse the erasure of such data and instead demand the restriction of use of the personal data;

• If the personal data is no longer needed for the purposes of processing, but you required the data for the assertion, exercise or defence of legal claims, or you have objected to processing in accordance with Article 21 (1) GDPR, as long as it is not certain whether the justified reasons vis-à-vis BEVAB GmbH predominate over the reasons given by you.

Right to data portability

You have the right to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transfer that data to another controller without hindrance from us, provided that

• the processing is based on a consent pursuant to Article 6 (1) letter a GDPR or Article 9 (2) letter a GDPR or on a contract pursuant to Article 6 (1) letter b GDPR and

• data is processed with the help of automated procedures.

In exercising your right to data portability in accordance with sub-section 1 above, you have the right to effect that the personal data is transmitted directly by us to another controller to the extent this is technically feasible and reasonable.

SSL encryption

For security reasons and to protect the transmission of confidential content via the contact form on this website, such as inquiries about our services, this site uses SSL or TLS encryption. You can recognise an encrypted connection when the address line of the browser changes from "http://" to "https://" and a green lock symbol appears next to it. If SSL or TLS encryption is activated, the data you transmit to us via the contact form cannot be read by third parties - i.e. strangers. Data transmission by e-mail (e.g. by clicking on an e-mail link and sending an e-mail with your mail programme) is excluded from this.

Links to other websites

This website contains links to external websites of third parties (i.e. other providers) on whose contents the Operator of this Website has no influence. Therefore, the Operator of this Website can take no responsibility for the accuracy and timeliness. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Since a permanent (content-wise) control of the linked pages without concrete evidence of a violation of law would not be reasonable, we remove the links from our offerings only when such a violation becomes known.

Right to complain to the competent supervisory authority

In the case of violations of data protection law, the Data Subject has the right to complain to the competent supervisory authority. The competent supervisory authority is the State Data Protection Commissioner of the federal state in which our company is based. Here you will find the authority in charge of our federal state: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html