Privacy Policy
I. Name and Address of the Controller and Data Protection Officer
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
FenzFoot GmbH
Heinrich- Baumann-Straße 48
70190 Stuttgart
Email: info@fenzfoot.de
Tel: +49 178 5831625
II. General Information on Data Processing
1. Scope of Processing Personal Data
We only collect and use personal data from our users as far as this is necessary to provide a functional website as well as our content and services. The collection and use of personal data from our users regularly take place only with the user’s consent. An exception applies in those cases where obtaining prior consent is not possible for factual reasons, and the processing of the data is permitted by legal regulations.
2. Legal Basis for Processing Personal Data
f we obtain the consent of the data subject for processing personal data, Art. 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary to carry out pre-contractual measures.
If the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis.
If the processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6(1)(f) GDPR serves as the legal basis for processing.
3. Data Deletion and Storage Duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the mentioned standards expires unless there is a necessity for further storage of the data for the conclusion or fulfillment of a contract.
III. Automated Data Collection via Log Files
1. Description and Scope of Data Processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device. The following data is collected:
(1) Information about the browser type and version
(2) The user’s operating system
The data is also stored in our system’s log files. This data is not stored together with other personal data of the user.
2. Legal Basis for Data Processing
The legal basis for the temporary storage of data and log files is Art. 6(1)(f) GDPR.Legal Basis for Data Processing Speicherung der Daten und der Logfiles ist Art. 6 Abs. 1 lit. f DSGVO.
3. Purpose of Data Processing
The temporary storage of the IP address by the system is necessary to deliver the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. Storage in log files is done to ensure the functionality of the website. Additionally, the data helps us optimize the website and ensure the security of our IT systems. These purposes also represent our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR. Data evaluation for marketing purposes does not take place in this context.
4. Duration of Storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. In the case of data collection for the provision of the website, this occurs when the session is terminated. In the case of storage in log files, this is the case after no more than seven days. Extended storage is possible. In this case, the IP addresses of the users are deleted or anonymized, so that an assignment of the calling client is no longer possible.
5. Right to Object and Remove
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Therefore, the user has no possibility to object.
IV. Use of Cookies
1. Description and Scope of Data Processing
Our website uses cookies. Cookies are text files stored in the web browser or by the web browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that enables unique identification of the browser when the website is called up again.
Cookies cannot execute programs or transmit viruses to your computer and thus cause no damage. They serve to make the website more user-friendly and effective overall.
Cookies can contain data that allows the recognition of the device used. In some cases, cookies only contain information about specific settings that are not personally identifiable. However, cookies can also identify a user indirectly.
Cookies are categorized into transient (session) cookies, which are deleted as soon as you close your browser, and persistent (permanent) cookies, which are stored beyond a single session.
Cookies can further be distinguished as:
– Functional Cookies: Required to navigate the website, use basic functions, and ensure the security of the website; they do not collect information for marketing purposes or track visited websites.
– Performance or Tracking Cookies: Collect information on how the website is used, which pages are visited, and if any errors occur; they generally do not collect data that identifies you directly, but cross-site user profiles could allow personal identification.
– Advertising Cookies, Targeting Cookies: Used to display advertisements tailored to the user or third-party offers and to measure the effectiveness of such offers; they are stored for a maximum of 13 months.
We primarily use functional cookies to make our website more user-friendly and secure. When accessing our website, users are informed about the use of cookies via an information banner and asked for their consent to process related personal data.
2. Legal Basis for Data Processing
The legal basis for processing personal data using technically necessary cookies is Art. 6(1)(f) GDPR.
For cookies that are not technically necessary, processing is only permitted with the user’s express and active consent. The legal basis for processing personal data using non-essential cookies is Art. 6(1)(a) GDPR.
3. Purpose of Data Processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognized even after a page change. Furthermore, the use of these cookies ensures the security of the website. These purposes also represent our legitimate interest in processing personal data under Art. 6(1)(f) GDPR. The user data collected through technically necessary cookies is not used to create user profiles.
4. Storage Duration, Right to Object, and Removal
Transient cookies are automatically deleted when you close your browser. This includes session cookies, in particular, which store a session ID that allows different requests from your browser to be assigned to the same session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies at any time in your browser’s security settings. Therefore, you, as a user, have full control over the use of cookies. By changing the settings in your web browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, not all functions of the website may be fully usable.
5. Reference to Cookie Policy
Further information on the cookies we use, their storage duration, and how you can manage your cookie settings and deactivate certain types of tracking can be found in our cookie consent tool. Cookie-Consent-Tool.
V. Google Maps
Our website uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When using Google Maps functions, your IP address is collected and transmitted to Google. This information is generally transferred to a Google server in the USA and stored there as soon as you click on the Google Maps map. As the provider of this site, we have no influence on this data transmission from that point onward.
The legal basis for this data collection is your consent in accordance with Art. 6(1)(a) GDPR. Google Maps is deactivated before your express consent to data collection and transmission. You will be explicitly asked for your consent when visiting the website.
The use of Google Maps is intended to provide an appealing presentation of our online offerings and facilitate easy location of the places indicated on the website.
For more information on the handling of user data, please refer to Google’s privacy policy: https://www.google.de/intl/en/policies/privacy/.
VI. Newsletter Registration
1. Description and Scope of Data Processing
Our website offers the option to subscribe to a free newsletter. When registering for the newsletter, the data from the input form, namely the email address, is transmitted to us. Additionally, the following data is collected during registration:
(1) IP address of the accessing computer
(2) Date and time of registration
During the registration process, your consent is obtained for data processing, and reference is made to this privacy policy.
In connection with data processing for the distribution of newsletters, no data is passed on to third parties. The data is used exclusively for sending the newsletter.
2. Legal Basis for Data Processing
The legal basis for processing data after a user registers for the newsletter is the user’s consent under Art. 6(1)(a) GDPR.
3. Purpose of Data Processing
The user’s email address is collected to deliver the newsletter. The collection of other personal data as part of the registration process is intended to prevent misuse of the services or the email address used.
4. Storage Duration
The data is deleted as soon as it is no longer necessary to achieve the purpose of its collection. The user’s email address is therefore stored as long as the newsletter subscription is active.
5. Right to Object and Removal
The newsletter subscription can be canceled by the affected user at any time. For this purpose, a corresponding link is included in every newsletter. This also enables the revocation of consent to store the personal data collected during the registration process.
VII. Contact Form and Email Contact
1. Description and Scope of Data Processing
Our website contains a contact form that can be used for electronic contact. Contact can also be made via the provided email address. In this case, the user’s personal data transmitted with the email is stored. No data is passed on to third parties in this context. The data is used exclusively for processing the conversation.
2. Legal Basis for Data Processing
The legal basis for processing the data is the user’s consent under Art. 6(1)(a) GDPR.
The legal basis for processing data transmitted in the course of sending an email is Art. 6(1)(f) GDPR. If the email contact aims at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPRDSGVO.
3. Purpose of Data Processing
Processing personal data serves solely to process your contact inquiry. In the case of email contact, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process is used to prevent misuse of the contact form and ensure the security of our IT systems.
4. Storage Duration
The data is deleted as soon as it is no longer necessary to achieve the purpose of its collection. For personal data from the contact form input mask and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is deemed ended when it can be inferred from the circumstances that the matter in question has been conclusively resolved.
The additional personal data collected during the sending process is deleted no later than seven days after submission.
5. Right to Object and Removal
The user can revoke their consent to the processing of personal data at any time. If the user contacts us via email, they can object to the storage of their personal data at any time. In this case, the conversation cannot be continued.
All personal data stored during contact will be deleted in this case.en in diesem Fall gelöscht.
VIII. Rights of the Data Subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
1. Right to Access
You can request confirmation from the controller as to whether personal data concerning you is being processed.
If such processing is taking place, you can request information from the controller about the following:
(1) The purposes for which the personal data is being processed;
(2) The categories of personal data being processed;
(3) The recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
(4) The planned storage period of the personal data concerning you, or, if specific information is not possible, criteria for determining the storage period;
(5) The existence of a right to rectification or deletion of personal data concerning you, a right to restrict processing by the controller, or a right to object to such processing;
(6) The existence of a right to lodge a complaint with a supervisory authority;
(7) All available information about the origin of the data if the personal data is not collected from the data subject;
(8) The existence of automated decision-making, including profiling, in accordance with Art. 22(1) and (4) GDPR, and – at least in these cases – meaningful information about the logic involved as well as the scope and intended effects of such processing on the data subject.
You also have the right to request information as to whether the personal data concerning you is transferred to a third country or an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
6. Right to Rectification
You have the right to rectification and/or completion if the personal data concerning you is incorrect or incomplete. The controller must make the correction without undue delay.
7. Right to Restriction of Processing
You may request the restriction of processing of personal data concerning you under the following conditions:
(1) If you dispute the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) The processing is unlawful and you refuse the deletion of the personal data and instead request the restriction of its use;
(3) The controller no longer needs the personal data for processing purposes, but you need it to establish, exercise, or defend legal claims; or
(4) You have objected to processing pursuant to Art. 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.
If the processing of personal data concerning you has been restricted, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.
If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.
8. Right to Erasure
aa) Obligation to Erase
You can request that the controller delete the personal data concerning you without undue delay, and the controller is obliged to delete this data without undue delay if one of the following reasons applies:
(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
(2) You withdraw your consent on which the processing is based pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal basis for processing.
(3) You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for processing, or you object to the processing pursuant to Art. 21(2) GDPR.
(4) The personal data concerning you has been unlawfully processed.
(5) The deletion of personal data concerning you is necessary to comply with a legal obligation under European Union or Member State law to which the controller is subject.
(6) The personal data concerning you has been collected in relation to the offer of information society services pursuant to Art. 8(1) GDPR.
b) Information to Third Parties
If the controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17(1) GDPR, the controller shall take reasonable steps, including technical measures, considering the available technology and the cost of implementation, to inform controllers processing the personal data that you, as the data subject, have requested the deletion of any links to, or copies or replications of, this personal data.
c) Exceptions
The right to erasure does not exist if processing is necessary:
(1) To exercise the right to freedom of expression and information;
(2) To fulfill a legal obligation requiring processing under European Union or Member State law to which the controller is subject, or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) For reasons of public interest in the field of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
(4) For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Art. 89(1) GDPR, insofar as the right referred to in (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) To establish, exercise, or defend legal claims.
9. Right to Notification
f you have exercised your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you has been disclosed of this rectification, erasure, or restriction of processing unless this proves impossible or involves disproportionate effort.
You have the right to be informed about these recipients by the controller.
10. Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that
(1) The processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, or on a contract pursuant to Art. 6(1)(b) GDPR, and
(2) The processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the freedoms and rights of others.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
11. Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, which is based on Art. 6(1)(e) or (f) GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.
You also have the option, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise your right to object by automated means using technical specifications.
12. Right to Withdraw Consent
You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
13. Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
The supervisory authority to which the complaint is submitted shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
