Privacy policy

With this data protection declaration, we would like to inform you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data are all data that have a personal reference to you, e.g. name, address, e-mail address or your user behaviour. The data protection declaration applies to all data processing procedures carried out by us both within the scope of our core activities and for the online media provided by us.

Responsible for data processing is:

Schelbach Home Germany GmbH
André Schelbach

Mergelweg 1
32758 Detmold
Germany

+49 5231 9707-0
info@schelbach-home.com

Processing of your data within the framework of the craft services provided by us

If you are our customer or business partner or are interested in the services of our craft business, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationship existing between us. In this sense, the data processed by us includes all data that we request from you or that you provide to us in order to answer your enquiry, to provide you with an offer or to process your order. Unless otherwise stated in this privacy policy, the processing of your data and its disclosure to third parties is limited to the data that is necessary and appropriate to respond to your enquiries and/or to fulfil the contract concluded between you and us, to protect our rights and to comply with legal obligations. We will inform you of the data required for this before or during the data collection process. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact details (e.g. e-mail address, telephone number, postal address)
  • Contract data (e.g. subject matter of the contract, duration of the contract)

Affected persons: Interested parties, business and contractual partners

Purpose of processing: processing of contractual services, communication as well as answering contact requests, office and organisational procedures.

Legal basis: Contract fulfilment and pre-contractual enquiries, Art. 6 para. 1 lit. b DSGVO, legal obligation, Art. 6 para. 1 lit. c DSGVO, legitimate interest, Art. 6 para. 1 lit. f DSGVO

Your rights under the GDPR

According to the GDPR, you are entitled to the rights listed below, which you can assert at any time with the controller named in section 1 of this privacy policy:

  • Right to information: You have the right to request information from us about whether and what data we process from you.
  • Right to rectification: You have the right to request the rectification of inaccurate data or the completion of incomplete data.
  • Right to erasure: You have the right to request the erasure of your data.
  • Right to restriction: In certain cases, you have the right to request that we only process your data in a restricted manner.
  • Right to data portability: You have the right to request that we transfer your data to you or to another controller in a structured, common and machine-readable format.
  • Right of complaint: You have the right to complain to a supervisory authority. The supervisory authority of your usual place of residence, your place of work or our company headquarters is responsible.

Right of withdrawal

You have the right to revoke your consent to data processing at any time.

Right of objection

You have the right to object at any time to the processing of your data, which we base on our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. If you exercise your right of objection, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling reasons worthy of protection for the data processing outweigh your interests and rights.

Irrespective of the above, you have the right to object at any time to the processing of your personal data for the purposes of advertising and data analysis.

Please address your objection to the contact address of the responsible person given above.

When do we delete your data?

We delete your data when we no longer need it or when you instruct us to do so. This means that - unless otherwise stated in the individual data protection notices of this data protection declaration - we delete your data,

  • if the purpose of the data processing has ceased to exist and therefore the respective legal basis stated in the individual data protection notices no longer exists, for example.
  • after termination of the contractual or membership relations existing between us (Art. 6 para. 1 lit. a DSGVO) or
  • after our legitimate interest in the further processing or storage of your data has ceased to exist (Art. 6 para. 1 lit. f DSGVO),
  • if you exercise your right of revocation and no other legal basis for processing within the meaning of Art. 6 (1) lit. b-f DSGVO applies,
  • if you make use of your right to object and there are no compelling reasons for deletion that are worthy of protection.

However, if we still need to retain (certain parts of) your data for other purposes, for example because tax retention periods (usually 6 years for business correspondence or 10 years for accounting records) or the assertion, exercise or defence of legal claims arising from contractual relationships (up to four years) make this necessary or the data is needed to protect the rights of another natural or legal person, we will only delete (the part of) your data after these periods have expired. Until the expiry of these periods, however, we limit the processing of this data to these purposes (fulfilment of retention obligations).

Cookies

Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are placed and stored on the terminal device you are using. Cookies are primarily used to exchange information between the terminal device you are using and our website. This includes, among other things, the language settings on a website, the login status or where a video was watched.

Two types of cookies are used when you visit our websites:

  • Temporary cookies (session cookies): These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. The session cookies are deleted when you log out or close your browser.
  • Permanent cookies: Permanent cookies remain stored even after you close your browser. This allows our website to recognise your computer when you return to our website. For example, information on language settings or log-in information is stored in these cookies. In addition, these cookies can be used to document and store your surfing behaviour. This data can be used for statistical, marketing and personalisation purposes.

In addition to the above classification, cookies can also be differentiated with regard to their purpose:

  • Necessary cookies: These are cookies that are absolutely necessary for the operation of our website, to store logins or shopping baskets for the duration of your session or cookies that are set for security reasons.
  • Statistics, marketing and personalisation cookies: These are cookies that are used for analysis purposes or for measuring reach. In particular, information on search terms entered or the frequency of page views can be stored via such "tracking" cookies. In addition, the surfing behaviour of an individual user (e.g. viewing of certain content, use of functions, etc.) can also be stored in a user profile. Such profiles are used to show users content that corresponds to their potential interests. If we use services that store cookies on your terminal device for statistical, marketing and personalisation purposes, we will inform you separately in the following sections of our data protection declaration or when obtaining your consent.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address).

Data subjects: Users of our online services

Purpose of processing: Playing out our Internet pages, guaranteeing the operation of our Internet pages, improving our Internet offer, communication and marketing.

Legal basis:
Legitimate interest, Art. 6 para. 1 lit. f DSGVO

If we do not obtain your consent to the setting of cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, in particular the content and functions. You can use the security settings of your browser to object to the use of cookies set by us within the scope of our legitimate interest. There you have the option of specifying whether you do not accept cookies from the outset or only accept them on request, or whether you specify that cookies are deleted each time you close your browser. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

Consent, Art. 6 para. 1 lit. a DSGVO
If we ask you to set certain cookies on your end device before you visit our website and you consent to this, the legal basis is the consent you have given. Within the scope of the consent, we will inform you about which cookies we set in detail. If you do not give this consent, we will only set the so-called technically necessary cookies that are required for the proper operation of our Internet pages and their display in your browser. If you have consented to the setting of cookies, you have the option to revoke your consent at any time.

Web hosting

In order to maintain our internet pages, we use a provider on whose server our internet pages are stored and made available for retrieval on the internet (hosting). In doing so, the provider may process all data transmitted via the browser you use, which is generated when you use our website. This includes in particular your IP address, which the provider needs in order to be able to deliver our online offer to the browser you are using, as well as all entries you make via our website. In addition, the provider used by us can  

  • the date and time of access to our website
  • Time zone difference from Greenwich Mean Time (GMT)
  • Access status (HTTP status)
  • the volume of data transferred
  • the Internet service provider of the accessing system
  • the type of browser you are using and its version
  • the operating system you are using
  • the website from which you may have accessed our website
  • the pages or sub-pages that you visit on our website.

collect. The aforementioned data is stored as log files on the servers of our provider. This is necessary to ensure the stability and security of the operation of our website.

Data concerned:

  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our internet presence

Purpose of processing: Playing out our internet pages, guaranteeing the operation of our internet pages

Legal basis: Legitimate interest, Art. 6 para. 1 lit. f DSGVO

Web host(s) commissioned by us:

Webflow

Service provider: Webflow
Website: 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA
Privacy policy: https://webflow.com

Content Delivery Network

We use a content delivery network (CDN) to serve our internet pages. A CDN is a network of regionally distributed servers connected via the internet. Scaling storage and delivery capacities are made available via the CDN. This optimises the loading times of our internet pages and ensures an optimal data throughput even during large load peaks. User requests on our internet pages are routed via servers of the CDN. Statistics are created from these data streams. On the one hand, this serves to detect potential threats to our internet pages through malware at an early stage and, on the other hand, to continuously improve our offer and to make our internet pages more user-friendly for you as a user.

We would like to point out that, depending on the country of domicile of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address)

Purpose of processing: technical optimisation of the internet presence, analysis of errors and user behaviour.

Legal basis: Legitimate interest, Art. 6 para. 1 lit. f DSGVO

CDN service providers used:

Amazon CloudFront

Service Provider: Amazon Web Services, Inc, 410 Terry Avenue North, Seattle WA 98109, USA
Website: https://aws.amazon.com/de/
Privacy Policy: https: //aws.amazon.com/de/privacy/?nc1=f_pr.

Contact

If you contact us via e-mail, social media, telephone, fax, post, our contact form or otherwise and in doing so provide us with personal data such as your name, telephone number or e-mail address or give us further information about yourself or your request, we will process this data to respond to your enquiry within the framework of the pre-contractual or contractual relationship existing between us.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Contact details (e.g. e-mail address, telephone number, postal address)
  • Content data (texts, photos, videos)
  • Contract data (e.g. subject matter of the contract, duration of the contract)

Affected persons: Interested parties, customers, business and contractual partners

Purpose of processing: communication as well as answering contact requests, office and organisation procedures.

Legal basis: Contract fulfilment and pre-contractual enquiries, Art. 6 para. 1 lit. b DSGVO, legitimate interest, Art. 6 para. 1 lit. f DSGVO

The handling of your data in the application process

If you apply to us, we process the personal data you send us during the application process, such as your name, address, place of residence, age, application photo, e-mail and telephone number, professional history including schools, training, studies. If you send the data by e-mail or via a contact form on our website, the data is processed electronically. When you send your application via the contact form, the transmission of your data is encrypted according to the state of the art. If you send your data by e-mail, we would like to point out that the transmission is usually not encrypted. If an employment contract is concluded following the application process, we will store your data for the purpose of processing the employment relationship in compliance with the statutory provisions.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact details (e.g. e-mail address, telephone number, postal address)
  • Contract data (e.g. subject matter of the contract, duration of the contract)

Persons concerned: Applicants and candidates

Purpose of processing: processing of the application procedure

Legal basis: Contract fulfilment and pre-contractual enquiries, Art. 6 para. 1 lit. b DSGVO, legal obligation, Art. 6 para. 1 lit. c DSGVO.

Deletion: If no employment contract is concluded, your data will be deleted after completion of the application process or at the latest 2 months after its completion. This does not apply if legal provisions prevent the deletion or if the continued storage of your data is necessary for the purpose of providing evidence, for example in proceedings under the General Equal Treatment Act (AGG). The application procedure is deemed to be completed when the rejection is sent to you.

Advertising by e-mail, post or telephone

We process personal data for our promotional communications by email, post or telephone. You can object to receiving our advertising measures at any time or revoke your previously given consent to receive our advertising communication at any time. In order to be able to prove in case of doubt that your consent was given even after your objection or revocation, we may store your data for up to 4 years after your objection/revocation. We will no longer use your data for any other purposes after your objection/revocation. If you want us to delete your data before then, we will do so after you have confirmed that you originally gave us consent.

Data concerned:

  • Contact details (e.g. e-mail, telephone number, postal address)
  • Inventory data (e.g. names, addresses)

Affected persons: Communication partner

Purpose of processing: Direct promotional activities (marketing) by e-mail, post or telephone.

Legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, legitimate interest, Art. 6 para. 1 lit. f DSGVO

Web analysis and statistics

We use web analysis services to record and statistically evaluate the flow of visitors to our website. Such services collect, among other things, data about the website from which you have accessed our website (so-called referrers), which pages of our website you have accessed, how long you have visited our pages and which interactions you have carried out there. In addition, data on the browser, computer system and type of device you use are collected. In addition, demographic information such as age or gender can be collected as pseudonymous values via such a service. If you have consented to the collection of your location data, this may also be processed, depending on the provider.

In order to collect and store this data, the web analysis service we use usually sets a cookie on the end device you use, which also collects the IP address assigned to you. However, this is shortened using a so-called IP masking procedure so that the IP address can no longer be assigned to your visit to our website. In addition, no clear data such as names or e-mail addresses are stored. Neither we nor the service we use know the identity of visitors to our website.

We would like to point out that, depending on the country of domicile of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address).

Data subjects: Users of our online services

Processing purpose: Reach measurement, campaign success monitoring, remarketing and interest- and behaviour-based marketing

Legal basis: If we have asked for your consent before using the respective service, this is the legal basis, Art. 6 para. 1 lit. a DSGVO. Furthermore, we use the respective service on the basis of our legitimate interest in analysing the flow of visitors to our website in order to be able to continuously improve the functions, offers and user experience, Art. 6 para. 1 lit. f DSGVO.

Our online presence on social networks

We operate online presences within the social networks listed below. If you visit one of these presences, the data listed in more detail below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and usage profiles are created. Data may be stored in the usage profiles regardless of the device you use. This is particularly the case if you are a member of the respective platform and logged in to it. The usage profiles can be used by the providers to play interest-based advertising to you. You have a right of revocation against the creation of user profiles. To exercise this right, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider may collect data about your usage behaviour on our website. To prevent such a linkage of your data, you can log out of the provider's service before visiting our site.

For what purpose and to what extent data is collected by the provider, you can find out from the respective data protection declarations of the providers, which are communicated below.

We would like to point out that, depending on the country of domicile of the provider mentioned below, the data collected via its platform may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Inventory and contact data (e.g. name, address, telephone number, email address)
  • Content data (e.g. posts, photos, videos)
  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address).

Purpose of processing: communication and marketing, tracking and analysis of user behaviour.

Legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, legitimate interest Art. 6 para. 1 lit. f DSGVO

Opt-out options: For the respective opt-out options, please refer to the information provided by the providers linked below.

We maintain online presences on the following social networks:

Facebook

Service provider: Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Website: https://www.facebook.com/
Privacy Policy: https://www.facebook.com/about/privacy/
Privacy Policy for Facebook Pages: https://www.facebook.com/legal/terms/information_about_page_insights_data

Instagram

Service provider: Instagram Inc., 1601 Willow Road, Menlo Park CA 94025, USA
Parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Registered office in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Website: https://www.instagram.com/
Privacy policy: http: //instagram.com/about/legal/privacy

LinkedIn

Service provider: LinkedIn Corporation, 1000 W Maude, Sunnyvale, CA 94085, USA
Headquarters in Germany: LinkedIn, Hofstatt 4th Floor, Sendlinger Str. 12, 80331 Munich
Website: https://www.linkedin.com/?trk=nav_logo
Privacy policy: https: //www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy

Online meetings, video conferencing and screen sharing  

We use third-party services to facilitate online meetings, video and/or audio conferencing and online seminars among employees and with prospective customers or clients. If you communicate with us via such a service, the data collected in this communication process will be processed both by us and by the third-party provider. The data that may be generated in such a communication process includes, in particular, your login and contact details, posts in the chat window, your video and audio posts and shared screen content. The data processed by the third-party provider we use primarily includes user data and metadata (e.g. IP address, computer system information). As a rule, the third-party providers process this data in order to check and guarantee the security of the service. In addition, findings from the data processing are to be used to optimise the third-party provider's offer and to carry out corresponding marketing measures. Please refer to the data protection information of the third-party provider in this regard.

We would like to point out that, depending on the country of domicile of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR may not be complied with and that the enforcement of your rights may not be possible or may be difficult.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Contact details (e.g. e-mail address, telephone number)
  • Shared content (e.g. photos, videos, texts, audio recordings)
  • User data (e.g. times of access, websites visited, interest in content)
  • Meta and communication data (e.g. IP address, computer system information)

Affected persons: Interested parties, customers, communication partners

Purpose of processing: processing of contact enquiries, internal and external communication with employees as well as interested parties and customers, fulfilment of our contractual services, service offer

Legal basis: consent, Art. 6 para. 1 lit. a DSGVO, contract performance and pre-contractual enquiries, Art. 6 para. 1 lit. b DSGVO, legitimate interest, Art. 6 para. 1 lit. f DSGVO

Services we use:

Microsoft Teams

Services offered: video conferencing, chat, voice conferencing
Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
Website: https://www.microsoft.com/de-de/microsoft-365/microsoft-teams/group-chat-software
Privacy policy: https: //privacy.microsoft.com/de-de/privacystatement

Zoom

Services offered: video conferencing, voice conferencing, chats
Service provider: Zoom Video Communications, Inc, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA
Website: https://zoom.us/de-de/meetings.html
Privacy policy: https: //zoom.us/de-de/privacy.html

Content services

We use certain services in order to be able to display certain content or graphics (videos, images, music, fonts, maps) via our website. In doing so, the services we use process the IP address assigned to you at the time of your visit to our internet pages, as this is the only way that the respective content can be displayed in the browser you are using. In addition, the providers of these services may place further cookies on your terminal device, which are used to collect information about your usage behaviour, your interests, the device and browser you are using, as well as the time and duration of your session. The providers regularly use this data for analysis, statistical and marketing purposes. In addition, this information may also be combined with information from other sources. This applies in particular if you yourself maintain an account with the service provider and are logged in there at the time of the session.

We would like to point out that, depending on the country in which the service provider named below is based, the data named in more detail below may be transferred to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection prescribed by the GDPR will not be complied with and that it will be difficult or impossible to enforce your rights.

Data concerned:

  • Usage data (e.g. access times, web pages clicked on)
  • Communication data (e.g. information about the device used, IP address)

Data subjects: Users of our internet presence

Purpose of processing: Playing out our Internet pages, offering content, ensuring the operation of our Internet pages.

Legal basis: Consent via cookie consent banner, Art. 6 para. 1 lit. a DSGVO, legitimate interests, Art. 6 para. 1 lit. f DSGVO.

We use the following content services:

Vimeo

We use Vimeo components on this website to embed videos on our internet pages so that they can be played via your internet browser when you visit our internet pages. This process requires that Vimeo processes the IP address assigned to you, as without this the content could not be sent to the browser. Vimeo recognises when you visit one of our pages on which we have embedded a Vimeo video, provided you are logged in to Vimeo. This information is transmitted to Vimeo even if you do not click on the Vimeo video. Vimeo collects this information and assigns it to your Vimeo account.

Service provider: Vimeo LLC, 555 West 18th Street, New York 10011, USA
Website: https://vimeo.com/de/
Privacy policy: https: //vimeo.com/privacy

YouTube

We use YouTube components on this website to embed videos on our website so that they can be played via your internet browser when you visit our website. During your visit to our website, both YouTube and Google are informed about which page or subpage you have accessed by transmitting your IP address to Google's external servers in the USA. This information is transmitted regardless of whether the videos displayed are actually viewed or clicked on or whether you are logged into your YouTube or Google account. This information is collected and assigned to your Google account if you are logged in there when you visit our website.

Service provider: YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA
Website: https://www.youtube.com/
Privacy policy: https://policies.google.com/privacy
Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de

Security measures

We also take technical and organisational security measures in accordance with the state of the art in order to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties.

Up-to-dateness and amendment of this privacy policy

This data protection declaration is currently valid and was updated in August 2021. Due to changes in legal or regulatory requirements, it may become necessary to adapt this data protection declaration.

This data protection declaration was created with the help of the data protection generator of SOS Recht. SOS Recht is a service provided by Mueller.legal Rechtsanwälte Partnerschaft, based in Berlin.