Privacy Policy
1) Introduction and contact details of the controller
1.1 We are delighted that you are visiting our website and thank you for your interest. Below, we provide information about how we handle your personal data when you use our website. Personal data refers to all data that can be used to identify you personally.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Docs Schüngel GmbH, An der Wichtelweide 10, 09600 Weißenborn/Erzgeb., Germany, tel.: +49172XXXXXXX, email: contact@docs-schuengel.com. The controller responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2) Data collection when visiting our website
2.1 When you use our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the page server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
- Our visited website
- Date and time at the time of access
- Amount of data sent in bytes
- Source/reference from which you accessed the page
- Browser used
- Operating system used
- IP address used (if applicable: in anonymized form)
Processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used for any other purpose. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the string “https://” and the lock icon in your browser line.
3) Hosting & Content Delivery Network
3.1 We use a provider to host our website and display the page content who provides its services itself or through selected subcontractors exclusively on servers within the European Union.
All data collected on our website is processed on these servers.
We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.
3.2 IONOS
We use a content delivery network from the following provider: 1&1 IONOS Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany
This service enables us to deliver large media files such as graphics, page content, or scripts more quickly via a network of regionally distributed servers. Processing is carried out to protect our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6 (1) lit. f GDPR.
We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.
4) Cookies
In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called “session cookies”), while others remain on your device for longer and enable page settings to be saved (so-called “persistent cookies”). In the latter case, you can find the storage period in the overview of your web browser's cookie settings.
If personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 (1) (b) GDPR either for the performance of the contract, in accordance with Art. 6 (1) (a) GDPR in the case of consent, or in accordance with Art. 6 (1) (f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.
You can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general.
Please note that if you do not accept cookies, the functionality of our website may be limited.
5) Contacting us
5.1 WhatsApp Business
You have the option of contacting us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use the “business version” of WhatsApp for this purpose.
If you contact us via WhatsApp in connection with a specific transaction (e.g., an order you have placed), we will store and use the mobile phone number you use for WhatsApp and, if provided, your first and last name in accordance with Art. 6 (1) (b) GDPR for the purpose of processing and responding to your request. On the same legal basis, we may ask you via WhatsApp to provide additional data (order number, customer number, address, or email address) in order to be able to assign your request to a specific transaction.
Use our WhatsApp contact for general inquiries (e.g., about our range of services, availability, or our website), we will store and use the mobile phone number you use for WhatsApp and, if provided – your first and last name in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in providing the requested information efficiently and promptly.
Your data will only ever be used to respond to your request via WhatsApp. It will not be passed on to third parties.
Please note that WhatsApp Business has access to the address book of the mobile device we use for this purpose and automatically transfers phone numbers stored in the address book to a server of the parent company Meta Platforms Inc. in the USA. To operate our WhatsApp Business account, we use a mobile device whose address book exclusively stores the WhatsApp contact details of users who have also contacted us via WhatsApp.
This ensures that every person whose WhatsApp contact details are stored in our address book has already consented to the transfer of their WhatsApp phone number from the address books of their chat contacts in accordance with Art. 6 (1) (a) GDPR when they first used the app on their device by accepting the WhatsApp Terms of Service. The transfer of data of users who do not use WhatsApp and/or have not contacted us via WhatsApp is therefore excluded.
For information on the purpose and scope of data collection and the further processing and use of data by WhatsApp, as well as your rights in this regard and settings options for protecting your privacy, please refer to WhatsApp's privacy policy: https://www.whatsapp.com
We have concluded a data processing agreement with the provider that protects the data of our website visitors and prohibits its disclosure to third parties.
In the context of the above processing, data may be transferred to servers of Meta Platforms Inc. in the USA.
For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards on the basis of an adequacy decision by the European Commission.
5.2 When you contact us (e.g. via contact form or email), personal data is collected. The data collected when using a contact form can be seen on the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for establishing contact and the associated technical administration.
The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) lit. b GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no legal retention obligations to the contrary.
6) Page functionalities
6.1 Google Web Fonts
This site uses web fonts from the following provider for consistent font display: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
This site uses for uniform display of When a page is accessed, your browser loads the required web fonts into your browser cache to display text and fonts correctly and establishes a direct connection to the provider's servers. Certain browser information, including your IP address, is transmitted to the provider.
Data may also be transferred to: Google LLC, USA
The processing of personal data in the course of establishing contact with the font provider will only be carried out if you have given us your express consent in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by deactivating this service via the “Cookie Consent Tool” provided on the website. If your browser does not support web fonts, a standard font from your computer will be used.
For data transfers to the US, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards on the basis of an adequacy decision by the European Commission.
Further information on Google's privacy policy can be found here: https://business.safety.google
6.2 hCaptcha
On this website, we use the CAPTCHA service provided by the following provider: Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110, USA
The service checks whether an entry is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks, and similar automated malicious access. To ensure that an action is performed by a human and not by an automated bot, the provider collects the IP address of the device used, identification data of the browser and operating system type used, as well as the date and duration of the visit, and transmits this information to the provider's servers for evaluation.
The legal basis is our legitimate interest in determining individual responsibility on the Internet and preventing abuse and spam in accordance with Art. 6 (1) (f) GDPR.
We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.
For the transfer of data to the USA, the provider refers to standard contractual clauses of the European Commission, which are intended to ensure compliance with European data protection standards.
7) Tools and miscellaneous items
Cookie-Consent-Tool
This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications that require consent. The “cookie consent tool” is displayed to users when they visit the site in the form of an interactive user interface, on which consent for certain cookies and/or cookie-based applications can be given by ticking a box. When using the tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by checking the box. This ensures that such cookies are only set on the user's respective device if consent has been granted.
The tool uses technically necessary cookies to store your cookie preferences. Personal user data is not processed in this process.
If, in individual cases, the purpose of storage, assigning, or logging cookie settings, this is done in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and, consequently, in the legally compliant design of our website.
Another legal basis for processing is Art. 6 (1) (c) GDPR. As the controller, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.
Further information about the operator and the settings options for the cookie consent tool can be found directly in the corresponding user interface on our website.
8) Rights of the data subject
8.1 The applicable data protection law grants you the following rights as a data subject (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis cited for the respective conditions for exercising these rights:
- Right to information pursuant to Art. 15 GDPR;
- Right to rectification pursuant to Art. 16 GDPR;
- Right to erasure pursuant to Art. 17 GDPR;
- Right to restriction of processing pursuant to Article 18 GDPR;
- Right to information pursuant to Art. 19 GDPR;
- Right to data portability pursuant to Art. 20 GDPR;
- Right to withdraw consent granted in accordance with Art. 7(3) GDPR;
- Right to lodge a complaint pursuant to Art. 77 GDPR.
8.2 RIGHT OF APPEAL
IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA IN QUESTION. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE YOUR RIGHT TO OBJECT AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
9) Duration of storage of personal data
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and, if relevant, additionally by the respective statutory retention period (e.g., commercial and tax law retention periods).
When processing personal data on the basis of explicit consent in accordance with Art. 6 (1) (a) GDPR, the data concerned will be stored until you revoke your consent.
If there are statutory retention periods for data processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment or initiation of a contract and/or we no longer have a legitimate interest in its continued storage.
When processing personal data on the basis of Art. 6 (1) (f) GDPR, this data will be stored until you exercise your right to object under Art. 21 (1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Art. 6 (1) lit. f GDPR, this data will be stored until you exercise your right to object under Art. 21 (2) GDPR.
Unless otherwise specified in the other information in this statement regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.