Privacy

1. Data protection in general

General information
The following information provides a simple overview of what happens to your personal data when you visit our website.
Personal data is any data with which you can be personally identified. Please refer to our privacy policy listed below for detailed information on the subject of data protection.

If the Internet procedure changes or the Internet and EDP security technology develops further, this data protection declaration will be updated.

Responsible for this website
Christian Maier GmbH & Co. KG
Würzburger Str. 67–69
PO Box 1609
89506 Heidenheim
Germany
Tel. +49 7321 317-0
Fax +49 7321 317-129
E-mail: info@maier-heidenheim.de

Data collection on our website
The data processing of this website is carried out by the website operator. Please find his contact details in the imprint of the website.

Your data is collected by notification from you. This means, for example, data that you enter in a contact form. Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data, such as the Internet browser used, the operating system or the time of the page view.
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?
You can obtain information about the data stored about you and its origin free of charge at any time without giving reasons. In addition, you will also receive information about the recipients to whom data (if applicable) is passed on and the purpose of the data processing. Furthermore, you have the right to correct incorrect data as well as to delete personal data that is no longer required, unless an obligation to retain it arises from other legal regulations. In these cases, you have the right to restriction of data processing (blocking).
If you have any further questions about this or about data protection in general, you can contact us at any time at the address given in the imprint.

Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the data subject has a right of appeal to the competent supervisory authority. The competent supervisory authority in matters of data protection law is the state data protection commissioner of the federal state in which our company is based. A list of data protection officers worldwide and their contact details can be found in the following link: Complaints to data protection authorities

Analysis tools and third-party tools
When you open our website, your surfing behavior may be statistically analyzed. This happens mainly through the use of cookies and analytics programs. The analytics programs usually evaluate your behavior anonymously, which means that your browsing behavior cannot be traced back to you. If you do not want this, you can object to this analysis or prevent it by not using these tools. Detailed information on this can be found in the following privacy policy.

2. Mandatory information

Data protection
We, Christian Maier GmbH & Co. KG, take the protection of your personal data very seriously and therefore comply with applicable laws and regulations on data protection. The following points give you an overview of how we ensure this protection and which data we process for this purpose when you visit our website.

If the opportunity for the input of personal or business data is given, the input of these data takes place voluntarily. By disclosing the data, the User consents to the internal processing and storage of the data by the publisher and/or its subsidiaries.

We point out that data transmission on the Internet can have security gaps. Complete protection of the data against access by third parties is not possible.

Responsible entity – our data protection officer
DSG Datenschutz UG (haftungsbeschränkt)
Mr. Tobias Marx
Zeppelinstr. 9
89231 Neu-Ulm
Germany
E-mail: datenschutz@dsg-ulm.de

The controller in this sense is a natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Revocation of your consent to data processing
You may revoke any consent you have given us to collect and use your personal data at any time free of charge for the future without stating any reasons. In addition, you have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties (data portability). The provision takes place in a machine-readable format.

Many data processing operations are only possible with explicit consent. You can revoke an already granted consent at any time. An informal message, for example in the form of an e-mail to us, is sufficient for this purpose. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)
If the data processing is based on Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21(1) GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as this is technically feasible.

Encryption of the website
For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the address line of the browser, which changes from “http://” to “https://” and by the lock symbol in the browser line. When the SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion
You can obtain information about the data stored about you and its origin free of charge at any time without giving reasons. In addition, you will also receive information about the recipients to whom data (if applicable) is passed on, and the purpose of the data processing. Furthermore, you have the right to correct incorrect data as well as to delete personal data that is no longer required, unless an obligation to retain it arises from other legal regulations. In these cases, you have the right to restriction of data processing (blocking). If you have any further questions, please contact us at any time at the address given in the imprint.

Objection to advertising mails
Contact data published within the framework of the imprint obligation may not be used for sending advertising and information material that has not been expressly requested. The operators of the pages hereby expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information (e.g. via spam e-mails).

3. Data collection on our website

Cookies
In order for this site to function properly, we place small files called cookies on your device. This is nothing unusual and is standard on most major websites.

What are cookies?
A cookie is a small text file that a website leaves on your computer, tablet, or smartphone when you visit it. This allows the site to remember certain inputs and settings (e.g. login, language, font size, and other display preferences) over a period of time. Thus, you do not need to re-enter your preferred settings each time you visit and navigate the site.

How do we use cookies?
On our pages we use cookies to store

• your screen display preferences, e.g. contrast and font size, and
• your decision to (or against) the use of cookies on this website.

Embedded videos on our pages also use cookies to create anonymous statistics about the previously visited pages and the selected videos.
The basis for the data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising.

Accepting cookies is not essential for using the portal, but it makes browsing more pleasant. You can block or delete cookies – however, this may affect some features of this portal. The information collected through cookies is not used to identify you. The data is completely under our control. In addition, cookies are used exclusively for the purposes stated here.

Control over cookies
You can control and/or delete cookies as you wish. You can find out how here: aboutcookies.org. You can delete all cookies stored on your computer and set most browsers to prevent cookies from being stored. But then you may have to manually adjust some settings every time you visit a page and accept the impairment of some functions.

Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are browser type and browser version, operating system used, referrer URL, host name of the accessing computer, time of the server request, and the IP address used.

This data is not merged with other data sources.

The basis for the data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior for technical and statistical purposes. In order to further optimize our Internet presence and our offers, these files are created. We also reserve the right to use this data in the event of system abuse in order to determine the cause or trigger of the abuse.

Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up inquiries. We do not share this data without your consent.

The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. An informal e-mail to us is sufficient for this purpose. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

4. Analysis tools and advertising

Google Analytics – general
This website uses Google Analytics, a web analytics service provided by Google, Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer in order to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. The storage of Google Analytics cookies is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find out more in Google’s privacy policy: https://policies.google.com/privacy.

Google Analytics – IP anonymization
However, in case of activation of IP anonymization on this website, your IP address will be truncated beforehand by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

Google Analytics – Browser Plug-In
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can prevent the collection by Google Analytics by clicking on the link. An opt-out cookie will be set to prevent future collection of your data when visiting this website: Disable Google Analytics. Opt-out cookies are cookies that websites create in your browser folders to block the same website from creating more cookies in the future. The opt-out cookie tells the website not to install third-party cookies or other cookies in your browser.

Google Analytics – objection to data collection
For more information on terms of use and data protection, please visit www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. We would like to point out that on this website Google Analytics has been extended by a part in the code to ensure anonymized collection of IP addresses.

Google Analytics – order data processing
We have concluded an order data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics – demographic features
This website uses the “demographic features” function of Google Analytics. The basis for the data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing the demographic characteristics of the site visitors for technical and statistical purposes. Through the “demographic characteristics” function of Google Analytics, reports can be generated that contain statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the paragraph “Objection to data collection”.

Google Analytics – remarketing
Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This feature allows the advertising audiences created with Google Analytics Remarketing to be linked to the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google Account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you log in with your Google account.

To support this feature, Google Analytics collects google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create target groups for cross-device ad advertising.

You can permanently object to cross-device remarketing/targeting by deactivating personalized advertising in your Google account; follow this link: https://www.google.com/settings/ads/onweb/.

The aggregation of the collected data in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 para. 1 lit. a GDPR). For data collection processes that are not merged in your Google account, the collection of data is based on Art. 6 para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.

For more information and the privacy policy, please see Google’s privacy policy at: https://www.google.com/policies/technologies/ads/.

Google AdWords and Google conversion tracking
This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

Within the scope of Google AdWords, we use the so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked through AdWords customers’ websites. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your internet browser under user settings. They will then not be included in the conversion tracking statistics.

The storage of “conversion cookies” is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its web offering and its advertising.

For more information on Google AdWords and Google Conversion Tracking, please see Google’s privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

5. Plug-ins and tools

YouTube
Our website uses plug-ins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.

When you visit one of our pages equipped with a YouTube plug-in, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

For more information on the handling of user data, please refer to YouTube’s privacy policy at: https://policies.google.com/privacy.

Content on social media
The content on our pages can be shared on social networks in a privacy-compliant manner. There is no automatic transfer of user data to the operators of these platforms. If the user is logged in to one of the social networks, an information window appears when using the social buttons of Facebook, Twitter & Co. in which the user can confirm the text before sending it.

Our users can share the content of this site in social networks in a privacy-compliant manner without complete surfing profiles being created by the operators of the networks.

Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google’s servers. This gives Google knowledge that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

If you do not want or your browser does not support Google Web Fonts, a default font from your computer will be used. This may change the display of our homepage. For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and see Google’s privacy policy: https://policies.google.com/privacy.

Google Maps
This site uses the mapping service Google Maps. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy.

6. Service app

6.1 Person responsible for this app and data protection officer

Responsible
Christian Maier GmbH & Co. KG
Würzburger Str. 67–69
PO Box 1609
89506 Heidenheim
Germany
Tel. +49 7321 317-0
Fax +49 7321 317-129
E-mail: info@maier-heidenheim.de

Data Protection Officer
DSG Datenschutz UG (haftungsbeschränkt)
Mr. Tobias Marx
Zeppelinstr. 9
89231 Neu-Ulm
Germany
E-mail: datenschutz@dsg-ulm.de

6.2 Purpose of data processing
The data processed with the help of the Service App is used for preventive maintenance of our products, which are used in your company. The Service App notifies you of upcoming maintenance activities and supports you in stocking spare parts.

Furthermore, you can use the service app to place orders with us and send us complaints.

6.3 Legal basis for data processing
Personal data will be processed for the purpose of implementing the maintenance contract concluded with you or your company. The legal basis is Art. 6 para. 1 letter b of the General Data Protection Regulation (GDPR).

6.4 Categories of data that are processed
6.4.1 Personal data

• Personal data: salutation, title, first name, last name.
• Contact details: company name, address, telephone number, mobile phone number, e-mail address, and similar data.

6.4.2 Pseudonymized personal data

• Login data: username,
• language setting of a user,
• preferred units (e.g. PSI) of the user,
• time of change of a record and associated user,
• internal reference of the user to a product,
• timing and comment when changing a product.

6.4.3 Application data of the installed products

• Type and designation of the installed product,
• specific characteristics of a product of a series,
• place of use of the product (name, picture, area),
• application values of the product (temperature, medium, pressure, speed),
• time and reference values of a product (temperature, medium, pressure, speed),
• operating data: Leakage, wear on seals, torque.

6.5 Categories of recipients/ disclosure to third parties (external bodies)

• Within Christian Maier GmbH & Co. KG, your personal data will be provided to those offices that need it to fulfill our contractual and legal obligations (Art. 6 para. 1 letter b and c GDPR).
• If we use the services of external service providers (e.g. IT service providers), your data may be transferred to them. The contractual relationships with these external service providers are regulated in accordance with the statutory data protection provisions, and the data transferred may be used by the recipient exclusively for the contractually agreed purpose of their transfer (Art. 28 GDPR).
• In general, the data listed above will not be disclosed to third parties.
• No data is transferred to third countries (countries outside the European Economic Area (EEA)) or to an international organization.

6.6 Retention period – deletion periods
Your personal data will be deleted as soon as your company informs us of a new contact person for the use of our Service App or the maintenance contract is terminated.

6.7 Your rights
6.7.1 Right to information
You can obtain information free of charge at any time and without giving reasons about the data stored about you, its origin, recipients to whom data is disclosed and the purpose of data processing (Art. 15 GDPR).

6.7.2 Right to rectification
Furthermore, you have a right to rectification of incorrect personal data or completion of your personal data stored by us (Art. 16 GDPR).

6.7.3 Right of deletion
You may request the deletion of your personal data, unless we have a duty to retain it under other statutory provisions (Art. 17 GDPR).

6.7.4 Right to restriction of processing
You also have the right to restriction of processing (blocking) of the data concerning you (Art. 18 GDPR).

6.7.5 Right to data portability
In addition, you have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties (data portability) (Art. 20 GDPR). The provision takes place in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

6.7.6 Right to revoke consent given
You may revoke any consent you have given us to process your personal data for the future at any time and free of charge without stating any reasons (Art. 7 (3) GDPR). This has the consequence that we may no longer continue the data processing based on this consent for the future. The lawfulness of the processing of your personal data until a revocation is not affected by the revocation. Likewise, further processing of your data on the basis of another legal basis remains unaffected (see paragraph “Legal bases for data processing”).

6.7.7 Right to complain to a supervisory authority
If you believe that the processing of your personal data by us violates legal requirements, you have the right to complain to a data protection supervisory authority (Art. 77 GDPR). As a rule, you can contact the supervisory authority of your usual place of residence or workplace for this purpose.

6.8 Right to object to processing
If the processing of your personal data is based on legitimate interests pursuant to Art. 6 para. 1 letter f GDPR, you may object to the processing at any time for the future, provided that there are grounds for doing so which arise from your particular situation (Art. 21 (1) GDPR). This also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims. In addition, you may object at any time to the processing of your personal data for direct marketing purposes and the associated profiling (data analysis) (Art. 21 (2) GDPR). We will pay attention to this contradiction for the future.

6.9 Possible sources of personal data
If we do not collect your personal data directly from you, we use publicly available sources, information databases or credit agencies

6.10 Is there an obligation to provide data?
Within the scope of our business relationship, you only need to provide the personal data that we require for the corresponding initiation, implementation, or termination of this relationship or that we are legally obligated to collect. Without the provision of this data, we may have to refuse to enter into a contract or may no longer be able to perform an existing contract or may even have to terminate a business relationship.

6.11 Is there automated decision-making in individual cases, including profiling?
Christian Maier GmbH & Co KG does not use any automated rating systems with this service app.

6.12 Data security
To protect your personal data stored by us against unauthorized access by third parties, manipulation and partial or complete loss, we use appropriate technical and organizational security measures. These security measures are continuously adapted in line with technological developments or other new findings.

6.13 Data transmitted by the browser/Internet technology
When you download our service app, you will be redirected to the Apple App Store. This is an offer provided by Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA. Thus, Apple Inc. receives the following personal data from you and is the controller of this data according to Art. 4 (7) GDPR:

• Internet Protocol (IP) address of the computer used,
• date and time of your visit,
• time zone difference from Greenwich Mean Time (GMT),
• website you are visiting,
• access status/ HTTP status code,
• amount of data transferred in each case,
• website from which you visit us (referrer URL),
• browser type, version and language,
• operating system used.

6.14 Data transmitted by the app technology
By using our service app, the following information (login history) is transmitted to the service provider commissioned by us:

• Time when a user logged in,
• error messages,
• browser used,
• operating system used,
• resolution of the device when logging in.

This service provider is not the responsible party in the sense of the GDPR; the responsible party is us, Christian Maier GmbH & Co KG.

This pseudonymized data is stored in a server log file, so-called server log file, for technical and statistical purposes and processed by us for the following purposes:

• Ensure smooth connection establishment of the app,
• ensuring comfortable use of our app,
• ensure system security and stability,
• in the event of system abuse, to determine the cause and trigger of the abuse.

The legal basis for data processing is Art. 6 para. 1 letter f GDPR. Our legitimate interest follows from the data processing purposes listed above. The aforementioned data is stored separately: a combination of this data with any personal data you may have provided will not be made; thus, no conclusions can be drawn about a specific person.

6.15 Updating the privacy policy
Due to changes in legal or regulatory requirements or the further development of our websites, it may be necessary to amend this privacy policy. The current data protection declaration can be accessed by you at any time from our Internet pages.

7. Video surveillance

The following part of this data protection declaration refers to the video surveillance operated by Christian Maier GmbH & Co. KG on the company premises.

7.1 Person responsible and data protection officer

Responsible
Christian Maier GmbH & Co. KG
Würzburger Str. 67–69
PO Box 1609
89506 Heidenheim
Germany
Tel. +49 7321 317-0
Fax +49 7321 317-129
E-mail: info@maier-heidenheim.de

Data Protection Officer
DSG Datenschutz UG (haftungsbeschränkt)
Mr. Tobias Marx
Zeppelinstr. 9
89231 Neu-Ulm
Germany
E-mail: datenschutz@dsg-ulm.de

7.2 Purpose of data processing
Video surveillance of the access areas to the company premises is carried out for the purposes of the

• Access control to the company premises,
• prevention of crime,
• preservation of evidence in the case of criminal acts for the assertion of claims for damages under civil law.

7.3 Legal basis of data processing
We process the data in accordance with Art. 6 para. 1 letter f GDPR in conjunction with § 4 para. 1 No. 2 BDSG (German Data Protection Law), unless your interests or fundamental rights and freedoms prevail.
The legitimate interests of Christian Maier GmbH & Co. KG lie in the

• Exercise of domiciliary rights and in the
• legitimate interests arising from the aforementioned purposes.

7.4 Categories of data processed
Real-time images are transmitted to monitors or video sequences are stored of all persons who are in the recording area of the video cameras. The face as well as the activity with place, date, and time is recorded (processed).

7.5 Categories of recipients/ disclosure to third parties (external bodies)
Within Christian Maier GmbH & Co. KG, only employees of certain areas can view the real-time images on a monitor for the purpose of access control.
Furthermore, selected employees have the option of accessing the stored video sequences as needed. For the prosecution of criminal offenses, the video sequences are passed on to the law enforcement agency. Otherwise, the above data will not be disclosed to third parties. No data is transferred to third countries (countries outside the European Economic Area (EEA)) or to an international organization.

7.6 Retention period – deletion periods
The stored video sequences are automatically deleted five days after recording.

7.7 Your rights
7.7.1 Right to information

You can obtain information free of charge at any time and without giving reasons about the data stored about you, its origin, recipients to whom data is disclosed and the purpose of data processing (Art. 15 GDPR).

7.7.2 Right to rectification
Furthermore, you have a right to rectification of incorrect personal data or completion of your personal data stored by us (Art. 16 GDPR).

7.7.3 Right to erasure
You may request the erasure of your personal data if the data is no longer needed for the purposes pursued (Art. 17 GDPR).

7.7.4 Right to restrict processing
You also have the right to restrict the processing of the data concerning you, e.g. for the duration of the review of your objection by the controller (Art. 18 GDPR).

7.7.5 Right to object to processing
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you. The controller shall then no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims (Article 21 GDPR).

7.7.6 Right to complain to a supervisory authority
If you believe that the processing of your personal data by us violates legal requirements, you have the right to complain to a data protection supervisory authority (Art. 77 GDPR). As a rule, you can contact the supervisory authority of your usual place of residence or workplace for this purpose.

7.8 Is there an obligation to provide data?
There is no legal or contractual obligation to provide the data. Nor is the data required for the conclusion of a contract.

7.9 Is there automated decision-making in individual cases, including profiling?
Christian Maier GmbH & Co. KG does not use automated rating systems for video surveillance.

7.10 Data security
To protect your personal data stored by us against unauthorized access by third parties, manipulation and partial or complete loss, we use appropriate technical and organizational security measures. These security measures are continuously adapted in line with technological developments or other new findings.

7.11 Updating the privacy policy
Due to changes in legal or regulatory requirements, it may be necessary to amend this Privacy Policy. The current data protection declaration can be accessed by you at any time from our Internet pages.

Status: July 2019
Privacy Policy for Website, App & Video Surveillance Christian Maier GmbH & Co. KG
Privacy policy Christian Maier GmbH & Co. KG
Complete information sheet on video surveillance on the premises of Christian Maier GmbH & Co. KG