Data Privacy Statement
We are glad about your interest in our corporation. Data privacy has a high significance for the directorate of the Lucht LHZ Elektroheizung GmbH & Co. KG. The use of the Lucht LHZ Elektroheizung GmbH & Co.
KG websites is generally possible without giving away personal data. In case of potential usage of the services of our corporation via our website, the converting of personal data might be necessary. If the converting of personal data is necessary, it will be done according to art. 6 I lit. b DSGVO. The treatment of personal data, for instance the name, adress, mailadress or phone number of the person concerned will always take place in unison with the data privacy order and the German Data Protection Act.
Through the data privacy statement our corporation wants to inform the public about the way, extent and purpose of the collection, use and handling of personal data. Further the person concerned will be informed about their rights throughout the data privacy statement. The Lucht LHZ Elektroheizung GmbH & Co. KG as the responsible part for treatment implemented numerous technical and organisational actions to guarantee a preferably complete protection of the personal data handled on our website. Nevertheless, web based data transfer can generally show security flaws, so that an absolute protection can not be granted. For this reason every person is free to transfer personal data on alternative ways, such as for example through telephone.
The data privacy statement of the corporations is based on terminolgy used throughout european standard procedures- and edictgiver at the order of the general data privacy statement (german abbr.: DSGVO). Our data privacy statement is supposed to be readable and understandable for the public and our clients and associate partners. That is why we want to explain the used terminology in advance. In our data privacy statement, we are going to use the following terms:
a) personal related data
Personal related data includes all information, that relates to an identified and identifiable natural person (following „person concerned“). Identifiable defines any natural person that can be identified, directly or indirectly, especially through assignment to an identifier such as a name, an ID-number, a defined position, an online recognition or one or more special characteristics, such as expression of a physical, physiological, genetic, psychic, economic, cultural or social identity of a natural person.
b) Person concerned
A person concerned is any identified or identifiable natural person, whose personal data is handled by the responsible authority for the converting.
Processing includes any with or without the help of automated procedure executed process or such a process series in correlation with personal data like collection, recording, organisation, arranging, storage, customization, changing, read-out, query, use, publication through transmission, distribution or another form of furnishing, comparison or combination, limitation, delete or extermination.
d) Limitation of Processing
The limitation of processing is the marking of saved personal data with the goal to restrict their processing in the future.
Profiling means any way of automatic processing of personal data which includes the use of personal data to rate certain personal aspects related to a natural person, especially to analyze or predict aspects related to the job performance, business situation, health, personal preferences, interests, reliability, behaviour, residence or change of location.
Pseudonymization is the processing of personal data in a way in which the personal data through enlistment of additional information can not be assigned to a person concernded, provided that these additional information are stored seperately and succumb to technical and organizational procedures that ensure the personal data is not related to an identified or identifiable natural person.
g) Person responsible or person responsible for the processing
The person responsible or the person responsible for the processing is any natural or body corporate, agency, institution or other department, which decides alone or common about the purpose and instruments for the processing of personal data. In case the purpose and instruments of this procession are predetermined by the union law or the right of the member states, the person responsible respectively certain criteria of his nomination can be destined by the union law or the right of the member states.
h) Task-Processing Person
The task-processing person is any natural person or body corporate, agency, institution or other department, which processes personal data by order of the person responsible.
The recipient is any natural person or body corporate, agency, institution or other department, to which personal data can be externalized, not depending on the circumstance whether it is a third party or not. Agencies that possibly receive personal data in the context of a certain analyse request by the union law or the right of the member states can not be seen as a recipient.
j) Third Party
A third party is any natural person or body corporate, agency, institution or other department excluding the person concerned, the person responsible, the task-processing person and the persons that, under the direct responsibility of the person responsible or the task-processing person, are authorized to process personal data.
An agreement is a by the person concerned voluntarily for the case in an informed and unambiguous given statement of intent in form of a declaration or other clearly confirming act, by which the person concerned attests to agree with the processing of the personal data. Name and adress of the person responsible for the processing Responsible as meant by the data privacy order, the general data privacy statement and other regulations with a similar character is:
The owner of the corporation Uwe Lucht jun. Lucht LHZ Elektroheizung GmbH & Co. KG Reinhard-Schmidt-Str. 1 D- 09217 Burgstädt
Telefon: +49 (0) 3724 66869 0
Telefax: +49 (0) 3724 66869 20
Name and adress of the internal security administrator You can reach our internal security administrator by:
Denise Littbarski Reinhard-Schmidt-Str. 1 D- 09217 Burgstädt
Telefon: +49 (0) 3724 66869 0
Telefax: +49 (0) 3724 66869 20
Acquisition of general data and informationen
The internet page of our webshop collects a line of general data and information by any visit of a person concerned or an automatic system. The general data and infomation will be saved in the logfiles of the servers. The following might be collected: (1) the used browsertypes and verstions, (2) the used operating system, (3) the internet page, from where an accessing system reaches to our internet page (so called referrer), (4) the sub-websites, which by an accessing system call on our web page, (5) the date and time of the access on our website, (6) the internet-protocoll-adress (IP-adress), (7) the internet-service-provider of the accessing system and (8) other similar data and information, that serve the danger prevention in case of attacks on our technical systems. By the use of this general data and information the persons responible will not draw conclusions from the person concerned. These information are rather needed to (1) deliver the contents of our website correctly, (2) to optimize the contents of our website as well as the advertisment for it, (3) to guarantee the permanent efficiency of our technological systems and the technics on our website and (4) to provide the necessary information to the law enforcement agency for procecution in case of a cyber attack. This anonymously collected data and information will on one hand be statistically evaluated and will serve the purpose of increasing the data protection and privacy within our corporation to finally secure an ideal protection level of the personal related data processed by us. The anonymous data of the server-logfiles will be saved seperately by any of the person concerned stated personal data.
The so called server logfiles are anonymized data, that might be recorded while accessing our website. These informations will not allow to draw any conclusions from a concrete person, but is indispensable for technical reasons for the delivery and the presentation of our contents. Also they serve our statistic and the permanent improvement of our contents. Typical logfiles are the date and time of the access, the amount of data, the used browser and its version, the used systems software, the domainname of your instructed provider, the site from where you came to our offering (referrer URL) and your IP adress. Logfiles also allow a verification in case there is a suspicion of an illegal use of our website.
Our website uses an SSL codification when transmitting confidential or personal contents of our users. For instance, this codification is activated when money transfers or requests via our website are authorized. Please check whether the SSL codification is activated on your side when performing such activities. The service of the SSL codification is easy recognizable: The display in your browser line changes from „http://“ to „https://“. Data sent by SSL codification can not be read by a third party. Only transmit your confidential informations when SSL codification is activated, contact us when you need assistance.
Ways of contacting us via website
The website of the webshop contains, due to the statutory provisions, several information that allow a fast electronical approach to our corporation as well as the possibility to communicate directly with us, which also includes a general adress of the so called electronic mail (e-mail-adress). If a person concerned gets in touch with the person responsible for the processing via e-mail or a contact form, the by the person concerned transmitted personal data will be automatically saved. Such on a voluntary basis by a person concerned to the person responsible for the processing transmitted data will be saved for the purpose of processing and contacting the person concerned. There will not be any transmission of this personal data to a third party.
Routinely deletion and blocking of personal data
The person responsible for the processing will save and process personal data of the person concerned only for that space of time, that is required to reach the purpose of the saving or if this is intended by the european directive- and ordinancegiver or another legislative authority in laws and regulations, which the person responsible for the processing has to follow. If the purpose for the saving is not applicable anymore or does one by the european directive- and ordinancegiver or another legislative authority regulated retention period run out, the personal data will routinely and analogous to the statutory provisions be blocked or deleted.
Rights of the person concerned
a) Right of confirmation Any person concerned has by the european directive- and ordinancegiver the right to receive a confirmation from the person responsible for the processing, if data from the person concerned has been proceeded. In case the person concerned wishes to make use of this confirmationright, our security administrator or another assistant of the person responsible for the processing can be contacted anytime.
b) Right of information Any by the processing of personal data affected person has the by the european directive- and ordinancegiver guaranteed right to receive gratuitous information about the collected personal data from the person responsible for the processing and to get a copy containing this information at any time. Further the person concerned has a right to be informed, whether the personal data has been transmitted to a third party country or an international organisation. If this is the case, the person concerned has by the way the right to get information about the appropriate guarantee in correlation to the transmission. Does the person concerned want to exercise this right of information, the security administrator can be contacted at any time.
c) Right of adjustment Any of the processing of personal data concerned person has the by the european directive- and ordinancegiver guaranteed right to demand the immediate adjustment of the own personal related data if it is incorrect. Further the person concerned has the right to demand the completion of incomplete data, also through an additional declaration, in due consideration of the purpose of processing. Does the person concerned want to exercise this right of adjustment, the security administrator can be contacted at any time.
d) Right of deletion (right to be forgotten) Any of the processing of personal data concerned person has the by the european directive- and ordinancegiver guaranteed right to demand the immediate deletion of the own personal data from the person responsible, if one of the following reasons is given and as far as the processing is not necessary:
• The personal data was collected for such a purpose or in a similar way proceeded, for which it is not necessary anymore.
• The person concerned withdraws the agreement on which the processing according to art. 6 para. 1 letter a DSGVO or art. 9 para. 2 letter a DSGVO was based, and another legal foundation is lacking.
• The person concerned files an objection according to art. 21 para. 1 DSGVO against the processing, and there are no prior justified reasons for the processing, or the person concerned files an objection according to art. 21 para. 2 DSGVO against the processing.
• The personal data illegally processed.
• The deletion of personal data is required for the implementation of a legal commitment by the union right or the right of the member states, that the person responsible has to follow.
• The personal data was collected in matters of offered services by the information society according to art. 8 para. 1 DSGVO. Provided that one of the reasons mentioned above is true and the person concerned wants the deletion of the personal data saved by the person responsible, the security administrator can be contacted at any time. The security administrator will initiate the immediate deletion.
e) Right of limitation of processing Any of the processing of personal data person concerned has the by the european directive- and ordinancegiver guaranteed right to demand the limitation of processing, if one of the following reasons is given:
• The correctness of the personal data is contradicted by the person concerned, namely for a period of time which allows it for the person responsible to check on the correctness of the personal data.
• The processing is illegal, the person concerned refuses the deletion of personal data and demands the limitation of use of the personal data instead.
• The person responsible does not require the personal data for the purpose of processing anymore, the person concerned however requires it for enforcement, exercise or advocacy on a legitimate claim.
• The person concerned filed an objection against the processing according to art. 21 para. 1 DSGVO and it is not certain so far whether the justified reasons of the person responsible to the person concerned overweight. Provided that one of the preconditions mentioned above is true and the person concerned wants the limitation of the personal data saved by the person responsible, the security administrator can be contacted at any time. The security administrator will initiate the immediate limitation.
f) Right of data transfer Any of the processing of personal data concerned person has the by the european directive- and ordinancegiver guaranteed right to receive the own personal data, which has been provided by the person concerned to a person responsible, in a well-established and machine-readable format. Also the person hast the right to transmit this data to another person responsible without any obstruction by the person responsible who received the personal data in the first place, as long as the processing is based on the agreement according to art. 6 para. 1 letter a DSGVO or art. 9 para. 2 letter a DSGVO or on a contract according to art. 6 para. 1 letter b DSGVO and the processing happens by an automatic process, in case the processing is not necessary to perform a task referring to a public interest or the exercise of a public authority given to the person responsible. Also the person concerned by exercising the right of data transfer according to art. 20 para. 1 DSGVO has the right to obtain the personal data transferred directly from the person responsible to another person responsible, if this can be achieved by technical ressources and the rights and liberties of other people are not affected in any way. To enforce the right of data transfer the person concerned can contact the by the person responsible authorized security administrator at any time.
g) Right of objection Any by the processing of data person concerned has the by the european directive- and ordinancegiver guaranteed right for reasons, that are given by a special situation, to object the processing of personal related data which happened according to art. 6 para. 1 letter e or f DSGVO. This also concernes to a profiling based on these regulations. The persons responsible will not proceed personal data anymore in such a case, unless we can deliver strong, protection requiring reasons that overweight the interests, rights and liberties of the person concerned, or the processing serves the enforcement, exercise or defense of a legitimate claim. To exercise the right of data transfer the person concerned can contact the by the person responsible authorized security administrator at any time.
h) Right of cancelation of the agreement related to the data privacy statement Any by the processing of data person concerned has the by the european directive- and ordinancegiver guaranteed right to cancel the given agreement related to the processing of personal data at any time. To exercise the right of data transfer the person concerned can contact the by the person responsible authorized security administrator at any time.
i) Right of complaint to a regulating authority Any person concerned has the right of complaint to a regulating authority, if the person concerned considers that the processing of the own personal data violates the DSGVO. The for the Lucht LHZ Elektroheizung GmbH & Co. KG responsible regulating authority shall be administrated by the saxonian security administrator. Information can be found on https://www.saechsdsb.de
Legal basis for the processing
The processing of personal data takes place to guarantee the implementation of a contract, which contracting party is the person concerned. This for instance happens during processing operations necessary for delivery of goods or the supply of services or return services. So the processing is based on art. 6 I lit. b DSGVO. The same applies for such processing procedures that are required for the enforcement of arrangements before the contract is fullfilled, like in cases of requests to our products or services. Also our corporation succumbs to a legal obligation by which the processing of personal data is necessary, for example to fullfill fiscal duty, so the processing is based an art. 6 I lit. c DSGVO.
Period for safekeeping of the personal data
The criteria for the period of saving the personal data is the particular legal period for safekeeping. After this period, the corresponding data will routinely be deleted, as long as it is not required anymore for the implementation or initiation of a contract. Legal or contractual regulations for appropriation of the personal data; necessity for the conclusion of contract; obligation of the person concerned to provide the personal data; possible consequences of non-provisioning We clearify about the fact, that the appropriation of personal data is partly statutory (e.g. tax regulations) or result from stipulations (e.g. information about the contractual partner). Occasionally for the conclusion of the contract it might be necessary for the person concerned to provide personal data, which later has to be proceed by us. The person concerned for instance is obligated to provide personal data when closing a contract with us. A non-providing of personal data would implicate that the contract could not be closed. Before providing the personal data, the person concerned has to contact our security administrator. Our security administrator will explain on a case-by-case basis whether the providing of the personal data is statutory or contractual prescribed or required for the closing of contract, if there is an obligation to provide the personal data and which consequences the non-providing of personal data might occur.
Existence of an automatic decision-making
As a responsible corporation we renounce automatic decision-making or profiling.