Privacy

  1. Home
  2. Privacy

Privacy Policy

1. Data Protection at a Glance

General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. Detailed information on data protection can be found in our privacy policy listed below this text.

Data Collection on this Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section “Information on the Responsible Entity” in this privacy policy.

How do we collect your data?
Your data is collected in two ways: either you provide it to us (e.g., entries in the contact form), or it is automatically collected by our IT systems when you visit the website or after your consent (e.g., IP address, browser, operating system, time of page access).

What do we use your data for?
Some data is collected to ensure error-free provision of the website. Other data can be used to analyze your user behavior. If contracts can be initiated or concluded via the website, we also process data for offers, orders, or other service requests.

What rights do you have regarding your data?
You have the right to request information about the origin, recipients, and purpose of your stored personal data at any time free of charge. You also have the right to correct or delete this data. If you have given consent to data processing, you may revoke it at any time for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data and the right to lodge a complaint with the responsible supervisory authority.

2. Hosting
We host the content of our website with the following provider:

Mittwald
Provider: Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4–6, 32339 Espelkamp (hereinafter “Mittwald”). Details can be found in Mittwald’s privacy policy: https://www.mittwald.de/datenschutz.

The use of Mittwald is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website. If consent is obtained, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as consent covers the storage of cookies or access to information on the user’s device. Consent can be revoked at any time.

Order Processing
We have concluded a contract for order processing (AVV) with the aforementioned provider. This ensures that personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

3. General Notes and Mandatory Information

Data Protection
We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy. Data transmission over the Internet (e.g., communication by e-mail) may have security vulnerabilities; complete protection of data from third-party access is not possible.

Information on the Responsible Entity
EHP GmbH – Edelstahl Handel Profile
Industriestraße 2
75428 Illingen
Phone: +49 (0 70 42) 82 61 – 0
Email: info@e-h-p.de

The responsible entity is the natural or legal person that alone or jointly with others decides on the purposes and means of processing personal data.

Storage Duration
Unless a specific storage period is mentioned within this privacy policy, personal data remains with us until the purpose for data processing no longer applies. Upon justified request for deletion or revocation of consent, we delete the data unless other legally permissible reasons (e.g., tax or commercial retention periods) prevent this.

Legal Basis for Data Processing
Depending on the context, we process data on the basis of Art. 6 para. 1 lit. a (consent), lit. b (contract/initiation), lit. c (legal obligation) or lit. f GDPR (legitimate interest). For special categories of personal data, Art. 9 para. 2 lit. a GDPR applies. In case of access to device information, additionally § 25 para. 1 TDDDG. Consents can be revoked at any time.

Recipients of Personal Data
We only transmit personal data to external entities if required for contract fulfillment, a legal obligation exists, a legitimate interest according to Art. 6 para. 1 lit. f GDPR is present, or another legal basis allows the transfer. Contracts for order processing (AV) exist with processors; in case of joint processing, agreements according to Art. 26 GDPR are concluded.

Revocation of Your Consent to Data Processing
Many processing operations are only possible with your explicit consent. Already given consent can be revoked at any time; the lawfulness of processing before revocation remains unaffected.

Right to Object under Art. 21 GDPR
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. If personal data is processed for direct marketing purposes, you have the right to object at any time.

Right to Lodge a Complaint with a Supervisory Authority
In case of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, workplace, or place of the alleged violation.

Right to Data Portability
You have the right to receive data that we process automatically on the basis of your consent or in fulfillment of a contract, in a common, machine-readable format, and to transmit it to a third party; if technically feasible, also directly to another responsible party.

Information, Correction, and Deletion
You have the right at any time, under the applicable legal provisions, to obtain free information about your stored personal data and, where applicable, the right to correct or delete this data.

Right to Restrict Processing
Under certain conditions, you can request restriction of processing, e.g., during verification of accuracy, in case of unlawful processing, or if data is required for asserting legal claims.

SSL or TLS Encryption
This site uses SSL/TLS to secure confidential transmissions. An encrypted connection can be recognized by “https://” and the lock symbol in the browser bar.

4. Data Collection on this Website

Cookies
Our website uses cookies. These are session cookies (deleted after the session ends) and permanent cookies. Cookies may be first-party or third-party. Necessary cookies are based on Art. 6 para. 1 lit. f GDPR; if consent is obtained for storage of cookies or access to device information, processing is additionally based on Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG. You can set your browser to be informed about the setting of cookies, to allow them only in individual cases, to generally exclude them, or to automatically delete them when closing the browser; disabling may limit functionality.

Contact Form
If you submit inquiries via the contact form, your data, including contact information, will be stored to process the request and for follow-up questions. Legal basis is Art. 6 para. 1 lit. b GDPR (contractual connection), otherwise Art. 6 para. 1 lit. f GDPR (legitimate interest) or your consent under Art. 6 para. 1 lit. a GDPR. Data remains with us until the purpose ceases, revocation, or request for deletion, subject to legal retention obligations.

Inquiry via E-Mail, Phone, or Fax
If you contact us, your data, including personal data, will be stored and processed for processing purposes. Legal bases correspond to the contact form. Deletion occurs when the purpose ceases or after revocation, unless legal obligations prevent it.

5. Social Media

Instagram
This website includes functions of the Instagram service. Provider is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. When the social media element is active, a direct connection between your device and Instagram servers is established; Instagram receives information about your visit. If logged in, Instagram can assign the visit to your account. Legal basis is your consent (Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG). If personal data is transferred to the USA, this may be based on EU Standard Contractual Clauses and DPF certification. More information can be found in Instagram’s privacy policy.

LinkedIn
This website includes functions and content of LinkedIn. Provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Embedded elements (e.g., feeds, buttons, posts) establish a connection to LinkedIn servers when activated and may process IP address, browser information, interactions, and login status. If logged into LinkedIn, interactions can be assigned to your profile. Use is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG; consent can be revoked at any time. If personal data is transferred to LinkedIn in third countries (especially the USA), this may rely on EU Standard Contractual Clauses and possibly the EU-US Data Privacy Framework. Details in LinkedIn’s privacy policy.

6. Plugins and Tools

Font Awesome (Local Hosting)
To display fonts uniformly, Font Awesome is installed and used locally. No connection to servers of Fonticons, Inc. occurs. More information: https://fontawesome.com/privacy.

Google reCAPTCHA
We use Google reCAPTCHA on this website. Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. reCAPTCHA is used to verify whether data entry (e.g., in forms) is made by a human or automated program.

reCAPTCHA automatically analyzes visitor behavior in the background when visiting the site based on various characteristics (e.g., IP address, dwell time, mouse movements, possibly device and browser information). Data collected is transmitted to Google. Analyses run entirely in the background.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in protection against abusive automated scanning and spam). If consent is obtained, processing is additionally based on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG; consent can be revoked at any time. More information on purpose and scope: Google privacy policy and terms of use. If transferred to the USA, this may rely on EU Standard Contractual Clauses and Google’s DPF certification.

7. Your Rights
You have the rights mentioned in this statement: access, correction, deletion, restriction of processing, objection, data portability, and the right to lodge a complaint with a supervisory authority. To exercise these rights, a message to the contact details under “Responsible Entity” is sufficient.