Privacy Policy
We will inform you below which of your data we record and how we process or store this data. We must point out that data transmission in the internet (e.g. when communicating by email) may have gaps in security. Complete protection of data from third-party access is not possible.
I. Name and contact details of the data controller and the Data Protection Officer
This privacy policy applies to all data processing by:
Peden Bloodstock GmbH
Leyenburg
47509 Rheurdt
Tel.: +49 208 378 2412
Fax: +49 208 378 1415
E-Mail: transport@peden.de
Managing Director: Martin Atock
Register Number HRB 4630 Amtsgericht Kleve
VAT Number : DE 812 600 738
II. Type and manner of processing personal data and the type and purpose of its use
In the interests of clarity, we have initially divided our information about data recording and data processing according to how the contact with you was made, whether via our website, Facebook or otherwise, e.g. by telephone or at a trade fair. In addition, we have explained data processing with you as our business partner or as an applicant for employment. If you have any questions, please do not hesitate to contact us.
1 Visits to the website
a) Calling up the website
When calling up our website the browser used on your terminal will automatically send information to our website server. This information will be stored temporarily in a so-called logfile. The following information will be recorded here without any actions from you and stored until it is automatically erased:
IP address of the requesting computer,
Date and time of the access,
Name and URL of the file called up,
Website from which access was made (referrer URL),
Browser and, if necessary, the operating system on your computer and the name of your access provider.
We will process the data specified for the following purposes:
Guaranteeing a smooth connection on the website,
Guaranteeing convenient use of our website,
Evaluating system security and stability.
The legal basis for data processing is Art. 6 (1) sentence 1 f) GDPR. Our legitimate interest results from the data collection purposes listed above. In this connection, we will not use the data collected for the purposes of drawing conclusions about you.
Furthermore, we use cookies during visits to our website. You will find more detailed explanations of this under c).
b) Using our contact form for advice requests
On our website we offer the possibility to contact us via a form provided there for the purpose of providing personal advice. In doing so, it is necessary to disclose your name as well as to disclose a valid email address or your telephone number (depending on which means of contact you would like to use) so that we know where the request has come from and are able to meet your wishes accordingly.
All other disclosures help us to be able to deal with your request in more detail in advance, but these are not mandatory disclosures. You can freely decide whether you would like to enter this data in the contact form.
The data processing of your telephone number for the purposes of making contact with us is done as per Art. 6 (1) sentence 1 a) GDPR on the basis of your consent.
Our data processing of the disclosures you have entered is done as per Art. 6 (1) sentence 1 b) GDPR on the basis of fulfilling your request.
c) Cookies
We use cookies at some points on our website. These are small items of data that your browser creates automatically and among others can be stored on your device (laptop, tablet, smartphone or similar) in a text file if you visit our site. Cookies do not damage your terminal and do not contain any viruses, Trojans or other malware.
Information is deposited in the cookies that results in connection with the device specifically used. However, this does not mean we become directly aware of your identity.
The use of cookies serves firstly, to make the use of our range more pleasant for you. Which is why we use so-called session cookies to recognise that you have already visited some pages of our website. These are automatically deleted after leaving our site.
The data processed by cookies is required for the purposes specified to safeguard our legitimate interests and those of third parties as per Art. 6 (1) sentence 1 f) GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice appears before a new cookie is placed. However, completely deactivating cookies can mean you cannot use all the functions of our website.
d) Analysis tools/Tracking tools
We do not use any tracking tools on our website.
e) Links to third-party websites
We use links to third-party websites on our website. If you click on such a link, it is possible that this will cause data to be transmitted to these third parties. We cannot control the data processing there and therefore, we are not responsible for this data processing. Therefore, when leaving our website, we recommend you find out about the data protection of any other websites you visit.
2 Facebook page
We have set up a Facebook page
We use this page to inform you about news concerning our range of services. You can publish contributions on our facebook page and “Like” our corporate page in order to keep up to date. Depending on how you have configured your privacy settings, we can see that you have given us a Like.
a) Visiting via our website
You can reach our Facebook page during visits to our website via the Facebook button installed there. The Facebook button is set up as a link so that only when activating this link will your data that has been recorded by calling up our website (see above under II.1.a)) be forwarded to Facebook.
b) Visiting directly via Facebook
You can also reach our Facebook page directly without visiting our website.
c) Data processing on Facebook
We will not process the data you have entered on Facebook outside the Facebook page.
As a platform provider, Facebook processes the personal data of its users and visitors, draws up statistics and possibly user profiles, and uses this data for advertising purposes. This data can also be used for market and opinion research. Your information will be recorded via cookies and can be supported in that you are logged on to the platform.
The processing detailed above relates to our legitimate interest as per Art. 6 (1) sentence 1 f) GDPR to provide you with the best possible information about our service and to comprehensively design the external presence of our company.
In the event of information requests and the assertion of user rights we would like to point out that these can be asserted most effectively on Facebook. Only Facebook has access to users’ data, can take the appropriate actions directly and provide information. However, you can send your request to us, of course, and we will forward this to Facebook. If you require any further assistance, please contact us.
Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The controller responsible under data protection law is:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
You will find further information about how Facebook processes data at: https://www.facebook.com/about/privacy/ Agreement on the joint processing of personal data: https://www.facebook.com/legal/terms/page_controller_addendum
An opt-out is possible at: https://www.facebook.com/settings?tab=ads
and http://www.youronlinechoices.com
The Privacy Shield is an item of data protection certification provided by the USA. It allows companies to prove they have a set level of data protection. You will find information about the Privacy Shield (US data protection certificate) at: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active
3 Other methods of making contact (e.g. tel., email, events) and commissioning
If you make contact with us by email, telephone or otherwise in person, we will generally record your first name and surname, your address and any additional data required within the scope of the contact and/or commissioning. Depending on the necessity, this can include the following data in particular:
Telephone number
Fax number
Email address
Personal passport number/copy of ID card/passport
Copy of a visa
Delivery address
Payment information
Additional contractual data
and any other contact data you provide to us voluntarily.
The legal basis for the processing is, depending on the content of the request, Art. 6 (1) sentence 1 b) GDPR – Fulfilling your request - or Art. 6 (1) sentence 1 f) GDPR on the basis of our legitimate interest. Our legitimate interest is primarily making contact with you as soon as possible.
Furthermore, the data is used for statistical purposes and for direct advertising. The legal basis for this processing is Art. 6 (1) sentence 1 f) GDPR because we have a legitimate interest in statistical evaluation for the purposes of optimising our range and to advertise our range of services.
4 Data from contacts of our business partners
We may store contact details (first name, surname, address, telephone number, email address, company affiliation) of contacts of our business partners for the purposes of preparing, concluding and executing contracts. The legal basis for this processing is Art. 6 (1) sentence 1 f) GDPR. Our legitimate interest follows the purpose of preparing, concluding and executing contracts.
5 Data protection for applications and in application procedures
Within the scope of applications, we collect and process applicants’ personal data for the purposes of conducting the application procedure. The legal basis for this processing is Art. 88 GDPR in conjunction with section 26 Bundesdatenschutzgesetz (German Data Protection Act). This processing can also be done via electronic pathways. This is the case in particular if an applicant transmits application documents to us using electronic pathways, for example, by email or via a contact form on the website. If we conclude a contract with an applicant, the transmitted data will be stored to transact the contractual relationship in compliance with legal regulations. The legal basis for this results from Art. 6 (1) sentence 1 b) GDPR.
III. Length of storage
Data will be erased as soon as it is no longer required for the purpose of its processing. In detail:
If you visit our website without using our contact form, your data will be erased after one month.
The personal data we collect for using the contact form (see above II.1.b)) or within the scope of any other request (see above II.4) will be automatically erased after the completion of the request made by you and, if no contract is concluded, after 24 months at the latest.
The personal data we collect to execute your order will be stored until the expiry of the statutory retention requirement and then erased, unless due to taxation and commercial law storage and documentation obligations (from HGB, StGB or AO) we are obliged to maintain longer storage periods as per Article 6 (1) sentence 1 c) GDPR or you have consented to storage beyond this as per Article 6 (1) sentence 1 a) GDPR.
Data from persons who apply to us as employees will - if no contract is concluded with the applicant - be erased 3 months after the completion of the application procedure. This only applies if such erasure does not contradict any other legitimate interests we may have. Another legitimate interest in this sense can be, for example, in proceedings in accordance with the German Equality Act (Allgemeines Gleichbehandlungsgesetz, or AGG).
IV. Transferring data
1 Authorisation for transferral
Your personal data will not be transmitted to third parties for any purposes other than those detailed below.
We will only transmit your personal data to third parties if:
this is legally permissible and required as per Art. 6 (1) sentence 1 b) GDPR to execute contractual relationships with you,
if there is a legal obligation for the transfer as per Art. 6 (1) sentence 1 c) GDPR and/or
transfer is required as per Art. 6 (1) sentence 1 f) GDPR to assert, exercise or defend against legal claims and there is no reason to assume that you have an interest requiring protection in the non-transfer of your data that outweighs this.
We will only transfer your personal data for other purposes if you have given your explicit consent, Art. 6 (1) sentence 1 a) GDPR.
Transfer of personal data to third coutries
We will only transfer your personal data to a third party in another country outside the European Union/the EEA where this is necessary to fulfill our contractual obligations, where you have given express consent to such transfer, on the basis of a legal obligation or if such transfer is justified by our legitimate interests. In any case we will ensure that such data are transferred according to Article 44 et seq. GDPR.
2 Recipient
We will primarily transfer your personal data to third parties that are service partners involved in executing contracts, such as in particular road transport companies, airlines, other carriers, customs agents as well as banks and credit card companies
In addition, under certain conditions we will transmit your data to organisational committees and official bodies/government agencies. Moreover, we will transmit your contractual data to our tax consultants and the relevant government agencies (the tax authorities in particular). Furthermore, the transmission of your data within the scope of legally permissible transfer to the following third parties may come into consideration: order processors to whom we transmit your personal data to conduct the business relationship or to whom we permit access to your data that we store. In detail: supporting/maintaining EDP-IT applications; archiving; call centre services; controlling; data destruction; recovery; customer administration; marketing; website management.
In cases in which your personal data is forwarded to third parties, the scope of the data transmitted will, however, be kept to the necessary minimum.
The forwarding of data within the scope of initiating contracts and/or fulfilling contracts is necessary and thus legitimate as per Art. 6 (1) sentence 1 b) GDPR.
V. Data subject rights
You are entitled to the following rights with regard to the processing of your personal data:
1 General rights
You have the right:
as per Art. 15 GDPR to demand to be informed free of charge about your personal data that we process. In particular, you can demand to be informed about the purposes of processing, the category of personal data, the categories of recipients that disclosures of your data are or were made to, the planned storage period, the right to rectification, erasure, restriction of processing or objection, the right to complain, the origin of your data if we did not collect this and any automatic decision-making including profiling and, if necessary meaningful information about the details of these;
as per Art. 16 GDPR to demand the rectification of incorrect data or completion of your personal data that we store;
as per Art. 17 GDPR to demand the erasure of your personal data that we store if the processing is not required to exercise the right of freedom of speech and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims;
as per Art. 18 GDPR to demand the restriction of processing of your personal data if you dispute the accuracy of the data, processing is illegal, but you reject erasure and we no longer require the data, however, you require this to assert, exercise or defend against legal claims or as per Art. 21 GDPR you have objected to processing;
as per Art. 20 GDPR to demand receipt of your personal data that you have provided to us in a structured, common and machine-readable format or transmission to another controller;
as per Art. 7 (3) GDPR to withdraw any consent you have given us at any time. The consequence of this is that we must not continue data processing that related to this consent and
as per Art. 77 GDPR to complain to a supervisory authority. This will normally be the supervisory authority of your usual place of residence or workplace or at our corporate headquarters.
2 Right to object
If your personal data is processed on the basis of legitimate interests as per Art. 6 (1) sentence 1 f) GDPR, you have the right as per Art. 21 GDPR to object to the processing of your personal data if there are reasons resulting from your particular situation or you object to direct advertising. In the latter case you have a general right to object, which we will implement without disclosure of a particular situation.
Please note that in the event of an objection to the forwarding of your personal data within the scope of a credit check, delivery on account will generally no (longer) be possible (see above figure IV.4.)
If you want to exercise your right to withdraw consent or to object, just send an email to datenschutz@peden.de
VI. Data security
As part of your visit to the website we use the common SSL procedure (Secure Socket Layer) in combination with the respectively highest level of encryption that is supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead.
You can recognise an encrypted connection in that the address line of the browser will change from “http://” to “https://” and from the lock symbol in your browser line.
When SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Otherwise, we use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulations, partial or complete loss, destruction or against unauthorised third-party access. Our security measures will be continuously improved in accordance with technological development.
VII. Topicality and amendment of our Privacy Policy
This Privacy Policy is currently valid and is the version of January 2019.
Due to the redevelopment of our website and ranges or due to changed legal or official requirements it may be necessary to amend this Privacy Policy. The currently applicable Privacy Policy can be viewed here.