As of August 2020
General Information on this website
The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is data with which you can be personally identified. The protection of your personal data is important to us. According to the EU General Data Protection Regulation (Article 13 DSGVO (DPA)), we are obliged to inform you about the purpose for which we collect, store or forward data and what your rights are in data protection. The content and scope of the data processing is largely determined by the data you provide or the data required for the business relationship or communication. You can find detailed information on the subject of data protection in our data protection declaration listed here.
Data collection on this website
Who is responsible for data processing and who can I contact?
The data processing on this website is carried out by the website operator. The contact data of the responsible person and the responsible supervisory authority can be found in the legal notice of this website.
Which data are processed and from which sources does this data originate and what do we use it for?
On the one hand, your data is collected when you provide it to us. This can be data that you enter in a contact form, for example. Other data is collected automatically or with your consent by our IT systems when you visit the website. These are mainly technical data (e.g. Internet browser, operating system or time you spend on our website). This data is collected automatically as soon as you enter this website. Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. In addition, you have the right to demand, under certain circumstances, the restriction of the processing of your personal data. Furthermore, you have the right of appeal to the responsible supervisory authority. You can contact us at any time at the address given in the legal notice for this and other questions on the subject of data protection.
Analysis tools and third-party tools
In addition, we transmit your data to processors commissioned by us:
- IT and hosting service providers
- Credit institutions and payment providers for processing payment transactions for orders
- Back office service provider for the processing of advertising mailings
- Suppliers for processing product and sample orders
- Laboratories and institutes for product testing
- Sales partners, if they need your data to process your order
- Survey and marketing agencies
Furthermore, data will be transmitted to public authorities and institutions (tax offices, authorities, customs offices) if there is a legal or regulatory obligation to do so. All order processors and sales and trading partners are contractually obliged to process your data only within the scope of the provision of services and in accordance with the applicable data protection regulations.
This website is hosted by an external service provider (Host). The personal data collected on this website is stored on the host's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated by a website. The use of the host is for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). Our host will only process your data to the extent necessary to fulfill its performance obligations and will follow our instructions with regard to this data.
Signing of a contract for order processing
In order to guarantee data protection compliant processing, we have concluded a contract for order processing with our host.
General notes and mandatory information
The person responsible for data processing on this website is:
Michael Koch GmbH
Zum Grenzgraben 28, Germany
Phone: +49 72 51-96 26-200
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (see paragraph Data Protection).
Data protection officer required by law
We have appointed a data protection officer:
Mr. Christian Wolff
Michael Koch GmbH
Zum Grenzgraben 28
Tel: +49 72 51-96 26-200
Note on data transfer to the USA
Among other things, our website includes tools from companies based in the USA. If these tools are active, your personal data may be transferred to the US servers of these companies. We would like to point out that the USA is not a safe third country in terms of EU data protection law. US companies are obliged to release personal data to security authorities without you as the person concerned being able to take legal action against this. Therefore, it cannot be excluded that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke a previously given consent at any time. The legality of the data processing that took place up to the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct advertising (Art. 21 DSGVO)
If data processing is carried out on the basis of Art. 6 para. 1 lit. E or F DPA, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your personal data concerned unless we can prove compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims (objection in accordance with Art. 21 para. 1 DSGVO). If your personal data are processed for the purpose of direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising. This also applies to profiling, insofar as it is connected with such direct advertising. If you object, your personal data will no longer be used for the purpose of direct advertising afterwards (objection according to Art. 21 para. 2 DSGVO).
Right of appeal to the competent supervisory authority
In the case of violations of the DPAs, the persons concerned have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the suspected violation. This right of appeal is without prejudice to other administrative or judicial remedies.
Right to data transferability
You have the right to have data, which we process automatically on the basis of your consent or in fulfilment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as site operator. You can recognize an encrypted connection by the fact that the address line of your browser changes from "http://" to "https://" and by the lock symbol in your browser line. If the SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Right to limit processing
You have the right to request that the processing of your personal data be restricted. To do so, you can contact us at any time at the address given in the legal notice. The right to restrict processing exists in the following cases:
If you dispute the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the review, you have the right to demand the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can demand the restriction of the data processing instead of deletion.
If we no longer need your personal data, but you need it for the exercise, defence or assertion of legal claims, you have the right to demand the restriction of the processing of your personal data instead of deletion.
If you have lodged an objection in accordance with Art. 21 paragraph 1 DSGVO, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.
How long will my data be stored?
We only store your data for as long as it is necessary for the processing of the business transaction or for compliance with documentation requirements. Legal requirements demand that commercial letters be kept for at least 6 years, and those with tax-relevant content for at least 10 years. In addition, our IT systems have extensive data backup concepts that do not permit premature deletion. In this case, access to data is restricted after the permitted storage period has expired. Application documents are stored or retained for 6 months after the end of the filling of the position. If the application is made through a recruitment agency, master data must be retained for longer.
How secure is my data?
We use state-of-the-art security measures to protect your data appropriately. Our employees, subcontractors and trading partners are obliged to observe our guidelines on information security.
When you visit our website, we may store information on your computer in the form of a "cookie" that will automatically recognize your computer the next time you visit. Cookies are small text files and do not cause any damage on your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser. In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for the processing of payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behavior or display advertising. Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimize the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of his services. If consent to the storage of cookies has been requested, the storage of the cookies in question will be carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO); the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for specific cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of our website may be limited. Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the scope of this data protection declaration and, if necessary, request your consent.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Hostname of the accessing computer
Time of the server request
This data is not merged with other data sources. The collection of these data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - for this purpose the server log files must be recorded.
Inquiry by e-mail, phone or fax
If you contact us by e-mail, telephone or fax, your inquiry including all personal data (name, inquiry, etc.) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent. The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, if your inquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f DSGVO) or on your consent (Art. 6 para. 1 lit. a DSGVO), provided that the inquiry was made. The data sent to us by you via contact inquiries will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent. The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f DSGVO) or on your consent (Art. 6 para. 1 lit. a DSGVO), provided that the inquiry was made. The data entered by you in the contact form will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your inquiry has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
Comment function/leaving a message
For the comments/ leaving a message function on this page, in addition to your comments/messages, information about the time of creation of the comment(s)/messages and, if you are not posting anonymously, your chosen username will be saved.
The storage of comments/messages is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke any consent you have given at any time. All you need to do is send us an informal message by e-mail. The legality of the data processing operations already carried out remains unaffected by the revocation.
This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google Ireland Ltd. Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. However, in the event that IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the internet. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google. You can prevent the storage of cookies by adjusting your browser software accordingly. Furthermore, you can prevent the collection of data generated by the cookie and related to your use of the online offer to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. For further information on usage conditions and data protection, please visit: https://marketingplatform.google.com/about/analytics/terms/de/ or https://www.google.de/intl/de/policies/. We would like to point out that on this website Google Analytics has been extended by the code "anonymizeIp" in order to ensure an anonymised collection of IP addresses (so-called IP masking).
Opposition to data collection
Google Tag Manager
Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The Tool Tag Manager itself (which implements the tags) is a cookieless domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it remains for all tracking tags implemented with Google Tag Manager. https://www.google.com/intl/de/tagmanager/use-policy.html
We have concluded a contract with Google for contract data agreement and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Plugins and Tools
Google Web Fonts
Linkedin Insight Tag
Use of YouTube components with enhanced data protection mode
Objection advertising mails
The use of contact data published within the scope of the legal notice obligation for the transmission of not expressly requested advertisement and information materials is hereby contradicted. The operators of the site expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as through spam e-mails.
If you would like to receive our free monthly newsletter offered on our website, we need an e-mail address from you as well as some additional information that allows us to verify that you are the owner of the e-mail address provided and agree to receive the newsletter. Further data will not be collected. We use these data exclusively for sending the requested information and do not pass them on to third parties. You can revoke your consent to the storage of the data, e.g. the e-mail address as well as its use for sending the newsletter at any time, for example by using the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you have provided us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you have cancelled your subscription. We use rapidmail for the dispatch of newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg, Germany. In doing so, rapidmail GmbH is prohibited from using your data for any other purpose than for sending the newsletter. rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider which has been carefully selected in accordance with the requirements of the DSGVO (GDPR) and the BDSG Federal Data Protection Act). The data entered by you for the purpose of subscribing to the newsletter are stored on the servers of rapidmail in Germany. Rapidmail enables us to analyze our newsletter campaigns. For example, we can see when a newsletter message was opened and whether the link to our website was clicked. If you do not agree to this, you can revoke your consent to the storage of the data and its use for sending the newsletter at any time, e.g. via the unsubscribe link in the newsletter. Further information on data protection at rapdimail can be found at: https://www.rapidmail.de/datenschutz.
Right to revoke permission
Permission for the collection and storage of your data can be revoked at any time with respect to subsequent services. You can revoke permission for the collection, processing and use of your personal data at any time with respect to subsequent services. In this case, please contact us via the address specified in our imprint or via email@example.com. Personal data is deleted if you revoke permission for its storage, if your personal data is no longer required for the purpose for which it was originally stored, or if storage is no longer permissible for other legal reasons. This does not affect data required for billing and accounting purposes, or that has to be stored for legal reasons.
KOCH implements technical and organizational security measures to protect your personal data against unintentional or unlawful deletion, alteration or loss as well as unauthorized disclosure or access.
Use of external links
Our website contains links to other websites. KOCH is not responsible for the data protection policies or the content of other websites.
For information, suggestions and complaints regarding the processing of your personal data, please refer to the contact address: firstname.lastname@example.org. Should incorrect information be stored, despite our efforts to ensure that the data stored is accurate, we will correct this information at your request.
Please note that if necessary we can or must make adjustments to this information in accordance with Art. 13/14 DSGVO for data processing. The current version of this information according to Art 13/14 DSGVO can be found on our homepage at any time.