We take data protection seriously. We are committed to safeguarding your personal information and ensuring your privacy is respected. Our privacy policy explains how we collect, use, and store your data. It also describes your rights and how to exercise them.
The privacy policy of Hebio GbR is based on the terminology used by the European legislator when issuing the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance.
In this privacy policy, we use the following terms, among others:
Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as 'data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Data subject is any identified or identifiable natural person whose personal data is processed by the data controller.
Processing is any operation or set of operations which is performed on personal data, whether or not by automated means, such as the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling is any form of automated processing of personal data that consists of using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data is not attributed to an identified or identifiable natural person.
Controller or data controller is the natural or legal person, authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of the Member States.
Data processor is a natural or legal person, authority, agency, or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, authority, agency, or other body to which personal data are disclosed, whether or not it is a third party. However, authorities that may receive personal data in the context of a specific inquiry under Union law or the law of the Member States are not considered recipients.
Third party is a natural or legal person, authority, agency, or other body other than the data subject, the controller, the data processor, and the persons who, under the direct responsibility of the controller or the data processor, are authorized to process the personal data.
Consent is any freely given, specific, informed, and unambiguous indication of the data subject's wishes, by which they signify agreement to the processing of personal data relating to them, in the form of a statement or a clear affirmative action.
The controller in the sense of the General Data Protection Regulation, other applicable data protection laws in the Member States of the European Union, and other provisions with data protection character is:
Publisher: Hebio GbR
Address: Dr. Rehm-Str. 10, Neuried
Phone Number: +49 89 37064032
Email Address:datenschutz@heb-io.de
Any affected person can contact our data protection officers directly at any time with questions or suggestions regarding data protection.
The websites of Hebio GbR use cookies. Cookies are text files that are placed and stored on a computer system via an internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which websites and servers can be assigned to the specific internet browser in which the cookie is stored. This enables the visited websites and servers to distinguish the individual browser of the affected person from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified by the unique cookie ID.
By using cookies, Hebio GbR can provide users of this website with more user-friendly services that would not be possible without the setting of cookies.
With the help of a cookie, the information and offers on our website can be optimized in accordance with the user's needs. Cookies allow us, as already mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user of a website that uses cookies does not have to enter their login data again every time they visit the website, because this is taken over by the website and the cookie stored on the user's computer system. Another example is the shopping cart cookie in an online shop. The online shop remembers the items that a customer has placed in the virtual shopping cart via a cookie.
We also use cookies on our website that allow for analysis of the users' surfing behavior.
The data collected in this way is pseudonymized through technical measures. Therefore, an assignment of the data to the accessing user is no longer possible. The data is not stored together with other personal data of the users.
When accessing our website, the user is informed about the use of cookies for analysis purposes and their consent for the processing of the personal data used in this context is obtained. In this context, a reference to this privacy policy is also made.
The legal basis for processing personal data using cookies for analysis purposes is, in the presence of a corresponding consent from the user, Art. 6 (1) lit. a GDPR. The data subject may prevent the setting of cookies by our website at any time by means of a corresponding setting of the web browser used and thus permanently object to the setting of cookies. Furthermore, already set cookies can be deleted at any time via a web browser or other software programs. This is possible in all common web browsers. If the data subject disables the setting of cookies in the web browser used, it is possible that not all functions of our website are fully usable.
The website of Hebio GbR collects a series of general data and information with each access to the website by an affected person or an automated system. This general data and information are stored in the server log files. The following can be collected: (1) types and versions of browsers used, (2) the operating system used by the accessing system, (3) the website from which an accessing system arrives at our website (so-called referrer), (4) the sub-webpages accessed through an accessing system on our website, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet Service Provider of the accessing system, and (8) other similar data and information that serve to prevent dangers in the event of attacks on our information technology systems.
When using this general data and information, Hebio GbR does not draw conclusions about the affected person. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the necessary information for prosecution in the event of a cyberattack. The anonymously collected data and information are statistically evaluated by Hebio GbR to increase data protection and data security in our company to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
In addition, personal data will also be collected if there is explicit permission from the respective users and in compliance with applicable data protection regulations:
First and last names of users
IP address of users
Email address of users
Information about the place of residence (postal code, etc.)
The processing of personal data is based on our legitimate interest in fulfilling our contractually agreed services and optimizing our online offerings.
You can also visit this website without providing any personal information. However, to improve our online offerings, we store (without personal reference) your access data to this website. These access data include, for example, the file you requested or the name of your Internet provider. Due to the anonymization of the data, conclusions about your person are not possible.
To protect the security of your data during transmission, we use encryption methods that correspond to the current state of the art (e.g., SSL) via HTTPS.
The website of Hebio GbR provides users with the opportunity to subscribe to the newsletter of our company. The personal data transmitted to the data controller when ordering the newsletter is derived from the input mask used for this purpose.
Hebio GbR informs its customers and business partners at regular intervals via a newsletter about the company's offers. The newsletter of our company can generally only be received if (1) the affected person has a valid email address and (2) the affected person registers for the newsletter. A confirmation email is sent to the email address initially registered for the newsletter for legal reasons in a double-opt-in process. This confirmation email serves to verify whether the owner of the email address, as the affected person, has authorized the receipt of the newsletter.
When registering for the newsletter, we also store the IP address assigned by the Internet Service Provider (ISP) of the computer system used by the affected person at the time of registration, as well as the date and time of registration. The collection of this data is necessary to be able to trace (possible) misuse of the email address of an affected person at a later date and therefore serves to legally protect the data controller.
The personal data collected during the registration for the newsletter will be used exclusively for sending our newsletter. In addition, subscribers to the newsletter may be informed by email if this is necessary for the operation of the newsletter service or related registration, as may be the case with changes to the newsletter offering or changes in technical circumstances. There is no transfer of personal data collected in the context of the newsletter service to third parties. The subscription to our newsletter can be canceled by the affected person at any time. The consent to the storage of personal data, which the affected person has granted for newsletter dispatch, can be revoked at any time. To revoke the consent, there is a corresponding link in each newsletter. Furthermore, it is also possible to unsubscribe directly on the website of the data controller from the newsletter dispatch at any time or to inform the data controller in another way.
Parts of our newsletter may contain advertising material.
The newsletters of Hebio GbR contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails that are sent in HTML format to enable a log file recording and log file analysis. This allows for a statistical evaluation of the success or failure of online marketing campaigns. Using the embedded tracking pixel, Hebio GbR can determine whether and when an email was opened by an affected person and which links in the email were called up by the affected person.
Such personal data collected via the tracking pixels contained in the newsletters will be stored and evaluated by the data controller to optimize the newsletter dispatch and better tailor the content of future newsletters to the interests of the affected person. This personal data will not be disclosed to third parties. Affected persons are entitled at any time to revoke the separate consent declaration given via the double-opt-in procedure. After a revocation, this personal data will be deleted by the data controller. Unsubscribing from receiving the newsletter is automatically interpreted by Hebio GbR as a revocation.
The affected person has the opportunity to register on the website of the data controller by providing personal data. Which personal data is transmitted to the data controller results from the respective input mask used for registration. The personal data entered by the affected person will be collected and stored exclusively for internal use by the data controller and for its own purposes. The data controller may arrange for the transfer to one or more processors, for example, a parcel service provider, which also uses the personal data exclusively for internal use attributed to the data controller.
By registering on the website of the data controller, the IP address assigned by the affected person's Internet Service Provider (ISP), the date, and the time of registration will also be stored. The storage of this data occurs against the background that only in this way can the misuse of our services be prevented, and this data enables the investigation of committed crimes if necessary. Therefore, the storage of this data is necessary to secure the data controller. Generally, this data will not be disclosed to third parties unless there is a legal obligation to disclose it or the disclosure serves the prosecution.
The registration of the affected person under voluntary provision of personal data serves the data controller to offer the affected person content or services that can only be offered to registered users due to the nature of the matter. Registered persons are free to change the personal data provided during registration at any time or to have them completely deleted from the data controller's database.
The data controller will provide each affected person with information about which personal data about the affected person is stored at any time upon request. Furthermore, the data controller will correct or delete personal data at the request or indication of the affected person, provided that there are no legal retention obligations to the contrary. All employees of the data controller are available to the affected person as points of contact in this context.
The website of Hebio GbR contains information due to legal requirements that enable quick electronic contact with our company as well as direct communication with us, which also includes a general address for so-called electronic mail (email address). If an affected person contacts the data controller by email or via a contact form, the personal data transmitted by the affected person will be stored automatically. Such personal data voluntarily provided by an affected person to the data controller will be stored for the purpose of processing or contacting the affected person. There will be no transfer of this personal data to third parties.
The data controller processes and stores personal data of the affected person only for the period necessary to achieve the storage purpose or if this has been provided for by the European legislator and regulation or another legislator in laws or regulations to which the data controller is subject.
If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the legal regulations.
Every affected person has the right granted by the European legislator and regulation to request confirmation from the data controller as to whether personal data concerning them is being processed. If an affected person wishes to exercise this confirmation right, they may contact an employee of the data controller at any time.
Every person affected by the processing of personal data has the right granted by the European legislator and regulation to obtain information from the data controller at any time free of charge about the personal data stored about them and a copy of this information. Furthermore, the European legislator and regulation have granted the affected person the right to obtain information about the following:
- the purposes of processing
- the categories of personal data being processed
- the recipients or categories of recipients to whom the personal data have been disclosed or will be disclosed, particularly in the case of recipients in third countries or international organizations
- If possible, the planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining this duration
- the existence of a right to rectification or deletion of personal data concerning them or to restriction of processing by the controller or a right to object to such processing
- the existence of a right to lodge a complaint with a supervisory authority
- if the personal data are not collected from the data subject: All available information about the source of the data
- the existence of automated decision-making, including profiling, according to Article 22 paragraphs 1 and 4 GDPR, and—at least in these cases—meaningful information about the logic involved, as well as the significance and the intended consequences of such processing for the data subject
Furthermore, the affected person has a right to information about whether personal data have been transferred to a third country or to an international organization. If this is the case, the affected person also has the right to obtain information about the appropriate safeguards related to the transfer. If an affected person wishes to exercise this right to information, they may contact an employee of the data controller at any time.
Every person affected by the processing of personal data has the right granted by the European legislator and regulation to request the immediate rectification of inaccurate personal data concerning them. Furthermore, the affected person has the right to request the completion of incomplete personal data—also by means of a supplementary statement—taking into account the purposes of processing. If an affected person wishes to exercise this right to rectification, they may contact an employee of the data controller at any time.
Every person affected by the processing of personal data has the right granted by the European legislator and regulation to request the immediate deletion of personal data concerning them from the controller, provided that one of the following reasons applies and as long as the processing is not necessary:
- The personal data have been collected for such purposes or processed in any other way, for which they are no longer necessary.
- The affected person withdraws their consent on which the processing is based according to Article 6 paragraph 1 letter a GDPR or Article 9 paragraph 2 letter a GDPR, and there is no other legal basis for the processing.
- The affected person objects to the processing according to Article 21 paragraph 1 GDPR, and there are no overriding legitimate grounds for the processing, or the affected person objects to the processing according to Article 21 paragraph 2 GDPR.
- The personal data have been unlawfully processed.
- The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the controller is subject.
- The personal data were collected in relation to services offered by the information society according to Article 8 paragraph 1 GDPR.
If any of the above reasons apply and an affected person wishes to request the deletion of personal data stored by Hebio GbR, they may contact an employee of the data controller at any time. The employee of Hebio GbR will ensure that the deletion request is promptly fulfilled. If the personal data have been made public by Hebio GbR and our company is obliged to delete the personal data as the controller according to Article 17 paragraph 1 GDPR, Hebio GbR will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform other controllers processing the published personal data that the affected person has requested the deletion of all links to such personal data or copies or replications of such personal data, provided that the processing is not necessary. The employee of Hebio GbR will take the necessary steps in each case.
Every person affected by the processing of personal data has the right granted by the European legislator and regulation to request the restriction of processing from the controller when one of the following conditions is met:
The accuracy of the personal data is contested by the affected person, for a duration that allows the controller to verify the accuracy of the personal data.
The processing is unlawful, the affected person opposes the deletion of the personal data and instead requests the restriction of the use of the personal data.
The controller no longer needs the personal data for the purposes of processing, but the affected person needs them for the assertion, exercise or defense of legal claims.
The affected person has lodged an objection to the processing according to Article 21 paragraph 1 GDPR, and it is not yet clear whether the legitimate grounds of the controller outweigh those of the affected person.
If one of the above conditions is met and an affected person wishes to request the restriction of personal data stored by Hebio GbR, they may contact an employee of the data controller at any time. The employee of Hebio GbR will initiate the restriction of processing.
Every person affected by the processing of personal data has the right granted by the European legislator and regulation to receive the personal data concerning them, which have been provided by the affected person to a controller, in a structured, commonly used and machine-readable format. They also have the right to transmit those data to another controller without hindrance from the controller to whom the personal data have been provided, provided that the processing is based on consent according to Article 6 paragraph 1 letter a GDPR or Article 9 paragraph 2 letter a GDPR or on a contract according to Article 6 paragraph 1 letter b GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, the affected person has the right, in exercising their right to data portability according to Article 20 paragraph 1 GDPR, to obtain that the personal data are transmitted directly from one controller to another, where technically feasible and provided that the rights and freedoms of others are not adversely affected. To exercise the right to data portability, the affected person may contact an employee of Hebio GbR at any time.
Every person affected by the processing of personal data has the right granted by the European legislator and regulation to object at any time to the processing of personal data concerning them, which is based on Article 6 paragraph 1 letters e or f GDPR, for reasons relating to their particular situation. This also applies to profiling based on these provisions. Hebio GbR will no longer process the personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the affected person, or the processing is necessary for the assertion, exercise or defense of legal claims. If Hebio GbR processes personal data for the purpose of direct marketing, the affected person has the right to object at any time to the processing of personal data for such marketing purposes. This also applies to profiling, insofar as it is related to such direct marketing. If the affected person objects to Hebio GbR regarding the processing for the purposes of direct marketing, Hebio GbR will no longer process the personal data for these purposes. Furthermore, the affected person has the right, for reasons relating to their particular situation, to object to the processing of personal data concerning them that is carried out by Hebio GbR for scientific or historical research purposes or for statistical purposes according to Article 89 paragraph 1 GDPR, unless such processing is necessary for the performance of a task carried out in the public interest. To exercise the right to object, the affected person may contact any employee of Hebio GbR directly. The affected person is also free to exercise their right to object in connection with the use of services of the information society, notwithstanding Directive 2002/58/EC, through automated means using technical specifications.
Jede von der Verarbeitung personenbezogener Daten betroffene Person hat das vom europäischen Richtlinien- und Verordnungsgeber gewährte Recht, nicht einer ausschließlich auf einer automatisierten Verarbeitung — einschließlich Profiling — beruhenden Entscheidung unterworfen zu werden, die ihr gegenüber rechtliche Wirkung entfaltet oder sie in ähnlicher Weise erheblich beeinträchtigt, sofern die Entscheidung (1) nicht für den Abschluss oder die Erfüllung eines Vertrags zwischen der betroffenen Person und dem Verantwortlichen erforderlich ist, oder (2) aufgrund von Rechtsvorschriften der Union oder der Mitgliedstaaten, denen der Verantwortliche unterliegt, zulässig ist und diese Rechtsvorschriften angemessene Maßnahmen zur Wahrung der Rechte und Freiheiten sowie der berechtigten Interessen der betroffenen Person enthalten oder (3) mit ausdrücklicher Einwilligung der betroffenen Person erfolgt. Ist die Entscheidung (1) für den Abschluss oder die Erfüllung eines Vertrags zwischen der betroffenen Person und dem Verantwortlichen erforderlich oder (2) erfolgt sie mit ausdrücklicher Einwilligung der betroffenen Person, trifft die Hebio GbR angemessene Maßnahmen, um die Rechte und Freiheiten sowie die berechtigten Interessen der betroffenen Person zu wahren, wozu mindestens das Recht auf Erwirkung des Eingreifens einer Person seitens des Verantwortlichen, auf Darlegung des eigenen Standpunkts und auf Anfechtung der Entscheidung gehört. Möchte die betroffene Person Rechte mit Bezug auf automatisierte Entscheidungen geltend machen, kann sie sich hierzu jederzeit an einen Mitarbeiter des für die Verarbeitung Verantwortlichen wenden.
Every person affected by the processing of personal data has the right granted by the European legislature to withdraw consent to the processing of personal data at any time. If the affected person wishes to assert their right to withdraw consent, they can contact an employee of the controller responsible for the processing at any time.
The controller responsible for processing collects and processes the personal data of applicants for the purpose of carrying out the application process. Processing may also occur electronically, especially if an applicant submits corresponding application documents electronically, for example, via email or through a web form on the website. If the controller concludes an employment contract with an applicant, the submitted data will be stored for the purpose of processing the employment relationship in accordance with legal provisions. If no employment contract is concluded with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, unless there are other legitimate interests of the controller against deletion. A legitimate interest in this sense is, for example, an obligation to provide evidence in a procedure under the General Equal Treatment Act (AGG).
This website uses Google Analytics, a web analysis service from Google Inc. (hereinafter: Google). Google Analytics uses so-called 'cookies', which are text files that are stored on your computer and allow analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymization on these websites, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
The purposes of data processing lie in evaluating the use of the website and compiling reports on activities on the website. Based on the use of the website and the internet, further related services are to be provided. The processing is based on the legitimate interest of the website operator.
You can prevent the storage of cookies by adjusting the settings of your browser software; however, we point out that in this case you may not be able to use all functions of this website to the full extent. Furthermore, you can prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of these data by Google by downloading and installing the browser plugin available at the following link: Browser Add-On for Deactivating Google Analytics.
Additionally, or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our pages by clicking this link. An opt-out cookie will be installed on your device. This will prevent the collection by Google Analytics for this website and for this browser in the future, as long as the cookie is installed in your browser.
To present our content correctly and attractively across browsers, we use libraries and font libraries on this website, such as Google Webfonts (https://www.google.com/webfonts/). Google Webfonts are transferred to the cache of your browser to prevent multiple loading. If your browser does not support Google Webfonts or restricts access, contents will be displayed in a standard font.
The call of libraries or font libraries automatically establishes a connection to the operator of the library. It is theoretically possible – currently unclear whether and for what purposes – that operators of corresponding libraries collect data.
You can find the privacy policy of the library operator Google here: https://www.google.com/policies/privacy/
Social plugins from the providers listed below are used on our websites. You can recognize the plugins by the corresponding logo.
Through these plugins, information, which may also include personal data, may be sent to the service provider and possibly used by them. We prevent the unconscious and unwanted collection and transmission of data to the service provider through a 2-click solution. To activate a desired social plugin, it must first be activated by clicking the corresponding switch. Only through this activation of the plugin is the collection of information and its transmission to the service provider triggered. We do not collect any personal data through the social plugins or their use.
We have no influence on which data an activated plugin collects and how these are used by the provider. Currently, it must be assumed that a direct connection to the provider's services is established and at least the IP address and device-related information are collected and used. There is also the possibility that the service providers attempt to store cookies on the computer used. For specific data collected and how these are used, please refer to the privacy notices of the respective service provider. Note: If you are logged in to Facebook at the same time, Facebook may identify you as a visitor to a specific page.
We have integrated the social media buttons of the following companies on our website:
Hebio GbR
This website uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.
In the context of Google Ads, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the internet browser stores on the user's computer. These cookies expire after 30 days and are not intended for personal identification of users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user has clicked on the ad and was redirected to this page.
Each Google Ads customer receives a different cookie. The cookies cannot be tracked across the websites of Google Ads customers. The information obtained through the conversion cookies is used to create conversion statistics for Google Ads customers who opted for conversion tracking. The customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily disabling the cookie of Google Conversion Tracking through your internet browser under user settings. You will then not be included in the conversion tracking statistics.
The storage of 'conversion cookies' and the use of this tracking tool are based on Article 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its web offerings and its advertising. If consent was requested (e.g., consent to store cookies), processing occurs solely on the basis of Article 6 (1) (a) GDPR; consent can be revoked at any time.
More information on Google Ads and Google Conversion Tracking can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de.
You can set your browser to be informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If you disable cookies, the functionality of this website may be restricted.
Article 6 (1) (a) GDPR serves as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the fulfillment of a contract of which the affected person is a party, such as processing operations necessary for the delivery of goods or the provision of other services or benefits, the processing is based on Article 6 (1) (b) GDPR. The same applies to processing operations required to carry out pre-contractual measures, such as in cases of inquiries regarding our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as fulfilling tax obligations, the processing is based on Article 6 (1) (c) GDPR. In rare cases, the processing of personal data may be necessary to protect vital interests of the affected person or another natural person. This would be the case if a visitor were to be injured on our premises and his name, age, health insurance data, or other vital information needed to be disclosed to a doctor, a hospital, or other third parties. Then the processing would be based on Article 6 (1) (d) GDPR. Ultimately, processing operations may be based on Article 6 (1) (f) GDPR. Processing operations that are not covered by any of the aforementioned legal bases are permitted if processing is necessary to protect the legitimate interests of our company or a third party, provided that the interests, fundamental rights, and fundamental freedoms of the affected person do not outweigh them. Such processing operations are particularly permitted because they were specifically mentioned by the European legislator. He took the view that a legitimate interest could be assumed if the affected person is a customer of the controller (Recital 47 sentence 2 GDPR).
If the processing of personal data is based on Article 6 (1) (f) GDPR, our legitimate interest is the conduct of our business activities for the benefit of the well-being of all our employees and our shareholders.
The criterion for the duration of storage of personal data is the respective statutory retention period. After the expiration of this period, the corresponding data will be routinely deleted, provided they are no longer necessary for the fulfillment of the contract or the initiation of a contract.
We reserve the right to adapt this privacy policy to ensure it always meets current legal requirements or to implement changes in our services in the privacy policy, e.g., with the introduction of new services. The new privacy policy will apply to your subsequent visits.
HEB-IO – a groundbreaking robotic system for moving EUR pallets, functioning as a pair of devices. These state-of-the-art robots work autonomously to lift and transport pallets in warehouses, representing the future of automated logistics.
