We accord highest priority to the protection of your privacy and appreciate the confidence you have shown in us by sharing your personal data with us.
1. Name and contact details of the controller
The entity which determines the purposes and means of the processing of personal data (controller) pursuant to GDPR and the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) is:
ElectronicPartner Handel SE
Mündelheimer Weg 40
Tel.: +49 (0)211 41560
2. Contact details of the data protection officer
Please contact our data protection officer if you have any questions about data protection:
ElectronicPartner Handel SE
Data Protection Officer
Mündelheimer Weg 40
3. Collection, processing and use of personal data
When we collect personal data we ensure stringent compliance with the principles of data avoidance and data economy. Personal data are only processed for the purposes for which they were collected.
The personal data concerning you that we process depend on whether you only visit our website, or whether you send us a message or job application.
3.1 Website visit
When you visit our website we collect and process the following data:
- Your internet service provider
- Referrer URL (previously visited website)
- Your browser type and operating system
- Your IP address
- Requested files, transferred data volume, downloads/file exports
- Name of accessed websites, including data and time of access
- Screen size
- Plug-ins used
We store these data pursuant to Art. 6 (1) f) GDPR for the purpose of technical security (in particular, to prevent attempts to hack into our web servers).
3.2 E-mail contact
If you contact us via one of the e-mail addresses that we provide we will collect personal data concerning you. These data are stored for the purpose of processing your enquiry. We delete all data relating to your contact with us when it is no longer necessary to store it, or we restrict the processing of that data if we are required to comply with statutory archiving requirements. The legal basis for the processing of your personal data is Art. 6 (1) b) GDPR if you contact us in order to conclude a contract with us. It is also in our legitimate interest to process the data for the purpose of responding to your enquiry on the legal basis of Art. 6 (1) f) GDPR.
3.3 Contact form
When you send us an enquiry using our contact form, the information contained in the contact form, including the contact data you provide in the form, are processed by us to deal with the enquiry and any follow-up correspondence. The legal basis is Art. 6 (1) b) GDPR. These data are not transferred to other parties or used for other purposes.
3.4 Online application form
When you visit our website it is possible that we will place information on your computer in the form of cookies. Cookies are small text files that are stored on your computer’s hard disk.
This information contained in the cookies makes it possible for you to be automatically recognised next time you visit our website and makes the navigation of our website easier for you. The legal basis is our legitimate interest pursuant to Art. 6 (1) f) GDPR.
Naturally, you can also view our web pages without cookies. If you don’t want us to recognise your computer, you can prevent cookies from being stored on your hard disk by disabling cookies in your browser. Check your browser provider’s instructions for use to find out how to disable cookies. Disabling cookies may have an effect on our website’s functions.
3.6 Open Street Map
The legal basis for the use of the OpenStreetMap service is Art. 6 (1) f) GDPR. The data is processed for the purpose of enhancing the user experience on our website.
4. Matomo web analysis
This website uses the open source software tool Matomo (formerly PIWIK) to analyse user behaviour and to optimise our website. It is also in our legitimate interest to process this data pursuant to Article 6 (1) f) GDPR.
Information about your use of our website is generated by a cookie (refer to the above section on cookies). Among other things, the cookie allows the internet browser and your operating system to be recognised again. The data collected by Matomo (including your pseudonymised IP address) is processed on our servers.
The information generated by the cookie in the pseudonymous user profile is not used to personally identify website users and it is not combined with other data about the pseudonym holder. The data are erased when they are no longer required for the purposes for which they were collected. In our case, that is after 180 days.
You can revoke your consent to the storage and use of your data by clicking on the link provided below. In this case an opt-out cookie will be stored in your browser preventing Matomo from collecting any session data. Please remember that when you delete the cookies in your browser you also delete the opt-out cookie. In that case you have to reactivate the opt-out cookie.
Personal data are erased or blocked when the purpose for which they were stored no longer applies or if you request it. Data are also erased if a mandatory statutory retention period expires unless it is necessary to continue storing the data in order to enter into or execute a contract, or you have consented to its continued storage.
6. Transfers to third countries
We do not transfer personal data to third countries or international organisations.
7. Data subject rights
When personal data concerning you is processed you have the following rights as the data subject pursuant to GDPR.
7.1 Right to obtain information
You can request confirmation from the data controller of whether personal data concerning you are being processed by us.
If personal data concerning you is being processed, you can request the following information from the controller:
- the purposes for which the personal data are being processed;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data has been or will be disclosed;
the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
the existence of the right to obtain from the controller rectification or erasure of personal data concerning you, the right to restriction of processing by the controller or the right to object to processing;
the right to lodge a complaint with a supervisory authority;
all available information about the origin of the data if the personal data were not collected from the data subject.
7.2 Right to rectification
You have the right to obtain the rectification of personal data concerning you and the supplementation of incomplete personal data from the data controller. The data controller will comply without undue delay.
7.3 Right to restriction of processing
When one of the following applies you have the right to obtain from the controller restriction of processing:
- if you contest the accuracy of the personal data, for a period enabling the controller to verify the accuracy of the personal data;
if you have objected to processing pursuant to Article 21 (1) GDPR pending the verification of whether the legitimate grounds of the controller override your grounds.
if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
if the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or;
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If you have obtained restriction of processing pursuant to the above the data controller will inform you before the restriction of processing is lifted.
7.4 Right to erasure
7.4.1. Erasure obligation
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
You withdraw your consent on which the processing is based according to Article 6 (1) a), or Article 9 (2) a) GDPR, and where there is no other legal ground for the processing.
You object to the processing pursuant to Article 21 (1) and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (2) GDPR.
The personal data concerning you have been unlawfully processed.
The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
The personal data have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.
7.4.2. Information to third parties
Where the controller has made the personal data public and is obliged pursuant to Article 17 (1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The right to obtain erasure does not apply if the processing is necessary
for exercising the right of freedom of expression and information;
for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
for reasons of public interest in the area of public health in accordance with Article 9 (2) h) and i) as well as Article 9 (3) GDPR;
for the establishment, exercise or defence of legal claims.
7.4.4. Notification obligation
If you have exercised your right of any rectification or erasure of personal data or restriction of processing vis-a-vis the controller, the controller is required to communicate any rectification, erasure or restriction of processing of personal data to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have to right to obtain information from the controller about those recipients.
7.5 Right to data portability
You have the right to receive your personal data which you have provided to a controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the controller to which the personal data had been provided, where
the processing is based on consent pursuant to Article 6 (1) a GDPR or Article 9 (2) a GDPR or on a contract pursuant to Article 6 (1) b GDPR; and
the processing is carried out by automated means.
In exercising this right to data portability you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This may not adversely affect the rights and freedoms of others.
7.6 Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you on the basis of Article 6 (1) e) or f) GDPR; including profiling based on those provisions.
The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data for such marketing purposes, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 202/58/EC, you may exercise your right to object by automated means using technical specifications.
7.7 Right to revoke consent
When personal data is processed because you have provided your consent, you have the right to revoke that consent at any time. This does not affect the lawfulness of processing up to the time of revocation.
7.8 Right to lodge a complaint with a supervisory authority
If you consider that the processing of personal data relating to you infringes the GDPR, you have the right at any time to lodge a complaint with the competent supervisory authority. The supervisory authority where the complaint is lodged informs the complainant about the status and outcome of the complaint process, including the right to an effective judicial remedy pursuant to Article 78 GDPR.
8. Legal requirements
The provision of personal data is not prescribed by law. You are not legally required to provide your personal data to us. However, if you do not provide your personal data to us, you will only be able to use our anonymous services.
We do not undertake any automated processing or profiling pursuant to Art. 22 (1) and (4) GDPR.
10. Further information
10.1 Data security
We have implemented technical and organisational measures to ensure the security of your data. Our employees have undertaken to maintain data confidentiality. We also use an encryption process. The information that you provide is transferred in encrypted format via SSL (Secure Socket Layer).
Our security technology is regularly optimised and upgraded to reflect the state-of-the-art.
If you use links to external websites which are provided on our website, this data policy does not apply to the websites that you access via the links. If we provide links we endeavour to ensure that the linked website providers comply with our privacy and security standards. However, we have no influence over external providers’ compliance with our privacy and security policy. Please therefore read the external website providers’ privacy policies.