Privacy policy

Thank you for your interest in our complaints website. The protection of your privacy is very important to us. Below we inform you in detail about how we handle your data in accordance with Art. 13 of the EU General Data Protection Regulation (GDPR). Please read this data protection information carefully. If you have any questions or comments, please feel free to contact us at any time using the contact details provided under I.
 

I. Name and contact details of the controller, as well as the data protection officer

Responsible for the processing of your personal data when using these internet pages is:
 
HAKA Kunz GmbH
Bahnhofstraße 30 – 32
71111 Waldenbuch
Telephone: +49 (0)7157/122–0
 
You can reach the data protection officer of HAKA Kunz GmbH at the above postal address (for the attention of the data protection officer) and at datenschutzbeauftragter@haka.de.
 

I. Purposes of data processing, legal basis, as well as legitimate interests of the controller and duration of storage

1. Purpose of the complaints portal

The HAKA Kunz GmbH complaints portal is a self-service customer portal.
The aim and purpose of the portal is to give customers the opportunity to complain about their orders.
 

2. Calling up the Complaints Portal

When you access our complaints website, information is collected and stored in so-called server-log-files ("log-files") for system-related reasons, which your browser automatically transmits to us.
 
These are:
IP address of the retrieving terminal device,
Date and time of access,
Name and URL of the retrieved file,
Referrer URL (website from which the access was made) and accessed links,
Information about the type of browser, the version used and, if applicable, the operating system used by you as well as the name of your access provider.
 
This data cannot be assigned to a specific person. It is not possible for us to draw conclusions about your identity. The log file data is always stored separately from other personal data; it is not merged with other data sources. This data is processed by us on the basis of Art. 6 para. 1 lit. f) GDPR for the delivery of the contents of our website as well as to ensure the functionality of our information technology systems, to optimise our website and to evaluate system security and stability. The data is stored for a period of 14 days and then automatically deleted.
 

3. Google

We use Google General and Google reCaptcha on our website. These are services provided by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
 
Google General is used to improve the content and function of this website. ReCaptcha serves to prevent abusive automated entries in web forms and thus to protect the technical systems of the hoster.
 
When you access this website, a connection to Google's servers is established. A reCaptcha cookie is set. Your IP address is transmitted to Google.
 
In addition, reCaptcha collects the following data by means of "fingerprinting:
 
  • Browser plugins used
  • cookies set by Google in the last 6 months
  • number of mouse clicks and touches you have made on this screen
  • CSS information for the page you are viewing
  • Javascript objects
  • the date
  • the browser language
 
Google General collects the following data when this website is called up:
 
  • Click path
  • Visibility of displays Mouse movement
  • Timestamp
  • Clicks on ads
  • Time and date
  • Visitor behaviour
  • Language
  • Websites visited
  • Time zone
 
You can refuse the storage of cookies and fingerprinting by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
 
Insofar as data is processed outside the European Economic Area / the EU, where there is no level of data protection corresponding to the European standard, Google states that it uses standard contractual clauses.
 
You can find Google's privacy policy and terms of use here: https://policies.google.com/privacy and here: https://policies.google.com/terms.
 
The collection and storage of data only takes place after explicit consent according to Art. 6 para. 1 lit. a) GDPR. This consent can be revoked at any time with effect for the future.
 

4. Front Awesome

We use Front Awesome Icons, a service provided by Font Awesome Fonticons, Inc, 710 Blackhorn Drive, Carl Junction, MO, 64834, on our website. Front Awesome Icons is a library of free and paid icons.
 
Front Awesome Icons serves the function of this website. When you visit this website, the following data about you is processed:
 
  • Timestamp
  • Clicks on ads
  • User location
  • Language
  • Websites visited
  • Time zone
 
This provider may transfer, store or process your personal data outside the EEA/EU. These countries may not have the same level of data protection and the enforcement of your rights may be limited or not possible.
 
The privacy policy of Font Awesome can be found here: https://fontawesome.com/privacy.
 
The legal basis for data processing is your consent in accordance with Art. 6 Para. 1 lit. a) GDPR. This can be revoked at any time with effect for the future.
 

III. Disclosure of your data to third parties

Insofar as we use external service providers for the processing of your personal data within the scope of commissioned processing in accordance with Art. 28 GDPR (e.g. IT service providers), these have been carefully selected and commissioned by us. They are bound by our instructions and are regularly monitored.
 
Your data will only be disclosed, e.g. to supervisory authorities and law enforcement agencies, within the framework of legal regulations if it is necessary for the prevention and detection of fraud and other criminal offences or to ensure the security of our data processing systems. The legal basis for this is the fulfilment of legal obligations according to Art. 6 para. 1 lit. c) and the protection of legitimate interests according to lit. f) GDPR.
 
If personal data are processed in a third country, a comparable level of data protection is ensured with the help of appropriate guarantees pursuant to Art. 44 et seq. GDPR.
 

IV. Rights of the data subject

As a data subject, you have the following rights:
 

1. Right of objection

You can object to the processing of your personal data insofar as this is based on Art. 6 para. 1 lit. f) GDPR ("legitimate purposes") (Art. 21 GDPR). However, according to Art. 21 (1) sentence 1 GDPR, there is only an obligation to implement your objection if you provide us with reasons of overriding importance for this which arise from your particular situation. Your personal data will no longer be processed unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
 

2. Right to revoke the declaration of consent under data protection law

You have the right to revoke your consent under data protection law at any time without stating reasons by sending a message to the office named in section I, without incurring any costs other than the transmission costs according to the basic rates. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the declared consent until the revocation.
 

3. Further rights of the data subject

In addition, you can - if the respective legal requirements are met - claim the following rights:
 
Right to information about your personal data stored by us, in particular about the processing purposes, the categories of data and their origin if the data were not collected directly from you, the categories of recipients of your data, the planned storage period and your data subject rights (Art. 15 GDPR),
 
Right to rectification of inaccurate or incomplete personal data (Art. 16 GDPR),
 
Right to have your personal data deleted, in particular if the data is no longer necessary for the purposes for which it was collected and we are not obliged to retain the data due to legal, statutory or contractual requirements (Art. 17 GDPR),
 
Right to restrict the processing of your personal data (Art. 18 GDPR),
 
Right to data portability with regard to personal data provided to us by you in a common, machine-readable format (Art. 20 GDPR).
 

4. Right to complain to a supervisory authority

Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy, if you believe that the processing of data concerning you by us violates the requirements of the GDPR.
 
The supervisory authority for data protection responsible for HAKA Kunz GmbH is:
 
The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
Tel.: 0711/615541-0
 

V. Data security

We take appropriate technical security measures to protect the data you entrust to us from loss, destruction, disclosure and access by unauthorised persons, and we always adapt these measures to further technical developments. An SSL protocol (SSL certificate) is used for communication via the website. The SSL protocol (Secure Sockets Layer) is an encryption method for confidential, authentic and integrity-protecting end-to-end data transmission.
 
However, we would like to point out that data transmission on the Internet can have security gaps. Complete protection of data against access by third parties is not possible.
 

VI. Adaptations of the data protection information

We will revise our information on the processing and protection of your personal data from time to time in order to adapt it to the state of the art or to changed framework conditions. We therefore recommend that you regularly inform yourself about changes on this page.