Privacy

I. Name and address of the data controller

The data controller within the meaning of applicable data protection regulations is:

NWS Germany Produktion W. Nöthen e. K.

Company owner: Willibald Nöthen

Röntgenstrasse 12-18

42719 Solingen

Phone: +49 212 24000-0

Fax: +49 212 24000-24

Email: info@nws-tools.de

 

You can reach our data protection officer via:

Email: datenschutz@nws-tools.de

 

II. General information on data processing

1. Extent of the processing of personal data

We collect and use the personal data of our users only to the extent necessary for these purposes:

- For the provision of a functional website

- For the performance of our services

or

if the user has consented.

An exception applies in those cases in which prior consent cannot be obtained in fact and the processing of the data is permitted by statutory provisions.

2. Legal foundation for the processing of personal data

Below you will find the legal principles which the GDPR provides for the processing of personal data:

Processing of personal data is considered permitted in the following cases:

  • On the basis of the consent given by the data subject, Article 6(1)a EU General Data Protection Regulation (GDPR)
  • Where it serves to fulfil a contract with the data subject, in accordance with Article 6(1)b GDPR
  • Where it is necessary for the implementation of pre-contractual measures, in accordance with Article 6(1)b GDPR
  • Where it is necessary to fulfil a legal obligation incumbent upon us, Article 6(1)c GDPR
  • Where it is necessary because of the vital interests of the data subject or other natural persons, in accordance with Article 6(1) d GDPR
  • Where it is necessary to safeguard a legitimate interest of our company or a third party and which outweighs the interests, fundamental rights and fundamental freedoms of the data subject, Article 6(1)f GDPR.

3. Data erasure and storage duration

As a matter of principle, we erase or block personal data as soon as the purpose for the storage no longer applies. If we are legally obliged to store data, blocking or erasure will only take place after expiry of the prescribed legal storage period, unless there is a necessity for further storage of the data for the conclusion or fulfilment of a contract.

4. Recipients of the data collected

The recipient of the data collected via the website is the named data controller. In addition, processors (web hosters, technical support) also have access to the data collected via the website. Compliance with the statutory regulations is, however, guaranteed on the basis of data processing contracts which we have concluded with our processors, who are domiciled in the EU.

Since no contracts are concluded via our website, there is no legal or contractual obligation to provide personal data.

 

III. Provision of the website and creation of log files

1. Scope of data processing

Every time you access our website, our system automatically collects data and information from the computer system of the accessing computer.

The following data will be collected:

(1) Information about the browser type, language, character encoding, and version used

(2) The user's operating system

(3) The IP address of the user

(4) Date and time of access, first and last visit

(5) The website from which the user accessed ours

(6) Websites accessed by the user's system via our website

(7) Articles that have been compared

The data are also stored in the log files on our system (logs of all or certain processes on a computer system). These data are never stored together with personal data of the user.

2. Legal foundation for data processing

The legal basis for the temporary storage of data and log files is Article 6(1)f GDPR.

3. Purpose of data processing

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

The data are stored in log files in order to ensure the functionality of the website. The data are also used to optimise the website and to ensure the security of our information technology systems.

These purposes are also the foundation for a legitimate interest in data processing pursuant to Article 6(1)f GDPR. Since it is not easy for us to deduce details of a natural person from an IP address, and since an IP address is not a sensitive piece of data, and because it is deleted immediately after the person has left the website and because we need it to make our website available, our interest outweighs the interest of the data subject.

4. Duration of storage

The data collected will be deleted as soon as they are no longer required for the purpose for which they were collected (provision of the website). If the data are stored in log files, they are also erased after seven days at the latest. Storage beyond this is possible. In this case, however, the IP addresses of the users are erased or anonymised to prevent any assignment to the client computer.

5. Objection to the processing of the data and options for removal

The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

 

IV. Use of cookies

1. Description and scope of data processing

Our website uses technically necessary cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after changing to a different page.

Those cookies are the following:

Cookie Settings

2. Legal foundation for data processing

The legal basis for the processing of personal data using cookies is Article 6(1)f GDPR.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be made available at all without the use of cookies. For these functions to work, it is necessary for the browser to be recognised even after a page change.

We require cookies for the following functions:

(1) Choice of language

(2) Use of the notepad

(3) Comparing products

(4) Recognition of users

The user data collected by these technically necessary cookies are not used to create user profiles.

Google Analytics and Kyto Cookies are used to analyse the use of our website statistically. This purpose is also the foundation for a legitimate interest in processing personal details pursuant to Article 6(1)a GDPR. Since the data are collected anonymously, our legitimate interest in the use of Google Analytics and Kyto outweighs your general right to privacy.

4. Duration of storage, possibility of objection and removal

Cookies are stored on the user's computer and transmitted to our site by the user's computer. As a result, you as the user also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. We would like to point out that, if you deactivate cookies, you may not be able to use all the functions of this website to their full extent. By using this website you agree to the processing of data about you by Google in the manner described above and for the aforementioned purpose.

 

V. Newsletter

1. Description and scope of data processing

You can subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input screen are transmitted to us. Only your email address will be collected.

In addition, the following data is collected during registration:

(1) IP address of the computer that is accessing our site

(2) Date and time of registration

Your consent will be obtained for the processing of your data during the registration process and reference will be made to this data protection statement.

No data will be passed on to third parties in connection with the processing of data for the dispatch of newsletters. The data will be used exclusively for the purpose of sending the newsletter.

2. Legal foundation for data processing

The legal basis for the processing of the data by the user after registration for the newsletter is Article 6(1)a GDPR by clicking on the "Subscribe" button.

3. Purpose of data processing

The collection of the user's email address serves to deliver the newsletter. The collection of other personal data (log files) as part of the registration process serves to prevent misuse of the services or the email address used.

4. Duration of storage

The data collected will be deleted as soon as they are no longer required for the purpose for which they were collected. The user's email address will therefore only be stored as long as the newsletter subscription is active.

The other personal data collected in the course of the registration process are usually deleted after a period of seven days.

5. Objection to the processing of the data and options for removal

Subscription to the newsletter may be terminated at any time by the user concerned. A link to do this can be found in every newsletter. You can also prevent the newsletter from being sent in the future by selecting the "Unsubscribe" option on our website. When you cancel the newsletter, your consent to the dispatch of the newsletter and the storage of the associated data is revoked.

 

VI. Email contact & contact form

1. Scope of data processing

It is possible to contact us via a contact form on our website or via the email address provided. The data will be used exclusively for the processing of the conversation or request. In addition, you can order a catalogue via an opt-in option. For this purpose, a postal address is required.

2. Description and scope of data processing

If a user makes use of the contact form, the data entered on the input screen will be transmitted to us and stored. These data are as follows:

Mandatory fields

- First name and surname

- Email address

Voluntary information

- Form of address

- Company and position held

- Telephone number

- Fax number

- Street address, postcode and town

- Country

- Content of your message

- Indication of whether you are a retailer

 

At the time the message is sent, the following data will also be stored

- IP address

- Date and time of transmission

 

Alternatively, you can contact us via the email address provided. In this case, the user's personal data that are transmitted with the email will be stored.

The data will be used exclusively for the processing of the conversation or request. In order to request our catalogue, it is necessary to provide your postal address.

3. Legal foundation for data processing

These data are processed on the basis of Article 6(1)f GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Article 6(1)b GDPR.

4. Purpose of data processing

The processing of the personal data from the input screen or by email is used by us exclusively to manage your contact with us. In this respect, the mandatory information we collect serves to protect against misuse. Our legitimate interest is also founded on this situation. Since your making contact with us is initiated by you and is voluntary and since we have informed you beforehand about how we handle the data transmitted, our legitimate interest outweighs your right to privacy.

The other personal data processed during the transmission process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

5. Duration of storage

The data collected will be deleted as soon as they are no longer required for the purpose for which they were collected. As regards the personal data from the contact form input screen and those sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the facts in question have been conclusively clarified.

The additional personal data collected during the sending process (e.g. IP addresses) will be deleted after a period of seven days at the latest.

6. Objection to the processing of the data and options for removal

The user has the possibility to object to the storage of his or her personal data at any time. In such a case, the conversation cannot be continued. The objection can be made by email, post or fax.

In this case, all personal data stored in the course of contacting us will be deleted by us.

As far as data is collected within the scope of a contractual relationship, there is no possibility of objection, as this is absolutely necessary for the execution of the contract.

 

VII. Social media

On our website we provide references to various social media. However, these are only links to external websites belonging to third party social media providers and not plug-ins. Consequently, when you visit our website, no links are established and no personal data are transferred to those third party providers. If you click on the respective button marked with the provider's symbol, you will be redirected to that provider's website. You will then  leave our website. If you have any questions about data collection by third parties, please read the data protection declarations provided by these third parties. We refer to the following social media:

1. Google+

Provider of Google+ is Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The Google "+1-Button" is marked with the logo "g+". Their privacy policy can be found here: policies.google.com/privacy

2. Facebook

Our website links via the "f" button to the social network facebook.com, whose operator for users outside the USA and Canada is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland. Privacy information can be found at: https://facebook.com/about/privacy/

2.1 Privacy statement regarding the use of Facebook

The data controller of this site has incorporated components from Facebook. Facebook is a social network.

A social network is a social meeting place operated on the Internet, an online community that allows users to communicate with each other and interact in a virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enable the Internet community to provide personal or company-related information. Facebook enables social network users to create private profiles, upload photos and network via friend requests, among other things.

The company responsible for operating Facebook is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The data controller is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, if a data subject lives outside the USA or Canada.

Every time a page on this site operated by the data controller is accessed and which includes one or more Facebook plug-ins, the internet browser on the computer or device of the data subject, i.e. you, is automatically caused by the Facebook plug-in in question to download a view of the corresponding Facebook plug-in from the Facebook server. A full overview of all Facebook plug-ins can be found at developers.facebook.com/docs/plugins/. This technical process allows Facebook to see which specific pages and subpages of our website you visit.

If the data subject is, at the same time, logged in to Facebook, Facebook can see every time our site is accessed by that data subject and, for the duration of that person's visit to our website, can see exactly which pages and subpages you visit. That information is collected by the Facebook plug-in and linked by Facebook to the data subject's own Facebook account. If the data subject then clicks one of the Facebook buttons integrated in our site, e.g. the "Share" button, or posts a comment, Facebook will link that information to the personal Facebook user account of the data subject and store those personal data.

Facebook will always be notified through the Facebook plug-in that the data subject has visited our website if the data subject is also logged in to their Facebook account when they access our website; this will happen whether the data subject clicks the Facebook component or not. If you, as the data subject, do not want this information to be transmitted to Facebook, please log out of your Facebook user account before accessing our site.

The privacy statement published by Facebook that is available at www.facebook.com/about/privacy/ gives details of the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the data subject. In addition, there are various applications available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

3. Twitter

By clicking on the button with the symbol of the bird you will be accessing the microblogging service provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland. You can find information on their data protection here: https://twitter.com/en/privacy 

4. LinkedIn

The "in" button takes you to the website of the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland platform. You will find a note on data protection there at https://www.linkedin.com/legal/privacy-policy?_l=en_EN

5. XING

The button with the stylised "X" will take you to the website of XING AG, Dammtorstrasse 30, 20354 Hamburg, Germany. You can find information on their data protection here: https://www.xing.com/privacy

6. Pinterest

On our website we also link to the social network Pinterest, which is operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA, 94103, USA ("Pinterest"). The link is marked with a Pinterest logo (e.g. "Pin it" button). You can find information about data protection at Pinterest here: https://policy.pinterest.com/en/privacy-policy.

7. Instagram

Our website links via the button with the camera symbol to the social network instagram.com, whose operator for users outside the USA and Canada is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour,D2 Dublin, Ireland. You can find information on their data protection here: https://www.facebook.com/about/privacy/

8. YouTube

Our website links to the video portal youtube.com via the "Play" button. The company providing the service in the European Economic Area and in Switzerland is Google Ireland Limited, a company registered and operated under Irish law (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. Further information on data protection as practised by "YouTube" can be found in the provider's data protection declaration at https://policies.google.com/privacy?hl=en&gl=de.

 

VIII. Google Tag Manager

This website uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not collect any personally identifiable information. The tool triggers other tags that may themselves collect data. Google Tag Manager does not access this data. If deactivation has been set at the domain or cookie level, it will persist for all tracking tags implemented with Google Tag Manager.

 

IX. Google Maps

This website uses Google Maps, a map service for displaying maps and creating directions. Google Maps is offered to European users by Google Ireland Limited, based in Dublin, Ireland. As we have integrated Google Maps via our own interface, no personal data is transmitted to Google when you visit our website.

The purpose of using Google Maps is to make it easier for you to find our locations.

The legal basis is therefore Article 6(1)f GDPR. Google Maps thus serves the user-friendliness of our Internet presence. Since no personal data is transmitted to Google, our interest in the use of your rights prevails.

However, you still have the option of deactivating the Google Maps service in a simple manner.

To do so, deactivate JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display.

 

X. YouTube

This website uses YouTube to display and play videos from the provider "YouTube". The company providing the service in the European Economic Area and in Switzerland is Google Ireland Limited, a company registered and operated under Irish law (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland.

The extended data protection mode is used here, which, according to the provider, only initiates the storage of user information when the video(s) is/are played. If the playback of embedded YouTube videos is started, the provider uses "YouTube" cookies to collect information about user behaviour. According to information provided by "YouTube", these cookies serve, among other things, to collect video statistics, improve user-friendliness and prevent abusive practices. If you are logged in to Google, your information will be directly associated with your account when you click on a video. If you do not want your profile to be associated with YouTube, you must log out before activating the button. Google stores your data (even for users who are not logged in) as user profiles and evaluates them. In particular, such evaluation is carried out in accordance with Article 6(1)f GDPR on the basis of Google's legitimate interests in the display of personalised advertising, market research and/or the design of its website to meet requirements. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise this right.

Irrespective of any reproduction of the embedded videos, a connection to the Google "DoubleClick" network is established each time this website is accessed, which can trigger further data processing operations over which we have no influence.

Google LLC, based in the USA, has subscribed to the EU-US Privacy Shield Framework, which ensures compliance with the data protection level applicable in the EU. 

Further information on data protection as practised by "YouTube" can be found in the provider's data protection declaration at https://policies.google.com/privacy?hl=en&gl=en.

 

XI. Rights of the data subject

If personal data are processed by you, you are the data subject within the meaning of the GDPR and you are entitled to the following rights:

1. Right to information

You may request confirmation from us as to whether personal data relating to you will be processed by us.

In the event of such processing, you may request the following information from us:

(1) The purposes for which the personal data will be processed

(2) The categories of personal data processed

(3) The recipients or categories of recipients to whom the personal data relating to you has been or will be disclosed

(4) The planned duration of the retention of the personal data relating to you or, if it is not possible to provide specific information in this regard, criteria for determining the retention period

(5) The existence of a right to rectify or delete personal data concerning you, a right to limit the processing by the controller or a right to object to such processing

(6) The existence of a right of appeal to a supervisory authority

(7) All available information on the origin of the data, if the personal data are not collected from the data subject

(8) The existence of automated decision-making including profiling in accordance with Article 22 (1) and (4) GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.

You have the right to request information as to whether the personal data concerned will be transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Article 46 GDPR in connection with the transfer.

2. Right to rectification

You have the right to rectification and/or completion if the processed personal data concerning you is inaccurate or incomplete. We must then carry out the rectification immediately.

3. Right to restriction of processing

Under the following conditions, you may request that the processing of your personal data is restricted:

(1) If you dispute the accuracy of the personal data concerning you for a period of time which enables us to verify the accuracy of the personal data

(2) If the processing by us is unlawful, you refuse to have your personal data deleted by us and instead request us to restrict the use of your personal data

(3) If we no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims, or

(4) If you have objected to the processing pursuant to Article 21(1) GDPR and it has not yet been determined whether our legitimate reasons outweigh your reasons.

If the processing of the personal data concerning you has been restricted, these data – apart from their storage – may only be processed by us with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.

If the processing restriction has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

4. Right to erasure

a) Obligation to erase

You can ask us to delete your personal data immediately. We are obliged to delete this data immediately if one of the following reasons applies:

(1) Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You revoke your consent on which the processing pursuant to Article 6(1)a or Article 9(2)a GDPR was based and there is no other legal basis for the processing.

(3) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate reasons for the processing or you object to the processing pursuant to Article 21(2) GDPR.

(4) The personal data concerning you have been processed unlawfully.

(5) The deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which we are subject.

(6) The personal data relating to you have been collected in relation to information society services offered pursuant to Article 8(1) GDPR.

b) Information to third parties

If we have made your personal data public and we are obliged to delete them pursuant to Article 17(1) GDPR, we shall take appropriate measures (including technical measures) to inform those responsible for processing the personal data that you have requested the deletion of all links to this personal data, copies or replications of this personal data.

c) Exceptions

The right to deletion does not exist if the processing is necessary.

(1) The exercise of freedom of expression and information

(2) To fulfil a legal obligation or to perform a task which is in the public interest or is carried out in the exercise of official authority which may have been transferred to us

(3) For reasons of public interest in the field of public health pursuant to Article 9(2)h and i and Article 9(3) GDPR

(4) For archival purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) GDPR, insofar as the law referred to in Section a) presumably makes it impossible or seriously impairs the attainment of the objectives of such processing, or

(5) To assert, exercise or defend legal claims.

5. Right to information

If you have asserted your right to rectification, erasure or restriction of processing with us, we are obliged to inform all recipients to whom your personal data have been disclosed of the rectification, erasure or restriction of processing, unless this proves impossible or involves a disproportionate effort for us.

You have the right to be informed by us about these recipients.

6. Right to data portability

You have the right to receive your personal data from us in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another responsible person without any hindrance on our part, provided that

(1) The processing is based on a consent pursuant to Article 6(1)a GDPR or Article 9(2)a GDPR or on a contract pursuant to Article 6(1)b GDPR and

(2) The processing is carried out by automated means.

In this respect, you also have the right to require us to transfer your data to another data controller, insofar as this is technically feasible. Freedoms and rights of other persons may not be affected by this.

This right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority assigned to us.

7. Right to object

You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Article 6(1)e or f GDPR; this also applies to profiling based on these provisions.

We will no longer process the personal data concerning you unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

8. Right to revoke the declaration of consent under data protection law

You have the right to revoke declarations of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

9. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of presumed infringement, if you consider that the processing of your personal data is in breach of the GDPR.

The supervisory authority to which the complaint was submitted will inform you, the complainant, of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

 

XII. IT security

In order to protect the security of your data during the transmission of data, we use the TLS encryption method (256-bit key), which you can recognise by the green lock symbol in the address bar of the URL of our website. In addition, we secure our IT systems with firewalls, virus protection and other technical and organisational measures in accordance with GDPR and the Federal Data Protection Act (BDSG).

 

XIII. Subject to change

We reserve the right to adapt this privacy statement to comply with current legal requirements. If you visit our website again, the updated data protection declaration will apply.

Correct as at: August 2022