Privacy Policy

Data privacy is important to our company. We therefore guarantee our customers, business partners and users of our websites to protect their personal rights.

We guarantee to collect, store and use personal data only within the framework of the rules and regulations on data protection. Your data, which are collected on our websites to the technically necessary extent, will not be sold to any third party and will only be circulated on judicial order for prosecution purposes.

To give you security and peace of mind in this point, we would like to inform you about kind, scope and purpose of the collection and use of personal data. You can call up this information on our websites at any time.

Notes on handling of your personal data and your respective rights

(Information according to Articles 13, 14 and 21 of the General Data Protection Regulation GDPR)

 

1. Definitions

Thi Data Privacy Notice includes terms and definitions, which are also used in the General Data Protection Regulation (hereinafter GDPR). As our aim is to be transparent and clear in this regard we would like to explain the terms used in our Data Protection Notice as they can also be found in Article 4 of the GDPR (‘Definitions’).

  • Personal data

‘Personal data’ means any information relating to an identified or identifiable natural person (hereinafter ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Processing

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transfer, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  • Restriction of processing

‘Restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

  • Controller

‘Controller’ means a natural or legal person, public authority or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

  • Processor

‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  • Recipient

‘Recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  • Third party

‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

  • Consent

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

2. Controller

Nolte Küchen GmbH und Co. KG
Anni-Nolte-Straße 4
32584 Löhne, Deutschland

Fon:+49(0)57328990
Email:
privacy@nolte-kuechen.de

Internet: www.nolte-kuechen.de

 

Authorised to represent:

Legally represented by phG, Nolte Geschäftsführungsgesellschaft mbH, which is on its part represented by their managing directors: 
Heiko Maibach, Rüdiger Schliekmann, Manfred Wippermann

 

Data Protection Officer (DPO):

Stephanie Neitzel (Lawyer)
Fon: +49(0)5732899-8184
Email:
datenschutz@nolte-kuechen.de

 

3. Cookies

Websites are to some extent using what is also referred to as cookies. Cookies do not harm your computer and do not contain any viruses. The purpose of cookies is to make our offer more user-friendly, effective and safe. Cookies are small text files, which are filed on your computer and stored by your browser.

Most of the cookies we use are so-called ‘session cookies’. They are automatically deleted at the end of your session. Other cookies remain stored on your end device until you delete them. Such cookies allow us to recognize your browser when you visit our website the next time.

You can set your browser in a way that you are notified whenever cookies are set and such cookies are only allowed in certain individual cases; you can exclude the acceptance of cookies for individual cases or generally and such cookies are automatically deleted when the browser is closed. The functionality of this website might be impaired, though, if cookies are disabled.

 

4. Collection of access data /server log files

The supply and representation of contents via our website technically calls for the collection of certain data. Whenever you access our website, these so-called server log files are collected by the respective provider which is hosting the web service (Nolte Küchen GmbH & Co. KG or a processor in compliance with Article 28 GDPR). No conclusions to individual persons can be drawn based on these log files.

The respective information consists of the name of the website, the file, the current date, the amount of data, the web browser along with its version, the operating system used, the domain name of your internet provider, the referrer URL as site from which you have changed to our page, and the respective IP address.

We use this data to represent and supply our contents on and to your end device as well as for statistical purposes. This information supports the provision and permanent improvement of our services. We do not merge the data of the server log files with any other data. We reserve the right to check the data in the server log files at a later stage if there is probable cause for illegal use of our website.

5. Encryption of data transfer

Our website uses SSL/TLS encryption technology. Thus, all data of forms and similar input masks relating to the user are safely transmitted.

6. Implemented technologies

6.1. Facebook Pixel


Description of Service

This is a Tracking technology offered by Facebook and used by other Facebook services such as Facebook Custom Audiences.

 

Processing Company

Facebook Ireland Limited

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

https://www.facebook.com/help/contact/540977946302970

 

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

Data Purposes

This list represents the purposes of the data collection and processing.

Advertisement

Analytics

Marketing

Retargeting

Tracking

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Ads viewed

Browser information

Content viewed

Device information

Geographic location

HTTP-header

Interactions with advertisement, services, and products

IP address

Items clicked

Marketing information

Non-sensitive custom data

Pages visited

Pixel ID

Referrer URL

Success of marketing campaigns

Usage data

User behaviour

Facebook cookie information

Facebook user ID

Usage/click behaviour

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted the latest after 720 days.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Singapore,United Kingdom,United States of America

Data Recipients

In the following the recipients of the data collected are listed.

Facebook Inc.

Facebook Ireland Limited

Click here to opt out from this processor across all domains

https://www.facebook.com/ads/preferences/

Click here to read the privacy policy of the data processor

https://www.facebook.com/privacy/explanation

Click here to read the cookie policy of the data processor

https://www.facebook.com/policies/cookies

Storage Information

Maximum age of cookie storage: 1 year

Stored Information

Name: _fbp; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: act; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: c_user; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: datr; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: fr; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: m_pixel_ration; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: pl; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: presence; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: sb; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: spin; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: wd; Duration: 1 year; Type: cookie; Domain: facebook.com

Name: xs; Duration: 1 year; Type: cookie; Domain: facebook.com


6.2. TikTok Pixel

We use TikTok Pixel on our website, a conversion tracking tool for advertisers. The service provider is the Chinese company TikTok. For the European area, the company TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 1380, Ireland) is responsible.

TikTok processes data from you also in the USA. We point out that, according to the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This can involve various risks for the legality and security of data processing.

As the basis for data processing for recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, especially in the USA) or for data transfer there, TikTok uses so-called Standard Contractual Clauses (= Art. 46 para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are template agreements provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is delivered and stored in third countries (such as the USA). Through these clauses, TikTok commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the relevant Standard Contractual Clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

Learn more about the Standard Contractual Clauses and the data processed through the use of TikTok Pixel in the Privacy Policy at https://www.tiktok.com/legal/privacy-policy/eea/en or at https://ads.tiktok.com/i18n/official/policy/controller-to-controller.

 

6.3. LinkedIn Insight Tag

Description of Service

This is a conversion tracking and retargeting service.

Processing Company

LinkedIn Ireland Unlimited Company

Wilton Place, Dublin 2, Ireland

https://www.linkedin.com/help/linkedin/ask/TSO-DPO

 

Below you can find the email address of the data protection officer of the processing company.

https://www.linkedin.com/help/linkedin/ask/TSO-DPO

Data Purposes

This list represents the purposes of the data collection and processing.

Analytics

Marketing

Retargeting

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Browser information

Device information

IP address

Referrer URL

Timestamp

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

United States of America, Singapore, European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted after 90 days.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Singapore,United States of America

Data Recipients

In the following the recipients of the data collected are listed.

LinkedIn Ireland Unlimited Company

Click here to opt out from this processor across all domains

https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com

https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com

Click here to read the privacy policy of the data processor

https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com

https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=www.linkedin.com

Click here to read the cookie policy of the data processor

https://www.linkedin.com/legal/cookie_policy?src=li-other&veh=www.linkedin.com

https://www.linkedin.com/legal/cookie_policy?src=li-other&veh=www.linkedin.com

Storage Information

Maximum age of cookie storage: 6 months

Stored Information

Name: LinkedIn Insight; Duration: 6 months; Type: cookie;


6.4. LinkedIn Ads

Description of Service
This is an advertising service.

Processing Company

LinkedIn Ireland Unlimited Company

Wilton Place, Dublin 2, Ireland

https://www.linkedin.com/help/linkedin/ask/TSO-DPO

 

Below you can find the email address of the data protection officer of the processing company.

https://www.linkedin.com/help/linkedin/ask/TSO-DPO

Data Purposes

This list represents the purposes of the data collection and processing.

Advertisement

Conversion Tracking

Optimization

Remarketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Website tags

Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Ads viewed

Advertising identifier

Articles viewed

Device identifiers

Device information

IP address

Operating system information

Pages visited

Search terms

Connections

Followers

Information provided on Profile

User agent data

Videos viewed

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

Data will be deleted as soon as they are no longer needed for the processing purposes.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Singapore,United States of America

Data Recipients

In the following the recipients of the data collected are listed.

LinkedIn Ireland Unlimited Company

LinkedIn Inc

Click here to opt out from this processor across all domains

https://www.linkedin.com/help/linkedin/answer/62931/manage-advertising-preferences?lang=en

Click here to read the privacy policy of the data processor

https://www.linkedin.com/legal/privacy-policy

Click here to read the cookie policy of the data processor

https://www.linkedin.com/legal/cookie_policy

Storage Information

Maximum age of cookie storage: 2 years

Stored Information

Name: UserMatchHistory; Duration: 30 days; Type: cookie; Domain: linkedin.com

Name: li_oatml; Duration: 30 days; Type: cookie; Domain: linkedin.com

Name: lms_ads; Duration: 30 days; Type: cookie; Domain: linkedin.com

Name: li_fat_id; Duration: 30 days; Type: cookie;

Name: li_sugr; Duration: 2 months, 29 days; Type: cookie; Domain: linkedin.com

Name: _guid; Duration: 2 months, 29 days; Type: cookie; Domain: linkedin.com

Name: brwsr; Duration: 2 years; Type: cookie;

Name: ABSELB; Duration: 2 years; Type: cookie;

 

6.5. Pinterest Tags

Service Description

This is a consent management platform for data processing services.

Processing Company

Pinterest Inc.

651 Brannan Street, San Francisco, CA 94107, United States of America.

privacy-support@pinterest.com

Data protection officer of the processing company

Below you will find the email address of the data protection officer of the processing company.

privacy-support@pinterest.com

Data processing purposes

This list represents the purposes of data collection and processing.

Analysis

Conversion tracking

Targeting

Measuring the success of marketing campaigns

Technologies used

This list includes all technologies used by this service to collect data. Typical technologies include cookies and pixels placed in the browser.

Website tags

Data collected

This list contains all (personal) data collected by or through the use of this service.

Viewed advertisements

Click path

Ads clicked on

Cookie information

Crash data

Date and time of visit

Device identifier

Device information

Device operating system

Geographical location

IP address

Settings

Search terms

Third party information

Websites visited

Browser settings

Legal basis

The following is the required legal basis for the processing of data

Art. 6 para. 1 p. 1 lit. a DSGVO

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

European Union, United States of America

Retention period

The retention period is the length of time that the collected data is stored for processing. Data must be deleted as soon as it is no longer needed for the specified processing purposes.

The data will be deleted as soon as it is no longer needed for the processing purposes.

Data recipients

The following is a list of the recipients of the data collected.

Pinterest Inc.

Click here to read the privacy policy of the data processor

https://policy.pinterest.com/en-gb/privacy-policy

 

6.6. YouTube Video

Description of Service

This is a video player service.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

https://support.google.com/policies/contact/general_privacy_form

 

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

Displaying Videos

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies (if Privacy-Enhanced Mode is not activated)

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Device information

IP address

Referrer URL

Videos viewed

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

Alphabet Inc.

Google LLC

Google Ireland Limited

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage Information

Maximum age of cookie storage: 10 years, 2 days

Stored Information

Name: PREF; Duration: 10 years, 2 days; Type: cookie;

Name: VISITOR_INFO1_LIVE; Duration: 6 months; Type: cookie;

Name: use_hitbox ; Duration: Session; Type: cookie;

Name: YSC; Duration: Session; Type: cookie;

 

6.7. Google

When visiting this website, personal data is processed. Data categories processed include: data about the use of the website and the logging of clicks on individual elements. Purpose of processing: investigating user behavior, analyzing the impact of online marketing measures, and selecting online advertising on other platforms, which are automatically selected via real-time bidding based on user behavior. The legal basis for processing: Your consent according to Art. 6 (1) a GDPR. Data is transferred to: the independent controller Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (https://cloud.google.com/). The legal basis for the data transfer to Google Ireland Limited is your consent pursuant to Art. 6 (1) a GDPR. This may also involve the transfer of personal data to a country outside the European Union. The data transfer is based on your consent in accordance with Art. 6 (1) a in conjunction with Art. 49 (1) a GDPR. You were already informed before giving your consent that the USA does not have a level of data protection equivalent to EU standards. In particular, US intelligence services can access your data without you being informed and without you being able to take legal action against it. Duration of processing: is variable and ends with the elimination of the purpose of processing.

 

6.7.1 Google Signals

Google Signals As an extension to Google Analytics 4, Google Signals can be used on this website to create cross-device reports. If you have activated personalized ads and linked your devices to your Google account, Google can analyze your usage behavior across devices and create database models, including for cross-device conversions, subject to your consent to the use of Google Analytics pursuant to Art. 6 (1) a GDPR. We do not receive personal data from Google, only statistics. If you want to stop the cross-device analysis, you can deactivate the "Personalized advertising" function in the settings of your Google account.   Follow the instructions on this page: https://support.google.com/ads/answer/2662922?hl=de   More information about Google Signals can be found at the following link: https://support.google.com/analytics/answer/7532985?hl=de

 

6.7.2 Google Ads Remarketing

Description of Service

This is a remarketing service.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

https://support.google.com/policies/troubleshooter/7575787?hl=en

 

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data Purposes

This list represents the purposes of the data collection and processing.

Remarketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Duration of visit

IP address

Pages visited

Content user is interested in

Website use

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Taiwan,Chile

Data Recipients

In the following the recipients of the data collected are listed.

Google Ireland Limited

Google LLC

Alphabet Inc.

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies

Storage Information

Maximum age of cookie storage: 1 year

Stored Information

Name: IDE; Duration: 1 year; Type: cookie; Domain: doubleclick.net

Name: test_cookie; Duration: 15 minutes; Type: cookie; Domain: doubleclick.net

 

6.6.3 Google Ads

Description of Service

This is an advertising service.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

https://support.google.com/policies/troubleshooter/7575787?hl=en

 

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data Purposes

This list represents the purposes of the data collection and processing.

Advertisement

Analytics

Providing Service

Statistics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Ads viewed

Cookie ID

Date and time of visit

Device information

Geographic location

IP address

Search terms

Ads shown

Client ID

Impressions

Online identifiers

Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes. Log data is anonymized after 9 months and cookie information is anonymized after 18 months.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

Chile,Singapore,United States of America,Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

Alphabet Inc., Google LLC, Google Ireland Limited

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage Information

Maximum age of cookie storage: 1 year

Stored Information

Name: test_cookie; Duration: 15 minutes; Type: cookie; Domain: doubleclick.net

Name: IDE; Duration: 1 year; Type: cookie; Domain: doubleclick.net

 

 

6.7.4 Google Ads Conversion Tracking

Description of Service

This is a conversion tracking service.

 

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

https://support.google.com/policies/troubleshooter/7575787?hl=en

 

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data Purposes

This list represents the purposes of the data collection and processing.

Advertisement

Conversion Tracking

Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Pixel

Web beacons

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Browser language

Browser type

Clicked advertisements

Cookie ID

Cookie information

Date and time of visit

IP address

Referrer URL

Usage data

Web request

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Taiwan,Chile

Data Recipients

In the following the recipients of the data collected are listed.

Google Ireland Limited

Google LLC

Alphabet Inc

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage Information

Maximum age of cookie storage: 1 year

Stored Information

Name: test_cookie; Duration: 15 minutes; Type: cookie; Domain: doubleclick.net

Name: IDE; Duration: 1 year; Type: cookie; Domain: doubleclick.net

Name: _gcl_au; Duration: 2 months, 29 days; Type: cookie;

Name: _gcl_aw; Duration: 2 months, 29 days; Type: cookie;

 

6.7.5 Google Maps

Service description

This is a web mapping service.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data protection officer of the processing company

Please find below the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data processing purposes

This list represents the purposes of data collection and processing.

Show maps

Technologies used

This list includes all technologies used by this service to collect data. Typical technologies are cookies and pixels placed in the browser.

Cookies

Data collected

This list contains all (personal) data collected by or through the use of this service.

Date and time of visit

Location information

IP address

URL

Usage data

Legal basis

The following is the required legal basis for the processing of data

Art. 6 para. 1 p. 1 lit. a DSGVO

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

European Union

Retention period

The retention period is the length of time that the collected data is stored for processing. Data must be deleted as soon as it is no longer needed for the specified processing purposes.

The data will be deleted as soon as it is no longer needed for the processing purposes.

Transfer to third countries

This service may transfer the data collected to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

United States of America,Singapore,Taiwan,Chile

Data recipients

The following is a list of the recipients of the data collected.

Google Ireland Limited

Google LLC

Alphabet Inc

Click here to opt out on all domains of the processing company

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

http://www.google.com/intl/de/policies/privacy/

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage information

Maximum storage period for cookies: 6 months

Information stored

Name: NID; Duration: 6 months; Type: cookie;

 

6.7.6 Google Tag Manager

Description of Service

This is a tag management system. With this the user can update measurement codes and related code fragments collectively known as tags on the users website or mobile app.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

https://support.google.com/policies/contact/general_privacy_form

 

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

Tag Management

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Aggregated data about tag firing

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted after 14 days of retrieval.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Taiwan,Chile

Data Recipients

In the following the recipients of the data collected are listed.

Alphabet Inc., Google LLC, Google Ireland Limited

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

 

6.7.7 Google Analytics

Description of Service

This is a web analytics service. With this the user can measure the advertising ROI as well as track Flash, video, and social networking sites and applications.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

https://support.google.com/policies/contact/general_privacy_form

 

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

Analytics

Marketing

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

App updates

Browser information

Click path

Date and time of visit

Device information

Downloads

Flash version

Location information

IP address

JavaScript support

Pages visited

Purchase activity

Referrer URL

Usage data

Widget interactions

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.

Distribution to third countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

United States of America,Singapore,Chile,Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

Google Ireland Limited, Alphabet Inc., Google LLC

Click here to opt out from this processor across all domains

https://tools.google.com/dlpage/gaoptout?hl=de

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Storage Information

Maximum age of cookie storage: 2 years

Stored Information

Name: _ga; Duration: 2 years; Type: cookie;

Name: _gid; Duration: 1 day; Type: cookie;

Name: _gat ; Duration: 1 minute; Type: cookie;

Name: _dc_gtm_xxx; Duration: 1 minute; Type: cookie;

Name: _gat_gtag_xxx; Duration: 1 minute; Type: cookie;

Name: _gac_xx; Duration: 2 months, 29 days; Type: cookie;

Name: IDE; Duration: 1 year; Type: cookie;

 

6.7.8 DoubleClick Floodlight

Service description

This is a conversion tracking service provided by Google.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data protection officer of the processing company

Below you will find the email address of the data protection officer of the processing company.

https://support.google.com/policies/troubleshooter/7575787?hl=en

Data processing purposes

This list represents the purposes of data collection and processing.

Analysis

Conversion tracking

Marketing

Optimisation

Technologies used

This list contains all technologies used by this service to collect data. Typical technologies are cookies and pixels placed in the browser.

Cookies

Pixel

Local Storage

Data collected

This list contains all (personal) data collected by or through the use of this service.

Click path

Cookie ID

IP address

Unique identifier of the mobile device

Number of visits

Pages visited

Transactions

Usage data

Legal basis

The following is the required legal basis for the processing of data

Art. 6 para. 1 p. 1 lit. a DSGVO

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

European Union

Retention period

The retention period is the length of time that the collected data is stored for processing. Data must be deleted as soon as it is no longer needed for the specified processing purposes.

The data will be deleted as soon as it is no longer needed for the processing purposes.

Transfer to third countries

This service may transfer the data collected to another country. Please note that this service may transfer data outside the European Union and the European Economic Area and to a country that does not provide an adequate level of data protection. If the data is transferred to the US, there is a risk that your data may be processed by US authorities for control and monitoring purposes, without any possible redress available to you. Below is a list of countries to which the data will be transferred. This may be for various purposes, such as storage or processing.

United States of America,Singapore,Chile,Taiwan

Data recipients

The following is a list of the recipients of the data collected.

Alphabet Inc.

Google LLC

Google Ireland Limited

Click here to opt out on all domains of the processing company

https://safety.google/privacy/privacy-controls/

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the data processor's cookie policy

https://policies.google.com/technologies/cookies?hl=en

Storage information

Maximum storage time for cookies: 30 days

Information stored

Name: IDE; Duration: 30 days; Type: cookie; Domain: doubleclick.net

 

6.8. Design@Web

Service description

Design@Web is a room planning system in 3D

Processing company

GO-2B AG

Carl-Bertelsmann-Strasse 103, 33332 Gütersloh, Germany

hutz@dapex.eu

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.

hutz@dapex.eu

Data processing purposes

This list represents the purposes of data collection and processing.

Analysis

Optimisation

Website security

Technologies used

This list includes all technologies used by this service to collect data. Typical technologies are cookies and pixels placed in the browser.

Cookies

Data collected

This list contains all (personal) data collected by or through the use of this service.

Browser information

Date and time of visit

Device information

URL of the website / API request

IP address

Referrer URL

Legal basis

The following is the required legal basis for the processing of data

Art. 6 para. 1 p. 1 lit. f DSGVO

Place of processing

This is the primary location where the collected data is processed. If the data is also processed in other countries, you will be informed separately.

Germany

Retention period

The retention period is the length of time that the collected data is stored for processing. Data must be deleted as soon as it is no longer needed for the specified processing purposes.

The data will be deleted as soon as it is no longer needed for the processing purposes.

Click here to read the privacy policy of the data processor

https://www.go-2b.de/impressum/datenschutz/

 

6.9. Matomo

 

Description of Service

This is an open source web analytics service. Matomo is providing the technology. However, Matomo is not processing any data as the data is not being transferred to Matomo (Self hosting).

Processing Company

Usercentrics GmbH

Sendlinger Straße 7, 80331 Munich, Germany

privacy@matomo.org

 

Below you can find the email address of the data protection officer of the processing company.

privacy@matomo.org

Data Purposes

This list represents the purposes of the data collection and processing.

Analytics

Event tracking

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Cookies

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Time of users previous visit

Screen resolution

Files clicked or downloaded

Links to outside domain clicked

User ID

IP address

Page speed

Page URL

Number of users visits

User agent

Browser information

Time zone

Time of users first visit

Date and time of visit

Page title

referrer URL

Usage data

Device information

Geographic location

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 (1) (f) GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Click here to opt out from this processor across all domains

https://matomo.org/privacy-policy/#optout

Click here to read the privacy policy of the data processor

https://matomo.org/privacy-policy/

Click here to read the cookie policy of the data processor

https://usercentrics.com/privacy-policy/

 

6.10. Usercentrics Consent Management Platform

Description of Service

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.

Processing Company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

datenschutz@usercentrics.com

 

Below you can find the email address of the data protection officer of the processing company.

datenschutz@usercentrics.com

Data Purposes

This list represents the purposes of the data collection and processing.

Compliance with legal obligations

Consent storage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

Local storage

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

Opt-in and opt-out data

Referrer URL

User agent

User settings

Consent ID

Time of consent

Consent type

Template version

Banner language

Legal Basis

In the following the required legal basis for the processing of data is listed.

Art. 6 para. 1 s. 1 lit. c GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union (Consent database is located in Belgium)

Duration to store the data

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for three years. The data will then be deleted immediately.

Data Recipients

In the following the recipients of the data collected are listed.

Usercentrics GmbH

Click here to read the privacy policy of the data processor

https://usercentrics.com/privacy-policy/

 

7. Handling of personal data

We collect personal data in the framework of data avoidance and data minimization to such an extent and for such a period as it is required for the use of our website and the services offered there or as long as prescribed by the legislator. We take the privacy of your personal data very serious and strictly abide to the respective legal regulations and to this data privacy notice when it comes to the collection and processing of personal data. If the purpose of data collection ceases to apply or if the maximum storage period has expired the collected data will be blocked or erased.

Our website can regularly be used without the circulation of personal data. When we collect personal data – such as your name, your address or your email-address – these data are collected on an optional basis. Such data will not be circulated to any third party without your explicitly given consent.

Please note that, in general, data are not always safely circulated in the internet. Especially when it comes to email correspondence, a full protection during data exchange cannot be guaranteed.

8. Purpose of processing

The processing of personal data is carried out in accordance with the regulations of the European General Data Protection Regulation (GDPR) and the German Bundesdatenschutzgesetz (BDSG):

  • Due to your consent (Article 6, para. 1a GDPR)

The data subject has given consent to the processing of his or her personal data for one or more specific purposes.

  • For the performance of a contract (Article 6, para. 1b GDPR)

Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

  • Due to compliance with legal obligation (Article 6, para. 1c GDPR)

Processing is necessary for compliance with a legal obligation to which the controller is subject.

  • For the purpose of legitimate interest (Article 6, para. 1f GDPR)

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

9. Withdrawal of given consent

According to Article 7, para. 3 GDPR, the data subject shall have the right to completely withdraw or change his or her consent regarding the processing of personal data for one or more specific purposes at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. If not offered via special functions, you can send us your withdrawal either by post, email or by using our contact form on our website. There will be no other costs for you than the postal charges or the transfer costs in compliance with the currently valid basic tariffs.

10. Data collection at third parties

If, in connection with our brand, our product or our company, personal data are collected, stored, processed at third parties and are circulated to us for a certain purpose, the transfer of such data to us is especially subject to the lawfulness of the respective collector. If data is sent to us (e.g. in connection with brochures of our company ordered on kitchen information platforms on the internet), we assume consent of the data subject regarding the circulation to and processing by our company. Hereby, however, we only accept data transfers and process them if they come from authorized sources known to us due to active business relationships.

11. Circulation of data

For the purpose of fulfilment of our contractual and statutory obligations or also services required by the user, business partners assigned by our company – such as a processor (Article 28 GDPR) will be granted access to your data.

Should a data subject explicitly request the communication of contact data between this data subject and a business partner of our company due to initial approaches of a purchase contract, such business partner receives the personal data of the data subject in line with the framework information concerning the intended purchase. Should you request the erasure of your data we will forward your request to the previous recipient for its information with the request to evaluate the lawfulness of a continued storage of data on its part.

12. Transfer of data into a third-party country or to an international organisation

There will only be a transfer of data into third-party countries if this is necessary for order fulfilment or statutory or if the data subject has given his or her consent.

13. Maximum storage period of data

If necessary, we process and store your personal data for the period required for the fulfilment of the respective purpose for which consent to data processing has been given.

Apart from that, we are subject to certain retention and documentation obligations resulting from the German Commercial Code (HGB), amongst others. The maximum retention or documentation periods respectively indicated there are two to ten years.

14. Contact form

If you send us your enquiry via our contact form, your data of the enquiry form plus the contact data entered there will be stored in order to process your enquiry and in case of later enquiries. These data will not be given to any third party without your consent.

15. Ordering of information material

On our website, prospective buyers of a kitchen have the possibility to request brochures and advertising material via a respective order form. We interpret every use of this form within the relevant meaning for marketing and sales. If you trigger this order for information material by filling in and sending the form, your details from the order form including the contact data specified there will be stored and processed in digital and/or printed form to handle your material order and to follow-up your data for advertising and/or sales-related purposes. We will ask for your explicit consent for both cases within the form sending process and you can withdraw this consent at any time. Your data will not be circulated to any third party without your consent.

16. a) Newsletter data

We would like to send interested parties advertisements about our products and services by e-mail at regular intervals. To sign up for our e-mail newsletter, we will require your consent and, at minimum, your e-mail address to which to send the newsletter. Any other information such as your first and last name is optional and will be processed to address you personally, personalise the content of the newsletter and settle any questions regarding the e-mail address.

Please note that our newsletter service is only intended for persons over the age of 16.

The double opt-in procedure will be used to identify your e-mail address. This means that after your data has been processed, you will receive a separate confirmation e-mail. You will only start receiving promotional e-mails after clicking the link contained in that e-mail. Moreover we will store the IP address used by you and the time of registration and confirmation. The aim of this process is to confirm your registration and, if applicable, to investigate any misuse of your personal data. This information will not be transmitted to third parties. Your data will be stored until you revoke your consent or, at most, for six months after we have stopped sending the newsletter.

We do, however, point out that on sending you the newsletter we shall evaluate your purchasing behaviour and the links you open. For such evaluation, the emails sent contain so-called tracking pixels, which are single-pixel image files stored on our newsletter service provider's servers. For these evaluations, we link the aforementioned data with the tracking pixel and an individually designated ID. Links received in the newsletter also contain this ID. With the data obtained in this way, we create a user profile with a view to tailoring the newsletter to your specific interests. Doing so, we make a record of when you read our newsletters, the links you click and from this deduce your personal interests. We link this data to the actions you have taken on the Nolte Küchen website.

or by mail to Nolte Küchen GmbH & Co. KG, Anni-Nolte-Str. 4, 32584 Löhne, Germany. Each e-mail contains a link for cancelling the newsletter. Clicking on this link is regarded as equivalent to revoking your consent.datenschutz@nolte-kuechen.deYou have the right to revoke your consent to this processing of your data based on point (a) of Art. 6 (1) GDPR at any time and without stating reasons. If you do so, we will stop processing your data. You can revoke your consent by sending an e-mail to

 

16 b) Newsletters sent to existing customers


If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly email offers for goods or services similar to those you have already purchased from our product portfolio. Section 7 (3) of the German Unfair Competition Act (UWG) states that we do not need to obtain your special consent to do so. In this respect, the data processed will only be done on the basis of our legitimate interest in personalised direct advertising under Art. 6 (1) f) of the GDPR. You are entitled to object to your email address being used for the aforementioned advertising purpose at any time with effect for the future by notifying the controller named from the very beginning. After receiving your objection, the use of your email address for advertising purposes will cease with immediate effect.

 

17. Online kitchen planner

Our website offers an online kitchen planner and it might also appear on websites of our business partners as an integrated function. The online kitchen planner helps prospective buyers of one of our kitchens to prepare their planning process and to send them to one or more business partners to finalize the planning and to purchase the kitchen. The planning itself can be carried out completely anonymously without specification of any personal data and without having to log into the user management system. However, the storage, transfer of planning to the user’s own email address and the forwarding to business partner(s) requires to log into the user management system ‘My kitchen’ and calls for a valid user account (see ‘My kitchen’).

18. User-Management-System ‘My kitchen’

As a sub-system of our website, the user management system ‘My kitchen’ is the central platform for our company’s end customers, which can be used by a data subject to manage their personal data stored here as well as other data relevant for marketing purposes. The latter includes the subscription to newsletters, online kitchen planning or the registration of kitchens purchased at our company to receive technical documentations on it (e.g. kitchen-specific cleaning and assembly instructions).

To be able to use this system, data subjects have to generate a respective user account based on personal data (especially sex, first name, last name, country and language). The user account can both be created on the website itself or in linked sub-systems (such as the online kitchen planner).

The creation and activation of this function requires the data subjects’ explicit consent to the storage, processing and (only after specific inducement by the user) also transfer of personal data. In this course, the data subject also gives his or her consent that we are allowed to contact him or her in digital or analogue form for promotional purposes. This may apply to the concrete marketing of products of our company or automated follow-ups at the user subject to previous user activities (e.g. later automated offer of contact to another dealer upon user’s request of advertising material).

The above described user account has to be protected by the user by double entry of a password given out upon identity check and such password cannot be seen by the system operator. The account will generally only be activated upon authorization by the data subject by clicking a specific link that has been sent to an email address relevant for the user account. One email address can only be used to create one single user account and thus clearly identifies such account.

Should the user forget the password, he can request an email with a web link sent to the address lodged in the user account. This web link can be used to choose a new password. This is to make sure that only the owner of the user account has the valid access data for a user account.

The afore-mentioned functions concerning the creation and activation of the user account in ‘My kitchen’ are both available via the website and in form of integrated dialogues in other sub-systems (e.g. the online kitchen planner).

Apart from that, ‘My kitchen’ gives the user the opportunity in the website front-end to change, modify and/or reduce the made available personal data and the account can also be irrevocably erased. By erasing the user account, all user data required for login processes on the ‘My kitchen’ platform are irrevocably erased. Erasing the account also results in the fact that all information stored in ‘My kitchen’ referring to personal data are completely anonymized so that none of the previously triggered platform functions can be allocated to the data subject or allow to draw conclusions to the data subject. (Guarantee of ‘Right to be forgotten’ according to Article 17 GDPR).

We will not store any emails required in connection with the functions of ‘My kitchen’.

We take care of the hosting of the data given to use in the course of the registration. For system-administrative reasons it cannot be avoided that our processor, that only supports us in technical terms, has access to the data. To protect these data against manipulation, loss and destruction or against access of unauthorized parties we have implemented technical and organizational measures together with our processor, which are specified in a processing contract according to Article 28 GDPR.  

19. Visitor management with the scope of Nolte Küchen show events

Nolte Küchen show events have the particular purpose of informing customers, suppliers as well as the media about new products and services as well as of engaging in dialogue with a view to continuing and shaping business cooperation. Furthermore, Nolte Küchen show events also have the purpose of initiating new business relationships, in particular with customers, suppliers as well as media. As such, these events to a significant extent serve promotional purposes and underpin business development at Nolte Küchen.

This dialogue with existing as well as with potential new business partners must take place through the relevant members of staff of the companies concerned, from which Nolte Küchen derives the legitimate interest pursuant to Article 6 (1) f of the GDPR to store and process personal data of such persons exclusively in the required scope for the designated purpose and for the duration of preparing, holding and following up the particular show event. This includes the storage and processing of data of such persons with which no active business relationship exists at the time of being invited to the show.

The online registration and accreditation process this involves in advance of the show event has the purpose of simplifying the making on contact between visitor and the relavent Nolte Küchen contact persons as well as of ensuring the enforcement of Nolte Küchen's domiciliary rights in such form that a personalised admission ticket is sent to the registering visitors through which Nolte Küchen, within the scope of checking admissions to the show event, can establish who is present on the premises of Nolte Küchen.

In this context, the systemic handling of visitor management by Nolte Küchen takes place with the support of a processor (see above). Personal data recorded and stored in connection with Nolte Küchen show events will not be made accessible to third parties.

20. Still and motion pictures with the scope of Nolte Küchen show events

To reinforce the promotional impact as well as document show presentations vis-à-vis consumers, retail partners, media, suppliers, staff and proprietors, still photographs and video footage are taken at Nolte Küchen show events whereupon they are processed, stored and published on external communications channels (e.g. website, Facebook, YouTube). Within the scope of show events, Nolte Küchen reserves the right to take, process and disseminate still photographs and motion pictures of guests for purposes of public relations insofar as show visitors do not object to such in the form of a personal remark to the photographer or film crew on location at the show event. Attention will be drawn to the fact that photographs and videos will be taken on the admission ticket as well as in a clearly visible place at the entrance to the show event. The legal basis for this is Art 6 (1) f of the GDPR. Our legitimate interest lies in informing business partners, interested consumers, proprietors as well as Nolte Küchen staff about the event in conjunction with the above-mentioned communication purposes within the scope of our PR activities.

21. Your online application

Nolte Küchen GmbH & Co. KG is happy about your visit on our career page and about your interest in our company. The protection of your privacy during the processing of personal data is very important to us and we consider it in all our business processes.

Personal data which we only need to process your application and to correspond with you, such as master data (name, address), telecommunication data (phone number, email), personal data profiles with picture, CV and certificates will only be stored when you enter these data voluntarily in line with your application. Your personal information and data will be collected, stored and only used for the dedicated purpose with utmost diligence and integrity. In this process, we only collect data that are mandatorily necessary for your application at Nolte Küchen GmbH & Co. KG.

You agree with the processing and transfer of your data exclusively for the purpose of the application process. You guarantee that all details specified are true and correct.

Apart from that, you are aware of the fact that false details might result in termination of a possible employment contract.

Upon entry and transfer of your data, an encrypted connection will be used to directly sent your data to the server of our external provider, rexx systems GmbH, based in Hamburg. With this service provider, Nolte Küchen GmbH & Co. KG has signed an order processing contract in accordance with Article 28 GDPR that substantiates the mutual obligations regarding data protection.

All data will be encrypted by way of TLS encryption technology. Whenever you log in with the provided user data following your registration, the TLS encryption technology is used here as well. Any unencrypted access to your applicant data is excluded. Your data will be erased six months after completion of the application process. You can withdraw your consent to the storage and usage of your data in writing at any time.

In the course of order processing your data will be hosted at the service provider. Both Nolte Küchen GmbH & Co. KG and the provider take technical and organizational safety measures to protect your collected data against random or intentional manipulation, loss, destruction or against access of unauthorized persons. Our safety measures are constantly improved in compliance with the technological development. Within our company, only the responsible employees are allowed to access your applicant data.

Should your application not be fruitful, we will – upon you have given your consent – store your personal data which you have given us in the course of the entire application process beyond the end of the concrete application process. We will use your data in accordance with your consent in order to contact you and to continue the application process, should you come into consideration for another position.

22. Explanations regarding the data subjects’ rights

As a user of our website, the data subject is entitled – upon proof of their identity – at any time and free of charge to access the data stored about the data subject and for the purpose of storage (Article 15 GDPR). Apart from that, the data subject has the right to rectification (Article 16 GDPR), right to erasure (Article 17 GDPR), right to restriction of processing (Article 18 GDPR) or right to data portability (Article 20 GDPR). Please feel free to contact us or our Data Protection Officer, lawyer Stephanie Neitzel in writing. In case of an assumed infringement against data privacy rights, the data subject also has the right to lodge a complaint with a supervisory authority (Article 77 GDPR i.c.w. § 19 of the Federal Data Protection Act). The supervisory authority responsible for Nolte Küchen GmbH & Co. KG is the data protection authority of North Rhine-Westphalia.

23. Right to object

According to Article 21 GDPR, the data subject shall have the right to object at any time to processing of personal data concerning him or her which is based on Article 6, para. 1f GDPR (data processing for the purpose of legitimate interest). Full or partial objection can be sent to Nolte Küchen GmbH & Co. KG together with a respective message (per mail or email).

If there are no longer mandatory reasons requiring protection for processing outweighing your interests, rights or freedoms or if the processing serves for the enforcement, exercising or defending of legitimate claims, your personal data will no longer be processed if you object to processing. 

26. Objection to email marketing

The usage of contact data published within the framework of imprint obligation for the purpose of providing not specifically requested advertisements and information is herewith objected to. The website operators explicitly reserve all legal steps if advertising material, e.g. spam emails, are sent unrequested.

27. Topicality of this Data Privacy Statement

We may amend this data privacy statement to reflect changes in functionalities or legal situations. Therefore we recommend that you check our data privacy notice at regular intervals. Insofar as your consent is required or parts of the data privacy statement contain provisions of the contractual relationship with you, amendments will only be made with your approval. Below you get a short overview of the latest changes we have made:

July 2018

  • Adding sections 19 and 20

May 2018

  • Adaptation to the requirements of the General Data Protection Regulation of the EU

January 2019

  • Since 22.01.2019 Google Ireland Limited is legally responsible for the Google services.

October 2019

  • Adding section ‚Usercentrics Consent Management Platform‘
  • Updating section ‚Google‘
  • Adding section ‚Facebook Pixel‘

March 2023

  • Updating the "Newsletter data" section
  • Updating the "Competition" section

January 2024

  • Adding section 6.6. Google and 6.6.1 Google Signals

February 2024

  • Adding section 6.2. TikTok
Sorry, your session has expired. Please reload the page and submit the form again.