Introduction

Every time someone visit our website, electronic data processing takes place. In the following, we would like to inform you about the handling of your data according to Art. 13 of the German Data Protection Regulation (DSGVO).

Controller

Hansen & Rosenthal GmbH & Co. KG
Am Sandtorkai 64
20457 Hamburg, Germany

H&R GmbH & Co. KGaA
Am Sandtorkai 64
20457 Hamburg, Germany

Contact information: see Imprint

General information about data protection

Data processing when visiting websites

When you visit a website, a large amount of data - including personal data - is automatically transmitted via the Internet. From a technological perspective, this is necessary for the functionalities of the website visit and to provide the best possible results.

Every time someone visits a website, an image is retrieved from a server, an external plugin (or script) is loaded or a video is streamed or any of the many transmission options is used, your computer will send data to the server which you are visiting. When visiting a website, your browser (such as Firefox, Internet Explorer, Edge, Opera, Safari) will automatically send specific information about your system. Such data may include:

• Operating system
• Screen resolution
• Keyboard layout (language)
• IP address from which the website or file was accessed
• Name of the accessed website or file
• Time stamp (date and time) of access
• Browser name and its version
• Data volume transferred
• Access status (file transferred, error code)
• Website from which the user reached our website (referer)
• Dwell time on the website

This data is logged by each server. The logging is done for example for

• maintaining and checking IP security (e. g. to detect hacker attacks).
• statistical evaluation (about the use of the website).
• website improvement.
• adapted output of the website or files so that these are (can be) displayed optimally on your end device.

No pseudonymization or anonymization is used for security protocols, as this would make it impossible to draw conclusions about potential attackers. As a rule, the evaluation of data for other purposes is anonymised and no profiling is carried out. Further information can be found in the further course of this privacy policy.

Required Cookies

We use cookies on our websites, which are necessary for the use of our websites. Cookies are small text files that are stored on your terminal device and can be read.

We use session cookies. These are automatically deleted when you close your browser. We do not use these necessary cookies for analysis, tracking or advertising purposes.

We use these cookies on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO.

You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our web pages may then not be displayed and some functions may no longer be technically available.

Encryption of the website

For the protection of your data all contents on this web page are transmitted (SSL) coded.

Forms

Contact form

You have the possibility to contact us via our contact form. To use our contact form, we first need the data marked as mandatory fields from you. We use the data requested in the contact form on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO to answer your request.

In addition, you can decide voluntarily whether you want to provide us with further information. We process the further voluntary information on the basis of your consent in accordance with Art. 6 (1) p. 1 lit. a DSGVO.

Your data will only be processed to answer your request and will not be passed on to third parties. The data will be deleted as soon as the purpose for collecting it has been achieved, but no later than 30 days after the enquiry has been answered and the deletion does not conflict with any statutory retention obligations.

Statistics tools

We use statistical tools on our website. These tools provide us with the opportunity to analyse the use of our website and to optimise the website and its functions.

Matomo (formerly Piwik)

We use Matomo (formerly: Piwik) for analysis purposes to analyse website usage. The analysis tool sets a cookie (see above: Cookies).

Matomo(Piwik) is installed on third-party servers. The data processing takes place on these systems. The data processing is described in the cookie notice.

The legal basis for the data processing is Art. 6 para. 1 lit. a DSGVO.

You can object to the storage of cookies by refusing to allow them to be stored (do-not-track). In the event of the rejection of cookies, it is possible that parts of the website or individual functions can only be used to a limited extent or not at all.

Map services

On our web sites, we embed map services which are not stored on our servers. In order to prevent the automatic downloading of third-party content when you visit our web sites with embedded map services, we only show locally stored preview images of the maps as a first step. This does not provide the third-party provider with any information.

Only after you click on the preview image, will third-party content be downloaded. This provides the third party with information that you have accessed our site and with the usage data technically required for this purpose. We have no influence on the further data processing by the third-party provider.

By clicking on the preview image, you give us the consent to download contents of the third-party provider. The legal basis for the embedding processing is your consent if you have previously given your consent by clicking on the preview image.

Provider: 
OpenStreetMap

Adequate level of data protection: 
Processing only within EU/EEA

Withdrawal of consent: 
If you have clicked on a preview image, the content of the third-party provider will be reloaded immediately. If you do not want such reloading on other pages, please do not click on the thumbnails anymore.

Share price

On our website we show you current share prices. We have integrated an external tool for this purpose. To display the share prices, a data connection to equitystory.com is established. When the connection is established, your browser automatically transmits data to the named domain (see above "General information on data protection").

The legal basis for the data processing is Art. 6 para. 1 lif f DSGVO. With regard to the processing according to Art. 6 para. 1 p. 1 lit. f DSGVO, you have the right to object at any time. Please contact our data protection officer for this purpose.

Information on data subject rights

Every data subject can assert his or her rights (data subject rights) against the person responsible. This can be done by e-mail, post or a form provided. Telephone enquiries are also possible. However, telephone enquiries will only be accepted and will not be answered on the telephone. The data controller chooses the medium (email, post, other media) and sends the data subject the response to their request via that medium. However, if an inquiry is made electronically, the response will also be made electronically whenever possible. Replies to requests concerning data subjects' rights shall be free of charge. In the event of excessive exercise (e.g. heavy accumulation) of data subject rights, a fee may be charged. The answer is given within the statutory period of one month. The deadline may be extended in exceptional cases (e.g. high number of requests or high complexity of the request). Reasons must be given for the extension of the time limit. The rights of the data subjects are listed below.

Right of access (Art. 15 DSGVO)

You have the right to request confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed about these personal data and to receive the information listed in detail in Article 15 of the GDPR.

Right of rectification (Art. 16 DSGVO)

You have the right to demand the immediate correction of any incorrect personal data concerning you and, if necessary, the completion of any incomplete data.

Right to erasure (Art. 17 DSGVO)

You have the right to request that personal data concerning you be deleted without delay, provided that one of the reasons listed in detail in Art. 17 DSGVO applies.

Right to restriction of processing (Art. 18 DSGVO)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 DSGVO applies, e.g. if you have objected to the processing, for the duration of the review by the controller.

Right to data portability (Art. 20 DSGVO)

In certain cases, which are detailed in Article 20 of the GDPR, you have the right to obtain the personal data concerning you in a structured, commonly used and machine-readable format or to request the transfer of this data to a third party.

Right of withdrawal (Art. 7 DSGVO)

If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 (3) DSGVO. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

Right of objection (Art. 21 DSGVO)

If data is collected on the basis of Art. 6 (1) sentence 1 lit. f DSGVO (data processing for the protection of legitimate interests) or Art. 6 (1) sentence 1 lit. e DSGVO (data processing for the protection of public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right of appeal to a supervisory authority (Art. 77 DSGVO)

Pursuant to Art. 77 DSGVO, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right of complaint can be asserted in particular before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

The data subject must authenticate him/herself to the controller to ensure that he/she is legitimised to exercise the data subject rights.

Unless otherwise described above, please contact our data protection officer to assert your data protection rights.

Out external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:

FIRST PRIVACY GmbH

Konsul-Smidt-Straße 88

28217 Bremen, Germany

Web: www.first-privacy.com

Tel.: +49 40 43218-550

E-Mail: datenschutz(at)hur.com