Privacy policy
garding our obligation to provide information when collecting personal data in accordance with Art. 13 GDPR
1. Introduction
Thank you for visiting the website of SCHIESS Werkzeugmaschinenfabrik GmbH. We appreciate your interest in our company and our products. Protecting your private data is very important to us, and we want you to feel secure when visiting our website. To fulfill your information rights and provide information about our products and services, we may ask you to provide personal data. Providing this information is voluntary and will be collected, stored, processed, and/or used in accordance with the applicable data protection regulations of the country where the data controller is located. All data is handled confidentially.
In accordance with Art. 13 GDPR, we hereby inform you about the processing of your personal data (hereinafter referred to as “data”) collected by us and your related rights. The specific data processed depends on the requested or agreed services.
The websites of SCHIESS GmbH may contain links to websites of other providers to which this privacy policy does not apply.
2. Information about the Controller
The controller for the processing of your data is SCHIESS Werkzeugmaschinenfabrik GmbH, Ernst-Schiess-Str. 1, 06449 Aschersleben, Germany.
You can reach us via email at info@schiess.de or by phone at +49 3473-968-0.
3. Data Protection Officer
For questions and concerns regarding data protection, you can contact our Data Protection Officer at cm@metzeler-ds.de or at the postal address provided above with the addition “Data Protection Officer.”
4. Principles of Data Collection
4.1 Data Collection
Providing data is generally voluntary. However, certain processes may require your data to address your or our concerns, such as entering into a contractual relationship.
If the provision of data is mandatory (e.g., for contract or order processing or to enable specific website or shop functionalities), you cannot exercise a right to object in these cases.
When possible, such as in contact or contract forms, we use optional and mandatory fields. Mandatory fields are marked as such. Data in mandatory fields contains the information we require to process your request.
4.2 No Profiling
Profiling (Art. 4(4) GDPR) refers to automated data processing used to evaluate, analyze, or predict personal aspects such as work performance, economic situation, health, or personal preferences. We do not use automated decision-making or profiling.
5. Data Processing
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The legal basis for processing depends on the specific purpose and varies accordingly. Below, we outline the general and specific rules applicable to the processing activities:
- Data within our company is shared only with departments and individuals requiring it to fulfill contractual and legal obligations or our legitimate interests.
- Data may be shared outside our company if required by law or court order. Additional sharing occurs only with your consent or based on a legitimate interest, particularly for processing by service providers.
- We delete data as soon as it is no longer needed for its purpose. However, data may be stored longer due to legal or contractual obligations.
- Data deletion occurs when its purpose no longer applies, consent is withdrawn, or other permissions lapse. Exceptions include the need to assert, exercise, or defend legal claims or compliance with statutory retention periods.
5.1 Processing: Website / Data Storage on Your Device
5.1.1 Processing Content
Our website is based on WordPress, which uses local storage on your device and cookies to ensure proper technical operation.
We also use Usercentrics to manage and document your consent for cookies in compliance with privacy regulations. These cookies are necessary and are not shared with the consent management provider.
Unless explicitly stated (e.g., for communication purposes), no data is processed or stored to identify individuals.
5.1.2 Data Subjects
All visitors to our website(s).
5.1.3 Categories of Processed Personal Data
- Telemetry data: IP address, timestamp, browser type/version, operating system, ISP, referring website, cookie lifespan, version, domain, and path, consents, UID.
5.1.4 Data Recipients
- The processor hosting the website (Art. 28(1) GDPR).
5.1.5 Legal Basis and Purpose
The legal basis is Art. 6(1)(f) GDPR, our legitimate interest in technically and visually proper website delivery and anonymous statistical analysis.
5.1.6 Storage Duration
Telemetry data, cookies, and locally stored data are generally retained for one year or until you request deletion or delete the data yourself.
6. Data Transfers to Third Countries or International Organizations
We strive to process all data within the EU or countries with an adequacy decision under Art. 45 GDPR. In some cases, data may be transferred to service providers in third countries if the conditions under Art. 44 et seq. GDPR are met.
7. Technical and Organizational Measures
We implement measures such as SSL/TLS encryption to ensure secure data processing.
8. Data Subject Rights and Right to Lodge a Complaint
You have the following rights under Articles 7 and 15–22 GDPR:
- Right to withdraw consent (Art. 7 GDPR).
- Right to access (Art. 15 GDPR).
- Right to rectification (Art. 16 GDPR).
- Right to erasure (Art. 17 GDPR).
- Right to restrict processing (Art. 18 GDPR).
- Right to data portability (Art. 20 GDPR).
- Right to object (Art. 21 GDPR).
You may also lodge a complaint with a supervisory authority under Art. 77 GDPR.
Last updated: February 2024