Privacy Policy

Privacy Policy

Data privacy is important to our company. We therefore guarantee our customers, business partners and users of our websites to protect their personal rights.

We guarantee to collect, store and use personal data only within the framework of the rules and regulations on data protection. Your data, which are collected on our websites to the technically necessary extent, will not be sold to any third party and will only be circulated on judicial order for prosecution purposes.

To give you security and peace of mind in this point, we would like to inform you about kind, scope and purpose of the collection and use of personal data. You can call up this information on our websites at any time.

Notes on handling of your personal data and your respective rights

(Information according to Articles 13, 14 and 21 of the General Data Protection Regulation GDPR)

1. Definitions

This Data Privacy Notice includes terms and definitions, which are also used in the General Data Protection Regulation (hereinafter GDPR). As our aim is to be transparent and clear in this regard we would like to explain the terms used in our Data Protection Notice as they can also be found in Article 4 of the GDPR (‘Definitions’).

  • Personal data

‘Personal data’ means any information relating to an identified or identifiable natural person (hereinafter ‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Processing

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transfer, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  • Restriction of processing

‘Restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

  • Controller

‘Controller’ means a natural or legal person, public authority or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

  • Processor

‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  • Recipient

‘Recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  • Third party

‘Third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

  • Consent

‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.



2. Controller

Konrad-Nolte-Straße 20
76726 Germersheim, Germany

Fon: +49 (0)5732 899 1500
Email: privacy@nolte-spa.de

Authorised to represent:

Legally represented by the managing director Melanie Thomann-Bopp.


Specialist contact person:

Stephanie Neitzel
Email: neitzel@nolte-kuechen.de
Tel.: +49 (0)5732 899 8184

 

3. Cookies

Websites are to some extent using what is also referred to as cookies. Cookies do not harm your computer and do not contain any viruses. The purpose of cookies is to make our offer more user-friendly, effective and safe. Cookies are small text files, which are filed on your computer and stored by your browser.

Most of the cookies we use are so-called ‘session cookies’. They are automatically deleted at the end of your session. Other cookies remain stored on your end device until you delete them. Such cookies allow us to recognize your browser when you visit our website the next time.

You can set your browser in a way that you are notified whenever cookies are set and such cookies are only allowed in certain individual cases; you can exclude the acceptance of cookies for individual cases or generally and such cookies are automatically deleted when the browser is closed. The functionality of this website might be impaired, though, if cookies are disabled.

4. Collection of access data /server log files

The supply and representation of contents via our website technically calls for the collection of certain data. Whenever you access our website, these so-called server log files are collected by the respective provider which is hosting the web service (Nolte SPA GmbH or a processor in compliance with Article 28 GDPR). No conclusions to individual persons can be drawn based on these log files.

The respective information consists of the name of the website, the file, the current date, the amount of data, the web browser along with its version, the operating system used, the domain name of your internet provider, the referrer URL as site from which you have changed to our page, and the respective IP address.

We use this data to represent and supply our contents on and to your end device as well as for statistical purposes. This information supports the provision and permanent improvement of our services. We do not merge the data of the server log files with any other data. We reserve the right to check the data in the server log files at a later stage if there is probable cause for illegal use of our website.

5. Encryption of data transfer

Our website uses SSL/TLS encryption technology. Thus, all data of forms and similar input masks relating to the user are safely transmitted.

Facebook Pixel

Description of Service

This is a Tracking technology offered by Facebook and used by other Facebook services. It is used to track interactions of visitors with websites ("Events") after they have clicked on an ad placed on Facebook or other services provided by Meta ("Conversion").

Processing company

Meta Platforms Ireland Ltd.

4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://www.facebook.com/help/contact/540977946302970

Data Purposes

This list represents the purposes of the data collection and processing.

  • Analytics
  • Marketing
  • Retargeting
  • Advertisement
  • Conversion Tracking
  • Personalisation

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Ads viewed
  • Content viewed
  • Device information
  • Geographic location
  • HTTP-header
  • Interactions with advertisement, services, and products
  • IP address
  • Items clicked
  • Marketing information
  • Pages visited
  • Pixel ID
  • Referrer URL
  • Usage data
  • User behaviour
  • Facebook cookie information
  • Facebook user ID
  • Usage/click behaviour
  • Browser information
  • Device operating system
  • Device ID
  • User agent
  • Browser type

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

User’s interactions tracked on websites will not be stored longer than for two years. However, the data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • Singapore
  • United States of America
  • Worldwide

Data Recipients

In the following the recipients of the data collected are listed.

  • Meta Platforms Ireland Ltd., Meta Platforms Inc.

Click here to read the privacy policy of the data processor

https://www.facebook.com/privacy/explanation

Click here to read the cookie policy of the data processor

https://www.facebook.com/policies/cookies

Storage Information

  • Maximum age of cookie storage: 1 year

Stored Information

  • Name: _fbp; Cookie from Facebook used for website analytics, ad targeting and ad measurement.; Type: cookie; Duration: 3 months; Domain: facebook.com;

Google Analytics

Description of Service

This is a web analytics service. With this the user can measure the advertising return of interest "ROI" as well as track user behavior with flash, video, websites and applications.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel
  • JavaScript
  • Device fingerprinting

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Click path
  • Date and time of visit
  • Device information
  • Location information
  • IP address
  • Pages visited
  • Referrer URL
  • Browser information
  • Hostname
  • Browser language
  • Browser type
  • Screen resolution
  • Device operating system
  • Interaction data
  • User behaviour
  • Visited URL

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Chile
  • Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

  • Google Ireland Limited, Alphabet Inc., Google LLC

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to opt out from this processor across all domains

https://tools.google.com/dlpage/gaoptout?hl=de

Storage Information

  • Maximum age of cookie storage: 2 years

Stored Information

  • Name: _ga; This is used to distinguish users.; Type: cookie; Duration: 2 years;
  • Name: _gid; This is used to distinguish users.; Type: cookie; Duration: 1 day;
  • Name: _gat_gtag_xxx; This is used to distinguish users.; Type: cookie; Duration: 1 minute;
  • Name: _gac_xx; This contains information about which ad was clicked.; Type: cookie; Duration: 2 months, 29 days;

Usercentrics Consent Management Platform

Description of Service

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.

Processing company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

datenschutz@usercentrics.com

Data Purposes

This list represents the purposes of the data collection and processing.

  • Compliance with legal obligations
  • Consent storage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Local storage

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Opt-in and opt-out data
  • Referrer URL
  • User agent
  • User settings
  • Consent ID
  • Time of consent
  • Consent type
  • Template version
  • Banner language

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. c GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for three years. The data will then be deleted immediately.

Data Recipients

In the following the recipients of the data collected are listed.

  • Usercentrics GmbH

Click here to read the privacy policy of the data processor

https://usercentrics.com/privacy-policy/

Google Tag Manager

Description of Service

This is a tag management system. Via Google Tag Manager, tags can be integrated centrally via a user interface. Tags are small sections of code that can track activities. Script codes of other tools are integrated via the Google Tag Manager. The Tag Manager allows to control when a particular tag is triggered.

Processing company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Tag Management

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Website tags

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Aggregated data about tag firing

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data to a country without the required data protection standards. If the data is transferred to the USA, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. For more information regarding safeguards please refer to the website provider’s privacy policy or contact the website provider directly.

  • United States of America
  • Singapore
  • Taiwan
  • Chile

Data Recipients

In the following the recipients of the data collected are listed.

  • Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

8. Handling of personal data

We collect personal data in the framework of data avoidance and data minimization to such an extent and for such a period as it is required for the use of our website and the services offered there or as long as prescribed by the legislator. We take the privacy of your personal data very serious and strictly abide to the respective legal regulations and to this data privacy notice when it comes to the collection and processing of personal data. If the purpose of data collection ceases to apply or if the maximum storage period has expired the collected data will be blocked or erased.

Our website can regularly be used without the circulation of personal data. When we collect personal data – such as your name, your address or your email-address – these data are collected on an optional basis. Such data will not be circulated to any third party without your explicitly given consent.

Please note that, in general, data are not always safely circulated in the internet. Especially when it comes to email correspondence, a full protection during data exchange cannot be guaranteed.

9. Purpose of processing

The processing of personal data is carried out in accordance with the regulations of the European General Data Protection Regulation (GDPR) and the German Bundesdatenschutzgesetz (BDSG):

  • Due to your consent (Article 6, para. 1a GDPR)

The data subject has given consent to the processing of his or her personal data for one or more specific purposes.

  • For the performance of a contract (Article 6, para. 1b GDPR)

Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

  • Due to compliance with legal obligation (Article 6, para. 1c GDPR)

Processing is necessary for compliance with a legal obligation to which the controller is subject.

  • For the purpose of legitimate interest (Article 6, para. 1f GDPR)

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

10. Withdrawal of given consent

According to Article 7, para. 3 GDPR, the data subject shall have the right to completely withdraw or change his or her consent regarding the processing of personal data for one or more specific purposes at any time with effect for the future. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. If not offered via special functions, you can send us your withdrawal either by post, email or by using our contact form on our website. There will be no other costs for you than the postal charges or the transfer costs in compliance with the currently valid basic tariffs.

11. Data collection at third parties

If, in connection with our brand, our product or our company, personal data are collected, stored, processed at third parties and are circulated to us for a certain purpose, the transfer of such data to us is especially subject to the lawfulness of the respective collector. If data is sent to us (e.g. in connection with brochures of our company ordered on information platforms on the internet), we assume consent of the data subject regarding the circulation to and processing by our company. Hereby, however, we only accept data transfers and process them if they come from authorized sources known to us due to active business relationships.

12. Circulation of data

For the purpose of fulfilment of our contractual and statutory obligations or also services required by the user, business partners assigned by our company – such as a processor (Article 28 GDPR) will be granted access to your data.

13. Transfer of data into a third-party country or to an international organisation

There will only be a transfer of data into third-party countries if this is necessary for order fulfilment or statutory or if the data subject has given his or her consent.

14. Maximum storage period of data

If necessary, we process and store your personal data for the period required for the fulfilment of the respective purpose for which consent to data processing has been given.

Apart from that, we are subject to certain retention and documentation obligations resulting from the German Commercial Code (HGB), amongst others. The maximum retention or documentation periods respectively indicated there are two to ten years.

15. Contact form

If you send us your enquiry via our contact form, your data of the enquiry form plus the contact data entered there will be stored in order to process your enquiry and in case of later enquiries. These data will not be given to any third party without your consent.

16. Visitor management with the scope of Nolte SPA show events

Nolte SPA show events have the particular purpose of informing customers, suppliers as well as the media about new products and services as well as of engaging in dialogue with a view to continuing and shaping business cooperation. Furthermore, Nolte SPA show events also have the purpose of initiating new business relationships, in particular with customers, suppliers as well as media. As such, these events to a significant extent serve promotional purposes and underpin business development at Nolte SPA.

This dialogue with existing as well as with potential new business partners must take place through the relevant members of staff of the companies concerned, from which Nolte SPA derives the legitimate interest pursuant to Article 6 (1) f of the GDPR to store and process personal data of such persons exclusively in the required scope for the designated purpose and for the duration of preparing, holding and following up the particular show event. This includes the storage and processing of data of such persons with which no active business relationship exists at the time of being invited to the show.

The online registration and accreditation process this involves in advance of the show event has the purpose of simplifying the making on contact between visitor and the relavent Nolte SPA contact persons as well as of ensuring the enforcement of Nolte SPA's domiciliary rights in such form that a personalised admission ticket is sent to the registering visitors through which Nolte SPA, within the scope of checking admissions to the show event, can establish who is present on the premises of Nolte SPA.

In this context, the systemic handling of visitor management by Nolte SPA takes place with the support of a processor (see above). Personal data recorded and stored in connection with Nolte SPA show events will not be made accessible to third parties.

17. Still and motion pictures with the scope of Nolte SPA show events

To reinforce the promotional impact as well as document show presentations vis-à-vis consumers, retail partners, media, suppliers, staff and proprietors, still photographs and video footage are taken at Nolte SPA show events whereupon they are processed, stored and published on external communications channels (e.g. website, Facebook, YouTube). Within the scope of show events, Nolte SPA reserves the right to take, process and disseminate still photographs and motion pictures of guests for purposes of public relations insofar as show visitors do not object to such in the form of a personal remark to the photographer or film crew on location at the show event. Attention will be drawn to the fact that photographs and videos will be taken on the admission ticket as well as in a clearly visible place at the entrance to the show event. The legal basis for this is Art 6 (1) f of the GDPR. Our legitimate interest lies in informing business partners, interested consumers, proprietors as well as Nolte SPA staff about the event in conjunction with the above-mentioned communication purposes within the scope of our PR activities.

 

18. Explanations regarding the data subjects’ rights

As a user of our website, the data subject is entitled – upon proof of their identity – at any time and free of charge to access the data stored about the data subject and for the purpose of storage (Article 15 GDPR). Apart from that, the data subject has the right to rectification (Article 16 GDPR), right to erasure (Article 17 GDPR), right to restriction of processing (Article 18 GDPR) or right to data portability (Article 20 GDPR). Please feel free to contact us or our Data Protection Officer, lawyer Stephanie Neitzel in writing. In case of an assumed infringement against data privacy rights, the data subject also has the right to lodge a complaint with a supervisory authority (Article 77 GDPR i.c.w. § 19 of the Federal Data Protection Act). The supervisory authority responsible for Nolte SPA GmbH is the data protection authority of Rhineland-Palatinate.

19. Right to object

According to Article 21 GDPR, the data subject shall have the right to object at any time to processing of personal data concerning him or her which is based on Article 6, para. 1f GDPR (data processing for the purpose of legitimate interest). Full or partial objection can be sent to Nolte SPA GmbH together with a respective message (per mail or email).

If there are no longer mandatory reasons requiring protection for processing outweighing your interests, rights or freedoms or if the processing serves for the enforcement, exercising or defending of legitimate claims, your personal data will no longer be processed if you object to processing.

20. Objection to email marketing

The usage of contact data published within the framework of imprint obligation for the purpose of providing not specifically requested advertisements and information is herewith objected to. The website operators explicitly reserve all legal steps if advertising material, e.g. spam emails, are sent unrequested.

Sorry, your session has expired. Please reload the page and submit the form again.