With this data protection policy, FrigorTec would like to inform you about the handling of your personal data. We process your data in compliance with Regulation (EU) 2016/679 (“General Data Protection Regulation”, or “GDPR”), national data protection laws, and this data protection policy.
Scope and special data protection information
This data protection policy applies to the collection, processing, and use (“processing”) of your personal data in the context of your use of FrigorTec's internet offering at https://www.frigortec-shop.com (“website”).
To FrigorTec, the protection of your privacy and maximum transparency are the foundation for a successful and trust-based cooperation.
Name and address of the controller
The controller in the sense of the GDPR and other national data protection laws is:
88279 Amtzell / Germany
Managing Director: Ralph Kolb, Tjark Misselwitz
Tel: +49 7520 914820
Fax: +49 7520 9148222
Name and address of the data protection officer of the controller
You can reach our data protection officer at the postal address listed above with the addition “An den Datenschutzbeauftragten” (to the data protection officer) or at
email@example.com or firstname.lastname@example.org.
General information on data processing
Scope of processing of personal data
We initially collect and use only the data listed in the section “Provision of the website and creation of log files” from visitors to our website. Beyond that, we process the personal data of our users only to the extent that necessary for providing a functional website, as well as our contents and service. The collection and use of personal data can be done also with the users' consent. An exception applies in cases where prior consent is impossible for material reasons or where the processing of data is permitted by laws and regulations.
Legal basis for the processing of personal data
In cases where we obtain the consent of a data subject for the processing of personal data, the legal basis for processing is point (a) of GDPR Article 6(1).
When processing personal data that is required for the performance of a contract to which the data subject is a party, the legal basis is point (b) of GDPR Article 6(1). This also applies to processing required prior to entering a contract.
Where the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, the legal basis is point (c) of GDPR Article 6(1).
If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis for processing is point (f) of GDPR Article 6(1).
Data erasure and storage duration
The personal data of the data subject will be deleted or made unavailable as soon as the purpose of storage no longer applies. Storage is also permitted where this is provided for by the European or national legislature in Union legal acts, laws, or other regulations to which the controller is subject. Data will also be made unavailable or erased when a storage period required by one of the above norms, unless further data storage is required for entering into or performance of a contract.
Provision of the website and creation of log files
Description, purpose and scope of the data processing
With each access to our website, our system automatically collects data and information from the accessing computer system.
The following data is collected:
- Information about the browser type and the version used
- The user's operating system
- The user's Internet service provider
- The user's IP address
- The date and time of access
- Websites from which the user's system accesses our website
- Websites accessed by the user's system from our website
Temporarily storing the IP address by the system is necessary to enable the delivery of the website to the user's computer. The user's IP address needs to remain stored for the duration of the session.
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data for optimising the website and to ensure the security of our IT systems. An evaluation for marketing purposes does not take place in this context.
Legal basis for processing
The legal basis for the temporary storage of data and log files is point (f) of GDPR Article 6(1).
Duration of storage
The data will be erased as soon as they are no longer needed for the purpose of their collection. If the data was collected for providing the website, this is the case when the session is over.
If the data is stored in log files, this is the case after no more than seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or obscured so that an identification of the accessing client is no longer possible.
Objection and removal
The collection of data for providing the website and their storage in log files is required for the operation of the website. The user therefore does not have an option to object.
A data subject is able to prevent the placement of cookies by our website at any time by means of a setting in his or her internet browser, thereby objecting to the placement of cookies permanently. Furthermore, cookies that have already been placed can be deleted at any time by means of an internet browser or other software. This is possible with all commonly available internet browsers. If a data subject deactivates the placement of cookies in their internet browser, not all functions of our website may be fully functional.
Description, purpose and scope of the data processing
We differ between cookies in the categories technically necessary and functional cookies.
We employ functional cookies to make our website more user-friendly. Some elements on our website require that the accessing browsers can be clearly identifiable even after a page change.
The following data is stored and transmitted in these cookies:
- Language settings
- Shopping cart
- Login information
|sid||Session ID value||session||www.frigortec-shop.com|
|sid_key||SID (Session Identification Number)||session||www.frigortec-shop.com|
|displayedCookiesNotification||Used for Cookie note, store bool value showed/not showed||30 days||www.frigortec-shop.com|
User data collected by technologically necessary cookies is not used to generate user profiles.
Description, purpose and scope of the data processing
Contact is possible via the provided e-mail address. In this case, the personal data sent in the e-mail is stored.
The data collected in this context is not forwarded to third parties. The data is used exclusively for processing the conversation.
Legal basis for processing
The legal basis for processing the data transmitted in an e-mail is point (f) of GDPR Article 6(1). If the e-mail contact is made with the intent of entering into a contract, then point (b) of GDPR Article 6(1) serves as an additional legal basis.
Duration of storage
The data will be erased as soon as they are no longer needed for the purpose of their collection. For personal data that is submitted via e-mail, this is the case then when the respective conversation with the user ends. The conversation ends when circumstances justify the conclusion that the relevant matter has been finally settled. If a contract is concluded, the legal retention periods are valid.
Objection and removal
The user has the right, at any time, to withdraw his or her consent to the processing personal data. If a user contacts us via e-mail, then he or she may object to the storing of their personal data at any time. In such an event, the conversation cannot be continued.
All personal data that was stored during the contact will be deleted in this case.
Registration / Customer account (Article 6(1) point (a, b) GDPR)
On our Internet site we provide user the opportunity to register by entering personal data. The advantage is that you can review your order history in particular and that your entered data is saved for the order form. You therefore do not need to enter them again for a new order.
Thus the registration is needed either for fulfilling a contract (via our online shop) with your or for carrying out pre-contractual measures.
The principle of data minimisation and data avoidance is observed here, because only the data necessary for the registration is marked here (in bold type) as a mandatory field. These are for example the e-mail address as well as password including password repetition.
For orders in our online shop we also need information about the invoice address (company name, VAT ID, address, country) for the shipment. In case the shipping address deviates from the invoice address, the above information also needs to be provided additionally for the shipment address.
By registering on our Internet site, the IP address of the user, the date as well as the time of the registration (technical background data) is saved as well.
The storage of this data is done against the backdrop that only in this way a misuse of our services can be prevented and this data makes it possible to investigate committed criminal offences if necessary. Thus the storage of this data is required for the protection for the controller responsible for the processing. Forwarding this data to third parties is basically not done, as long as there is no legal obligation for forwarding or the forwarding is needed for criminal prosecution.
By actuating the “Save” button, you give your consent to the processing of your data.
Please note: The password given by you is saved encrypted by us. Employees of our company cannot read this password. They cannot provide help therefore in case you forgot your password.
Use the “Forgot password” function in this case. A new, automatically generated password is sent to you then via e-mail. No staff member is authorised to ask you for your password by phone or in writing. Never state your password therefore should you receive such a query.
With the conclusion of the registration process, your data is stored with us for use of the protected customer area. Once you have logged in to our Internet site with e-mail address as user name and password, this data is provided for actions carried out by you on our Internet site (e.g. for orders in our online shop). Orders made can be reviewed in the order history. Changes to the invoice or delivery address can be made here.
Registered persons have the option to independently carry out changes / corrections of the invoice or delivery address in the order history. Of course you can also dissolve or delete the registration or your customer account again.
The controller responsible for the processing can initiate the forwarding to one or more order processors, for example a parcel service, which also uses the personal data exclusively for internal usage, which is assigned to the controller responsible for the processing.
Newsletter (Article 6(1) point (a) GDPR)
When registering on our website, a free newsletter can be subscribed to.
The newsletter of our company can be basically received only by the data subject if (1) the data subject has a valid e-mail and (2) the data subject has registered for the sending of the newsletter. As part of the double-opt-in process, a confirmation e-mail is sent first of all to the e-mail address for the sending of the newsletter that was submitted by a data subject. This confirmation mail serves to check whether the owner of the e-mail address has authorised the receiving of the newsletter as the data subject.
During the registration for the newsletter we also save the IP address issued by the Internet Service Provider (ISP) of the computer system used by the data subject at the time of the registration along with the date and time of the registration. The collecting of this data is necessary to be able to trace the (possible) misuse of the e-mail address of a data subject at a later time and thus serves the legal protection for the controller responsible for the processing.
The personal data collected in the course of a registration for the newsletter is used exclusively for sending our newsletter. Furthermore subscribers of the newsletter can be informed via e-mail in so far this is necessary for operating the newsletter service or a registration concerning this as this could be in case of a change of the newsletter offer or a change of the technical circumstances. There will be no forwarding of personal data, which was collected as part of the newsletter service, to third parties. The subscription of our newsletter can be cancelled at any time by the data subject. The consent to the storage of personal data that the data subject has given us for the newsletter subscription can be withdrawn at any time. There is an appropriate link in every newsletter for the purpose of withdrawing the consent. There is additionally the option to cancel the newsletter subscription at any time directly on the Internet site of the controller responsible for the processing or to inform the controller responsible for the processing by other means.
Webshop (Article 6 (1) point (b) GDPR)
We process the data entered by you as part of the order only for carrying out or handling the contractual relationship, in so far as you do not agree to a further use.
The principle of data minimisation and data avoidance is observed by you having to provide us only with that data that we essentially need for carrying out the contract or for fulfilling our contractual obligations (that is company name, VAT ID, address, e-mail, country) or which we are legally obligated to collect.
Additionally, your IP address is processed for technical requirements as well as for legal protection. Without this data we would have to reject the conclusion of the contract unfortunately, because we could not carry it out without this data and we may have to end an existing contract. Of course you could provide more of your data if you wish.
Data protection rules for the use of Google Web Fonts
This website uses web fonts provided by Google for the unified representation of fonts. When accessing a page, your browser loads the web fonts needed to show text and fonts correctly.
This is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Parent company: Google LCC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To this end, the browser used by you needs to connect to the servers of Google. This provides Google with the information that our website was accessed from your IP address. We use Google Web Fonts in order to present our online offers in a unified and appealing manner. This constitutes a legitimate interest in the sense of point (f) of GDPR Article 6(1). If your browser does not support web fonts, then your computer will use a standard font.
Rights of the data subjects
If your personal data is processed, then you are a “data subject” in the sense of the GDPR, and you have the following rights with respect to us as the controller. You may exercise your rights by contacting our data protection officer or the employees of the service centre and describing your request.
Right to access
Any data subject affected by the processing of personal data has the right, at any time, to receive information about the data stored about their person from the controller, as well as a copy of this data. You may request confirmation from the controller about whether personal data about you is being processed by us.
Right to rectification
Any person affected by the processing of personal data has the right to demand the prompt rectification of incorrect personal data about them. Taking into account the purposes of the processing, the data subject also has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to restriction of processing
Any person affected by the processing of personal data has the right to obtain from the controller restriction of processing where one of the conditions provided by the legislative in GDPR Article 18(1) is met.
Right to erasure
Any person affected by the processing of personal data has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay if one of the conditions in GDPR Article 17(1) applies.
Right to data portability
Any person affected by the processing of personal data has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she shall also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent according to point (a) of GDPR Article 6(1), or point (a) of GDPR Article 9(2), or on a contract as per point (b) of GDPR Article 6(1), and the processing is done by means of automated procedures.
Right to objection
Any person affected by the processing of personal data has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (f) of Article 6(1) of the GDPR. This includes profiling based on these provisions.
Upon objection, the company no longer processes the personal data unless compelling legitimate grounds are processed for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning him or her for such marketing. This also includes profiling to the extent that it is related to such direct marketing. Where the data subject objects to processing for direct marketing purposes, the personal data is longer processed for such purposes.
Right to withdraw consent
Any person affected by the processing of personal data has the right to withdraw their consent to the processing of personal data at any time.
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.