In the following we inform you about the collection of personal data when using our websites including our web shop (customer portal). Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
1 Person responsible for data processing
Responsible according to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is
C. E. Gätcke's Glas Gesellschaft (GmbH & Co KG)
F. Dau & Sohn (GmbH & Co KG)
Managing directors: Peter Börner, Dorothée Kuhnert, Harold Lienau, Kai Lorenzen
Phone: +49 40 731 206-0
Fax: +49 40 731 206-10
(see our Legal Notice).
2 Contact possibility of the data protection officer
You can reach our data protection officer at firstname.lastname@example.org or our postal address with the addition "data protection officer".
3 Your rights
You have the following rights with regard to personal data concerning you:
3.1 General rights
You have the right of access, rectification, erasure, limitation of processing, opposition to processing and transfer of data. If a processing is based on your consent, you have the right to revoke it to us with effect for the future.
3.2 Rights in data processing according to legitimate interest
Pursuant to Art. 21 (1) GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 (1) e GDPR (data processing in the public interest) or Article 6 (1) f GDPR (data processing to safeguard a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling reasons for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
3.3 Rights in direct advertising
If we process your personal data for the purpose of direct advertising, you have the right, pursuant to Art. 21 para. 2 GDPR, to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct advertising.
In the event of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.
3.4 Right to complain to a supervisory authority
You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us.
4 Collection of personal data when you visit our website
If you only use the website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6 Para. 1 f GDPR:
• IP address
• Date and time of the request
• Contents of the request (the page/file called)
• Access status/HTTP status code
• Amount of data transferred in each case
• the website from which the request comes (referrer URL)
• Operating system
• Browser software, language and version of the browser software
• Hostname of the accessing computer
5 Contact via e-mail or contact form
When you contact us by e-mail or via a contact form, the data you provide us with (your e-mail address, possibly your name and telephone number) will be stored by us in order to answer your questions. If we use a contact form to request information that is not required for contacting you, we have always marked it as optional. These details serve us to concretise your enquiry and to improve the handling of your request. This information is expressly provided on a voluntary basis and with your consent, Art. 6 para. 1 a GDPR. Insofar as this information relates to communication channels (e.g. e-mail address, telephone number), you also agree that we may also contact you via this communication channel in order to respond to your request. You can, of course, revoke this consent at any time for the future.
We delete the data arising in this connection after the storage is no longer necessary or restrict the processing if there are legal storage obligations.
6 Registration and use of the portal
You have the possibility to register with us and create a customer account. For the registration we collect and store the following data from you:
• First name
• E-Mail (Username)
• Telephone number
We use the so-called double opt-in procedure for registration, i.e. your registration is only complete after you have confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. If your confirmation is not received within [24 hours], your registration will automatically be deleted from our database. It is obligatory to provide the aforementioned data; you can provide all further information voluntarily by using our portal.
Once you have registered, you will receive personal, password-protected access and can view and manage the data you have stored. Registration is voluntary, but may be a prerequisite for using our services.
If you use our portal, we store your data necessary for the fulfilment of the contract, if necessary also information about the method of payment, until you finally delete your access. Furthermore, we store the voluntary data provided by you for the duration of your use of the portal, unless you delete it beforehand. You can manage and change all data in the protected customer area. The legal basis is Art. 6 Para. 1 a, b and f GDPR.
7 Online Orders - Shop
If you place an online order on our website, we collect various data required for the conclusion of the contract. The legal basis is the conclusion and execution of a contract in accordance with Art. 6 Para. 1 b GDPR. The data will be stored for the duration of the contract and in accordance with legal obligations. For payment processing, we use various payment service providers, which are always identified and accept your input directly and are therefore recipients of your personal data collected in connection with the payment process. The legal basis for the involvement of payment service providers is the execution of the contract in accordance with Art. 6 Para. 1 b GDPR. Storage for the purpose of payment takes place for the duration of payment processing.
This website uses the following types of cookies, the scope and functionality of which are explained below:
8.1 Transient Cookies
These cookies are automatically deleted when you close your browser. These include in particular session cookies. They store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This enables your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close your browser.
8.2 Prevention of cookies
You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third-party cookies or all cookies. We would like to point out that you may then not be able to use all the functions of this website.
8.3 Legal basis and storage period
The legal bases for possible processing of personal data and their storage duration vary and are described in the following sections.
9 Data transmission
A transfer of your personal data to third parties does not take place unless we are legally obliged to do so, or the data transfer is necessary for the execution of the contractual relationship or you have previously expressly consented to the transfer of your data.
9.1 External service providers
Our websites are hosted by external service providers. They provide the necessary infrastructure and computing power, storage space and database services, security and maintenance services. We use these services to operate our websites efficiently and securely. We and our hosting providers process usage data, content data, meta and communication data, but also inventory data, contact data and contract data of users and customers of our websites. This data processing is based on our legitimate interest in the efficient and secure provision of our websites. The legal basis for this is Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR.
Other external service providers and partner companies such as online payment providers or a shipping company commissioned with the delivery will only receive your data to the extent necessary to process your order. In these cases, however, the scope of the data transmitted is limited to the necessary minimum. Insofar as our service providers come into contact with your personal data, we ensure within the framework of order processing pursuant to Art. 28 GDPR that they comply with the provisions of the data protection laws in the same way. Please also note the respective data protection information of the providers. The respective service provider is responsible for the contents of external services, whereby we check the compliance of the services with the legal requirements within the scope of reasonableness.
9.2 External contents
We embed Google Inc, (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) fonts ("Google Fonts") on our websites. Each time you access web pages that use Google Fonts, your browser will address a Google server, usually a server in the United States. There is no authentication when using Google fonts. No website visitor cookies are sent to the Google Fonts API. The browser sends the following data to the Google server:
• Browser and browser version
• Host (website) that triggers the request
• Operating system of the user
• Screen resolution of the user
• IP address of the user
• Language setting
The legal basis for the use of Google Fonts is our legitimate interest in the efficient and user-friendly provision of our websites, Art. 6 Para. 1 f GDPR. Further information can be found in Google's data protection declaration: https://www.google.com/policies/privacy/ and at https://developers.google.com/fonts/faq.
10 Data security
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
Effective May 2019
Looking for a product packaging?
We look forward to your call!