Privacy Policy

1. General Privacy Note

Achenbach Buschhütten GmbH & Co. KG (hereinafter referred to as "Achenbach" or "We/we" or "Us/us") is pleased to welcome you to our website and appreciates your interest in our products and services. 

The protection of your personal data is important to us. We process personal data in accordance with applicable legal regulations and inform you below about which personal data we collect, what we do with it, for what purposes and on what legal bases this is done. Furthermore, we draw your attention to the rights and claims to which you are entitled in connection with the processing.

Personal data includes all information relating to an identified or identifiable natural person, such as names, addresses, phone numbers, or email addresses that express the identity of a person.

Achenbach supports you with all questions relating to data protection on our website. To assert your rights, as well as for suggestions and complaints regarding the processing of your personal data, we recommend that you contact our data protection officer. You can contact our contact persons for all matters and questions regarding data protection at any time at the following address.

1.1 Data Controller
The controller within the meaning of the EU General Data Protection Regulation (GDPR) for the processing of your data is Achenbach Buschhütten GmbH & Co. KG. Our contact details are as follows:

Achenbach Buschhütten GmbH & Co. KG
Siegener Straße 152
57223 Kreuztal
Germany

Email: info@achenbach.de
Phone: +49 (0) 2732 799 - 0

1.2 Data Protection Officer

Our Data Protection Officer for the locations in Germany is Mr. Stephan Schneider. The contact details are as follows:

bits + bytes it-solutions GmbH & Co. KG
Krombacher Str. 24
57223 Kreuztal

E-Mail: datenschutznoSpam@achenbachnoSpam.de
Telefon: +49 (0) 700 20 30 10 30

1.3 Data Collection

We collect and process personal data that we receive from you in the course of our business relationship, i.e. during the initiation and execution of the product or service purchased by you, or that we collect about you in connection with the use of the product or service.

The processing is primarily carried out to fulfill our contractual and legal obligations towards our customers and interested parties. In deviation from this, we process your data to protect our legitimate interests, taking into account your rights and freedoms with regard to your personal data.

The categories of data that we receive, collect, and process from you include, for example, contact data (name, email, phone number, address, etc.) or payment data.

1.4 Duration of Storage and Retention Periods

If no explicit retention period is specified at the time of collection (e.g., as part of a consent declaration), your personal data will be deleted as soon as it is no longer required to fulfill the purpose for which it was stored, if you assert a legitimate request for erasure or if you revoke your consent to data processing. This is unless legal retention obligations (e.g., retention obligations under commercial and tax law) prevent deletion. In such cases, the data will be deleted after the retention periods have expired.

1.5 Your Rights Regarding Your Data

You have the right to obtain information about the origin and recipients of your data stored by us and the purpose of the storage at any time. Additionally, you have the right to receive your personal data in a structured, commonly used and machine-readable format. You also have the right to request the rectification, restriction of processing, blocking or erasure of your data. Furthermore, you have the right to object to processing for reasons of public or legitimate interests. You have the right to lodge a complaint with the relevant supervisory authority (for NRW: The State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia in Düsseldorf). You can withdraw your consent to the storage or use of your personal data at any time.

If you have any questions, complaints or requests for information regarding the processing of your personal data, you can also contact us or our Data Protection Officer directly.

1.6 Transfer of Personal Data to Third Parties

Personal data is generally only transferred by us to other controllers if this is necessary for the fulfillment of the contract, if we or the third party have an overriding legitimate interest in the transfer or if you have given your consent for this purpose. In addition, data may be transferred to other responsible parties if we are obliged to do so by law or by an enforceable official or court orders.

Service Providers (General) 
Achenbach may commission external service providers, known as processors, to perform tasks such as marketing services, programming, data hosting or hotline services, etc. We carefully select the service providers and only transfer personal data on the basis of a valid processing contract. In the case of joint responsibility, a joint processing agreement will be concluded. Processors may also include other companies within the Achenbach Group.

Recipients Outside the European Economic Area (EEA)
Personal data may also be transferred to third parties located outside the EEA in so-called third countries. In this case, your personal data will only be transferred if proof of an adequate level of data protection is provided by the recipient in accordance with Art. 44 GDPR or if you have given your consent.

2. Collection, Processing, and Use of Personal Data

The controller responsible for processing your data is Achenbach Buschhütten GmbH & Co. KG. Our contact details are as follows:

Achenbach Buschhütten GmbH & Co. KG
Siegener Straße 152
57223 Kreuztal
Germany

Email: info@achenbach.de
Phone: +49 (0) 2732 799 - 0

3. Collection, processing and use of personal data

2.1 Visiting Our Website
When you access our website, personal data is automatically processed. Each time the Internet is used, general information is automatically transmitted by your Internet browser and stored by us in so-called log files when our website is accessed.

The log files are processed by us to ensure a seamless connection to the website, optimal use and technically error-free display of our website, as well as for security reasons (e.g., to investigate attempted attacks or detect misuse). The log files are stored for a period of 7 days and then deleted. The data is not used to draw conclusions about your person. However, we reserve the right to check log files retrospectively if there are specific indications of illegal use and to keep them beyond the specified storage period if further retention is required for evidence purposes. As part of an investigation, the collected data may be shared with investigative authorities on a case-by-case basis.

The log files particularly store the following information: 

  • IP address (Internet Protocol address) of the device used to access our website;
  • Internet address of the website from which our website was accessed (so-called origin or referrer URL);
  • Name of the service provider through which access to our website occurs;
  • Name of the retrieved files or information;
  • Date and time as well as the duration of the retrieval and the amount of data transferred;
  • Operating system and information about the Internet browser used, including installed add-ons.

The processing is carried out in accordance with Article 6(1)(f) GDPR based on our legitimate interest in the technical stability, optimal presentation, and use of the website, as well as ensuring system security and detecting misuse.

2.2 Responding to Contract Inquiries
If you send us a contact inquiry (for example, by email, phone, or fax), your information from the inquiry, including the contact details you provide, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. The data you send us via the inquiry will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g., after your request has been processed). We do not share this data without your consent.

The processing of this data is based on your consent in accordance with Art. 6(1)(a) GDPR, as well as on our legitimate interest in the effective processing of contact inquiries directed to us in accordance with Art. 6(1)(f) GDPR. If your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures, the processing is based on the legal basis for fulfilling contractual or pre-contractual obligations in accordance with Art. 6(1)(b) GDPR.

2.3 Application Process
We collect and process personal data from applicants for the purpose of managing the application process. Processing can be done both by postal and electronic means. This is particularly the case when an applicant submits corresponding application documents to us electronically, for example, by email or through an application portal on our website. Application documents submitted by post are digitized by us and then disposed of in a manner compliant with data protection regulations.

The processing of data in the context of the application process is based on the legal basis of legitimate interest pursuant to Art. 6(1)(f) GDPR in an obligation to provide evidence in a procedure under the General Equal Treatment Act. Additionally, the application documents are processed based on the legal basis for the fulfillment of pre-contractual obligations pursuant to Art. 6(1)(b) GDPR.

If an employment contract is concluded between us and an applicant, the transmitted data will be stored for the purpose of managing the employment relationship in compliance with legal regulations. If no employment contract is concluded between us and the applicant, the application documents will be automatically deleted after 6 months in accordance with legal provisions and deadlines. If you agree to an extended retention period, the documents will be kept for our talent pool for 2 years.

2.4 Video Surveillance
The area surrounding the company premises is equipped with video surveillance for visual control and remote control of the outdoor gates or access points on our factory premises. The video recordings are stored on video servers and then irreversibly deleted. The data is only passed on to third parties if we are legally obliged to do so as part of an investigation.

The processing through the recordings is based on the legitimate interest pursuant to Art. 6(1)(f) GDPR in protecting against unauthorized access to monitored premises and buildings, property damage, and theft.

3. Cookies

The present website uses cookies. Cookies do not cause any damage to your device but are small data packets that are temporarily stored on your device for the duration of a session or permanently. Temporary cookies are automatically deleted after you visit our website, while permanent cookies remain on your device until you delete them yourself or through the function on your internet browser. By using cookies, Achenbach can provide users of this website with more user-friendly services that would not be possible without the cookie setting.

Many cookies are technically necessary because certain functions such as the display of text and images would not be possible without them. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This allows the visited websites and servers to distinguish the individual browser of the affected person from other internet browsers that contain different cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

By means of a cookie, the information and offers on our website can be optimized for the user. As mentioned earlier, cookies enable us to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user of a website that uses cookies does not have to enter their access data again each time they visit the website because this is taken over by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in an online shop. The online shop remembers the items that a customer has placed in the virtual shopping cart via a cookie.

The data subject can prevent cookies from being set by our website at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of our website may be fully usable.

3.1 Google Analytics (with anonymization function)
The data controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analytics service. Web analytics involves collecting, gathering, and evaluating data about the behavior of visitors to websites. A web analytics service captures, among other things, data about which website a data subject has come to a website from (so-called referrer), which subpages of the website were accessed, or how often and for what duration a subpage was viewed. Web analytics is primarily used to optimize a website and for cost-benefit analysis of internet advertising.
The operating company of the Google Analytics component is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

The data controller uses the "_gat._anonymizeIp" addition for web analytics through Google Analytics. By means of this addition, the IP address of the data subject's internet connection is shortened and anonymized by Google when accessing our websites from a member state of the European Union or from another contracting state of the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze visitor flows and usage on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website in order to compile online reports for us, which show the activities on our websites and to provide other services related to the use of our website. The use of this service is based on your consent to the use of cookies in accordance with Art. 6(1)(a) GDPR. You can withdraw your consent at any time.

The data subject can prevent cookies from being set by our website, as described above, at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from setting a cookie on the data subject's information technology system. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.

Furthermore, the data subject has the possibility to object to the collection of data generated by Google Analytics related to the use of this website and to the processing of this data by Google and to prevent such. To do this, the data subject must download and install a browser add-on at the link tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as a contradiction. If the information technology system of the data subject is deleted, formatted or reinstalled at a later time, the data subject must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within their sphere of influence, there is the possibility of reinstalling or reactivating the browser add-on.

Further information and the applicable data protection provisions of Google can be found at www.google.de/intl/de/policies/privacy/ and at www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link www.google.com/intl/de_de/analytics/.

3.2 Google Fonts
Our website uses Google Fonts (formerly Google Web Fonts), which are provided by Google, to ensure a consistent display of fonts. In particular, website operators using WordPress often rely on Google Fonts. The Google Fonts are stored locally, so no data transfer occurs through the use of this cookie.

3.3 Google Maps
The website uses the Google Maps API to visually represent geographic information. When using Google Maps, data about the usage of the Maps features by visitors to the websites is collected, processed, and used by Google (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). Each time the "Google Maps" component is called up, Google sets a cookie to process user settings and data when displaying the page where the "Google Maps" component is integrated. This cookie is usually not deleted when the browser is closed but expires after a certain period of time unless manually deleted by you.

If you do not agree with this processing of your data, you have the option to disable the "Google Maps" service and thus prevent the transmission of data to Google. To do this, you need to disable the JavaScript function in your browser. However, please note that in this case, you may not be able to use "Google Maps" or only to a limited extent. The use of this service is based on your consent to the use of cookies in accordance with Art. 6(1)(a) GDPR.

The use of "Google Maps" and the information obtained through "Google Maps" is subject to the Google Terms of Service http://www.google.de/intl/de/policies/terms/regional.html and the additional terms and conditions for "Google Maps" https://www.google.com/intl/de_de/help/terms_maps.html.

3.4 Google Tag Manager
For our website, we use the Google Tag Manager provided by Google Inc. (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). The Google Tag Manager allows website tags to be managed through an interface. The Google Tag Manager itself does not set cookies but only tags and does not collect any personal data. The service triggers other tags, which may collect data in turn. However, the Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will remain for all tracking tags implemented with Google Tag Manager. If Google stores data, it will be stored on its own servers distributed worldwide, with most located in the United States of America.

You can find precise information about the location of Google servers at https://www.google.com/about/datacenters/inside/locations/?hl=en.

The use of Google Tag Manager is based on your consent according to Art. 6(1)(a) GDPR. This consent can be revoked at any time.

3.5 Usercentrics
For our website, we utilize the consent management service provided by Usercentrics GmbH, located at Sendlinger Str. 7, 80331 Munich, Germany (Usercentrics). The Usercentrics Consent Management Platform collects log file and consent data using JavaScript. This JavaScript enables us to inform the user about their consent to specific tags on our website, to obtain, manage, and document them. The processing is necessary to fulfill a legal obligation according to Art. 6(1)(c) GDPR.

The following data is processed for this purpose: date and time of access, browser information, device information, geographic location, cookie preferences, and URL of the visited page.

The legal basis for managing your consents to process your personal data is Art. 6(1)(f) GDPR. Our legitimate interest lies in legally documenting and proving consents, adjusting marketing measures based on the given consent, and optimizing consent rates. The processing takes place within the European Union. Further information on options for objection and removal regarding Usercentrics can be found at: https://usercentrics.com/datenschutzerklaerung/.

You can enable or disable this function in our "Privacy Settings" by checking or unchecking the checkbox.

4. Social Media

The operators of social media platforms employ web tracking methods. Web tracking can occur regardless of whether you are logged in or registered with the social media platform. The respective provider of the social media platform is solely responsible for processing the personal data of users and processes the data for their own purposes and interests. We have no control over the data processing by the respective social media platform operator.

The respective privacy policies of the social media platforms can be found at the following links: 

The social media platforms are predominantly based in the USA. This means that your data is transmitted to an insecure third country where no comparable level of data protection as in the European Union applies. As proof of an existing adequate level of data protection at the receiving responsible entity, certification under the "EU-US Data Privacy Framework" can be cited. Whether the companies have such certification can be viewed at the following link https://www.dataprivacyframework.gov/. This data transfer is carried out through your voluntary use of the platforms according to Art. 6(1)(a), Art. 49(1)(a) GDPR.

The data you enter on our social media pages such as comments, videos, images, likes, public messages, etc. are published by the respective social media platform and are not used or processed by us for other purposes at any time. We reserve the right to delete content if necessary. We may share your content on our page if this is a feature of the social media platform and communicate with you via the social media platform. The legal basis is Art. 6(1)(f) GDPR. Data processing is carried out in the interest of our public relations and communication.

Data that you send to us via the chat or messaging function of the social media platforms is processed for the respective purpose of your contact. This includes, in particular, answering and forwarding your inquiries, applications, or comments. The data processing in our company follows the same principles as communication through our other communication channels.

The processing of this information depends on the purpose of the contact based on your consent under Art. 6(1)(a) GDPR, for the performance of a contract under Art. 6(1)(b) GDPR, for employment purposes under § 26 BDSG, as well as based on our legitimate interest in effective public relations under Art. 6(1)(f) GDPR. Your interests or fundamental rights and freedoms are not considered overriding, as you have voluntarily chosen this form of interaction and communication.

5. External Links

Our website may contain links or other forms of redirection to third-party websites. These privacy notices apply only to the website of Achenbach. We are not responsible for the collection, processing, and use of your data in the context of websites or applications that are not operated by us or under our instructions, nor for their content.

6. Security

Our employees and the data processors commissioned by us are obligated to maintain confidentiality and comply with the provisions of the applicable data protection laws. Achenbach takes all necessary technical and organizational measures to ensure an appropriate level of protection and to safeguard your data managed by us, especially against the risks of accidental or unlawful destruction, manipulation, loss, alteration, unauthorized disclosure or unauthorized access. Our security measures are continuously monitored and improved in line with technological developments.

7. Data Subject Rights

7.1 Right to Information and Access
You have the right to obtain information from us about the processing of your data. You can exercise a right to access under Art. 15 GDPR regarding the personal data we process about you.

7.2 Right of Rectification and Erasure
You can request the correction of incorrect personal data from us and, considering the purposes of the processing, you can request the completion of your data according to Art. 16 GDPR. Under Art. 17 GDPR, you have the right to request the erasure of your data. This excludes statutory retention obligations. As far as access to such data is not required, their processing will be restricted (see below).

7.3 Restriction of Processing
You can request us to restrict the processing of your data according to Art. 18 GDPR.

7.4 Data Portability
You have the right under Art. 20 GDPR to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit those data to another controller. 

7.5 Right of Object
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data according to Art. 21(1) GDPR, provided that the data processing is based on the public interest according to Art.6(1)(e) GDPR or on legitimate interests according to Art. 6(1)(f) GDPR. This also applies to profiling based on these provisions.

You can object at any time, without restriction, to the processing of your personal data for direct marketing purposes under Art. 21(2) GDPR ("advertising objection"). Please note that there may be an overlap between your objection and the use of your data within the framework of an ongoing campaign for organizational reasons. The objection can be made informally and should preferably be directed to the contact details listed in section 1.

In the event of an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or the processing serves the establishment, exercise, or defense of legal claims.

7.6 Withdrawal of Consent
If you have given us consent to process your data, you can withdraw this consent at any time with effect for the future. This also applies to the withdrawal of consent declarations given to us before the GDPR came into force, i.e., before May 25, 2018. Please note that the withdrawal only applies to future processing. Processing that took place before the withdrawal is not affected.

7.7 Right to Lodge a Complaint with a Data Protection Supervisory Authority
You have the right under Art. 77(1) GDPR to lodge a complaint with a data protection supervisory authority. You can contact the data protection supervisory authority that is responsible for your place of residence or your federal state or the data protection supervisory authority responsible for us. An overview of national and international data protection authorities is available at https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

8. Changes to the Privacy Notices

We expressly reserve the right to continuously adapt, modify or otherwise redesign our security and data protection measures. In such cases, we will also adjust the present privacy notices accordingly. Therefore, please refer to the current version of our privacy notices.

Contact us directly. Our team is available for you.

To move forward in a modern economy, we need to step up the speed together.