Introduction and general information

Thank you for your interest in our website. The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally.

The protection of your personal data is very important to us. Below you will find information on the handling of your data that is collected through your use of our website. Your data will be processed in accordance with the statutory data protection regulations.

Controller within the meaning of the GDPR

H.P. Klughardt GmbH

Am Altenwerder Kirchtal 4

21129 Hamburg

E-mail: [email protected]

Phone: 040 – 411 107 – 0

Contact details of the data protection officer

Proliance GmbH / www.datenschutzexperte.de

Data Protection Officer

Leopoldstr. 21

80802 Munich

[email protected]

Bhen contacting the data protection officer, please state the company to which your request relates. Please refrain from enclosing sensitive information, such as a copy of your ID, with your request.

Definitions

Our privacy policy should be simple and understandable for everyone. As a rule, the official terms of the General Data Protection Regulation (GDPR) are used in this privacy policy. The official definitions are explained in Art. 4 GDPR.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the “Controller within the meaning of the GDPR” section of this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.

You can find more detailed information on your rights under the GDPR under point 13 of this privacy policy.

You can contact us at any time if you have further questions on the subject of data protection.

Webhosting

This website is hosted by an external service provider (CONVOTIS, [email protected]).

This website is hosted in the EU. Personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, website access and other data generated via a website.

We collect the data listed in order to ensure a smooth connection to the website and the technically error-free provision of our services. The processing of this data is absolutely necessary in order to make the website available to you. The legal basis for the processing of the data is our legitimate interest in the correct presentation and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR.

We have concluded an order processing contract with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige the provider to protect our customers’ data and not to pass it on to third parties.

Accessing and storing information in terminal equipment

By using our website, information (e.g. IP address) may be accessed or information (e.g. cookies) may be stored in your end devices. This access or storage may involve further processing of personal data within the meaning of the GDPR.

In cases where such access to information or such storage of information is absolutely necessary for the technically error-free provision of our services, this is done on the basis of Section 25 (1) sentence 1, (2) no. 2 TDDDG.

In cases in which such a process serves other purposes (e.g. the needs-based design of our website), this is only carried out on the basis of Section 25 (1) TDDDG with your consent in accordance with Art. 6 (1) (a) GDPR. Consent can be revoked at any time for the future. The provisions of the GDPR and the German Federal Data Protection Act (BDSG) apply to the processing of your personal data.

Further information on the processing of your personal data and the relevant legal bases in this context can be found in the following sections on the specific processing activities on our website.

Server log files

When you visit our website, it is technically necessary for data to be transmitted to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

• Date and time of the request

We collect the data listed in order to ensure a smooth connection to the website and the technically error-free provision of our services. The processing of this data is absolutely necessary in order to make the website available to you. The log files are used to evaluate system security and stability as well as for administrative purposes. The legal basis for the processing of the data is our legitimate interest in the protection and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR.

For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short period of time. After XX days at the latest, the data is anonymized by shortening the IP address at domain level so that it is no longer possible to establish a reference to the individual user.

The data may also be processed in anonymized form for statistical purposes. At no time will this data be stored together with other personal data of the user, compared with other databases or passed on to third parties.

Cookies

Our website uses so-called “cookies”. Cookies are small text files that are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or language settings). Other cookies are used to evaluate user behavior or display advertising.

The processing of data through the use of strictly necessary cookies is based on a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the technically error-free provision of our services. For details on the processing purposes and legitimate interests, please refer to the information on the specific data processing.

The processing of personal data through the use of other cookies is based on consent in accordance with Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time for the future. If such cookies are used for analysis and optimization purposes, we will inform you about this separately in the context of this data protection declaration and obtain consent in accordance with Art. 6 Para. 1 lit. a GDPR.

You can set your browser so that you

• be informed about the setting of cookies,
• Only allow cookies in individual cases,
• exclude the acceptance of cookies for certain cases or in general,

• activate the automatic deletion of cookies when the browser is closed.

The cookie settings can be managed under the following links for the respective browsers:

• Google Chrome
• Mozilla Firefox
• Edge (Microsoft)

• Safari
• Opera

You can also manage cookies from many companies and functions that are used for advertising individually. To do this, use the corresponding user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer a so-called “do-not-track function”. If this function is activated, the respective browser informs advertising networks, websites and applications that you do not wish to be “tracked” for the purpose of behavior-based advertising and the like.

Information and instructions on how to edit this function can be found under the following links, depending on your browser provider:

• Google Chrome
• Mozilla Firefox
• Edge (Microsoft)
• Safari
• Opera

You can also prevent scripts from loading by default. “NoScript” only allows the execution of JavaScripts, Java and other plug-ins on trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).

Please note that the functionality of our website may be restricted if cookies are deactivated.

Change cookie settings

You can revoke or change your cookie settings at any time. To do this, call up the cookie settings again using our integrated thumbprint. You can find this at any time at the bottom left of the website.”

External services and tools

Google Fonts

We use “Google Fonts” on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: “Google”). Google Fonts enables us to use external fonts. For this purpose, the required Google Fonts are loaded into your browser cache by your web browser when you access our website. This is necessary so that your browser can also display a visually improved presentation of our texts. If your browser does not support this function, a standard font from your computer will be used for display. These Google fonts are integrated by a server call, usually a Google server in the USA. This tells the server which page of our website you have visited. The IP address of the browser of the visitor’s end device is also stored by Google.

We use Google Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. The processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR on the basis of your consent. This consent can be revoked at any time with effect for the future.

As it is possible for Google to transfer personal data to affiliated companies and subcontractors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 (1) GDPR with regard to companies with certification under the EU-U.S. Data Privacy Framework. Google LLC is certified in accordance with the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

Further information on data protection can be found in Google’s privacy policy: http://www.google.de/intl/de/policies/privacy
Further information on Google Fonts can be found at https://fonts.google.com/

Google Maps

Our website uses the online map service provider Google Maps via an interface. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently. The provider of the map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use the functions of Google Maps, it is necessary to save your IP address.

Google uses cookies to collect information about user behavior. The legal basis for the processing of your personal data is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

If you have given your consent to the use of Google Maps, the map service provider will also play “Google Fonts”, also a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: “Google”). Google Fonts enables the use of external fonts. For this purpose, the required Google Fonts are loaded into your browser cache by your web browser when you call up Google Maps. This is necessary so that your browser can also display a visually improved representation of the texts. If your browser does not support this function, a standard font from your computer will be used for display. The integration of these Google fonts by Google takes place via a server call, usually a Google server in the USA. This tells the server which page of our website you have visited. The IP address of the browser of the visitor’s device is also stored by Google. Further information on Google Fonts can be found at https://fonts.google.com/

As it is possible for Google to transfer personal data to affiliated companies and subcontractors in countries outside the EU and the EEA, further protective mechanisms are required to ensure the level of data protection under the GDPR. For the USA, there is an adequacy decision by the EU Commission pursuant to Art. 45 (1) GDPR with regard to companies with certification under the EU-U.S. Data Privacy Framework. Google LLC is certified in accordance with the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search

For potential transfers to other third countries outside the EU and the EEA for which there is no adequacy decision by the EU Commission, we have also agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the third country to process the data in accordance with the level of protection in Europe.

You can find more information on how Google handles user data in Google’s privacy policy:
https://www.google.de/intl/de/policies/privacy/
Opt-out: https://www.google.com/settings/ads/

CookieYes

We use the cookie management tool CookieYes for our website.

This allows us to ensure a legally compliant cookie banner and enables us to obtain and document user consent in accordance with the GDPR, ePrivacy Directive and TDDDG, among others.

You can find more information in CookieYes’ privacy policy:

Privacy policy – CookieYes

Data transfer and recipients

Your personal data will not be transferred to third parties unless

• if we have explicitly indicated this in the description of the respective data processing,
• if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
• the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
• in the event that there is a legal obligation for disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR and
• insofar as this is necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.

In addition, we use external service providers for the processing of our services, which we have carefully selected, commissioned in writing and with whom we have concluded order processing contracts in accordance with Art. 28 GDPR if necessary. These service providers are bound by our instructions and are regularly monitored by us. These include service providers for hosting, sending emails, maintenance and servicing of our IT systems, etc. The service providers will not pass this data on to third parties.

Data security

We take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Duration of storage of personal data

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally relevant reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the deletion will take place after these reasons no longer apply.

Your rights

Below you will find information on the data subject rights that the applicable data protection law grants you vis-à-vis the controller with regard to the processing of your personal data:

The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.

The right to demand the immediate correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR.

The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

The right to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you dispute the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR.

The right, pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller.

The right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office stated above or, if applicable, that of your usual place of residence or workplace.

The right to withdraw consent granted in accordance with Art. 7 (3) GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right of objection

If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that this is done for reasons arising from your particular situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right to object without the requirement to specify a particular situation.

If you would like to exercise your right of revocation or objection, simply send an e-mail to

[email protected]

Legal obligationsn

The provision of personal data for the decision on the conclusion of a contract, the fulfillment of a contract or for the implementation of pre-contractual measures is voluntary. However, we can only make the decision within the framework of contractual measures if you provide such personal data that is necessary for the conclusion of the contract, the fulfillment of the contract or pre-contractual measures.

Automated decision making

Automated decision-making or profiling in accordance with Art. 22 GDPR does not take place.

Subject to change

We reserve the right to adapt or update this privacy policy if necessary in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take into account changes to our services, e.g. when introducing new services. The current version applies to your visit.

Status of this privacy policy: 29.09.2025