Privacy Policy

1) Introduction and contact details of the controller

We are pleased that you are visiting our website and thank you for your interest. The following provides information about how your personal data is handled when you use our website. Personal data is any data with which you can be personally identified.

1.2 The data controller for this website within the meaning of the General Data Protection Regulation (GDPR) is HANECS GmbH, Alfred-Herrhausen-Allee 3-5, 65760 Eschborn, Germany, Phone: +49 6196 204 715 0, Email: info@hanecs.de. The controller responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

2) Data collection when visiting our website

2.1 When you visit our website purely for informational purposes, meaning you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the server (so-called „server log files“). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

– Our visited website

– Date and time of access

Amount of data sent in bytes

Source/Reference from which you arrived at the page

Browser Used

Operating system used

– Used IP address (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to retrospectively review the server log files should there be concrete evidence of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string „https://“ and the padlock icon in your browser's address bar.

3) Cookies

To make your visit to our website attractive and enable the use of certain functions, we use cookies, which are small text files that are stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called „session cookies“), while others remain on your device longer and allow the saving of page settings (so-called „persistent cookies“). In the latter case, you can find the storage duration in the overview of your web browser's cookie settings.

If personal data is processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR for the performance of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in the event of consent given, or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

You can set up your browser to inform you about the placement of cookies and to decide on accepting them on a case-by-case basis, or to exclude the acceptance of cookies for specific cases or generally.

Please note that if cookies are not accepted, the functionality of our website may be limited.

4) Contact

In the course of contacting us (e.g., via contact form or email), personal data will be collected. Which data will be collected when using a contact form is evident from the respective contact form. This data will be stored and used exclusively for the purpose of responding to your request or for contact and the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Art. 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted after your request has been finally processed. This is the case when the circumstances indicate that the matter in question has been finally clarified and provided that there are no conflicting statutory retention obligations.

5) Page Functionalities

5.1 Google Maps

This website uses an online map service from the following provider: Google Maps (API) by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Google Maps is a web service for displaying interactive (land) maps to visually represent geographical information. By using this service, our location is displayed to you and any travel is facilitated.

Even when calling up those sub-pages where the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google's servers and stored there. This can also involve transmission to the servers of Google LLC in the USA. This happens regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged into Google, your data will be directly associated with your account. If you do not want the data to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.

The collection, storage, and analysis are carried out in accordance with Art. 6 (1) (f) GDPR based on Google's legitimate interest in displaying personalized advertising, market research, and/or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right. If you do not agree with the future transmission of your data to Google in the context of using Google Maps, there is also the option to completely deactivate the Google Maps web service by disabling the JavaScript application in your browser. Google Maps, and therefore the map display on this website, cannot then be used.

To the extent legally required, we have obtained your consent for the processing of your data described above in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To exercise your right of withdrawal, please follow the options for objection described above.

5.2 hCaptcha

On this website, we use the CAPTCHA service of the following provider: Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110, USA

The service checks if input is made by a natural person or abusively by machine and automated processing, and blocks spam, DDoS attacks, and similar automated malicious access. To ensure an action is taken by a human and not an automated bot, it collects Intuition Machines the IP address of the end device used, identification data of the browser and operating system type used, as well as the date and duration of the visit, and transmits this to the provider's servers for evaluation.

The legal basis is our legitimate interest in determining individual responsibility on the internet and preventing abuse and spam in accordance with Art. 6(1)(f) GDPR.

We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with the European data protection level.

6) Tools and Other Items

6.1 Cookie Consent Tool

This website uses a „Cookie Consent Tool“ to obtain effective user consent for cookies and cookie-based applications that require consent. The „Cookie Consent Tool“ is displayed to users upon page load in the form of an interactive user interface where they can grant consent for specific cookies and/or cookie-based applications by checking boxes. With the use of this tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by checking the boxes. This ensures that such cookies are only placed on the user's device in the event of granted consent.

The tool uses technically necessary cookies to save your cookie preferences. Personal user data is generally not processed here.

In individual cases, if personal data (such as the IP address) is processed for the purpose of storing, assigning, or logging cookie settings, this will be done in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in lawful, user-specific, and user-friendly consent management for cookies and thus in a lawful design of our website.

Further legal basis for the processing is also Article 6 (1) lit. c GDPR. As controllers, we are subject to the legal obligation to make the use of technically non-essential cookies dependent on the respective user's consent.

We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

Further information about the operator and the configuration options of the cookie consent tool can be found directly in the respective user interface on our website.

6.2 Wordfence

For security purposes, this website uses the service of the following provider: Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA

The provider protects the website and its associated IT infrastructure from unauthorized third-party access, cyberattacks, viruses, and malware. The provider collects users' IP addresses and, if applicable, further data on their behavior on our website (especially accessed URLs and header information) to detect and ward off illegitimate page access and threats. The collected IP address is compared with a list of known attackers. If the collected IP address is recognized as a security risk, the provider can automatically block it from accessing the page. The information collected in this way is transferred to a provider's server and stored there.

The described data processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interests in protecting the website from malicious cyber-attacks and in maintaining structural and data integrity and security.

If website visitors have login privileges, the provider also places cookies (small text files) on the visitor's device. These cookies can read specific location and device information, which allows an assessment of whether login-authorized access originates from a legitimate person. At the same time, cookies can be used to evaluate access rights and release them through an on-site firewall according to the authorization level. Finally, cookies serve to register irregular access by site administrators from new devices or new locations and to notify other administrators about it.

These cookies are only set if a user has login rights. The provider does not set any cookies for website visitors without login authorization.

If personal data is processed via cookies, the processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in preventing illegitimate access to site management and warding off unauthorized administrator access.

We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For the transfer of data to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with the European data protection level.

7) Rights of the Data Subject

The applicable data protection law grants you the following data subject rights against the controller regarding the processing of your personal data (rights of access and intervention), with reference to the cited legal basis for the respective exercise requirements:

– Right of access pursuant to Art. 15 GDPR;

– Right to rectification pursuant to Art. 16 GDPR;

– Right to erasure (Art. 17 GDPR);

– Right to restriction of processing pursuant to Art. 18 GDPR;

Right to information according to Art. 19 GDPR;

– Right to data portability pursuant to Art. 20 GDPR;

– Right to withdraw consent given pursuant to Art. 7(3) GDPR;

– Right to lodge a complaint pursuant to Art. 77 GDPR.

7.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS DUE TO OUR PREVAILING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING IS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FUNDAMENTAL FREEDOMS, OR IF THE PROCESSING IS FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH ADVERTISING AT ANY TIME. YOU CAN EXERCISE THIS RIGHT AS DESCRIBED ABOVE.

EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE RELEVANT DATA FOR DIRECT MARKETING PURPOSES.

8) Retention period for personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing, and, where applicable, additionally by the respective statutory retention period (e.g., commercial and tax law retention periods).

When processing personal data based on explicit consent pursuant to Art. 6(1)(a) GDPR, the affected data will be stored until you withdraw your consent.

Are there statutory retention periods for data processed in the context of contractual or quasi-contractual obligations based on Art. 6(1)(b) GDPR, this data is routinely deleted after the retention periods expire, provided it is no longer required for contract fulfillment or initiation and/or our legitimate interest in further storage does not continue to exist.

When processing personal data on the basis of Article 6(1)(f) GDPR, this data will be stored until you exercise your right to object under Article 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

When processing personal data for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, this data will be stored until you exercise your right to object according to Art. 21(2) GDPR.

Unless otherwise specified in the other information in this statement regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.