Data Protection Policy (Information according to Art. 13 GDPR)
1. Responsible ControllerH.E.I. Informationssysteme GmbH
Wimpfener Straße 23
www.h-e-i.de in German or www.hei.biz in English
Geschäftsführer: Dr. Helmut Emmelmann
Phone: +49 (0)621 - 79 51 41
Fax: +49(0)621 - 79 51 61
This data protection policy does not apply to the german-language web sites of H.E.I. and websites of H.E.I. that publicly show different Data Protection Policy.
We respect your privacy, while visiting our pages we will not try to identify you. Unless of course you decide to contact us voluntarily, e.g. by sending email.
There is no obligation at all to provide us with your personal data. Unfortunately, however, we need your (or at least an) IP address, to send you our pages, so you cannot visit our sites without.
3. Processing of Personal Data
Here we want to inform you about our processing of personal data that is transferred to us while you visit our web pages (in the following short personal data).
Whenever you access a document (web page, image, script, 3D model, or general file) on our web site, our system processes data and information about that access including the IP address, that was assigned to your computer, device, or router, technical information (e.g. type, version, capabilities) about your browser, operating system, device, and network connection, the name, path, and parameters of the accessed document, date and time, and possbily the referring web page url. We use this data to compile a document (web page, image, script, 3D model, general file, error message, or redirection) for you and to send it to your IP address.
Legal basis is Art. 6 (1) f GDPR. H.E.I. has a legitamite interest since this processing is required for the purpose of showing a web page, and sending it to your IP, for making the web page and its underlying software functional, well usable, and fast, for maintaing security and safty, and for administrating the server and the software.
Generally the personal data is used, while you visit our web site. However, in order to ensure that all data is properly erased from the web server software memory we need to restart the web server software, which we do on a nightly basis so the data will be stored at most 24 hours.
For statistical purposes we log anonymnized IP addresses (16 Bit), the url of the requested document without parameters, date and time, and error information, not in connection with any personal data.
Whenever you try to access a non-existing, password protected, locked, or erroneous document (web page, image, script, 3D model, or general file) the data discussed above is processed as described above for the purposes given above and an error message is sent (e.g. in form of an error page). In case of password protected documents we additionally process user name and password entered for the above given purposes.
Depending on how you interact with our pages possibly different images and other documents are accessed by your browser. This is reflected in the data discussed above. For example if you view an animation the associated images and 3D models are accessed. The same applies when an animation uses icon-images to show 3D performance. If you visit our website multiple times, this is reflected in the data above, because your browser might not access but reuse documents a second time. Depending on the browser, operating system and device possibly different images and other documents are accessed, e.g. images of varying resolution.
We use external processors, a server hosting company 1&1 and external developers to develop software, web pages, and to maintain the server. These are bound by a contract that ensures confidentiality of the personal data.
We do not pass on or sell personal data to third parties unless forced by law, you explicitly agreed, or if required for one the purposes given herein allowed under GDPR Art. 6 (1) f GDPR. Subsection 3.3 remains unaffected by this.
When leaving our site via a hyper link, your browser might (depending on browser) inform the target site about the originating page.
You will not be subject to a decision based on the personal data and solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
4. Withdrawel of Consent
You have the right to withdraw your consent for data processing for the future at any time. Please use the contact information below in 7.
The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
5. Right to rectification, Right to erasure, Right to Restiction of Processing, Right to Object, Right to Dataportability
To the extend the law requires you have a right for rectification about your personal data processed by us, a right to erasure (a right to be forgotten), a right to object against processing of your personal data, a right to restriction of processing, and a right to data portability. This is detailed in GDPR Art 15-21 and paragraph 34, 35 and 37 BDSG. If you want to pursue one of these rights please use the contact information given in 7.
6. Right to Complain
To the extend the law specifies you have the right to complain to
the German state.
In our case to the "Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg"
7. Contact information for Data Privacy
In case you have questions about this statement, our processing of your personal data, or if you want to execute one of you rights, please contact firstname.lastname@example.org, H.E.I. Informationssysteme Gmbh, Herr Helmut Emmelmann, Wimpfenerstrasse 23, 68259 Mannheim, Tel +49 (0) 621/795141, Fax 49 (0) 621/795161.
© 1996-2018 H.E.I. All Rights Reserved.