Data protection declaration
A. General data processing conditions on our website
1. Object of this data protection declaration
We, OBO Bettermann Holding GmbH & Co. KG (hereinafter referred to as OBO), thank you for your interest in our website and our offers on our website.
For us, the protection of personal data is a major and important issue. For this reason, we would like to provide you with comprehensive information as to which data is collected when you visit our websites and use the offers there and how we then process or use it. In addition, we would like to inform you about which accompanying protection measures we have made in a technical and organisational regard.
The processing of personal data, such as name, address, e-mail address or telephone number of an affected person, will always occur in accordance with the valid data protection regulations. Through this data protection declaration, we wish to inform you about the type, scope and purpose of the personal data we collect, use and process, and explain them to you, if you are affected by the data processing.
Although, as the party responsible for the processing of personal data, we have implemented countless technical and organisational measures, Internet-based data transmission can always present security flaws, meaning that absolute protection cannot be guaranteed. We would ask you to take this into account when using our Internet presence.
This data protection declaration uses terms specified by lawmakers in the General Data Protection Regulations (hereinafter known as the GDPR). You can view the GDPR via the following link:
The aim of our data protection declaration is to inform you about the processing of your personal data on our website in a simple, clear manner.
3. Name and address of the party responsible for processing
The responsible party in the sense of data protection law is:
OBO Bettermann Holding GmbH & Co. KG
Hüingser Ring 52
58710 Menden, Germany
Telephone: +49 (0)2373 89-0
Fax: +49 (0)2373 89-238
E-mail: <a href="mailto:infonoSpam@obo.de">infonoSpam@obo.de
4. Contact data of the data protection officer
OBO Bettermann Holding GmbH & Co. KG
- Data protection officer -
Hüingser Ring 52
58710 Menden, Germany
Tel.: +49 (0)2373 89-1351
5. Deletion and blocking of personal data/storage period
Should nothing to the contrary be regulated for the processing of the personal data in Chapter B of this data protection declaration, then the data we have saved is deleted when storage is no longer required and no statutory storage obligations contradict the deletion. If the data of the affected person is not deleted because it is required for other legally permitted purposes, its processing will be restricted. This means that the data will be blocked and not used for other purposes. This applies, for example, to data of the affected person, which must be stored for commercial and taxation law reasons.
According to statutory requirements, storage takes place for six years according to § 257 Para. 1 of the German Commercial Code (account books, inventory, opening balances, annual reports, trade letters, booking receipts, etc.) as well as for ten years according to § 147 Para. 1 of the German Revenue Code (books, recordings, storage reports, booking receipts, commercial and business laws, etc.).
6. Rights of the affected person
6.1. Right to confirmation
Each affected person shall have the right to demand a confirmation from the party responsible for processing as to whether their personal data is being processed. Should an affected person make use of this right of confirmation, then they can contact us or our Data Protection Officer at any time.
6.2. Right to be informed
Each person affected by the processing of personal data shall have the right, at any time, to obtain information on the personal data saved on their person at no charge and to obtain a copy of this information. In addition, the affected person shall be able to obtain information about the following:
- The processing purposes;
- The categories of personal data being processed;
- The recipients or categories of recipients to whom personal data has been or is being published, in particular with recipients in third countries or with international organisations;
- If possible, the planned period for which the personal data is saved or ‒ if this is not possible ‒ the criteria for specifying this period;
- The existence of a right to correction or deletion of the personal data affecting them or to limitation of processing by the responsible party or a right of revocation against this processing;
- The existence of a right to complain to a supervisory authority;
- If the personal data is not collected from the affected person: All the available information on the origin of the data;
- The existence of automated decision-making, including profiling according to Article 22 Para 1 and 4 of the GDPR and ‒ at least in these cases ‒ expressive information on the involved logic and the scope and intended effects of such processing for the affected person.
In addition, the affected person shall have a right to information as to whether personal data was transmitted to a third country or an international organisation. If this is the case, then the affected person shall also have the right to obtain information on the suitable guarantees in conjunction with the transmission.
Should an affected person make use of this right to information, then they can contact us or our Data Protection Officer at any time.
6.3 Right to rectification
Any person affected by the processing of personal data shall have the right to demand immediate correction of incorrect personal data affecting them. In addition, the affected person shall have the right, subject to the purposes of the processing, to completion of incomplete personal data through a supplementary declaration.
Should an affected person make use of this right to correction, then they can contact us or our Data Protection Officer at any time.
6.4 Right to erasure
Each person affected by the processing of personal data shall have the right to demand that the responsible party delete personal data affecting them immediately, should one of the following reasons be applicable and processing not be required:
- The personal data was only collected for such purposes or was processed in such a way for which it is no longer required.
- The affected person shall revoke their permission on which processing is based according to Art. 6 Para. 1 Letter a of the GDPR or Art. 9 Para. 2 Letter a of the GDPR and there is no other legal basis for processing.
- The affected person objects to the processing according to Art. 21 Para. 1 of the GDPR and there are no superior, valid reasons for the processing or the affected person objects to the processing in accordance with Art. 21 Para. 2 of the GDPR.
- The personal data was processed illegally.
- The deletion of the personal data is required to fulfil a legal obligation according to the law of the European Union or the member states, to which the responsible party is subject.
- The personal data was collected with reference to offered services of the information society in accordance with Art. 8 Para. 1 of the GDPR.
Should one of the above cases be applicable and an affected person wish to instigate the deletion of personal data saved at OBO, then they can contact our Data Protection Officer or another employee at any time. We will then ensure that the deletion demand is met immediately.
6.5 Right to restriction of processing
Each person affected by the processing of personal data shall have the right to demand that the responsible party restrict processing, should one of the following preconditions be applicable:
- The affected person asserts the incorrectness of the personal data for a period allowing the responsible party to check the correctness of the personal data.
- The processing is improper, the affected person refuses the deletion of the personal data and, instead, demands the limitation of the use of the personal data.
- The responsible party no longer requires the personal data for the purposes of processing, although the affected person requires them to make, assert or defend legal claims.
- The affected person has revoked processing according to Art. 21 Para. 1 of the GDPR and it is not yet clear whether the valid reasons of the responsible party outweigh those of the affected person.
Should one of the above cases occur and an affected person wish to demand the limitation of personal data saved at OBO, then they can contact us or our Data Protection Officer at any time. We will then limit processing.
6.6 Right to data portability
Each person affected by the processing of personal data shall have the right to demand to obtain the personal data provided to the responsible party by the affected person in a structured, standard and machine-readable format. In addition, the affected person has the right to transfer this data to another responsible party without hindrance from the responsible party to whom the personal data was made available, insofar as the processing is based on an authorisation according to Art. 6 Para. 1 Letter a of the GDPR or Art. 9 Para. 2 Letter a of the GDPR or a contract according to Art. 6 Para. 1 Letter b of the GDPR and processing takes place using automated methods.
In addition, the affected person will have the right to exert their right to data transfer according to Art. 20 Para. 1 of the GDPR to cause the personal data to be transferred from one responsible party to another responsible party, providing that this is technically feasible and no rights and freedoms of other people are impeded in doing so.
To exert their right to data transfer, the affected person can contact us or our Data Protection Officer at any time.
6.7 Right to object
Any person affected by the processing of personal data shall have the right to object to the processing of personal data affecting them due to Art. 6 Para. 1 Letter e or f of the GDPR, for reasons resulting from their particular situation. This also applies to profiling based on these conditions.
In the case of an objection, OBO will cease to process the personal data unless we can prove essential, legitimate reasons for processing, which are superior to the interests, rights and freedoms of the affected person, or the processing serves to make, exert or defend legal claims.
If OBO processes personal data in order to perform direct marketing, then the affected person has the right, at any time, to object to the processing of personal data for the purposes of such advertising. This also applies to profiling, insofar as it is connected to such direct marketing. Should the affected person make their objection known to us regarding processing for the purposes of direct marketing, then we will no longer process the personal data for these purposes.
In addition, the affected person has the right to object, for reasons resulting from their particular situation, to processing of personal data connected to them for purposes of scientific or historical research by us or for statistical purposes in accordance with Art. 89 Para. 1 of the GDPR, unless such processing is required to fulfil a task in the public interest.
The affected person can contact us directly to exert their right to object. In addition, the affected person is also able, in connection with the use of the services of the information society, irrespective of the Directive 2002/58/EC, to exert their right to object via automated methods in which technical specifications are used.
6.8 Automated individual decision-making, including profiling
Each person affected by the processing of personal data has the right, as declared by the European Directive and Ordinance authority, not to be subjected to a decision solely made by an automated procedure ‒ including possible profiling ‒ which has a legal impact on them or which impedes them in a similar manner, should the decision
- Not be required to complete or fulfil a contract between the affected person and the responsible party or
- Be permitted due to legal requirements of the European Union or member states to which the responsible party is subject, and these legal requirements contain reasonable measures to protect the rights, freedoms and valid interests of the affected person or
- Occur with the express authorisation of the affected person.
- If the decision
- Is required to complete or fulfil a contract between the affected person and the responsible party or
- Takes place with the express permission of the affected person, OBO will take appropriate measures to protect the rights and freedoms and the valid interests of the affected person, which includes at least the right to obtain intervention by a person belonging to the responsible party, to presentation of one’s own opinion and to a challenge to the decision.
Should an affected person wish to exert their rights with regards to the automated decision-making, then they can contact us or our Data Protection Officer at any time.
6.9 Right to revoke consent under data protection law
Any person affected by the processing of personal data shall have the right to revoke an authorisation to process personal data affecting them at any time.
Should the affected person wish to exert their right to revoke an authorisation, then they can contact us or our Data Protection Officer at any time.
Each affected person can contact us directly and at any time with regard to any questions and suggestions about data protection.
6.10 Right to lodge a complaint with a data protection supervisory authority
Any person affected by the processing of personal data shall have the right to complain to a data protection supervisory authority about our processing of their personal data.
7. Lawful basis for processing personal data
If the description of the appropriate data processing procedure in Chapter B of this data protection declaration does not state otherwise, then the following regulations shall apply.
Item 6 I lit. a of the GDPR serves OBO as a legal basis for processing procedures, in which an authorisation must be obtained for a specific processing purpose. If the processing of personal data by ourselves or one of our subsidiaries – whose services and/or products are referenced by the enquiry – is required to fulfil a contract in which the affected person is one of the contractual parties, then the processing shall be based on Art. 6 I lit. b of the GDPR. The same applies to processing procedures required to carry out pre-contractual measures, such as enquiries about our services and products.
If OBO is subject to a legal obligation requiring the processing of personal data, then processing will be based on Art. 6 I lit. c of the GDPR. In rare cases, the processing of personal data may be required to protect essential interests of the affected person or another natural person. In this case, processing takes place based on Art. 6 I lit. d of the GDPR.
Finally, processing procedures may be based on Art. 6 I lit. f of the GDPR. This forms the legal basis of processing operations not included in any of the above legal basis, if the processing is required to protect a valid interest of OBO or a third party, provided that the interests, basic rights and basic freedoms of the affected person do not outweigh this. We are particularly permitted to perform such processing operations, because they were particularly mentioned by the European jurisdiction (cf. Recital 47 Clause 2 of the GDPR).
8. Consideration of legitimate interests
If, in the description of the appropriate data processing operation in Chapter B of this data protection declaration, there are no other stipulations and the processing of personal data is based on Article 6 I lit. f of the GDPR, then our valid interest lies in the execution of our business activity and the connected economic interest.
9. Data protection when using our contact data
If you have used the contact data stated on our website (e.g. our e-mail address or fax number) to make contact with us, then the personal data transmitted by you will only be used for the purpose intended on making contact. If your enquiry does not refer to services and/or products of OBO Bettermann Holding GmbH & Co. KG (OBO), but to those of a subsidiary, this subsidiary will process and answer your enquiry, which is why it must be passed on to them.
If the reason for your making contact is in the interest in our services or products or in the fulfillment of an existing contract with us, then the legal basis is Art. 6 Para. 1 lit. b of the GDPR. In all other cases when contact is made, we have a valid interest in data processing according to Art. 6 Para. 1 lit. f of the GDPR due to the communication initiated by you.
The personal data recorded to answer your enquiry or to carry out the contractual relationship shall be stored until the enquiry is completely processed or until termination of the contractual relationship and later deleted (not before expiry of any guarantee periods), unless we are required to store the data longer in accordance with Article 6 Para. 1 s. 1 lit. c of the GDPR due to storage and documentation duties (from the German Commercial Code, tax and revenue code) or you have approved longer storage in accordance with Art. 6 Para. 1 S. 1 lit. a of the GDPR.
In addition, we would like to maintain contact with you even after the order is processed or the contract is ended and inform you of our services and offering in electronic form ‒ e.g. via the e-mail address you gave us. We base data processing for the purposes of customer retention and care, as well as making contact easier, on a legitimate interest as defined by Art. 6 Para. 1 lit. f of the GDPR, whereby in balancing our interests with your basic rights and freedoms, we also see advantages for you from our maintaining contact, such as the opportunity resulting from timely information about our services and offers to ask us to make an offer on additional building projects or clarify questions directly with our contact partners. You have the right to challenge the data processing occurring on the basis of Art. 6 Para. 1 f of the GDPR and which is not for direct marketing for reasons resulting from your particular situation at any time. In the case of direct marketing, you can challenge the processing at any time without the need to state reasons.
Data that is processed for customer retention or direct contact in accordance with Art. 6 Para. 1 lit f of the GDPR will be processed until the legitimate interest no longer applies and then deleted, but not later than your declaration of objection to processing of the data. Legal retention obligations are also granted with regard to this data.
Recipients of the personal data processed according to this regulation are IT service providers with whom we have appropriate order processing agreements according to Art. 28 of the GDPR, and possibly subsidiaries whose services and/or products are referred to in your enquiry.
10. Data protection during applications and during the application procedure
We collect and process the personal data of applicants for the purposes of carrying out the application procedure and thus due to a pre-contract measure in the sense of Art. 6 Para. 1 lit. b of the GDPR and our valid interest according to Art. 6 Para. 1 lit. f of the GDPR in the hiring of employees.
Processing can also occur in an electronic manner, e.g. if an applicant transfers the appropriate application documents to us via electronic means, e.g. via e-mail or via our contact form. Should we complete an employment contract with an applicant, then the transferred data will be saved for the purposes of handling the employment relationship, subject to statutory requirements. If no employment contract is completed with the party responsible for the processing, then the application documents will be deleted two months after promulgation of the refusal decision, unless deletion is in contravention of other valid interests of the party responsible for the processing. In this area, another valid interest is, for example, the obligation to proof of a procedure according to the General Equal Treatment Act (AGG).
Due to the digitalised collection of the incoming applications, recipients of the processed personal data are our IT service provider (particularly hosts) with whom we have completed appropriate order processing agreements in the sense of Art. 28 of the GDPR.
11. Changes to these data protection regulations
OBO reserves the right to change these data protection regulations at any time effective in future. A current version is available on the website. Please visit the website regularly and inform yourself about the valid data protection regulations.
B. Special data processing conditions on our website
1. Collection and use of your data
The scope and type of the collection and use of your data differs according to whether you visit our website merely to view information or whether you wish to take advantage of the services we offer, e.g. to complete a contract via the website, and possibly need to register.
2. Information use/collected data/cookies
(1) General information
Cookies cannot execute any programs or transmit viruses to your computer. They are used to make the Internet presence more user-friendly and effective overall.
Our website uses the following types of cookies, whose scope and function are explained below:
- Transient cookies
- Persistent cookies
Transient cookies are deleted automatically when you close the browser. This includes session cookies in particular. These save a so-called Session ID, with which various enquiries by your browser can be assigned to a joint session. This means that your computer can be recognised again when you return to our website. The session cookies are deleted automatically when you log out or close the browser.
Persistent cookies are deleted automatically after a preset period, which differs according to the cookie and can last several years. You can delete the cookies at any time in the security settings of your browser.
(2) Cookies that are absolutely necessary for the operation of the website.
When the website is used solely for information purposes, e.g. if you do not make a booking via our website, for example, or provide us with other information, then we will only collect the personal data that your browser sends to our server. If you wish to view our website, then we collect the following data, which we require for technical reasons in order to present our website to you and to guarantee the stability and security (the legal basis is Art. 6 Para. 1 Sentence 1 lit. f of the GDPR):
- IP address
- Date and time of the enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/http status code
- Transmitted volume of data
- Website from which the request comes
- Operating system and its desktop
- Language and version of the browser software.
The data processed according to Para. 1 of these regulations is saved for the specified purposes for a period of 30 days and then deleted.
(3) Cookies that are not absolutely necessary for the operation of the website.
The consent data is stored for 3 years. The data is stored in the European Union. Additional information on the collected data and contact details can be found at https://usercentrics.com/privacy-policy/.
3. Plug-ins and tools
3.1 Web fonts from fast.fonts.net or fonts.com
To ensure a uniform display of typefaces, our website uses web fonts that have been provided by Monotype GmbH (font.com or fast.fonts.net). When you visit our site, the browser automatically loads the necessary web fonts in your browser cache in order to correctly display text and typefaces.
For this purpose, your browser must connect to the fonts.com servers. In so doing, fonts.com becomes aware that your IP address has been used to access our website. Using web fonts from fonts.com is in the interest of a uniform and attractive presentation of our online presence. This represents a legitimate interest as defined in Art. 6 Para. 1 lit. f of the GDPR.
If your browser does not support web fonts, a standard typeface from your computer will be used instead.
We use the Pingdom monitoring service from SolarWinds.
Pingdom is used in the interest of continuous improvement of the content and technology of the website. This represents a legitimate interest as defined in Art. 6 Para. 1 lit. f of the GDPR. SolarWinds has adopted the privacy shield, which ensures an adequate level of data protection for any data processing in the USA: https://www.privacyshield.gov/participant?id=a2zt00000008R6bAAE&status=Active
4. Google Analytics
Based on our valid interest in the analysis, optimisation and economic operation of our online presence in the sense of Art. 6 Para. 1 lit. f. of the GDPR, we use “Google Analytics”, a web analysis service of Google Inc. (“Google”) Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Google is certified under the Privacy Shield Agreement and hereby offers a guarantee of compliance with European data protection law:
Google will, at our behest, use the information to evaluate the use of our online presence by users, in order to compile reports on the activities within this online presence and to provide additional services to us, connected with the use of this online presence and Internet use. In so doing, use profiles of users with pseudonyms may be created from the processed data.
We use Google Analytics in order to present advertising within the publicity services of Google and its partners to such users as have shown an interest in our online presence or show specific characteristics (e.g. interest in specific topics or products, determined through the visited websites), which we transmit to Google (so-called “remarketing”, or “Google Analytics Audiences”). Using the Remarketing Audiences, we also wish to ensure that our advertisements correspond to the potential interest of the users and are not a burden.
When using Google Analytics, we also use the Universal Analytics function. Universal Analytics allow us to analyse the activities on our pages across multiple devices (e.g. for access from a laptop and later from a tablet). This is done by the assignment of a user ID to a user as a pseudonym. Such an assignment occurs, for example, when you register for a customer account or log into your customer account. However, no personal data is forwarded to Google. Although Universal Analytics adds additional functions to Google Analytics, this does not mean that there is a restriction of data protection measures, such as IP masking or the browser add-on.
We only use Google Analytics with activated IP anonymisation. This means that Google will shorten the user’s IP address within the member states of the European Union or in other states which are members of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The IP address transferred by the user’s browser will not be combined with other data by Google. The user can prevent storing of the cookies using the appropriate setting in their browser software. In addition, users can prevent collection of the data generated by the cookie and related to their use of the online presence by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link:
You can find further information on data use by Google, and setting and revocation options here:
You can also prevent Google Analytics from collecting your data (in particular with mobile terminals that do not permit installation of the above browser software) by clicking on the following link. An opt-out cookie is set, which prevents collection of your data when you visit this website in future:Deactivate Google Analytics
5. Google Tag Manager
This website uses the Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. This means: No cookies are used and no personal data is collected. The Google Tag Manager activates other tags that may in turn collect data. However, the Google Tag Manager does not access this data. A deactivation made at domain- or cookie-level applies to all tracking tags, as long as they are implemented with the Google Tag Manager.
6. Google Doubleclick
Doubleclick by Google is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA (“Google”).
7. Integration of YouTube videos
Based on our legitimate interest as defined by Art. 6 Para. 1 lit. f. of the GDPR, we use YouTube videos, which are stored at www.YouTube.com and can be played directly from our website, for publicising our online services. YouTube belongs to Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Google is certified under the Privacy Shield Agreement and hereby offers a guarantee of compliance with European data protection law:
The videos are all embedded in “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos is the data listed below transmitted. We have no influence on this data transmission.
By visiting the website, YouTube receives the information that you have opened the corresponding subpage of our website. In addition, the data named under B. Point 2.1 of this data protection declaration is transmitted. This takes place independently of whether YouTube makes a user account available, via which you are logged in, or whether there is no user account. If you are logged into Google, then your data will be allocated directly to your account. If you do not want the allocation to your YouTube profile, then you must log out before activating the button. YouTube saves your data as a use profile and uses it for purposes of publicity, market research and/or the requirement-orientated design of its website. Such an evaluation particularly takes place (even for users who are not logged in) for the provision of requirement-orientated publicity and to inform other users of the social network of your activities on our website. You have a right to revoke the formation of these user profiles, although you must make your claim to YouTube.
For further information on the purpose and scope of the data collection and its processing by YouTube, please consult the data protection declaration. There, you can obtain further information on your rights and setting options to protect your privacy: https://www.google.de/intl/en/policies/privacy.
8. Facebook pixel
On this website we use the Facebook pixel tool provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
This tool is only active if you have consented to its use.
It can evaluate the behaviour of visitors to our website who reached our site via a Facebook advertisement. We use this tool to improve our Facebook advertisements. The data is collected and stored by Facebook. We cannot view the data; it can only be used in connection with placing advertisements. Cookies are also set through the use of Facebook pixel codes.
Through the use of the Facebook pixel, visits to our website are reported to Facebook in order to display suitable advertising on Facebook to those visitors.
If you have a Facebook account and are logged in, your visit to our website is linked to your Facebook user account.
Additional details on how the Facebook pixel is used for advertising campaigns can be found at https://www.facebook.com/business/learn/facebook-ads-pixel.
If you are logged in to Facebook, you can adjust the settings for ads appearing on Facebook at http://www.facebook.com/ads/preferences/?entry product=ad settings screen.