Thank you for your interest in our company. The protection of your privacy when using our website is important to us. Therefore, please take note of the following information. It is generally possible to use our website without providing personal data. If it becomes necessary to process your personal data and there is no legal basis for such processing, we will obtain consent for this from the person concerned. For example, in the form of a checkbox that can be clicked to confirm consent. Personal data (e.g. names, addresses, email addresses and telephone numbers) is processed according to the General Data Protection Regulation and country-specific data protection regulations applicable to our company.
In this data protection declaration, we inform the public about the type, scope and purpose of the personal data we collect, possibly use and process. We have implemented numerous measures for processing (both technical and organisational) in order to ensure the most complete possible protection of personal data and the transmission thereof via this website. We would like to point out that websites are nevertheless never 100% protected against attacks by external hackers or similar attacks. You are therefore free to provide us with all personal data by another means, such as by letter or telephone.
Definitions of terms
This data protection declaration is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). To ensure that our data protection declaration is understandable for the public, our website visitors, and our customers and business partners, we would like to explain the terms used here in advance: We use the following terms, among others, in this data protection declaration:
Personal data
Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller responsible for the processing.
Processing (also of data)
Processing is any operation or set of operations that is performed on personal data, whether or not by automated means. This includes collection, recording, organisation, structuring, storage, use, disclosure by transmission, adaptation or alteration, retrieval, consultation, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.
Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and/or organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Data processor
The data processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller. If you are unclear about any other terms, please contact us via the communication channel of your choice and according to your requirements. You are also welcome to visit us on site.
Name and address of the company responsible for processing
The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is:
AQON Water Solutions GmbH
Rudolf-Diesel-Strasse
2464625 Bensheim
Cookies
Cookies are text files that are automatically stored locally in the browser of the visitor when a website is accessed. This website uses cookies to make the website more user-friendly and functional. Thanks to these files, it is possible to display information customised to individual interests on a page. Security-related functions to protect your privacy are also made possible by the use of cookies. The sole purpose is therefore to adapt our website to your wishes as the customer in the best possible way and to make the use of the site as convenient as possible. With the application of the GDPR in 2018, webmasters must comply with the Regulation and inform users accordingly about the collection and analysis of data. The lawfulness of processing the data is based on Chapter 2(6) GDPR.
The data subject may, at any time, prevent cookies from being set through our website by making the appropriate settings in the internet browser used, thus permanently denying cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject disables cookies in the internet browser used, the website may no longer be fully and easily usable. We cannot take any responsibility for this. If in doubt, please leave our website.
Collection of general data and information
This website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The following can be recorded: the browser types and versions used, the operating system used by the accessing system, the website from which an accessing system accesses our website (referrer), the subpages which are opened via an accessing system on our website, the date and time of access to our website, an internet protocol address (IP address), the internet service provider of the accessing system and other similar data and information that serve to avert danger in the event of attacks on our IT and information technology systems.
When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed in order (1) to correctly deliver the content of our website, to further optimise the content of our website through testing and optimisation, to ensure its long-term functionality and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. The company Test therefore analyses anonymously collected data and information statistically with the aim of increasing the data protection and data security of our enterprise and ensuring an optimal level of protection for the personal data we process. This anonymous data from the server log files is stored separately from all personal data provided by a data subject.
Registration on our website
If our website has a registration option to which we have granted you access or to which you have direct access, you have the option of registering on the website of the controller by providing personal data. Which personal data are transmitted to the data controller can be seen from the respective registration form. The personal data entered are collected and stored exclusively for internal use by the controller and for its own purposes. The controller may arrange for the transfer to one or more processors (e.g. a postal or parcel service provider), who will also use the personal data exclusively for internal use attributable to the controller.
This voluntary registration of the data subject and their personal data are used by the controller to process, offer, or deliver the services to the registrant. Every registered person is free to change the registered data at any time or to have it completely deleted. This is done depending on statutory retention periods, which may be related to the order. We are at your disposal here as a contact partner.
Contact or contact options via our website
Because of legal regulations, this website contains possibilities that allow a quick electronic contact to our company as well as a direct communication with us. In addition to contact forms, this also includes emails or email addresses stated on the website. If a data subject contacts the data controller by email or a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. These personal data will not be passed on to third parties. The sending of emails to us, especially if they are relevant to the order and business, falls under the legal requirement to retain documents.
Routine deletion and blocking of personal data
Your data will be routinely deleted according to the legislator and laws or regulations. If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or erased according to the statutory provisions.
Rights of the data subject
Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning them are being processed. If a data subject wishes to avail themselves of this right of confirmation, they may contact us at any time. If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or erased according to the statutory provisions.
Rights of the data subject
Right of confirmation
Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning them are being processed.
Right of information
Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to obtain from the controller free information about the personal data stored about them and a copy of this information at any time. If a data subject wishes to avail themselves of this right of confirmation, they may contact us at any time. Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to obtain from the controller free information about the personal data stored about them and a copy of this information at any time. Furthermore, the European legislator has granted the data subject access to the following information:
Furthermore, the data subject has a right to information as to whether personal data have been transferred to a third country or an international organisation. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer. If a data subject wishes to avail themselves of this right of information, they may, at any time, contact any employee of the controller.
Right of rectification of data
Anyone who has communicated or transmitted personal data to us has the right, granted by European directives and regulations, to demand the immediate correction of incorrect data. This will be done by us immediately after notification and confirmation of receipt of the notification.
Right of deletion of data (the right to be forgotten)
Each data subject shall have the right granted by the European legislator to obtain from the controller the deletion of personal data concerning them without undue delay, and the controller shall have the obligation to delete personal data without undue delay where one of the following grounds applies as long as the processing is not necessary:
The personal data was collected or otherwise processed for purposes for which it is no longer necessary. The data subject withdraws consent on which the processing is based in accordance with Article 6(1)(a) GDPR or Article 9(2)(a) GDPR and where there is no other legal ground for the processing. The data subject objects to the processing in accordance with Article 21(1) GDPR and there are no overriding legitimate grounds for the processing or the data subject objects to the processing in accordance with Article 21(2) GDPR. The personal data were processed unlawfully. The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the member states to which the controller is subject. The personal data were collected in relation to information society services offered in accordance with Article 8(1) GDPR. If one of the aforementioned reasons applies and a data subject wishes to request the erasure of personal data stored by Test, they may, at any time, contact any employee of the controller. A Test employee shall promptly ensure that the deletion request is complied with immediately. If the personal data have been made public by Test and our company is obliged to delete the personal data as the controller in accordance with Article 17(1) GDPR, Test shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform other controllers processing the personal data that the data subject has requested the deletion by such controllers of any links to, or copy or replication of, those personal data as far as processing is not required. The Test employee will arrange the necessary measures in individual cases.
Right of data portability
Each data subject shall have the right granted by the European legislator to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format. They also have the right to transmit these data to another controller without hindrance from the controller to which the personal data have been provided, provided that the processing is based on consent in accordance with Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract in accordance with Article 6(1)(b) GDPR and the processing is carried out by automated means unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, in exercising their right to data portability in accordance with Article 20(1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another where technically feasible and provided that this does not adversely affect the rights and freedoms of others.
Right to the restriction of processing
Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies: The accuracy of the personal data is contested by the data subject and for a period enabling the controller to verify the accuracy of the personal data. The processing is unlawful and the data subject opposes the deletion of the personal data and requests the restriction of their use instead. The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise, or defence of legal claims. The data subject has objected to processing in accordance with Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject. If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by Test, they may at any time contact any employee of the controller. The Test employee will arrange the restriction of the processing.
Right of objection
Any person affected by the processing of personal data has the right granted by the European legislator to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them that is based on Article 6(1)(e) GDPR. This shall also apply to profiling based on these provisions. In order to exercise the right to object, the data subject may contact any Test employee. The data subject is also free, in the context of the use of information society services and notwithstanding Directive 2002/58/EC, to exercise their right to object by automated means using technical specifications.
Automated decisions in individual cases (including profiling)
Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them, or similarly significantly affects them unless the decision is necessary for entering into, or the performance of, a contract between the data subject and a data controller or is authorised by Union or member state law to which the controller is subject and which also lays down suitable measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject or is based on the explicit consent of the data subject. If the decision is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or it is based on the explicit consent of the data subject, Test shall implement suitable measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject at least the right to obtain human intervention on the part of the controller, to express their point of view and to contest the decision. If the data subject wishes to exercise their rights concerning automated individual decision-making, they, at any time, contact any employee of the controller.
Right to withdraw consent under data protection law
Any person affected by the processing of personal data has the right granted by the European legislator to withdraw consent to the processing of personal data at any time. If the data subject wishes to exercise their right to withdraw the consent, they may, at any time, contact any employee of the controller.
Data protection provisions about the application and use of Google Analytics (with anonymisation function)
This website uses the “Google Analytics” service offered by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, US) to analyse website usage by users. The service uses “cookies” – text files, which are stored on your end device. The information collected by the cookies is usually sent to a Google server in the US and stored there. IP anonymisation is used on this website. The IP address of users is truncated within the member states of the EU and the European Economic Area. This truncation removes the personal reference to your IP address. As part of the contract data agreement that the website operators have concluded with Google Inc., Google Inc. uses the information collected to analyse website usage and website activity and provides services related to internet use. You have the option of preventing the storage of cookies on your device by making the appropriate settings in your browser. There is no guarantee that you will be able to access all functions of this website without restrictions if your browser does not allow cookies. You can also use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google Inc. The following link will take you to the corresponding plug-in: You can find further information on the use of data by Google Inc. here:
Legal basis for processing
Article 6(a) GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service or consideration, the processing is based on Article 6(b) GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures – for example, in cases of enquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data (e.g. for the fulfilment of tax obligations), the processing is based on Article 6(c) GDPR. In rare cases, the processing of personal data may be necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and their name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Article 6(d) GDPR. Ultimately, processing operations could be based on Article 6(f) GDPR. Processing operations not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, the legislator took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).
Legitimate interests in the processing pursued by the controller or a third party
Where the processing of personal data is based on Article 6(f) GDPR, our legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholders.
Duration for which the personal data are stored
According to the regulations
Legal or contractual provisions for the provision of personal data
We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). For a contract to be concluded, it may sometimes be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before personal data are provided by the data subject, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences would be if the personal data were not provided.