Thank you for your interest in our web pages. The protection of your personal data during the collection, storage and other processing during your visit to our website is an important concern for us. Your data is protected within the framework of the legal data protection regulations. Since 25 May 2018, the uniform requirements of the EU General Data Protection Regulation ("GDPR") applies throughout Europe in the area of data protection. The following privacy informs you ("you" and/or "user" and/or "data subject") about the processing of personal data by KARL MAYER Textilmaschinenfabrik GmbH, ("KARL MAYER" and/or "we/us" and/or "Controller") in accordance with the GDPR and the German Federal Data Protection Act ("BDSG") also including the group-wide Binding Corporate Rules for all group companies related to KARL MAYER.
KARL MAYER Textilmaschinenfabrik GmbH, Brühlstraße 25, 63179 Obertshausen, Germany
Represented by the managing directors Dipl. Ing. (BA) Arno K.-H. Gärtner, Dr. Helmut Preßl
Phone: +49 6104/402-0
Fax: +49 6104/402 73 600
for the websites of the following domains: www.karlmayer.com
2. Data protection officer
You can contact the company data protection officer of the Controller at
Data Protection Officer
c/o KARL MAYER Holding GmbH & Co KG
Brühlstraße 25, 63179 Obertshausen, Germany
3. Personal data, purposes of data processing, legal basis, recipients
3.1. Scope of the processing of personal data
Personal data is information that discloses or may disclose the identity of the user. As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services. The processing of personal data of our users regularly only takes place with the user's consent. An exception is made in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
3.2. Legal basis for the processing of personal data
Where we obtain the consent of the data subject for processing operations involving personal data, Article 6 (1) (a) GDPR serves as the legal basis.
Article 6(1)(b) GDPR serves as the legal basis for the processing of personal data necessary for the performance of a contract to which the data subject is a party. This also applies to processing operations necessary for the performance of precontractual measures.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which KARL MAYER is subject, Article 6 (1)(c) GDPR serves as the legal basis.
Article 6(1)(d) GDPR serves as a legal basis in cases where vital interests of the data subject or of another natural person require the processing of personal data.
If the processing is necessary in order to safeguard a legitimate interest of KARL MAYER or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6(1)(f) GDPR serves as the legal basis for the processing.
The concretely applicable legal basis for the processing of personal data is always mentioned in this data protection declaration with the respective concrete data processing.
3.3. Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the Controller is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.
3.4. Data processing for advertising purposes
3.4.1. Postal advertising
We may use your data for marketing purposes. We collect the following data for our own marketing purposes and for marketing purposes of third parties: e-mail address, first name, last name, postal address, year of birth. These data will be added to your customer account for the duration of the contractual relationship.
We are also entitled to store additional personal data collected about you in compliance with the legal requirements for our own marketing purposes. The aim is to provide you with advertising that is oriented solely to your actual or supposed needs and not to bother you with unnecessary advertising.
In addition, the responsible person pseudonymises / anonymises personal data collected about you for the purpose of using the pseudonymised / anonymised data for own marketing purposes. The pseudonymised / anonymised data can also be used to advertise you individually online, whereby the advertising can be directed by a service provider / agency.
The legal basis for the use of personal data for marketing purposes is Article 6(1)(f) of the GDPR.
Reference to the right of objection:
You can object to the use of your personal data for the aforementioned advertising purposes at any time free of charge with effect for the future at firstname.lastname@example.org. If you object, your data will be blocked for further advertising data processing. We would like to point out that in exceptional cases, even after receipt of your objection, advertising material may still be sent temporarily. This is technically due to the necessary lead time within the selection process and does not mean that we have not implemented your objection.
On our website we offer you the possibility to subscribe to our newsletter. In order to be sure that no mistakes have been made when entering your email address, we use the so-called double opt-in procedure: After you have entered your email address in the registration field and transferred it to us, we will send you a confirmation link to this email address. Only when you click on this confirmation link will your email address be added to our distribution list for sending our newsletter.
The legal basis for this data processing is Article 6(1)(a) GDPR. The e-mail address is stored for the purpose of sending the newsletter for as long as the subscription to the newsletter is active.
Reference to the right of withdrawal:
You can revoke your consent at any time with effect for the future by unsubscribing at the end of each newsletter (by clicking on the link contained there).
3.5. Data processing for online presence and website optimization
If you have agreed to so-called geolocation in your browser or operating system or other settings of your respective terminal device, we use this function to offer you individual services related to your current location (e.g. the location of the nearest branch office). We process your location data processed in this way exclusively for this function. If you terminate the use, the data will be deleted.
The legal basis for this data processing is Article 6(1)(f) .GDPR.
You have the possibility to change your browser or your operating system or the respective location settings of your respective terminal device in such a way that no location-related data is transmitted to us.
3.5.2 Cookies - General Information
Most of the cookies we use are deleted after the browser session ends (so-called session cookies). These enable us to offer you, for example, the cross-page shopping basket display, in which you can see how many items are currently in your shopping basket and what your current purchase value is. Other cookies remain on your computer and enable us to recognize your computer during your next visit (so-called permanent or session-spanning cookies). Especially these cookies serve to make our offer user-friendly, more effective and safer. Thanks to these files, it is possible, for example, that you receive information on the site that is specially tailored to your interests.
If you have a customer account and are logged in or activate the "stay logged in" function, the information stored in cookies is assigned pseudonymously under a cookie ID.
The specific cookie usage is displayed on our website at first use by means of a cookie banner via Cookiebot (see section 3.5.10.), explained and your consent is requested. Your given consent will then be stored as specifically mentioned under section 6.
You can set up your browser so that it does not store our cookies on the hard disk. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser inform you when you receive a new cookie or how to delete all cookies you have already received and block them for all others.
Please proceed as follows:
With Internet Explorer:
- Select "Internet Options" from the "Tools" menu.
- Click on the "Privacy" tab.
- Now you can make the security settings for the Internet zone. Here you set whether and which cookies should be accepted or rejected.
- Press "OK" to confirm your setting.
- In the "Tools" menu, select the item Settings.
- Click on "Privacy".
- Select the entry "create according to user-defined settings" from the drop-down menu.
- Now you can set whether to accept cookies, how long you want to keep them and add exceptions to which websites you always or never want to allow cookies to be used.
- Press "OK" to confirm your setting.
On Google Chrome:
- Click on the Chrome menu in the browser toolbar.
- Now select "Settings".
- Click on "Show advanced settings".
- Under "Privacy", click on "Content Settings".
- Under "Cookies" you can make the following settings for cookies: Delete cookies, block cookies by default, delete cookies and website data by default after closing the browser. A
- Allow exceptions for cookies from certain websites or domains
However, we would like to point out that in this case you may not be able to use all functions of our website to their full extent.
In so far as these cookies and/or the information they contain constitute personal data, the legal basis for data processing is Article 6 (1)(f) GDPR. Our interest in optimising our web pages is to be regarded as justified within the meaning of the above-mentioned provision
3.5.3 Google Analytics
- Browser type/version,
- the operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set to prevent the future collection of your data when you visit these websites. The opt-out cookie is only valid in this browser and only for our websites and is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again. You can find further information on data protection in connection with Google Analytics on the Google Analytics website.
3.5.4 Google Tag Manager
Our websites use the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not collect any personal information. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain disabled for all tracking tags implemented with Google Tag Manager.
You can prevent the storage of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of our website, especially our web shop, to their full extent. You can also prevent the collection of data generated by the cookies and related to your use of the web pages to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link adssettings.google.com/anonymous under the item DoubleClick deactivation extension. Alternatively, you can disable the Doubleclick cookie on the Digital Advertising Alliance site at the following link www.aboutads.info/choices/
To protect input forms on our site, we use the service "reCAPTCHA" from the company Google. By using this service we can distinguish whether the corresponding input is of human origin or whether it is misused by automated machine processing. The legal basis for this data processing is article 6 (1)(f) GDPR.
To our knowledge, the referrer URL, the IP address, the behaviour of the website visitors, information about the operating system, browser and duration of stay, cookies, display instructions and scripts, the input behaviour of the user as well as mouse movements in the "reCAPTCHA" checkbox area are transmitted to "Google". Google uses the information obtained in this way to digitise books and other printed matter and to optimise services such as Google Street View and Google Maps (e.g. house number and street name recognition).
The IP address transmitted in the context of "reCAPTCHA" is not merged with other data from Google, unless you are logged into your Google account at the time of using the "reCAPTCHA" plug-in. If you wish to prevent this transmission and storage of data about you and your behaviour on our website by Google, you must log out of Google's system before you visit our website or use the reCAPTCHA plug-in.
3.5.7. Appeal/opt-out possibility
In addition to the described deactivation methods, you can also generally prevent the described targeting technologies by means of a corresponding cookie setting in your browser (see also 3.5.2). You also have the option of deactivating preference-based advertising using the preference manager which can be accessed here.
3.5.8 Social media links
We have our own social media pages at the third-party providers that can be reached via links from these websites. By using these links you can access the respective websites of the third party providers (e.g. Facebook, YouTube, LinkedIn, Instagram) and can also share our content. No data transfer takes place when you call up our websites. As soon as you have called up the page of the third party provider, you are in the area of responsibility of the respective third party provider, so that their data protection declaration or their declarations on the use of data also apply. We have no influence on this, but to avoid unnecessary data transfer, we recommend that you log out from the respective third-party provider before using a link, so that the use of the link does not lead to the creation of user profiles by the third-party provider.
3.5.9 Analysis by wiredminds
Our websites use the pixel-code technology of wiredminds GmbH (www.wiredminds.de) to analyse visitor behaviour. Data may be collected, processed and stored from which user profiles are created under a pseudonym. Wherever possible and sensible, these user profiles are made completely anonymous. Cookies may be used for this purpose. Cookies are small text files that are stored in the visitor's Internet browser and serve to recognize the Internet browser. The data collected, which may also include personal data, is transmitted to wiredminds or collected directly by wiredminds. wiredminds may use information left behind by visits to the websites to create anonymised user profiles. The data thus obtained will not be used to personally identify the visitor of these websites without the separately granted consent of the data subject and will not be merged with personal data about the bearer of the pseudonym. If IP addresses are recorded, they are immediately made anonymous by deleting the last number block.
For appeal options, see Section 3.5.7 "Appeal/Opt-Out Option".
On our website a web service from the company Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (cookiebot.com) is loaded. We use this data to ensure the full functionality of our website.
In this context, your browser may transmit personal data to cookiebot.com. The legal basis for data processing is Art. 6 (1)(f) GDPR.
The legitimate interest lies in an error-free function of the website. The data will be deleted as soon as the purpose of their collection has been fulfilled.
You can prevent the collection and processing of your data by cookiebot.com by deactivating the execution of script code in your browser (see section 3.5.2) or by installing a script blocker in your browser.
3.6 Data processing Contact
You have the possibility to get in contact with us in several ways. By e-mail, by phone, by web contact form or by mail. If you contact us, we use the personal data that you voluntarily provide us with in this context solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is Article 6(1)(a), Article 6(1)(b), Article 6(1)(c) GDPR and Article 6(1)(f) GDPR. Your data will be deleted once the respective purpose has been achieved.
3.7 Data processing Customer ratings / comments / other user content
If users leave comments or other contributions on KARL MAYER's websites, their IP addresses will be deleted on the basis of our legitimate interests within the meaning of Art. 6 (1)(f) GDPR for 7 days. This is done for our security, in case someone leaves unlawful content in comments and contributions (insults, prohibited political propaganda, etc.).
You also have the option of publishing your own content on KARL MAYER's websites in various places (e.g. product evaluations, comments, etc.). If you make a comment, a recommendation or a rating on products, brands and styles, we process the personal data which you voluntarily enter as part of the comment or rating. You can publish content on KARL MAYER's websites under your first name and abbreviated surname.
The legal basis for these data processing(s) is Article 6(1)(f) GDPR.
3.8 Data processing Preparation, establishment, execution and/or termination of a contract
3.8.1 Data processing when using the webshop / conclusion of contract / customer account
If you register with our web shop, use the web shop or conclude a contract with us, we process the data required for the preparation, conclusion, implementation or termination of a contract with you. This includes:
- First name, surname
- billing and delivery address
- e-mail address
- billing and payment data
- date of birth
- telephone number if applicable.
If you use the Web Shop but do not make a purchase, we will transmit the data of your Web Shop session by push message to our local sales partner responsible for you so that he can consult with you for the purpose of coordination, consultation and clarification of your individual needs.
The legal basis for this is Article 6 (1)(b) GDPR, i.e. you provide us with the data on the basis of the respective contractual relationship (e.g. maintenance of your customer account, preparation or processing of a sales contract) between you and us. For the processing of your e-mail address in the case of a purchase via our web shop, we are also obliged to send an electronic order confirmation due to legal requirements in the German Civil Code (BGB). In this respect, the legal basis also results from article 6 (1)(c) GDPR.
As far as we do not use your data for advertising purposes, we store the data collected for the contract processing until the expiry of the legal or possible contractual warranty and guarantee rights. After the expiry of this period, we will retain the information required under commercial and tax law for the contractual relationship for the legally specified periods. For this period, the data will be processed again solely in the event of a review by the tax authorities.
To provide you with the greatest possible convenience, we offer you the permanent storage of your personal data in a password-protected customer account.
Only if you want to place orders via our webshop, the opening of a customer account is necessary for the processing of the contract. After opening a customer account no new data entry is necessary. In addition, you can view and change the data stored about you in your customer account at any time.
In addition to the data requested when placing an order, you must enter a password of your own choice in order to set up a customer account. This password, together with your e-mail address, is used to access your customer account. Please treat your personal access data confidentially and do not make them available to unauthorised third parties. Please note that even after leaving our website you will remain logged in automatically unless you actively log out. You have the possibility to delete your customer account at any time. Please note, however, that this does not mean that the data visible in the customer account will be deleted once you have placed an order with us.
For the processing of a sales contract via our web shop, the data processing according to the following section 3.8.2. is also required.
3.8.2 Data Processing Identity, Creditworthiness, Payment Processing, Fraud Prevention, Transport, Collection, Counter Terrorism
18.104.22.168. Identity verification
If necessary, we will verify your identity by using information from service providers. The legal basis for this is Article 6 (1)(b) and (f) GDPR. The justification for this is based on the protection of your identity and the avoidance of attempts at fraud at our expense. The circumstance and the result of our inquiry will be added to your customer account for the duration of the contractual relationship.
22.214.171.124. Credit assessments
If you have given us your consent to do so, we are entitled to use information received in connection with the order to calculate a probability of default (internal scoring). The calculation of the probability of default by means of internal scoring is based on a recognised mathematical and statistical method. The data used in the internal scoring process results in particular from a combination of the following data categories: Address data, age, desired payment conditions, order path and assortment groups. Within the scope of internal scoring, only such data is used as the customer has provided to us.
If you have given us your consent to do so, we are also entitled to obtain credit information about you from an external credit agency. We cooperate with the following external credit agencies:
SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden; phone: +49 (0)611-9278-0;
Creditreform Boniversum GmbH, Hellersbergstrasse 11, 41460 Neuss; phone: +49 (0)2131-109-501;
mediafinanz AG, white width 5, 49084 Osnabrück; phone +49 (0)541 2029-0;
Bürgel Wirtschaftsinformationen GmbH & Co KG, Gasstraße 18, telephone: +49 (0)40-89803-0;
arvato infoscore GmbH, Rheinstraße 99, 76532 Baden-Baden; phone: +49 (0)5241-527600-0;
Deltavista GmbH, Freisinger Landstrasse 74, 80939 Munich, Germany, telephone: +49 (0)89-724488-0.
For the purpose of calling up creditworthiness information, the following data is transmitted to the aforementioned external credit agency: First name, surname, postal address, date of birth. Furthermore, these data may also be transmitted to the aforementioned external credit agency for the purpose of personal and address validation.
Within the framework of credit assessment, we can decide on the establishment, execution or termination of the contractual relationship by means of an automated process. For example, if a negative credit report is submitted by a credit agency or if an insufficient score is calculated within the framework of internal scoring, the desired payment method can be rejected automatically. You can assert the right towards us according to section 4.4.
The processing of your data within the framework of the credit assessment is based on Article 6 (1)(b) GDPR and Article 6 (1)(a) GDPR. The circumstance and the result of our inquiry will be added to your customer account for the duration of the contractual relationship.
126.96.36.199. Payment processing
Your credit card data will only be passed on to our payment service provider Ingenico Payment Services GmbH (Am Gierath 20, 40885 Ratingen, Germany ("Ingenico/Ogone")), which will collect, process and store it in encrypted form. The legal basis for this data processing is Art. 6 (1)(a), Art. 6 (1)(b), GDPR and Art. 6 (1)(f) GDPR.
In our online shop Java-Script code from Ingenico/Ogone is loaded. If you have activated Java-Script in your browser and have not installed a Java-Script blocker, your browser may transmit personal data to Ingenico/Ogone. We do not know which data Ingenico/Ogone links to the data received and for what purposes Ingenico/Ogone uses these data.
The data will be stored and automatically deleted once the aforementioned purposes have been achieved.
188.8.131.52. Fraud prevention
The data you provide when placing an order can be used to check whether an atypical ordering process exists (e.g. simultaneous ordering of a large number of goods to the same address using different customer accounts). We have a legitimate interest in carrying out such a check.
The legal basis for the processing is Article 6(1)(f) of the GDPR. The data will be stored and automatically deleted once the above-mentioned purposes have been achieved.
184.108.40.206. Transport service providers
For the purpose of delivering ordered goods we work together with logistics service providers/transport companies and/or shipping partners.
In order to ensure that the goods are delivered according to your wishes, we will transmit your e-mail address, first name, surname, address and, if necessary, telephone number to the logistics company and/or shipping partner commissioned by us, who will take over the delivery. If necessary, they will contact you in advance of the delivery in order to coordinate the details of the delivery with you.
The legal basis of the processing is Article 6(1)(b) of the GDPR. The data will be stored and automatically deleted once the above-mentioned purposes have been achieved.
220.127.116.11 Defence against terrorism
For the purpose of ensuring compliance with the legal provisions of the Foreign Trade Act and the European Anti-Terrorism Ordinance, we are obliged, in particular, to comply with the prohibition on making customer data available for booking-relevant activities by comparing it with the annexes to the Anti-Terrorism Ordinance.
The legal basis of the processing is Article 6(1)(c) and (f) of the GDPR. The data will be stored and automatically deleted once the above-mentioned purposes have been achieved.
4. Your statutory rights
Below you will find your legal rights that you can assert.
4.1. Overview of the individual legal rights under Article 15 et seq. GDPR
In addition to the right to revoke your consent granted to us, you are entitled to the following further rights if the respective legal requirements are met:
- The right to obtain information about your personal data stored by us (Art. 15 GDPR), in particular you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, if it has not been collected directly from you;
- the right to correct incorrect data or to complete correct data (Art. 16 GDPR),
- the right to delete your data stored with us (Art. 17 GDPR), insofar as no legal or contractual retention periods or other legal obligations or rights to further storage have to be observed by us,
- the right to restrict the processing of your data (Art. 18 GDPR) if you dispute the accuracy of the data, if the processing is unlawful but you refuse to have it deleted; if the Controller no longer needs the data but you need it to assert, exercise or defend legal claims or if you have lodged an objection to the processing in accordance with Art. 21 GDPR,
- the right to data transferability in accordance with Art. 20 GDPR, i.e. the right to have selected data stored by us about you transferred in a common, machine-readable format, or to demand that it be transferred to another responsible party
You can assert the aforementioned rights at email@example.com.
4.2. Right of objection
Under the conditions of Art. 21 (1) GDPR, data processing may be objected to for reasons arising from the specific situation of the data subject.
The above general right of objection applies to all processing purposes described in this data protection information which are processed on the basis of Article 6 (1) (f) GDPR. In contrast to the special right of objection aimed at data processing for advertising purposes, we are only obliged under the GDPR to implement such a general right of objection if you give us reasons of overriding importance (e.g. a possible danger to life or health).
You can exercise this aforementioned right at firstname.lastname@example.org.
4.3. Right of withdrawal
Insofar as we process data on the basis of a consent granted by you, you have the right to revoke this consent at any time. The revocation of the consent does not result in the data processing that was carried out on the basis of the consent up to the time of revocation becoming ineffective.
You can exercise this aforementioned right at email@example.com.
4.4. Right of appeal
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you is in breach of the GDPR.
5. Topicality and amendment of this data protection declaration
This data protection declaration is currently valid and has the status of May 2018. Due to the further development of our websites and in particular our webshop or due to changed legal or official requirements, it may become necessary to amend this data protection declaration. The respective current data protection declaration can be viewed at any time on every website of our domains under the item "Data protection
can be called up and printed out by you.