Skip to main content Contact

Data Protection Declaration

1. ABOUT US

We, the ISRINGHAUSEN GmbH & Co. KG, are responsible for the collection, processing and storage of your data. Details about us can be found in our imprint at any time.

The careful handling of your personal data is our highest priority. We adhere to the legal provisions in processing, for example, the General Data Protection Regulation (GDPR) and the associated national regulations.

This data protection declaration applies to all our company's websites that can be accessed under our domain (www.isri.es). If you switch to websites of other operators within the scope of our offer, their own data protection provisions apply in each case, for the content of which the respective operators of these websites are responsible.

Since we would like to give you a comprehensive overview of the processing of personal data in our group of companies, you will find below an overview of all our services in the context of which we collect and process personal data.

If separate or additional conditions apply to individual services or if we ask you for your consent, we will inform you separately before you use the respective service (e.g. for the newsletter subscription).

We also take various security measures to protect your personal data. For example, the transmission between your web browser and our servers is always encrypted; in addition, we always maintain a variety of technical and organizational measures to protect your data.

 

2. WHY WE PROCESS YOUR DATA

You can generally use our website without disclosing your identity. If you register for our newsletter or want to contact us, we will ask you for your name and other personal information. It is your free decision whether you enter this (extended) data. Data that we absolutely need from you in order to provide our services are marked as such.

Your personal data is collected and processed for the following purposes based on the following legal grounds:

  • Contract initiation according to Art. 6 par. 1 lit. a) and b) GDPR
  • Contract execution according to Art. 6 par. 1 lit. b) GDPR
  • Customer management according to Art. 6 par. 1 lit. b) and c), f) GDPR
  • Communication and data exchange according to Art. 6 par. 1 lit. a), b), c), f) GDPR
  • External presentation and advertising pursuant to Art. 6 par. 1 lit. a), f) GDPR
  • Implementation of declarations of consent pursuant to Art. 6 par. 1 lit. a) GDPR
  • Ensuring proper operation of a data processing system in accordance with Art. 6 par. 1 lit. c) and f) GDPR

 

3. WHICH DATA WE COLLECT AND PROCESS FROM YOU

We collect different categories of personal data from you. Personal data is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name. Personal information includes, for example, information such as your name, address, telephone number and date of birth (if provided). Statistical information that cannot be directly or indirectly linked to you - such as the popularity of individual pages of our website or the number of users of a page - is not personal data. There are directly and indirectly collected data. In both cases, data is only collected to the extent necessary; the data is processed exclusively for the purposes stated in point 2. It is up to you to decide whether you want to provide us data that optimizes the use of our services for you but is not necessary for this purpose. Corresponding data fields are marked as "optional".

The directly collected data includes:

  • Data that you actively and consciously transmit to us while using our services, e.g. via the contact form.
  • Other data that you provide to us voluntarily, e.g. data fields filled in by you and marked as 'voluntary'.

In addition, data about you is collected indirectly when you use our services:

  • Technical connection data, e.g. the page of our web offer called up, your IP address, date and time of the call, end device used. This is done to check the authorization of actions and the authentication of the requesting user of our services. The legal bases are Art. 6 para. 1 lit. c) in conjunction with. Art. 32 and Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to secure our web server, for example to defend against attacks, and to ensure the functionality of our services.

Minors:

Our website is not directed at minors and we do not knowingly collect personal data from minors.

If persons under the age of 16 transmit personal data to us, this is only permitted if the parent or guardian has given their own consent or has agreed to the consent of the young person. For this purpose, we must be informed of the contact details of the legal guardian in accordance with Art. 8 (2) GDPR in order to convince ourselves of the consent or approval of the legal guardian. This data and the data of the minor will then be processed in accordance with this privacy policy.

If we determine that a minor under the age of 16 has sent personal data to us without the consent of the parent or guardian himself or herself or without the consent of the minor, we will delete the data immediately.

 

4. WHO HAS ACCESS TO YOUR DATA AND TO WHOM WE TRANSFER YOUR DATA

Access

Access to your personal data stored by us is restricted to our employees and the service providers commissioned by us, who have to deal with this personal data due to their tasks.

Insofar as third parties have access to your data, we have obtained your permission for this or there is a legal basis for this.

We also use service providers to provide services and process your data (including for hosting as well as database maintenance and analysis, securing our web servers). Insofar as special provisions apply to these, we have detailed these for you below in the respective service. The service providers process the data exclusively on our instructions and have been obligated to comply with the applicable data protection regulations. All service processors have been carefully selected and will only be given access to your data to the extent and for the period required to provide the services or to the extent that you have consented to the processing and use of the data.

Data exchange within the group of companies

Data exchange within the group of companies to which we belong takes place exclusively within the EU/EEA and serves only internal administrative purposes. By group of companies, we mean affiliated companies within the meaning of Art. 4 No. 19 GDPR.

Transfer to third countries and legal basis

The servers of some of the service providers we use are located in the USA and other countries outside the European Union. Companies in these countries are subject to data protection laws that do not generally protect personal data to the same extent as they do in the member states of the European Union. To the extent that your data is processed in a country that does not have a recognized high level of data protection like the European Union, we will ensure that your personal data is adequately protected through contractual arrangements or other recognized instruments. We expressly point this out to you again in the context of the individual services.

Insofar as a transfer of personal data to third countries takes place, this is based on the conclusion of the EU Standard Agreement 2010 in accordance with Article 46 (2) c GDPR in conjunction with the decision of the EU Commission of 05.02.2010 (2010/87/EU) or your explicit consent. Additional measures to ensure a higher level of protection of personal data and effective legal protection for data subjects are currently in preparation.

Transfer to law enforcement and criminal investigation authorities.

In exceptional cases, we transmit personal data to law enforcement and criminal investigation authorities. This is done on the basis of corresponding legal obligations, e.g. from the Code of Criminal Procedure, the Tax Code, the Money Laundering Act or state police laws.

 

5. STORAGE PERIODS

We store personal data within the scope of legal regulations or your consent.

We use the following criteria to determine the specific storage period:

We store personal data until the purposes for which they were collected no longer apply (e.g., upon termination of a contractual relationship or through the last activity if there is no continuing obligation, or in the event of a revocation of your consent for the specific data processing).

Data is only stored for longer periods if

  • legal obligations to retain data exist (e.g. according to Tax Code and Mercantile Code);
  • the data is still required for the assertion and exercise of legal claims or for the defence against legal claims, e.g. due to technological and forensic requirements for the defence against attacks on our web servers and their prosecution;
  • deletion would be contrary to the legitimate interests of the data subjects; or
  • another exception pursuant to Art. 17 (3) GDPR applies.

 

6. YOUR RIGHTS

You are entitled to a number of statutory rights, which we would like to inform you of below. In addition, our data protection officer is, of course, also available to answer any questions you may have about the data we have collected and processed about you at the contact details provided below.

Right to information and data portability

You have the right to obtain information about the personal data we process concerning you at any time.

If the data processing is based on your consent or, pursuant to Art. 6 (1) (b) GDPR, on a contract, you may also request, pursuant to Art. 20 (1) GDPR, to receive the personal data stored about you in a structured, common and machine-readable format. At your request, we will also forward the data directly to the recipient you have specified.

Right to rectification, restriction and deletion

Furthermore, in accordance with Art. 16 to 18 GDPR, you can demand that we correct, restrict (block) or delete your personal data if the data has been processed incorrectly by us, if there is a reason for restricting further data processing, or if the data processing has become unlawful for various reasons, or if its storage is inadmissible for other legal reasons. We would like to point out that your right to Deletion may be restricted by statutory retention periods.

Right of objection

If our data processing is based exclusively on our legitimate interest pursuant to Art 6 (1) f) GDPR, you may object to this processing pursuant to Art 21 (1) GDPR. We will then stop processing your data unless we can demonstrate legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend a legal claim. Furthermore, you always have the right to object to the use of your data for the purpose of direct marketing with effect for the future in accordance with Article 21 (2) GDPR.

Right of revocation

If you have allowed us to process your personal data by giving your consent, you have a right of revocation with effect for the future pursuant to Art. 7 (3) GDPR.

Right to complain to the supervisory authority

You are free to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates the European General Data Protection Regulation or other national and international data protection laws.

The contact details of the supervisory authority responsible for us are:

Agencia Española de Protección de Datos

Directora Mar España Martí

C/Jorge Juan, 6

E - 28001 Madrid

Teléfono: + 34 901 100 099; + 34 91.266.35

Homepage: www.agpd.es 

 

Contact details

To make use of your rights, you can send us an informal message to the following contact details. Likewise, please address the revocation of your consent, indicating which consent form you wish to revoke, to the following contact details:

Responsible

DPO

 
ISRINGHAUSEN SPAIN S.L.U.
 
Pol. Industrial Landaben C/L
 
31012 Pamplona. Navarra - ESPAÑA
 
Teléfono: +34 948 286 030
 
Fax: +34 948 187 207
 
E-Mail: info@es.isri.de
 
 
it.sec GmbH
 
– Data Protection Officer –
 
Einsteinstraße 55
 
89077 Ulm
 
E-mail: dataprotection-aunde@aunde.com
 

 

7. USE OF OUR WEBSITE – COOKIES

We use so-called cookies in some areas of our website, e.g. to recognize visitors' preferences and to be able to design the website optimally accordingly. This facilitates navigation and a high degree of user-friendliness of a website. Cookies also help us to identify particularly popular areas of our website. Cookies are small files that are stored on a visitor's hard disk. They allow us to retain information for a certain period of time and to identify the visitor's computer. We use permanent cookies for better user guidance and individual performance presentation.

Furthermore, we use so-called session cookies, which are automatically deleted when you close your browser. You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. This is done to verify the authorization of actions and authentication of the requesting user of our services. The legal bases are Art. 6 para. 1 lit. c) in conjunction with. Art. 32 and Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is to secure our web server, for example to defend against attacks, and to ensure the functionality of our services.

We only set cookies that are not technically necessary after your express consent, which you can of course revoke at any time.

In the context of our cookie information on our website, you have agreed to the following statement in this regard:

We use cookies to personalize content and ads, to offer social media features, and to analyze traffic to our website. We also share information about your use of our website with our social media, advertising and analytics partners. Our partners may combine this information with other data that you have provided to them or that they have collected in the course of your use of the Services.

[Only necessary cookies] [Allow selection] [Allow cookies].

If you completely exclude the use of cookies, you will not be able to use certain features of our website. If necessary, please allow the opt-out cookies of those services for which you wish to prevent tracking.

Please also bear in mind that deleting all cookies will also delete opt-out cookies. You may therefore have to set them again. Cookies are also browser-bound, i.e. they must be set separately for each browser you use on each device you use. You will find the necessary links below in the description of the respective service.

The following cookies are used by us - if you allow this and have not set one or more opt-out cookies - for the purpose described in more detail:

Name of the cookie

Usage

Memory - permanently

Technically necessary

cookieconsent_status

Checks whether cookies are activated. This is a session cookie.

End of session

Yes

_gid

Used to distinguish users.

24 hours

No

_gat

Used to throttle the request speed.

1 minute

No

_ga

Used to distinguish users.

2 years

No

Google Maps

Our website uses the 'Google Maps' service from Google, for example to enable you to search for a location or plan a route.

Application:

When you call up Google Maps on this website, data is transmitted to Google LLC. As part of the provision of Google Maps, a joint control agreement was concluded with Google LLC. We provide you with the following information on this basis.

Responsible person with whom Google Maps is operated jointly on our website ('Google'):

Google LLC
1600 Amphitheater Pkwy

Mountain View

CA, 94043 USA

 

Responsible for the data processing of persons living within the European Union / EEA and Switzerland:

Google Ireland Ltd.

Gordon House, Barrow Street, Dublin 4
Ireland

In an agreement pursuant to Art. 26 para. 1 GDPR were between established the jointly responsible one who does that obligation according to the GDPR

The agreement within the meaning of Article 26 (1) of the GDPR with Google can be found at the following link:https://privacy.google.com/intl/de/businesses/mapscontrollerterms/

Data protection contact details:

Google's data protection officer can be contacted using the following web form: support.google.com/policies/contact/general_privacy_form

Categories of data subjects:

Visitors to our website who use Google Maps

Categories of personal data:

Data that Google processes about our website visitors can be found at the following link:

https://policies.google.com/privacy/update?hl=de&gl=de,  supplemented by the separate data protection provisions for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html

Origin of the data

Google receives the data from the data subjects directly via our website.

Legal basis for data processing

We only use Google Maps with your consent, Art. 6 Para. 1 lit. a) GDPR.

You can prevent the execution of Google Maps by selectively preventing the execution of the JavaScript code used by using a JavaScript blocker; Alternatively, you can also completely deactivate the execution of Java Script in your browser settings.

The legal basis on which Google bases data processing can be found at the following link:

https://policies.google.com/privacy/update?hl=de&gl=de,   supplemented by the separate data protection provisions for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html

Purposes of data processing

We use Google Maps to enable you to search for a location or plan a route and pursue the following purposes:

  • External presentation and advertising
  • Communication and data exchange
  • Event management
  • If necessary, contract initiation and processing

 

The purposes that Google is pursuing with the data processing can be found at the following link: https://policies.google.com/privacy/update?hl=de&gl=de , supplemented by the separate data protection provisions for Google Maps: https: // www .google.com / intl / de_de / help / terms_maps.html

Storage period

We do not save any data.

The retention and deletion of data is the obligation of Google. The information about this can be found in the following link: https://policies.google.com/privacy/update?hl=de&gl=de, supplemented by the separate data protection provisions for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html

Categories of recipients

We or our employees and service providers have no access to the data processed by Google.

The categories of recipients to which Google discloses the data, as well as information on internal data exchange can be found in the following link: https://policies.google.com/privacy/update?hl=de&gl=de, supplemented by the separate data protection provisions for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html

Data transfers to third countries

 

When using Google Maps, the data is also processed by Google LLC. The legal basis for the transfer is the EU standard contract 2010 in accordance with Article 46 (2) (c) GDPR in conjunction with the decision of the EU Commission of February 5, 2010 (2010/87 / EU). Additional measures to ensure higher protection of personal data and effective legal protection for data subjects are currently in preparation.

Google will transfer the data, regardless of the place of residence of the data subjects, to the United States, Ireland and any other country in which Google does business, where it will be stored and otherwise processed. Associated data transfers to third countries are secured by an adequacy decision of the EU Commission in accordance with Art. 45 GDPR or by suitable guarantees in accordance with Art. 46 GDPR : policies.google.com/privacy/update

Involved logic and scope of a profiling or an automated individual decision based on the collected data

If the data subjects are tracked through the collection of their data, be it through the use of cookies or comparable techniques or through the storage of the IP address, Google is obliged to inform about this.

The information on this can be found at the following link:

https://policies.google.com/privacy/update?hl=de&gl=de, supplemented by the separate data protection provisions for Google Maps: https://www.google.com/intl/de_de/help/terms_maps.html

Rights of data subjects

Joint controllers must provide data subjects with various rights regarding the processing of their data.The rights to which data subjects are entitled can be found in our privacy policy. These can be asserted directly against Google.The supervisory authority responsible for Google is that of the member state in which Google has its main office (Google Ireland Ltd.) within the European Union:Data Protection Commission

21 Fitzwilliam Square, Dublin 2
D02 RD28, Ireland

Web address: http://gdprandyou.ie/contact-us/

You can disable the execution of Google Maps at any time. To do this, you must change the settings in your browser by either selectively or completely disabling the execution of Java scripts.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. One way to object to web analysis by Google Analytics is to set an opt-out cookie, which instructs Google not to store or use your data for web analysis purposes. Please note that with this solution, web analytics will only not take place as long as the opt-out cookie is stored by the browser. If you would like to set the opt-out cookie now, please click developers.google.com/analytics/devguides/collection/gajs/.

However, you can also prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link. The current link is: tools.google.com/dlpage/gaoptout.

Recipient of the data: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The legal basis for the transfer is the EU Standard Contract 2010 pursuant to Art. 46 (2) lit. c GDPR in conjunction with the decision of the EU Commission of 05.02.2010 (2010/87/EU). Additional measures to ensure a higher level of protection of personal data and effective legal protection for data subjects are currently in preparation.

 

Google Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally on our server. A connection to Google servers does not take place.

Google Tag Manager

Google Tag Manager is a product from Google that allows us to manage website tags from applications such as Google Analytics via an interface. The Tag Manager is a cookie-less domain and does not collect any personal data.

 

8. ADDITIONAL NOTES AND PROVISIONS FOR INDIVIDUAL SERVICES

Contact form

Data that you send us via our contact form is processed for the purpose of communication and data exchange, i.e. to respond to your specific request. This data is stored for as long as its processing is necessary for these purposes or until the expiry of any subsequent retention periods.

Seat configurator – Restricted Area (Business Partners)

To use our restricted area, please register with us by contacting your relevant Customer Account Manager or via our contact form. We will ask you for your first and last name, your function and your professional contact details. We will compare this data with our customer and supplier base, and only our business partners will be able to register with us for this access. You will then be able to define a password with which you can log in in the future. Your account will be maintained for as long as processing is required for this purpose. Unless otherwise agreed, the account will be deleted 1 year after the last login.

 

9. E-mail communication with business partners

We would like to inform you accordingly about the handling of your personal data (contact data, etc.) received in the course of our business relationship in accordance with Art. 13, 14 GDPR. The legal basis for the processing of this personal data can be found in Art. 6 para. 1 lit. b) and f) GDPR. The purpose of the data processing as well as our legitimate interest is the implementation and maintenance of the business relationship existing between our company and yours or your group of companies. In order to maintain our business relationship, we take the liberty of sending you seasonal greetings (Christmas/New Year greetings) or also to inform you explicitly about references to our presence at selected trade fairs. This type of contact will not take place more than five times a year and you can of course object to it at any time (see below). If you have consented to any other use, we will delete the data as soon as you revoke your consent.