Privacy statement

The protection of your personal data during the collection, processing and use of personal data during your visit to our homepage is very important to us. Your data are protected as part of statutory regulations. Below, we would like to clarify the extent to which personal data are processed on our website in compliance with Article 13 of the General Data Protection Regulations (GDPR).

Identity of the Data Controller

Gebrüder Hahn GmbH
Hälverstraße 76, 58579 Schalksmühle
Tel. +49 (0)2355 90 84-0
Fax +49 (0)2355 38 50

Data Protection Officer

If you have any queries about data protection, please contact our data protection officer:
Tel. +49 (0)2355 90 84-0

Data processing through the website

Your visit to our website is logged. The following data are transferred by your browser to us:

  • The IP address currently used by your PC or your router
  • Date and time
  • Browser type and version
  • Your PC’s operating system
  • The pages you visit
  • The names and sizes of the files you request
  • The URL of the referring website, where this applies.

These data are only used for data security purposes, to improve our website and for error analysis based on Article 6 (1)f of the GDPR. For this purpose we collect the IP address of your computer in an anonymised form (truncated to remove the last three characters). You can visit our web pages without disclosing any personal information.

We would like to point out that data transmissions through the Internet (e.g. communication by email) can be subject to security intrusions. It is not possible to ensure seamless protection of data against interception by third parties. Any confidential data should be transmitted to us using a different means, e.g. by post.

Contact form

Personal data (e.g. your name, address details and contact details), transmitted to us by you voluntarily, e.g. in connection with an enquiry or for some other reason, are stored by us and used exclusively for corresponding with you and only for the purpose for which you transferred them. These data are processed on the basis of Article 6(1)a; 6(1)f GDPR. In our downloads section, we collect and store personal data for a longer period to ensure your access is maintained over time and we can respond if you have queries about our products.

Use of cookies

Our website uses cookies. Cookies are small text files that are stored on your computer and saved by your browser. The objective of using cookies is to tailor our website behaviour to make it more user friendly. For example, they enable us to recognise a user for the duration of their session without them having to enter a user name and password repeatedly. Cookies do not cause any damage to your computer and are deleted when you navigate away from the session. These data are processed on the basis of Article 6(1)f GDPR.

Some of the cookies are deleted immediately when you close your browser (session cookies).

Other cookies will remain on your computer or device and enable the website to recognise your browser again next time you visit the site (persistent cookies).

Data processing in connection with cookies whose sole purpose is to create the functionality of our online services is based on legitimate interest as defined in Article 6(1)f GDPR.

If you would prefer not to use cookies, you can set your browser so that you opt out of automatic installation of cookies in general. Please note that, if you do, your use of our website may be restricted and may not work at all.

Your rights

In accordance with Articles 15 – 21 GDPR, you are entitled to take advantage of the following rights relating to any personal data processed by us, provided the preconditions given in those Articles exist.

Right of access

You are entitled to know whether your personal data are being processed by us and, if so, which.

Right to rectification

You are entitled to insist that incomplete or inaccurate personal data are rectified.

Right to erasure

You have the right to have your personal data erased, in particular where one of the following grounds applies:

The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed
You have withdrawn your consent to the processing of personal data
You have objected to the processing of the personal dat
Your personal data have been unlawfully processed.

However, there is no right to erasure if the controller has legitimate interests. These may be:

Personal data for the establishment, exercise or defence of legal claims
Erasure is not possible because the data must be stored for legal reasons.

Where data cannot be erased, the data subject may have the right to insist on restriction of processing

Right to restriction of processing

You will have the right to restriction of processing of your personal data where one of the following applies:

You contest the accuracy of the personal data and we then have to verify the accuracy of the personal data
The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead
We no longer need the data but you require them for the establishment, exercise or defence of legal claims
You have objected to processing pending the verification whether our legitimate grounds as the controller override yours.

Right to data portability

You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, provided the processing is based on consent or on a contract and the processing is carried out by automated means.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Artikel 6 (1), including profiling based on those provisions. Where the processing of your personal data is the result of consent given by you, you have the right to withdraw that consent at any time.

Time limits for the deletion of the data

Where statutory provisions do not define a period of storage, data will be deleted or destroyed when they are no longer required for the purposes of data processing. There are various different storage periods prescribed for personal data, which means that data of relevance to Inland Revenue issues must be retained for 10 years as a rule, and other data subject to commercial law provisions for 6 years as a rule. The duration of storage may be subject to statute of limitations provisions, which may, as a rule, mean three years in compliance with Articles 195 et seq. of the German Civil Code (BGB) or, in certain cases, up to 30 years.

Right to lodge a complaint with a supervisory authority

Under Art. 77 GDPR, each data subject has the right to lodge a complaint with the competent supervisory authority where he or she considers that the processing of his or her personal data is not in compliance with the GDPR. The responsible supervisory authority with regard to data protection issues is the Commissioner for Data Protection for the German state in which our company has its registered office.