Submission of further information is voluntary. As an alternative, the company may be contacted using the email address given. We process the data in your request in order to reply to you. The lawful basis of this data processing is Art. 6 (1) b GDPR, with processing of your enquiry as the purpose. The stored data will be deleted when the purpose of processing no longer applies and when no further statutory or contractual obligations of retention apply. As a general rule, data from your enquiry is stored for 12 months unless no further purpose of processing (e.g. order, quotation) results from your enquiry.
If you use the services of our Web shop, the following personal data are requested and stored upon conclusion of a contract:
- Company / VAT ID and/or
- Name and/or position
- Billing and delivery address
- Tel / fax numbers
- Payment method
The lawful basis of this data processing is Art. 6 (1) b GDPR, The purpose of processing the data is the initiation or fulfilment of a contract. The stored data will be deleted when the purpose of processing no longer applies and when no further statutory or contractual obligations of retention apply. The statutory period of retention in this case is 6 years.
Our website offers the option of subscribing to a newsletter. The following data are collected and stored for the purpose of mailing the newsletter and traceability:
- Email address
- Date and time of registration
- Date and time of confirmation mail (double opt-in method)
You can withdraw your consent to receive our newsletter at any time with prospective (future) effect. Your data are then deleted immediately unless statutory or contractual obligations of retention apply.
Further processing activities
Inclusion of services and content from third parties
The website may also offer you the opportunity to share information on or to follow KLOTZ AIS, its website or the products and/or services available from it, in the form of a social network function (e.g. “share this”, “like” or “follow” buttons).
We offer this function to create interest in the website among members of your social networks and to give you the opportunity to share opinions, news and recommendations from the website with your contacts and follow them. However, please note that where personal data are submitted in a social network, these data may be recorded by the social network provider and made publicly accessible by means of Internet search engines.
On the lawful basis of Art. 6 (1) f GDPR, we use content from the following third party providers:
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is thus informed about which of our pages you have visited.
If you are logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is done in the interest of enhancing the attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) f GDPR.
This site uses plugins from ORBITVU Sp. z o.o. to display 3D product images. IP addresses are transferred to ORBITVU as part of this process.
The use of Orbit VU is done in the interest of enhancing the attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) f GDPR.
This site uses the Google Maps map service via an API. The service is provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
This website uses visitor analysis processes to gain information about the behaviour of visitors to the website and thus improve their user experience.
This website uses Google Analytics, a web analysis service by Google Inc. („Google“). Google Analytics uses „cookies“, text files that are stored on your computer and allow your use of the website to be analysed. The information about your visit collected by the cookie is transferred to a Google server and stored there. The IP address used for your visit to the website is only stored in anonymized form (by means of a non-reversible truncation of the IP address). You can also prevent Google Analytics from recording, transmitting to Google and processing the data related to your website visit (including your IP address) generated by the cookies by downloading and installing the browser plugin from the following link: http://tools.google.com/dlpage/gaoptout?hl=en
The lawful basis of this data processing is Art. 6 (1) f GDPR (legitimate interest for the purpose of statistical analysis and optimizing our service). An agreement with Google Inc. concerning contract data processing is in place in accordance with Art. 28 GDPR. Google Inc. is certified under the Privacy Shield framework.
Sharing personal data with third parties
On the lawful basis of Art. 6 (1) f GDPR, personal data is shared with the following third party providers:
Our website contains a plugin for the social network site Facebook, an Internet service operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU this service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (both referred to hereinafter as “Facebook”).
Facebook is certified under the EU-US Privacy Shield
and thus guarantees that its data processing operations in the USA comply with EU data privacy regulations.
The lawful basis is Art. 6 (1) f GDPR. Our legitimate interest comprises improvement to the quality of our website.
For more information about possible plugins and their functions, visit Facebook at
Where a plugin is embedded on a page of our website you have visited, your Web browser downloads the content of the plugin from Facebook’s servers in the USA: For technical reasons, this procedure requires Facebook to process your IP address. We also record the date and time of your visit to our website.
If you are logged into Facebook while you visit one of our web pages with embedded plugin, the information about your visit is collected by the plugin and can be read by Facebook. Facebook may assign the information thus collected to your personal Facebook account. This means that if you use the Facebook “Like” button, this information is stored in your Facebook user account and may be published on the Facebook platform. To prevent this, log out of Facebook before visiting our website or install an add-on for your Web browser that prevents the Facebook plugin from loading.
For more details about collection and use of your data and your rights and protection options in this respect, visit the following Facebook pages:
Facebook data protection officer: https://www.facebook.com/help/contact/540977946302970
Data privacy statement for use of Instagram
Our website incorporates functions of Instagram, an Internet service provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can link content from our site to your Instagram profile by clicking the Instagram button on the page. Instagram can thus assign your site visit to your user account. Please note that as providers of our website, we have no knowledge or influence over the content of the data transferred or its use by Instagram.
External service providers are only commissioned to provide services if they contractually commit to compliance with Art. 28 GDPR.
Sharing personal data for the purpose of fulfilling an order
Where necessary as part of fulfilling your order, the personal details we collect are passed to shipping companies commissioned to deliver your order. This data sharing is limited to data required for the purpose of delivering your goods.
Privacy protection of minors aged under 16 on the Internet
KLOTZ AIS never knowingly collects or uses personal data of minors (aged under 16) in any way. The age of visitors to our website is not generally disclosed. However, we have not taken any specific actions to provide special protection of such data. Individuals aged under 16 may not transfer personal data without the express permission of their parents or guardians.
Your rights concerning processing of your personal data
Right of access: The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and where that is the case, access to the personal data and the following information as listed in Article 15 GDPR.
Right to rectification: The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her and, where applicable, to have incomplete personal data completed (Article 16 GDPR).
Right to erasure: The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the grounds listed in Article 17 GDPR applies, e.g. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed (right of erasure, ‘right to be forgotten’).
Right to restriction of processing: The data subject shall have the right to obtain from the controller restriction of processing where one of the grounds listed in Article 18 GDPR applies, e.g. where the data subject objects to the processing; said restriction shall apply for a period enabling the controller to verify the accuracy of the personal data.
Notification obligation: The data subject has the right to be informed of the recipients of his or her personal data. The data controller will communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Articles 16, 17(1) and 18 GDPR to each recipient to whom the personal data have been disclosed unless such notification proves impossible or involves disproportionate effort (Art. 19 DSGVO).
Right to data portability: A data subject has the right to receive his or her personal data which the subject has provided to a controller, in a structured, commonly used and machine-readable format. The subject further has the right to request transmission of those data to another controller in accordance with Article 20 GDPR, where technically feasible.
Right to object: The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or where the processing serves for the establishment, exercise or defence of legal claims (Article 21 GDPR).
Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Article 77 GDPR). The data subject may exercise this right in the Member State of his or her habitual residence, place of work or place of the alleged infringement. In Bavaria the responsible supervisory authority is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) (Bavarian State Data Protection Authority)
91522 Ansbach, Germany
How do we ensure the security of your data?
The data you provide to KLOTZ AIS are protected by appropriate technical and organizational measures designed to safeguard the data against accidental or deliberate manipulation, loss, destruction, access by unauthorized individuals or unauthorized disclosure to third parties. We monitor and improve our security measures on an ongoing basis in line with technological developments and organizational possibilities.