I. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States, as well as other data protection provisions is:

​

Schälomat GmbH & Co. KG
Winefeldstr. 6
77955 Ettenheim

Telefon: +49 (0) 7822 - 4480449
Telefax: +49 (0) 7822 - 4480451

​

Managing Director: Daniel Kürz

​
II. Name and Address of the Data Protection Officer
We are not legally required to appoint a data protection officer.

​

III. General Information on Data Processing

1.Scope of Processing Personal Data
We collect and use personal data from our users solely to the extent necessary to execute our contracts. After fulfillment of contractual obligations, we only process data with the user’s consent—unless prior consent is impossible for factual reasons or data processing is permitted by law.

​

2. Legal Basis for Processing Personal Data
If we obtain consent from a data subject, the legal basis is Article 6(1)(a) GDPR. Data processed for contract fulfillment or pre-contractual measures is lawful under Article 6(1)(b) GDPR. Data processing required by legal obligations falls under Article 6(1)(c) GDPR. Processing necessary for legitimate interests, provided these interests do not override the rights and freedoms of the data subject, is based on Article 6(1)(f) GDPR.

 

3. Data Deletion and Storage Duration
Personal data will be deleted or blocked once the purpose of storage is no longer fulfilled. Further retention may occur if required by European or national law. Data is deleted or blocked once legally mandated storage periods expire, unless retention remains necessary for contract purpose.

 

IV. Website Provision and Logfile Creation

​

1. Description and Scope of Processing
Each time our website is accessed, the system automatically collects data and information from the user’s computer system:
(1) Browser type and version
(2) User’s operating system
(3) User’s internet service provider
(4) User’s IP address
(5) Date and time of access
(6) Referrer websites
(7) Websites accessed via our site

 

These data are stored in logfiles and not combined with other personal data.

​

2. Legal Basis for Data Processing

The temporary storage of data and logfiles is based on Article 6(1)(f) GDPR.

​

3. Purpose of Data Processing

Logfiles ensure the website’s functionality and optimize performance and security. We do not use this data for marketing purposes. These purposes constitute our legitimate interest under Article 6(1)(f) GDPR.

​

4. Storage DurationLogfile data is deleted after no more than seven days. Extended storage may occur if IP addresses are irreversibly anonymized.

​

5. Objection and Removal Possibilities

Logfile data collection is essential for website operation, thus no objection option is provided.

 

V. Contact via Email

​

1. Description and Scope of Processing
Communication via the provided email address will store personal data transmitted within the email, including metadata from the email program. These data are used solely to respond to the user’s inquiry and are not shared with third parties.

​

2. Legal Basis for Data Processing
The legal basis for processing data sent via email is Article 6(1)(f) GDPR. If the contact aims to conclude a contract, Article 6(1)(b) GDPR also applies.

​

3. Purpose of Data Processing
Emails are processed to respond to user inquiries. This constitutes a legitimate interest under Article 6(1)(f) GDPR.

​

4. Storage Duration
Data is deleted once the email conversation has been conclusively resolved.

​

5. Objection and Removal Possibilities
Users may withdraw consent or object to storage of their personal data at any time. If data is removed, conversation cannot continue. All stored personal data will be deleted.

​

VI. Rights of the Data Subject

​

If data concerning you is processed, you are entitled to the following rights:

​

Right to Access
You may request confirmation of data processing and details such as purpose, categories, recipients, storage period, rights to rectification or deletion, origin of data, and cross-border transfers.
(1) Right to Rectification
You can correct or complete inaccurate or incomplete data, which the controller must carry out promptly.
(2) die Kategorien von personenbezogenen Daten, welche verarbeitet werden
(3) Right to Restriction of Processing
You may request limiting processing under certain conditions, e.g., disputed accuracy, unlawful processing, or when needed for claims or a submitted objection.
(4) Right to Erasure ("Right to be Forgotten")
You may request deletion of personal data when not needed, consent is withdrawn, you object and there are no overriding reasons, or if data has been processed unlawfully. Exceptions apply for legal obligations, public interest, or claims defense.
(5) Right to Notification
If you exercise rectification, erasure, or restriction, the controller will inform recipients of disclosed data accordingly.
(6) Right to Data Portability
You can receive your data in a structured, commonly used format and transmit it to another controller if based on consent or contract and processed automatically.
(7) Right to Object
You may object at any time based on particular grounds against processing for legitimate interests, including direct marketing.

​(8) Right to Withdraw Consent
You may withdraw any data protection consent at any time, without affecting past processing.

​(9) Right Not to Be Subject to Automated Decision-Making
You have the right to not be subject solely to automated decisions with legal effects, unless necessary for a contract or legally authorised and safeguards are in place.

(10) Right to Lodge a Complaint
You may lodge a complaint with a supervisory authority in your Member State if you believe processing violates GDPR. The authority will inform you of the outcome.

​​