Data privacy

We are very pleased that you are interested in our company. Data protection is of a particularly high priority for the management of the CSW-PARTS GmbH. You can basically use the website of CSW-PARTS GmbH without providing any personal data. However, if a data subject wants to use special company services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the person concerned.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to CSW-PARTS GmbH. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of the rights to which they are entitled by means of this data protection declaration.
As the controller responsible for processing, CSW-PARTS GmbH has implemented numerous technical and organizational measures to ensure the most complete possible protection of personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us in alternative ways, for example by telephone.

1. Name and address of the person responsible for processing
The person responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is:

CSW-PARTS GmbH
Edisonstraße 11
D-52152 Simmerath
Germany
Phone: +49 2473 9374821
E-mail: sales(at)csw-parts-gmbh.com
Website: www.csw-parts-gmbh.com

a) When visiting the site
When you visit our website: https://www.csw-parts-gmbh.com/, the browser used on your device automatically sends information to the server (STRATO AG) on our website.

This information is temporarily stored in a so-called log file (“server log files”).
– Our visited website
– Date and time at the time of access
– Amount of data sent in bytes
– Source/reference from which you came to the page
– Browser used
– Operating system used
– IP address used (if necessary: in anonymous form)

The data mentioned are processed by us for the following purposes:
• Ensuring a smooth connection establishment of the website,
• Ensuring comfortable use of our website,
• Evaluation of system security and stability as well
• for other administrative purposes.

The processing takes place in accordance with Article 6 Paragraph 1 Letter f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

2. Sharing of Data
Your personal data will not be transmitted to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:

you have given your express consent in accordance with Art. 6 Para. 1 a GDPR,
• Disclosure according to Art. 6 Para. 1 f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
• in the event that there is a legal obligation for the transfer according to Art. 6 Para. 1 c DSGVO, as well as
• this is legally permissible and required for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 b GDPR.

3. Cookies
The website of the CSW-PARTS GmbH uses cookies. Cookies are text files that are filed and saved on a computer system via an Internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the person concerned from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, the CSW-PARTS GmbH can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized for the user. As already mentioned, cookies enable us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is done by the website and the cookie stored on the user’s computer system. Another example is the cookie of a shopping cart in the online shop. The online shop uses a cookie to remember the items that a customer has placed in the virtual shopping cart.

The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

The data records do not contain any personal information. It will not be merged with any personal data you have provided.

Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings.

These can be found for the respective browsers under the following links:

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-allow-and-reject
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/kb/ph21411?locale=de_DE
Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Please note that if cookies are not accepted, the functionality of our website may be restricted.

3. a) COOKIE CONSENT WITH REAL COOKIE BANNER

This website uses the “Real Cookie Banner” cookie consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations.

The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, website:
https://devowl.io/de/wordpress-real-cookie-banner/ (hereinafter “Real Cookie Banner”).

When you enter the website, the following personal data is transferred to Real Cookie Banner:
(1) Your consent(s) or the revocation of your consent(s)
(2) Information about your browser
(3) Information about your device
(4) Time of your visit to the website

Furthermore, Real Cookie Banner stores a cookie in your browser in order to be able to assign you the consent given or its revocation. The data collected in this way will be stored until you ask us to delete it, delete the Real Cookie Banner cookie itself or the purpose for storing the data no longer applies.
Mandatory legal retention obligations remain unaffected.

Real Cookie Banner is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 S. 1 lit. c GDPR.

4. Contact option via the website

Due to legal regulations, the CSW-PARTS GmbH website contains information that enables quick electronic contact to our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a person concerned contacts the person responsible for processing by e-mail or via a contact form, the personal data transmitted by the person concerned will be automatically saved. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. This personal data will not be passed on to third parties.
If you have any questions, we offer you the opportunity to contact us using a form provided on the website. A valid e-mail address, name and telephone number are required so that we know who sent the request and can answer it. Further information can be provided voluntarily.

Data processing for the purpose of contacting us takes place in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR on the basis of your voluntarily given consent.

The personal data collected by us for the use of the contact form will be deleted after your inquiry or order has been dealt with (possibly saved until the order is processed / invoiced), provided that there are no legal storage requirements to the contrary.

5. Routine deletion and blocking of personal data
The person responsible for processing processes and stores the personal data of the person concerned only for the period of time necessary to achieve the purpose of storage or if this is required by the European directive and regulation giver or another legislator in laws or regulations which the person responsible for processing subject, was provided.
If the purpose of storage no longer applies or if a storage period stipulated by the European legislator for directives and regulations or another responsible legislator expires, the personal data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions, provided that they are no longer required for the fulfillment of the contract or the initiation of a contract and/or no longer required on our part legitimate interest in further storage persists.

6. Data subject rights
You have the right:

• to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a Right to complain, the origin of your data, if not collected from us, and the existence of automated decision-making including profiling and, if necessary, meaningful information about their details;
• In accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
• According to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims is required;
• pursuant to Art. 18 GDPR to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need them to assert them, You need to exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;
• in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;
• According to Art. 7 Para. 3 GDPR, to revoke your consent given to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future and
• to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.


7. Right to object
If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 Para. 1 f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this that arise from your particular situation arise or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation. If you would like to make use of your right of revocation or objection, an e-mail to sales@csw-parts-gmbh.com is sufficient.

8. Use of the WordPress plugin “iTheme-Security”
In terms of optimal data protection and the security of all content provided here, the WordPress installation of this site works with an additional function, a so-called plugin. The “iThemes Security” plugin takes useful and sometimes indispensable precautions to ensure the security of the website and thus the security of any personal data.

Specifically, “iThemes Security” does the following:

  1. a) Matching the user’s IP address to the list of known attackers developed by HackRepair.com.

This checks whether the user is identical to an attacker from the list in order to immediately and irrevocably exclude him from using this site. The comparison takes place locally on this server, no IP addresses are forwarded to external servers. The IP address of the user is not saved.

  1. b) Local brute force protection

Our CMS has a so-called “backend”, access to the administrative interface. This access is hidden and in principle only possible for the operator of this website. This access is monitored and logged by “iThemes Security”, for example in the case of failed logins or attempts to find out access data through frequent password testing (“brute force method”). Unlawful access attempts are stored in our database together with the IP address for 7 days and then deleted. If there are several unlawful access attempts, the IP will be stored and blocked beyond this period.

It is not to be expected that this will even apply to a user of this site. In terms of a transparent data policy, the technical possibility should be pointed out at this point.

  1. c) Network brute force protection
    “iThemes Security” also enables an analysis of brute force attacks on servers outside the EU. This feature is disabled on this site, “iThemes Security” will never send data to servers outside the EU.

The legal basis for the processing of personal data using “iThemes Security” is Art. 6 Para. 1 lit. f GDPR.

“iThemes Security” protects this website from technical attacks and access attempts by third parties. This ensures the security of the entire website and the stability of our server, and any personal data processed elsewhere remains protected. The IP addresses used for the check are only used by “iThemes Security” for this purpose. Our legitimate interest in the processing of IP addresses according to Article 6 Paragraph 1 Letter f GDPR also lies in this purpose.

IP addresses are only saved by “iThemes Security” in the case of brute force attacks. Unlawful access attempts are stored in our database together with the IP address for 7 days and then deleted. If there are several unlawful access attempts, the IP will be stored and blocked beyond this period.

When you call up this page, your IP address is checked by “iThemes Security” and is absolutely necessary for the secure operation of the website. Consequently, there is no possibility of objection on the part of the user. However, it is possible to delete any stored IP addresses from our database at the user’s request.

9. Other Services
Google Fonts

On our website we use Google Fonts from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. We have integrated the Google fonts locally, i.e. on our web server – not on the Google servers. As a result, there is no connection to Google servers and therefore no data transmission or storage.

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly.

Google Web Fonts – General:

For this purpose, the browser you are using must connect to the Google servers if you have previously agreed to this setting in the cookie settings. This gives Google knowledge that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offering. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

You can opt-out here: https://adssettings.google.com/authenticated

You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/

Webhosting
We use a provider to maintain our Internet pages, on whose server our Internet pages are stored and made available for access on the Internet (hosting). The provider can process all the data transmitted via the browser you are using that arises when you use our website. This includes, in particular, your IP address, which the provider requires in order to be able to deliver our online offer to the browser you are using, as well as all entries made by you via our website. In addition, the provider we use

– the date and time of access to our website
– Time zone difference to Greenwich Mean Time (GMT)
– Access status (HTTP status)
– the amount of data transferred
– the internet service provider of the accessing system
– the type of browser you are using and its version
– the operating system you are using
– the website from which you may have accessed our website
– the pages or subpages that you visit on our website.
raise. The aforementioned data is stored as log files on our provider’s servers. This is necessary to ensure the stability and security of the operation of our website (AVV has been concluded).

Affected data:

Content data (e.g. posts, photos, videos)
Usage data (e.g. access times, websites clicked on)
Communication data (e.g. information about the device used, IP address)
Affected persons: users of our website

Purpose of processing: Playing our website, ensuring the operation of our website

Legal basis: Legitimate interest, Article 6 (1) (f) GDPR

Web host(s) commissioned by us:
STRATO
Service provider: STRATO AG, Pascalstr. 10, 10587 Berlin
Website: https://www.strato.de/hosting/
Data protection declaration: https://www.strato.de/datenschutz/

10. Embedded content from other websites
Articles on this website may contain embedded content (e.g. videos, images, articles etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.
These websites may collect data about you, use cookies, embed additional third party tracking services, and record your interaction with this embedded content, including your interaction with the embedded content if you have an account and are logged in to this website.

11. Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based.
A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

North Rhine-Westphalia data protection authority
State Commissioner for Data Protection: Bettina Gayk
Address: Kavalleriestrasse 2-4, 40213 Düsseldorf
Telephone number: 02 11/384 24-0
Email address: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de/

12. Data security
When you visit our website, we use the widespread SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the status bar of your browser. We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved and adapted in line with technological developments.

13. Updating and changing this data protection declaration
Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.
This data protection declaration is currently valid and has the status: November 2021

This data protection declaration was created by the data protection declaration generator of the data protection works council in cooperation with RC GmbH, which recycles used notebooks and the filesharing lawyers from WBS-LAW and has been supplemented by a few points.