Privacy Notice
This Privacy Notice informs you, in accordance with Art. 12 et seq. and Art. 13 GDPR, about the processing of personal data when visiting the website of Büter Hebetechnik GmbH, as well as about your data protection rights.
Personal data refers to all information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR), such as name, contact details, IP address, or user behavior. Processing occurs when such data is collected, stored, transmitted, modified, or deleted (Art. 4 No. 2 GDPR).
The processing of your data is carried out in compliance with the relevant data protection regulations, particularly the General Data Protection Regulation (GDPR), the Telecommunications-Telemedia Data Protection Act (TTDSG), and other applicable norms.
Büter Hebetechnik GmbH processes personal data of website visitors for the technical provision and optimization of the website, as well as for handling incoming inquiries. Furthermore, processing may occur if you have a separate relationship with us – for example, as a customer, supplier, prospective client, applicant, or employee. In these cases, supplementary privacy notices apply, to which separate reference is made:
- Information on the handling of your personal data
- Privacy Notice for Social Media
- Privacy Notice for Applicants
Below, we inform you in detail about the nature, scope, purposes, legal bases, and recipients of the respective processing operations in connection with your visit to our website.
Table of Contents
1. Who is the Controller for this website?
2. Which data processing operations take place when using this website?
2.1 Data required to display the website and ensure its stability and security
2.1.1 Web Hosting and Provision of the Online Service
2.2 Contact Form and Email Contact
2.2.1 Use of MEETOVO for Processing Inquiries
2.3 Use of Cookies
2.3.1 Web Analytics and Online Advertising Services
2.3.2 Plugins and Embedded Functions as well as Content
3. When will your data be deleted?
4. Will your data be transferred to a third country or an international organization?
5. Will your data be used for automated decision-making or profiling?
7. What rights do you have regarding the processing of your data?
8. Amendment and Update of the Privacy Notice
1. Who is the Controller for this Website?
The Controller within the meaning of Art. 4 No. 7 GDPR is:
Büter Hebetechnik GmbH
Emmener Str. 9
49716 Meppen
Email: info@bueter.de
Phone: +49 (0) 5935/7059-0
For questions regarding data protection, you can contact our Data Protection Officer at any time:
Carla Holterhus
Email: datenschutz[at]bueter.de
2. Which Data Processing Operations Take Place when Using this Website?
2.1 Data Required to Display the Website and Ensure its Stability and Security.
When accessing this website, certain data is automatically processed that is necessary for the technical provision, stability, and security of the website. These include:
• the IP address of the requesting terminal device,
• date and time of access,
• the accessed URL or file,
• the amount of data transferred,
• the access status (e.g., successful transfer, error message),
• browser type and version, as well as the operating system used,
• the user’s Internet service provider,
• the referrer URL (the previously visited page).
This data is processed on the basis of Art. 6 para. 1 lit. f GDPR. The legitimate interest of Büter Hebetechnik GmbH lies in ensuring the technical functionality and security of the website, particularly in protection against attacks and misuse. Further processing takes place for purely statistical purposes and for the optimization of the web offering; no personal evaluation or profiling occurs in this process.
The data is stored for a maximum period of [e.g., 7 days], unless further retention for evidentiary purposes in the context of specific security-relevant incidents is required.
The data is processed exclusively by technical service providers who are contractually bound within the framework of a data processing agreement pursuant to Art. 28 GDPR.
2.1.1 Web Hosting and Provision of the Online Service
Our website is operated by an external hosting service provider. Within the scope of hosting, all personal data arising in connection with the use of our online service is processed on the host’s servers. This includes, in particular, IP addresses, content data from contact forms or comment functions, communication and metadata (such as device identifiers, timestamps, referrer information), contract and usage data, and server log files.
Data processing by the host is carried out exclusively based on our instructions and within the framework of a data processing agreement concluded in accordance with Art. 28 GDPR. The host thereby ensures a level of security corresponding to Art. 32 GDPR. Server log files are stored to ensure technical system integrity, particularly to prevent unauthorized access and to detect security-relevant anomalies (e.g., DDoS attacks). This data is automatically deleted or anonymized after a maximum of 30 days, unless longer storage is required to clarify specific security incidents.
Legal bases for processing are Art. 6 para. 1 lit. b GDPR (contract fulfillment) and Art. 6 para. 1 lit. f GDPR (legitimate interest in a stable, secure, and efficient provision of our online service by a specialized technical service provider). In the event of active consent to access the terminal device (e.g., through device fingerprinting or the use of non-essential cookies), processing also takes place on the basis of Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. Consent can be revoked at any time.
For technical provision, we utilize rented server capacities, storage space, network components, and security infrastructures provided by:
• Christmann & Woll GmbH, Blinke 6, 26789 Leer
are provided. As a rule, data transfer to third countries does not take place within the scope of hosting. Should this be necessary within the scope of individual services (e.g., CDN integration), we ensure an adequate level of data protection by concluding standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR or by the existence of an adequacy decision by the European Commission.
2.2 Contact Form and Email Contact
For electronic contact, we provide a contact form. When using it, the data entered by the user, including first and last name, email address, phone number, message text, and optional information (e.g., date of birth), is transmitted to us and stored. Additionally, the IP address of the terminal device, date and time of submission, and technical metadata are processed. Processing is carried out exclusively for handling the inquiry and for subsequent communication. No data is transferred to third parties unless it is necessary for fulfilling the inquiry or legally required.
The legal basis for processing is Art. 6 para. 1 lit. b GDPR, provided that the inquiry is aimed at the conclusion or performance of a contract. In all other cases, processing is based on our legitimate interest in the effective handling of incoming inquiries in accordance with Art. 6 para. 1 lit. f GDPR. If explicit consent is obtained within the contact form, data processing also takes place on the basis of Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time with effect for the future.
Alternatively, contact can be made via the provided email addresses or other means of communication (e.g., telephone). In this case too, the transmitted personal data is processed for the purpose of handling and documenting the request. The associated data processing takes place on the same legal basis as with the contact form.
Personal data will be deleted as soon as the respective conversation with the user has ended and it is clear from the circumstances that the matter concerned has been conclusively clarified. Statutory retention obligations, particularly under commercial and tax law provisions, remain unaffected by this.
2.2.1 Use of MEETOVO for Processing Inquiries
For the digital processing of incoming inquiries, we use the software solution of MEETOVO Software GmbH, Robert-Koch-Straße 8, 21423 Winsen (Luhe), Germany. Processing takes place within the framework of a data processing agreement in accordance with Art. 28 GDPR. The provider has been carefully selected by us, is contractually obliged to comply with data protection requirements, and ensures an appropriate technical and organizational level of security in accordance with Art. 32 GDPR.
When accessing the inquiry form, a direct connection is established between the user’s terminal device and MEETOVO’s servers. The IP address is recorded anonymously and deleted after a maximum of seven days. Upon submission of the form, the personal data entered by the user – in particular name, email address, phone number or mobile number, and the message text – is transmitted encrypted to MEETOVO’s servers, stored there, and additionally forwarded to us via email.
If you agree, further form entries will be processed in real-time for analysis purposes already during input. The processing of data is necessary for handling and responding to the inquiry and takes place in accordance with Art. 6 para. 1 lit. b GDPR, insofar as it serves the fulfillment of pre-contractual measures or a contract. In all other cases, processing is based on our legitimate interest in the effective and user-friendly handling of inquiries in accordance with Art. 6 para. 1 lit. f GDPR.
Data is not transferred to third parties. MEETOVO deletes personal data as soon as its storage is no longer necessary. The necessity is regularly reviewed every two years, but deletion occurs at the latest five years after the last inquiry.
Further information on data processing by MEETOVO can be found at: https://meetovo.de/datenschutz.
2.3 Use of Cookies
To provide and optimize our online service, we use so-called cookies. These are small text files that are stored on your terminal device and fulfill different functions depending on their type. Cookies can be necessary for the technical operation of the website, functionally supportive, or used for the analysis and optimization of usage processes.
Technically necessary cookies are absolutely essential for providing our online service. They ensure basic functions such as page navigation, access control to protected areas, or load distribution in server operation. These cookies do not require consent. Processing takes place on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with Section 25 para. 2 TTDSG.
Cookies that are not necessary for the operation of the website – in particular analysis, marketing, and tracking cookies – are only set after your explicit consent. Consent is obtained via a data protection-compliant consent management system and can be revoked at any time with effect for the future. The legal basis for processing is Art. 6 para. 1 lit. a GDPR.
• Session cookies: Stored temporarily and deleted when the browser is closed
• Persistent cookies: Remain beyond the session and are automatically deleted after a maximum of two years, unless a shorter period is specified
To obtain and manage your consent, we use the tool “BorlabsCookie”. Your preference selection is documented and stored for the purpose of accountability in accordance with Art. 7 para. 1 GDPR. A pseudonymous ID, timestamp, scope of consent, and device information are stored for a maximum of 24 months.
You can revoke your consent at any time via our cookie banner or the settings in your browser. The revocation does not affect the lawfulness of processing carried out prior to the revocation. Furthermore, you have the option to object to processing based on legitimate interests in accordance with Art. 21 GDPR.
A complete overview of all cookies used – including name, provider, storage duration, purpose, and legal basis – can be found in the cookie banner.
2.3.1 Web Analytics and Online Advertising Services
Google Ads
For the execution and success measurement of online advertising campaigns, we use Google Ads, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google acts as an independent controller in the data protection sense.
Google Ads enables the delivery of targeted ads within the Google advertising network and on third-party sites. For this purpose, Google uses cookies, especially so-called DoubleClick cookies, for the pseudonymized recording of user interactions with advertising
ads, such as impressions, click behavior, or conversions. This information is used to analyze the statistical effectiveness of the campaigns. We only receive aggregated reports without personal reference.
If Google Ads is linked with Google Analytics, remarketing can also take place. Based on previously defined target groups (e.g., users of specific page areas), pseudonymous advertising IDs (cookies, device identifiers) are used to display individualized advertisements to these users across the entire Google advertising network. No personal evaluation is carried out by us.
The use of Google Ads takes place exclusively on the basis of your prior consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. This consent is obtained via our consent management tool upon the first visit and can be revoked there at any time with effect for the future.
Insofar as personal data is transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, within the scope of using Google Ads, this is based on the standard contractual clauses of the EU Commission in accordance with Art. 46 para. 2 lit. c GDPR. Furthermore, Google LLC is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of protection.
Further information on data processing by Google can be found in Google’s privacy policy: https://policies.google.com/privacy
Google Ads Remarketing
This website uses functions of Google Ads Remarketing, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Ads Remarketing enables the display of interest-based advertisements to visitors of our website across the entire Google advertising network. For this purpose, users are assigned to pseudonymized target groups based on their previous interactions with our online service.
Recognition occurs across devices via so-called advertising IDs, cookies, or similar technologies. If you have a Google account and have consented to cross-device personalization, Google can link your use of various terminal devices. This makes it possible to display personalized advertising messages on different devices (e.g., smartphone, tablet, desktop). This assignment is carried out exclusively by Google. We only receive aggregated audience reports that do not allow conclusions about individual persons.
Furthermore, we use Google Ads Customer Match. In doing so, we transmit certain data sets (e.g., email addresses) from our customer lists to Google. If the relevant users are linked to a Google account, interest-based ads can be specifically displayed to them within the Google network (e.g., in Google Search, on YouTube, or in Gmail). Processing is carried out encrypted and on a purely pseudonymous basis.
The use of Google Ads Remarketing, including Customer Match, is based exclusively on your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. This consent is obtained via the consent management tool upon your first visit to our website and can be revoked there at any time with future effect.
If personal data is transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, within the scope of remarketing functions, this transfer is based on the standard contractual clauses of the European Commission in accordance with Art. 46 para. 2 lit. c GDPR. Furthermore, Google LLC is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection within the meaning of Art. 45 GDPR. Further information: https://www.dataprivacyframework.gov/participant/5780
You can deactivate personalized advertising by Google via the following link: https://adssettings.google.com/anonymous?hl=de
Further information on data processing within the scope of Google Ads Remarketing can be found in Google’s privacy policy: https://policies.google.com/technologies/ads?hl=de
Google Conversion Tracking
This website uses Google Conversion Tracking, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), to measure the success of online advertising campaigns. In this context, Google acts as an independent controller in terms of data protection law.
Google Conversion Tracking enables the analysis of user interactions with our advertisements. It specifically records whether users have performed certain actions on our website after clicking on a Google ad (e.g., filling out a form, clicking buttons, or completing a purchase). The data generated in this way is used exclusively for the creation of aggregated, pseudonymous conversion statistics that do not allow for conclusions about individual persons. We only receive the total number of users who clicked on our ad and subsequently performed a defined action.
For user recognition, Google uses cookies or comparable technologies (e.g., device fingerprinting). Processing is carried out exclusively on the basis of your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. Consent is obtained via our consent management tool and can be revoked there at any time.
If personal data is transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, within the scope of Google Conversion Tracking, the transfer is based on the standard contractual clauses in accordance with Art. 46 para. 2 lit. c GDPR. Furthermore, Google LLC is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection in accordance with Art. 45 GDPR. Further information: https://www.dataprivacyframework.gov/participant/5780
Further information on data processing by Google within the scope of Conversion Tracking can be found at: https://policies.google.com/privacy?hl=de
Google Tag Manager
For the central management of website tags and the integration of external services, we use Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager itself does not process any personal data for analysis purposes, does not store cookies, and does not create user profiles. It serves exclusively for the technical deployment of script and code elements from other services via a unified user interface.
However, in the course of technical provision, your IP address may be processed by Google, particularly when accessing server resources and for functional testing of integrated tags. This processing may involve a transfer to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In these cases, the transfer is based on the standard contractual clauses approved by the European Commission in accordance with Art. 46 para. 2 lit. c GDPR. In addition, Google LLC is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection within the meaning of Art. 45 GDPR. Further information: https://www.dataprivacyframework.gov/participant/5780.
The use of Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the legally compliant, transparent, and efficient management of data protection-relevant services on our website. The Google Tag Manager specifically enables dynamic control and deactivation of technologies requiring consent.
Insofar as third-party services (e.g., Google Analytics, Google Ads) are integrated via the Tag Manager, the use of which requires consent, these services are activated exclusively after your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. Consent is obtained via our consent management tool and can be revoked there at any time with future effect.
Google Analytics
To analyze user behavior on this website, we use the web analytics service Google Analytics, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Processing is carried out on the basis of a data processing agreement in accordance with Art. 28 GDPR. We have concluded corresponding contractual agreements with Google and fully implement the requirements of the Data Protection Conference and the competent supervisory authorities.
Google Analytics uses cookies and comparable technologies (e.g., device fingerprinting) to evaluate user interaction with the website. The processed data includes, in particular, page views, duration of stay, interactions (mouse and scroll movements, clicks), technical parameters (e.g., operating system, device, referrer, browser type), and demographic characteristics, if available. Additionally, Google uses modeling procedures and machine learning technologies to improve data quality.
To protect your privacy, the IP anonymization function (anonymizeIp) is activated on this website. Your IP address will be truncated within the EU or EEA before being transmitted to Google. Only in exceptional cases will the full IP address be transferred to servers in the USA and truncated there. Google does not combine the IP address with other data.
The use of Google Analytics is based exclusively on your prior explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. Consent is obtained via our consent management system and can be revoked there at any time with future effect.
Insofar as data is transferred to servers in third countries – particularly the USA – within the scope of use, this is based on the standard contractual clauses approved by the European Commission in accordance with Art. 46 para. 2 lit. c GDPR. Google is also certified under the EU-US Data Privacy Framework (DPF), which guarantees a level of protection comparable to European data protection. Further information: https://www.dataprivacyframework.gov/participant/5780.
The storage period for user and event-related data is 14 months by default and is then automatically deleted or anonymized. Details on data storage can be found at: https://support.google.com/analytics/answer/7667196?hl=de.
Additionally, we use Google Signals, an extended feature of Google Analytics. If personalized advertising is enabled in your Google account, cross-device information such as location, search history, YouTube history, and demographic data may be processed. This data is used exclusively in an aggregated and anonymized form for statistical evaluation.
Users can deactivate the collection of their data by Google Analytics by installing the following browser plugin: https://tools.google.com/dlpage/gaoptout?hl=de. Further information on data processing by Google Analytics can be found at: https://support.google.com/analytics/answer/6004245?hl=de.
Meta Pixel
To measure conversions and optimize our online advertising, we use the Meta Pixel, an analytics service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”). The pixel enables tracking the behavior of users who were redirected to our website by clicking on an advertisement on Facebook or Instagram. This serves to analyze the effectiveness of our advertisements for statistical and market research purposes, as well as for the targeted delivery of future advertising measures.
The collected data does not allow us, as website operators, to draw conclusions about individual users. However, Meta can link the data to the Facebook user profile and use the data for its own advertising purposes in accordance with its own data usage policy. For this purpose, Meta uses cookies and similar technologies to recognize users. Further information on data processing by Meta can be found at: https://www.facebook.com/about/privacy/
The use of the Meta Pixel is based exclusively on your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. Consent is obtained via our consent management tool and can be revoked there at any time with future effect.
We and Meta are jointly responsible for the collection and transfer of data to Meta. The obligations arising from the joint processing are regulated in an agreement in accordance with Art. 26 GDPR, which you can view at the following link: https://www.facebook.com/legal/controller_addendum
We are particularly responsible for providing data protection information and for the data protection-compliant implementation of the pixel. Meta alone is responsible for the further processing of the data. Data subject rights regarding data stored by Meta can be asserted directly against Meta. Alternatively, we will forward corresponding inquiries.
Insofar as personal data is transferred to servers in third countries, particularly the USA, within the scope of using the Meta Pixel, this is based on the standard contractual clauses in accordance with Art. 46 para. 2 lit. c GDPR. Additionally, Meta is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection within the meaning of Art. 45 GDPR. Details can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum and for certification at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
You can deactivate the “Custom Audiences” function in your Facebook account at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
If you do not have a Facebook account, you can deactivate usage-based advertising by Meta via the platform of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/
2.3.2 Plugins and Embedded Functions as Well as Content
On our website, we integrate external content and functional elements from third-party providers, such as graphics, videos, interactive maps, or fonts, to enable a user-friendly, multimedia presentation of our online offering. The integration of this content regularly requires that technical data – in particular the IP address of the accessing device – be transmitted to the respective third-party providers, as the delivery of the content is not possible without this information. When selecting the integrated services, we ensure that third-party providers process personal data only to the extent necessary for provision.
In certain cases, web beacons (pixel tags) are also used. These enable providers to conduct statistical analyses of user behavior or – based on your consent – to evaluate usage data for marketing purposes. The information processed thereby can also be stored in cookies and includes, in particular, browser type, operating system, previously visited pages, access times, and pseudonymous user IDs.
• The following data categories are typically processed:
• Usage data (e.g., pages visited, interactions, access times)
• Technical metadata (IP address, device information, timestamps)
• If applicable, personal basic and contact data (e.g., email address, name), if transmitted through interaction
• Form contents and voluntary information
Depending on the service, processing is carried out either on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR for an efficient and user-centric presentation of the website or – if required – on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG, which is obtained via our consent management tool and can be revoked at any time.
The following third-party providers and services are currently integrated:
• Google Fonts: For integrating fonts. These are hosted on our own server, so no data transfer to Google takes place. No processing of personal data by Google occurs in this context.
• Font Awesome (local hosting): For the consistent display of icons and fonts, we use Font Awesome, a service provided by Fonticons, Inc. The font files are integrated locally on our web server, so no connection to Fonticons’ servers is established and no personal data is transmitted to third parties. Thus, neither an IP transfer nor an identification of the end device by Fonticons takes place.
• Plugins “AFL UTM Tracker” (WordPress): For evaluating campaign data and dynamically assigning user inquiries based on UTM parameters, we use the plugin “AFL UTM Tracker” on our website, an offering from aflubin GmbH, Solinger Straße 14, 45481 Mülheim an der Ruhr, Germany.
YouTube
For the multimedia presentation of content, we embed videos from the YouTube platform on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, is responsible for data processing in connection with the platform and the embedded content.
When a page with an embedded YouTube video is accessed, a connection to YouTube’s servers is established. In particular, the IP address, technical device information, browser data, and the previously visited website are transmitted to Google. If you are logged into a Google account, YouTube can associate the page visit with your user profile. This association can be prevented by logging out of the Google account beforehand.
The videos are embedded in extended data protection mode, if technically supported by YouTube. According to Google, this mode prevents cookies from being set on the user’s device before a video is actively played. Only when the content is played can Google set cookies or comparable technologies, in particular local storage elements, which pseudonymously record usage behavior. This data can be processed by Google for its own purposes of analysis, optimization, and personalized advertising.
The processing of personal data within the scope of YouTube integration is carried out exclusively on the basis of your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Section 25 para. 1 TTDSG. This consent is obtained via our consent management tool and can be revoked there at any time with future effect.
A transfer of personal data to the USA cannot be ruled out. Google LLC is certified under the EU-U.S. Data Privacy Framework (DPF). Based on this adequacy decision by the European Commission in accordance with Art. 45 GDPR, an adequate level of protection comparable to EU data protection is considered guaranteed. Further information on certification can be found at: https://www.dataprivacyframework.gov/participant/5780
Further information on data processing by YouTube/Google can be found at: https://policies.google.com/privacy?hl=de as well as technical details of the extended data protection mode at: https://support.google.com/youtube/answer/171780
3. When Will your Data be Deleted?
Personal data is stored by us only for as long as it is necessary for the respective processing purposes. As soon as the purpose of processing ceases to apply, the data will be deleted, unless legal retention obligations or legitimate subsequent purposes in accordance with Art. 6 para. 4 GDPR prevent deletion. Insofar as different deadlines apply in connection with certain services or processing operations, these are explicitly stated in the respective sections of this privacy policy.
4. Will your Data be Transferred to a Third Country or an International Organization?
Büter Hebetechnik GmbH will only transfer personal data to countries outside the European Economic Area (EEA) or to international organizations if this is necessary for the fulfillment of contractual or legal obligations, you have explicitly consented, or another legally permissible basis for permission exists.
In certain cases, we use service providers located in so-called third countries, particularly in the United States. Insofar as such third-country transfers occur, we ensure, in accordance with Art. 44 et seq. GDPR, that either an adequacy decision by the European Commission exists (e.g., in the case of US providers certified under the EU-U.S. Data Privacy Framework) or that suitable safeguards such as standard contractual clauses in accordance with Art. 46 GDPR have been concluded.
Detailed information on specific transfers, recipients, and the respective security mechanisms used can be found in the data protection notices for the relevant services within this privacy policy.
5. Is your Data Used for Automated Decision-Making or Profiling?
No automated decision-making within the meaning of Art. 22 GDPR takes place during your visit to this website. Likewise, no profiling that produces legal effects or significantly affects you in a similar manner is carried out. Personal data is not merged for the purpose of evaluating personal aspects, interests, or behaviors.
6. Who Receives your Data?
Personal data is only transferred to third parties if there is a legal permission to do so, in particular for the fulfillment of legal obligations pursuant to Art. 6 (1) point c GDPR, based on your consent given pursuant to Art. 6 (1) point a GDPR, or for the protection of legitimate interests according to Art. 6 (1) point f GDPR, provided that no overriding interests of the data subject conflict with this.
In this context, recipients of personal data may include, in particular, the following entities:
• Law enforcement and supervisory authorities, insofar as we are legally obliged to transmit data,
• commissioned service providers (e.g., in the areas of IT operations, hosting, software development, consulting, marketing, or sales), insofar as they act within the scope of a commissioned processing pursuant to Art. 28 GDPR. These service providers are contractually obliged to comply with data protection regulations and act exclusively on our instructions.
No further transfer to third parties takes place, unless you have expressly consented or a legal obligation exists. A transfer to third countries only occurs under the conditions of Art. 44 et seq. GDPR, in particular through adequacy decisions or appropriate safeguards such as standard contractual clauses.
7. What Rights Do You Have Regarding the Processing of your Data?
As a data subject, you have the following rights vis-à-vis Büter Hebetechnik GmbH regarding the processing of your personal data:
• Right of access (Art. 15 GDPR): You can request information at any time as to whether and which personal data we process about you.
• Right to rectification (Art. 16 GDPR): You have the right to have inaccurate data rectified and incomplete data completed.
• Right to erasure (Art. 17 GDPR): Under the conditions of Art. 17 GDPR, you have the right to demand the erasure of your data.
• Right to restriction of processing (Art. 18 GDPR): Under certain conditions, you can demand that the processing of your data be restricted.
• Right to data portability (Art. 20 GDPR): You have the right to receive the data you have provided to us in a structured, commonly used, and machine-readable format or to have it transmitted to another controller.
• Right to withdraw consent (Art. 7 para. 3 GDPR): You can withdraw any consent given at any time with effect for the future.
Furthermore, you have a right to object pursuant to Art. 21 GDPR:
• Right to object in specific situations: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Art. 6 (1) point e or f GDPR. This also applies to any profiling. In the event of an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.
• Right to object to direct marketing: You have the right to object at any time to the processing of your personal data for direct marketing purposes. This also applies to profiling, insofar as it is related to such direct marketing. Following your objection, your data will no longer be processed for marketing purposes.
The objection can be made informally and should be addressed to:
Büter Hebetechnik GmbH
Emmener Str. 9
49716 Meppen
E-Mail: datenschutz[at]bueter.de
Furthermore, you have the right to lodge a complaint with a data protection supervisory authority.
8. Amendment and Update of the Privacy Policy
We reserve the right to adapt this privacy policy if legal, technical, or organizational changes to data processing arise or if new legal requirements necessitate it. The current version is always available on our website.
We will inform you in due time of any changes that significantly affect the purposes of processing or the types of data concerned, provided this is legally required. If a change necessitates obtaining consent again or requires other acts of cooperation, we will inform you separately and appropriately.
As of: September 1, 2025
