Privacy Policy
This privacy policy informs you, pursuant to Art. 12 et seq. and Art. 13 GDPR, about the processing of personal data when visiting the website of Büter Hebetechnik GmbH, as well as about your data protection rights.
Personal data is any information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR), such as name, contact details, IP address, or user behavior. Processing takes place when such data is collected, stored, transmitted, modified, or deleted (Art. 4 No. 2 GDPR).
Your data will be processed in compliance with the relevant data protection regulations, in particular the General Data Protection Regulation (GDPR), the Telecommunications Telemedia Data Protection Act (TTDSG), as well as other applicable standards.
Büter Hebetechnik GmbH processes personal data of website visitors for the technical provision and optimization of the website as well as for the handling of incoming inquiries. In addition, processing may take place if you have a separate relationship with us – for example, as a customer, supplier, prospect, applicant, or employee. In these cases, additional privacy notices apply, to which separate reference is made:
- Notes on the handling of your personal data
- Privacy notices for Social Media
- Privacy notice for applicants
Below, we inform you in detail about the type, scope, purposes, legal bases, and recipients of the respective processing activities in connection with your visit to our website.
Content
Who is responsible for this website?
What data processing occurs when using this website?
2.1 Data required to display the website and to ensure its stability and security
2.1.1 Web hosting and provision of the online offering
2.2 Contact form and email contact
2.2.1 Use of MEETOVO for handling inquiries
2.3 Use of cookies
2.3.1 Web analytics and online advertising services
2.3.2 Plugins and embedded functions and content
3. When will your data be deleted?
Will your data be transferred to a third country or an international organization?
Will your data be used for automated decision-making or profiling?
What rights do you have regarding the processing of your data?
Changes and updates to this privacy policy
1. Who is responsible for this website?
The controller within the meaning of Art. 4 No. 7 GDPR is:
Büter Hebetechnik GmbH
Emmener Str. 9
49716 Meppen
Email: info@bueter.de
Phone: +49 (0) 5935/7059-0
If you have any questions about data protection, you can contact our Data Protection Officer at any time:
Carla Holterhus
Email: datenschutz[at]bueter.de
2. What data processing occurs when using this website?
2.1 Data required to display the website and to ensure its stability and security.
When you access this website, certain data is automatically processed that is necessary for the technical provision, stability, and security of the website. This includes:
- the IP address of the requesting device,
- date and time of access,
- the requested URL or file,
- the amount of data transferred,
- the access status (e.g., successful transfer, error message),
- browser type and version as well as the operating system used,
- the user’s Internet service provider,
- the referrer URL (the previously visited page).
This data is processed on the basis of Art. 6 (1) (f) GDPR. The legitimate interest of Büter Hebetechnik GmbH lies in ensuring the technical functionality and security of the website, especially in protecting against attacks and misuse. Any further processing is for purely statistical purposes and to optimize the web offering; there is no personal evaluation or profiling.
The data is stored for a maximum period of [e.g., 7 days], unless longer retention is required for evidentiary purposes in the context of specific security-relevant incidents.
The data is processed exclusively by technical service providers who are contractually bound as processors pursuant to Art. 28 GDPR.
2.1.1 Web hosting and provision of the online offering
Our website is hosted by an external hosting service provider. As part of the hosting, all personal data related to the use of our online offering is processed on the host’s servers. This includes, in particular, IP addresses, content data from contact forms or comment functions, communication and metadata (such as device IDs, timestamps, referrer information), contract and usage data, as well as server log files.
The data processing by the host is carried out exclusively on our instructions and within the framework of a data processing agreement pursuant to Art. 28 GDPR. The host ensures a level of security in accordance with Art. 32 GDPR. The storage of server log files takes place to ensure the technical system integrity, especially to prevent unauthorized access and to detect security-relevant anomalies (e.g., DDoS attacks). This data is automatically deleted or anonymized after no more than 30 days, unless longer storage is required to clarify specific security incidents.
Legal bases for the processing are Art. 6 (1) (b) GDPR (contract performance) as well as Art. 6 (1) (f) GDPR (legitimate interest in the stable, secure, and efficient provision of our online offering by a specialized technical service provider). In the case of active consent to access the end device (e.g., through device fingerprinting or the use of non-essential cookies), processing is also based on Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent can be revoked at any time.
For technical provision, we use rented server capacities, storage space, network components, and security infrastructures provided by:
- Christmann & Woll GmbH, Blinke 6, 26789 Leer
A transfer of data to third countries does not generally take place within the framework of hosting. If this should be necessary for individual services (e.g., CDN integration), we ensure an adequate level of data protection by concluding standard data protection clauses pursuant to Art. 46 (2) (c) GDPR or by the existence of an adequacy decision by the European Commission.
2.2 Contact form and email contact
For electronic contact, we provide a contact form. When using it, the data entered by the user, including first and last name, email address, telephone number, message text, and optional information (e.g., date of birth), is transmitted to us and stored. Additionally, the IP address of the device, date and time of transmission, and technical metadata are processed. The processing is carried out exclusively for handling the inquiry and subsequent communication. Data will not be disclosed to third parties unless necessary to fulfill the request or required by law.
The legal basis for processing is Art. 6 (1) (b) GDPR if the request is aimed at concluding or performing a contract. In all other cases, processing is based on our legitimate interest in the effective handling of incoming inquiries pursuant to Art. 6 (1) (f) GDPR. If explicit consent is obtained via the contact form, processing is additionally based on Art. 6 (1) (a) GDPR. Consent can be revoked at any time with effect for the future.
Alternatively, contact can be made via the provided email addresses or other communication channels (e.g., telephone). In these cases, the transmitted personal data is processed for the purpose of handling and documenting the request. The associated data processing is carried out on the same legal basis as for the contact form.
Personal data will be deleted as soon as the respective conversation with the user has ended and it is clear from the circumstances that the relevant matter has been conclusively clarified. Statutory retention obligations, in particular under commercial and tax law, remain unaffected.
2.2.1 Use of MEETOVO for handling inquiries
For the digital processing of incoming inquiries, we use the software solution of MEETOVO Software GmbH, Robert-Koch-Straße 8, 21423 Winsen (Luhe), Germany. The processing is carried out as part of a data processing agreement pursuant to Art. 28 GDPR. The provider has been carefully selected by us, is contractually obliged to comply with data protection requirements, and ensures an adequate technical and organizational level of security pursuant to Art. 32 GDPR.
When accessing the inquiry form, a direct connection is established between the user’s device and the servers of MEETOVO. The IP address is collected in anonymized form and deleted after no more than seven days. When the form is submitted, the personal data entered by the user – in particular name, email address, telephone or mobile number, and message text – is transmitted in encrypted form to the servers of MEETOVO, stored there, and additionally forwarded to us by email.
If you consent, further form entries can be processed in real time for analysis purposes even during input. The processing of data is necessary for the handling and response to the inquiry and is carried out in accordance with Art. 6 (1) (b) GDPR, insofar as it serves the fulfillment of pre-contractual measures or a contract. In all other cases, processing is based on our legitimate interest in the effective and user-friendly handling of inquiries in accordance with Art. 6 (1) (f) GDPR.
Data is not passed on to third parties. MEETOVO deletes personal data as soon as storage is no longer necessary. Necessity is regularly reviewed every two years, but data is deleted no later than five years after the last inquiry.
For more information on data processing by MEETOVO, see: https://meetovo.de/datenschutz.
2.3 Use of cookies
To provide and optimize our online offering, we use so-called cookies. These are small text files that are stored on your device and perform different functions depending on their type. Cookies can be necessary for the technical operation of the website, provide functional support, or be used for analysis and optimization of usage processes.
Technically necessary cookies are strictly required to provide our online service. They ensure essential functions such as site navigation, access control to protected areas, or load balancing in server operations. These cookies do not require consent. Processing is based on Art. 6 (1) sentence 1 (f) GDPR in conjunction with § 25 (2) TTDSG.
Cookies that are not required for website operation – especially analytics, marketing, and tracking cookies – are set only with your explicit consent. Consent is obtained via a data protection-compliant consent management system and can be revoked at any time with effect for the future. The legal basis for processing is Art. 6 (1) (a) GDPR.
- Session cookies: Temporarily stored and deleted when the browser is closed
- Persistent cookies: Remain beyond the session and are automatically deleted after a maximum of two years unless a shorter period is specified
To obtain and manage your consent, we use the tool “BorlabsCookie.” Your preferences are documented and stored for up to 24 months for proof purposes in accordance with Art. 7 (1) GDPR, including a pseudonymous ID, timestamp, consent scope, and device information.
You can revoke your consent at any time via our cookie banner or the settings in your browser. Revocation does not affect the lawfulness of processing up to that point. You also have the option to object to processing based on legitimate interests under Art. 21 GDPR.
A complete overview of all cookies used – including name, provider, storage duration, purpose, and legal basis – can be found in the cookie banner.
2.3.1 Web analytics and online advertising services
Google Ads
To conduct and measure the success of online advertising campaigns, we use Google Ads, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google acts as an independent controller in the sense of data protection law.
Google Ads makes it possible to deliver targeted ads within the Google advertising network and on third-party sites. To do this, Google uses cookies, especially so-called DoubleClick cookies, to pseudonymously collect user interactions with advertisements, such as impressions, click behavior, or conversions. This information is used to analyze the statistical effectiveness of campaigns. We receive only aggregated, non-personal reports.
If Google Ads is linked with Google Analytics, remarketing may also take place. Based on previously defined target groups (e.g., users of certain site areas), pseudonymous advertising IDs (cookies, device identifiers) are used to serve individualized ads to these users across the entire Google ad network. No personal evaluation by us takes place.
The use of Google Ads is based solely on your prior consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management tool and can be revoked at any time.
If, as part of the use of Google Ads, personal data is transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, this is based on the EU Commission’s standard contractual clauses in accordance with Art. 46 (2) (c) GDPR. Google LLC is also certified under the EU-US Data Privacy Framework (DPF), ensuring an adequate level of protection.
Further information about Google’s data processing can be found in Google’s privacy policy: https://policies.google.com/privacy
Google Ads Remarketing
This website uses features of Google Ads Remarketing, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Ads Remarketing allows us to show interest-based ads to visitors of our website across the Google advertising network. For this purpose, users are assigned to pseudonymized target groups based on their previous interactions with our online offering.
Recognition is done across devices via so-called advertising IDs, cookies, or similar technologies. If you have a Google account and have agreed to cross-device personalization, Google can link your use of different devices. This allows personalized advertising messages to be shown on different devices (e.g., smartphone, tablet, desktop). This assignment is done exclusively by Google. We only receive aggregated audience reports that do not allow conclusions about individuals.
We also use Google Ads Customer Match. Here, we transmit certain data sets (e.g., email addresses) from our customer lists to Google. If the users concerned are linked to a Google account, they can be shown targeted interest-based ads within the Google network (e.g., Google Search, YouTube, Gmail). Processing is encrypted and on a purely pseudonymous basis.
The use of Google Ads Remarketing, including Customer Match, is based solely on your explicit consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management tool and can be revoked at any time.
If, as part of the remarketing functions, personal data is transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, this transfer is based on the EU Commission’s standard contractual clauses pursuant to Art. 46 (2) (c) GDPR. Google LLC is also certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of protection within the meaning of Art. 45 GDPR. More information: https://www.dataprivacyframework.gov/participant/5780
You can deactivate personalized advertising by Google at the following link: https://adssettings.google.com/anonymous?hl=de
Further information on data processing as part of Google Ads Remarketing can be found in Google’s privacy policy: https://policies.google.com/technologies/ads?hl=de
Google Conversion Tracking
This website uses Google Conversion Tracking, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), for measuring the success of online advertising campaigns. In this context, Google acts as an independent controller in terms of data protection law.
Google Conversion Tracking makes it possible to analyze user interactions with our ads. In particular, it records whether users performed certain actions on our website after clicking on a Google ad (e.g., filling out a form, clicking buttons, completing a purchase). The data generated is used solely to create aggregated, pseudonymous conversion statistics that do not allow identification of individuals. We only receive the total number of users who clicked our ad and then performed a defined action.
Google uses cookies or comparable technologies (e.g., device fingerprinting) to recognize users. Processing is based solely on your explicit consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management tool and can be revoked at any time.
If, as part of Google Conversion Tracking, personal data is transferred to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, the transfer is based on standard contractual clauses pursuant to Art. 46 (2) (c) GDPR. Google LLC is also certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of protection according to Art. 45 GDPR. More information: https://www.dataprivacyframework.gov/participant/5780
Further information about Google’s data processing as part of Conversion Tracking can be found at: https://policies.google.com/privacy?hl=de
Google Tag Manager
For central management of website tags and integration of external services, we use Google Tag Manager, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager itself does not process personal data for analysis purposes, does not store cookies, and does not create user profiles. It only serves the technical delivery of script and code elements from other services via a unified interface.
In the course of technical provision, your IP address may, however, be processed by Google, especially when accessing server resources and checking the functionality of integrated tags. This processing may involve transfer to servers of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In these cases, the transfer is based on the standard contractual clauses approved by the European Commission pursuant to Art. 46 (2) (c) GDPR. Google LLC is also certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of protection within the meaning of Art. 45 GDPR. More information: https://www.dataprivacyframework.gov/participant/5780
The use of Google Tag Manager is based on Art. 6 (1) (f) GDPR. Our legitimate interest lies in the lawful, transparent, and efficient management of data protection-relevant services on our website. Google Tag Manager in particular enables dynamic control and deactivation of consent-dependent technologies.
If third-party services (e.g., Google Analytics, Google Ads) requiring consent are integrated via Tag Manager, these services are activated only after your explicit consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management tool and can be revoked at any time.
Google Analytics
To analyze user behavior on this website, we use the web analytics service Google Analytics, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Processing takes place on the basis of a data processing agreement pursuant to Art. 28 GDPR. We have entered into the relevant contractual arrangements with Google and fully implement the requirements of the data protection conference and the competent supervisory authorities.
Google Analytics uses cookies and comparable technologies (e.g., device fingerprinting) to evaluate user interactions with the website. The processed data includes, in particular, page views, dwell time, interactions (mouse and scroll movements, clicks), technical parameters (e.g., operating system, device, referrer, browser type), as well as demographic characteristics, if available. Google additionally uses modeling methods and machine learning technologies to improve data quality.
To protect your privacy, IP anonymization (anonymizeIp) is activated on this website. Your IP address is shortened within the EU or EEA before being transmitted to Google. Only in exceptional cases is the full IP address transmitted to servers in the USA and shortened there. There is no merging of the IP address with other data by Google.
The use of Google Analytics is based solely on your prior explicit consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management system and can be revoked at any time.
If, in the context of use, data is transferred to servers in third countries – especially the USA – this is based on the standard contractual clauses approved by the European Commission pursuant to Art. 46 (2) (c) GDPR. Google is also certified under the EU-US Data Privacy Framework (DPF), which guarantees a level of protection comparable to European data protection. More information: https://www.dataprivacyframework.gov/participant/5780
The retention period for user and event-related data is 14 months by default and is then automatically deleted or anonymized. Details on data storage can be found at: https://support.google.com/analytics/answer/7667196?hl=de
We also use Google Signals, an extension function of Google Analytics. If personalized advertising is activated in your Google account, cross-device information such as location, search history, YouTube history, and demographic data can be processed. This data is used exclusively in aggregated and anonymized form for statistical evaluation.
Users can prevent their data from being collected by Google Analytics by installing the following browser plugin: https://tools.google.com/dlpage/gaoptout?hl=de. Further information on data processing by Google Analytics can be found at: https://support.google.com/analytics/answer/6004245?hl=de
Meta Pixel
To measure conversions and optimize our online advertising, we use Meta Pixel, an analysis service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”). The Pixel makes it possible to track the behavior of users who were redirected to our website by clicking on an ad on Facebook or Instagram. This serves to analyze the effectiveness of our ads for statistical and market research purposes and to deliver future advertising measures to appropriate target groups.
The collected data does not allow us as the website operator to draw any conclusions about individual users. However, Meta may link the data to a Facebook user profile and use the data for its own advertising purposes in accordance with its data usage policy. Meta uses cookies and similar technologies to recognize users. Further information on data processing by Meta can be found at: https://www.facebook.com/about/privacy/
The use of Meta Pixel is based solely on your explicit consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management tool and can be revoked at any time.
For the collection and transmission of data to Meta, we and Meta are jointly responsible. The obligations arising from joint processing are regulated in an agreement pursuant to Art. 26 GDPR, which you can view at: https://www.facebook.com/legal/controller_addendum
We are particularly responsible for providing data protection information and for the data protection-compliant implementation of the Pixel. For the further processing of data, Meta alone is responsible. Data subjects’ rights relating to data stored at Meta can be exercised directly with Meta. Alternatively, we will forward corresponding requests.
If, as part of the use of Meta Pixel, personal data is transferred to servers in third countries, in particular the USA, this is based on standard contractual clauses pursuant to Art. 46 (2) (c) GDPR. In addition, Meta is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection in accordance with Art. 45 GDPR. Details: https://www.facebook.com/legal/EU_data_transfer_addendum and for certification: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active
You can disable the “Custom Audiences” function in your Facebook account at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.
If you do not have a Facebook account, you can deactivate usage-based advertising by Meta via the European Interactive Digital Advertising Alliance platform: http://www.youronlinechoices.com/de/praferenzmanagement/
2.3.2 Plugins and embedded functions and content
We integrate external content and functional elements from third-party providers on our website, such as graphics, videos, interactive maps, or fonts, to enable a user-friendly, multimedia presentation of our online offering. The integration of these contents regularly requires the transmission of technical data – in particular the IP address of the requesting device – to the respective third-party providers, as the delivery of the contents is not possible without this information. When selecting integrated services, we ensure that third-party providers process personal data only to the extent necessary for provision.
In certain cases, web beacons (pixel tags) are also used. These enable providers to conduct statistical analyses of usage behavior or – based on your consent – to evaluate usage data for marketing purposes. The information processed may also be stored in cookies and includes, in particular, browser type, operating system, previously visited pages, access times, as well as pseudonymous user IDs.
- The following categories of data are typically processed:
- Usage data (e.g., visited pages, interactions, access times)
- Technical metadata (IP address, device information, timestamp)
- Basic personal and contact data (e.g., email address, name), if transmitted through interaction
- Form content and voluntary information
Processing is carried out depending on the service either on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR in an efficient and user-centered presentation of the website or – if necessary – based on your consent pursuant to Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG, which can be obtained and revoked at any time via our consent management tool.
The following third-party providers and services are currently integrated:
- Vimeo (Vimeo Inc., New York, USA): For embedding videos. Data transfers to the USA are based on the standard contractual clauses pursuant to Art. 46 GDPR. Vimeo may set cookies and collect usage data when videos are played. More information: https://vimeo.com/privacy
- Google Maps (Google Ireland Ltd. / Google LLC): For displaying interactive maps. In particular, IP addresses and location data may be processed. Google LLC is certified under the EU-US Data Privacy Framework (DPF). The transfer is based on the adequacy decision pursuant to Art. 45 GDPR. More information: https://policies.google.com/privacy
- Google Fonts: For embedding fonts. These are hosted on our own server, so no data transfer to Google takes place. No personal data is processed by Google in this context.
- Font Awesome (local hosting): For uniform display of icons and fonts, we use Font Awesome, a service of Fonticons, Inc. The font files are integrated locally on our web server, so no connection is made to Fonticons servers and no personal data is transmitted to third parties. Thus, there is neither an IP transmission nor identification of the device by Fonticons.
- Wordfence: To protect our website against unauthorized access, malware, brute-force attacks, and other security-related events, we use the Wordfence security plugin. The service provider is Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA. Wordfence monitors all accesses to our website in real time. For this purpose, a constant connection to the servers of Wordfence is established to synchronize the threat databases stored there. Technical access data such as IP addresses, URL accesses, browser identifiers, timestamps, and possibly location data may be processed. These serve to detect and prevent attacks and to ensure the technical availability of our website. The processing of personal data by Wordfence may involve transfer to the USA. This is based on the EU Commission’s standard contractual clauses pursuant to Art. 46 (2) (c) GDPR, supplemented by additional security measures. More information: https://www.wordfence.com/help/general-data-protection-regulation/ A data processing agreement pursuant to Art. 28 GDPR has been concluded with Defiant Inc., obliging Wordfence to process personal data only according to documented instructions and to ensure appropriate technical and organizational measures for data security.
- Plugins “AFL UTM Tracker” (WordPress): For evaluating campaign data and dynamically assigning user inquiries based on UTM parameters, we use the “AFL UTM Tracker” plugin on our website, a service of aflubin GmbH, Solinger Straße 14, 45481 Mülheim an der Ruhr, Germany.
YouTube
For multimedia presentation of content, we embed videos from the YouTube platform on our website, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The data controller for processing in connection with the platform and embedded content is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When you access a page with an embedded YouTube video, a connection is established to YouTube’s servers. In particular, IP address, technical device information, browser data, and the previously visited website are transmitted to Google. If you are logged into a Google account, YouTube can associate your visit to your user profile. This assignment can be prevented by logging out of your Google account beforehand.
Videos are embedded in extended privacy mode if technically supported by YouTube. According to Google, this mode prevents cookies from being set on the user’s device before a video is actively played. Only when content is played can Google set cookies or comparable technologies, in particular local storage elements, which pseudonymously record usage behavior. Google may process this data for its own purposes of analysis, optimization, and personalized advertising.
The processing of personal data in connection with the integration of YouTube occurs only with your explicit consent in accordance with Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG. Consent is obtained via our consent management tool and can be revoked at any time.
A transfer of personal data to the USA cannot be excluded. Google LLC is certified under the EU-U.S. Data Privacy Framework (DPF). Based on this adequacy decision by the European Commission pursuant to Art. 45 GDPR, an appropriate level of protection for EU data is deemed ensured. More information on certification: https://www.dataprivacyframework.gov/participant/5780
Further information on data processing by YouTube/Google: https://policies.google.com/privacy?hl=de and on the technical details of the extended privacy mode: https://support.google.com/youtube/answer/171780
3. When will your data be deleted?
Personal data will only be stored by us as long as necessary for the respective processing purposes. Once the purpose of processing ceases to apply, the data will be deleted unless statutory retention obligations or legitimate follow-up purposes pursuant to Art. 6 (4) GDPR prevent deletion. If different retention periods apply in connection with specific services or processing activities, these are expressly stated in the respective sections of this privacy policy.
4. Will your data be transferred to a third country or an international organization?
A transfer of personal data to countries outside the European Economic Area (EEA) or to international organizations is carried out by Büter Hebetechnik GmbH only if required for the fulfillment of contractual or legal obligations, you have expressly consented, or another legally permissible basis exists.
In certain cases, we use service providers based in so-called third countries, especially the United States. Where such third-country transfers occur, we ensure, in accordance with Art. 44 et seq. GDPR, that either an adequacy decision by the European Commission exists (e.g., for US providers certified under the EU-U.S. Data Privacy Framework) or that appropriate safeguards, such as standard contractual clauses under Art. 46 GDPR, have been agreed.
Detailed information on specific transfers, recipients, and the safeguards used can be found in the data protection notices for the respective services within this privacy policy.
5. Will your data be used for automated decision-making or profiling?
No automated decision-making within the meaning of Art. 22 GDPR takes place during your visit to this website. Nor does profiling occur that has legal effects or similarly significantly affects you. Personal data is not combined to assess personal aspects, interests, or behaviors.
6. Who receives your data?
Disclosure of personal data to third parties only occurs if permitted by law, in particular for fulfilling legal obligations under Art. 6 (1) (c) GDPR, based on your consent under Art. 6 (1) (a) GDPR, or for safeguarding legitimate interests under Art. 6 (1) (f) GDPR, provided that no overriding interests of the data subject prevail.
Recipients of personal data may include, in particular:
- Law enforcement and supervisory authorities, where we are legally required to provide data,
- commissioned service providers (e.g., IT operations, hosting, software development, consulting, marketing, or sales) acting as processors under Art. 28 GDPR. These service providers are contractually obligated to comply with data protection requirements and act solely on our instructions.
No further disclosure to third parties takes place unless you have expressly consented or there is a legal obligation. Transfers to third countries occur only under the requirements of Art. 44 et seq. GDPR, especially via adequacy decisions or appropriate safeguards such as standard contractual clauses.
7. What rights do you have regarding the processing of your data?
As a data subject, you have the following rights vis-à-vis Büter Hebetechnik GmbH regarding the processing of your personal data:
- Right of access (Art. 15 GDPR): You can request information at any time as to whether and what personal data we process about you.
- Right to rectification (Art. 16 GDPR): You have the right to have incorrect data corrected and incomplete data completed.
- Right to erasure (Art. 17 GDPR): Under the conditions of Art. 17 GDPR, you have the right to have your data deleted.
- Right to restriction of processing (Art. 18 GDPR): You may, under certain conditions, request that processing of your data be restricted.
- Right to data portability (Art. 20 GDPR): You have the right to receive the data you have provided to us in a structured, commonly used, and machine-readable format or to have it transferred to another controller.
- Right to withdraw consent (Art. 7 (3) GDPR): You may withdraw any consent you have given at any time with effect for the future.
You also have a right to object under Art. 21 GDPR:
- Objection due to a particular situation: You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Art. 6 (1) (e) or (f) GDPR. This also applies to any profiling. In the event of an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds which override your interests, rights, and freedoms or the processing serves the assertion, exercise, or defense of legal claims.
- Objection to direct marketing: You have the right to object at any time to the processing of your personal data for direct marketing purposes. This also applies to profiling, insofar as it is associated with such advertising. After your objection, your data will no longer be processed for advertising purposes.
The objection can be made informally and should be addressed to:
Büter Hebetechnik GmbH
Emmener Str. 9
49716 Meppen
Email: datenschutz[at]bueter.de
You also have the right to lodge a complaint with a data protection supervisory authority.
8. Changes and updates to this privacy policy
We reserve the right to adapt this privacy policy if legal, technical, or organizational changes in data processing occur or new legal requirements make this necessary. The current version is always available on our website.
If changes significantly affect the purposes of processing or the types of data concerned, we will inform you in a timely manner if required by law. If renewed consent or other actions are necessary as a result of a change, we will inform you separately and in an appropriate manner.
Status: 02.04.2025