Privacy protection

We are delighted that you have chosen to visit our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to take this opportunity to inform you about which personal data concerning you we collect when you visit our website and for what purposes it is used.

This Privacy Notice applies to the internet offering of PRESTO GmbH & Co. KG, which can be accessed via the domain www.presto.eu and the various subdomains (‘our website’).

 

Who is responsible for processing and how can you contact us?

Controller responsible for processing

PRESTO GmbH & Co. KG
Gewerbepark 4
49196 Bad Laer
Germany
 
Tel.: +49 5424 2927-0
E-mail: kontakt@presto.de
Website: www.presto.eu

Data protection officer

For all questions regarding data protection, please contact our data protection officer at datenschutz@presto.de or by sending a letter addressed to the ‘Data protection officer’ at the above address.

 

What is this notice about?

This Privacy Notice meets the legal requirements for transparency with respect to the pro-cessing of personal data. Personal data is any information relating to an identified or identifia-ble natural person. As an example, this includes information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behaviour when visiting a website. If there is information for which we cannot (or can only with disproportionate effort) establish a link to you personally, e.g. through anonymisation, this is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data shall be deleted as soon as the purpose of the processing has been achieved and there are no legitimate grounds for the data to be further retained. We inform you about specific storage periods or criteria for storage in the individual processing opera-tions. Irrespective of this, we store your personal data in individual cases for the assertion, exercise or defence of legal claims and in the event of statutory retention obligations.

Who receives my data?

We only share your personal data that we process on our website with third parties if this is necessary to fulfil the purposes and it is covered by the legal basis in the individual case (e.g. consent or safeguarding legitimate interests). In addition, we disclose personal data to third parties in individual cases if this serves the purpose of the assertion, exercise or defence of legal claims. Possible recipients may then include, as an example, law enforcement agencies, lawyers, auditors, courts, etc.

Insofar as we use service providers to operate our website and they process personal data on our behalf within the scope of commissioned processing pursuant to Article 28 GDPR, such providers may be recipients of your personal data.

 

What rights do you have?

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you have the following rights as a data subject:

  • access to the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data, pursuant to Article 15 GDPR;
  • rectification of incorrect or incomplete data stored by us, pursuant to Article 16 GDPR;
  • erasure of data stored by us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obli-gation, for reasons of public interest or for the assertion, exercise or defence of legal claims, pursuant to Article 17 GDPR;
  • restriction of processing pursuant to Article 18 GDPR, insofar as the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you object to erasure because you need such data for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Article 21 GDPR;
  • data portability pursuant to Article 20 GDPR, insofar as you have provided us with personal data within the scope of consent pursuant to Article 6 (1) (a) GDPR or on the basis of a contract pursuant to Article 6 (1) (b) GDPR and these have been processed by us with the aid of automated procedures. You will receive your data in a structured, common and machine-readable format or we will transfer the data directly to another controller, insofar as this is technically feasible;
  • lodge an objection against the processing of your personal data pursuant to Article 21 GDPR, insofar as this is carried out on the basis of Article 6 (1) (e) and (f) GDPR and there are reasons for this which arise from your particular situation or the objection is against direct marketing. The right to object does not exist if overriding compelling legitimate grounds for the processing are demonstrated or the processing is carried out for the assertion, exercise or defence of legal claims. If the right to object does not exist for individual processing operations, this is indicated there;
  • withdrawal of your consent with effect for the future pursuant to Article 7 (3) GDPR; and
  • lodge a complaint to a supervisory authority pursuant to Article 77 of the GDPR if you believe that the processing of your personal data is in breach of the GDPR. As a rule, you can contact the supervisory authority where you have your usual place of resi-dence, your place of work or where our company headquarters are based.

 

How is my data processed, specifically?

In the following, we inform you about the individual processing operations, the scope and pur-pose of data processing, the legal basis, the obligation to provide your data and the respective storage period. Automated decision-making in individual cases, including profiling, does not take place.

 

Provision of the website

Type and scope of processing

When you access and use our website, we collect the personal data that your browser auto-matically transmits to our server. The following information is temporarily stored in a ‘log file’:

  • IP address of the requesting computer;
  • date and time of access;
  • name and URL of the retrieved file;
  • website from which access is made (referrer URL); and
  • browser used and, if applicable, your computer’s operating system as well as the name of your access provider.

Our website is not hosted by us, but by a service provider who processes the aforementioned data on our behalf in accordance with Article 28 GDPR.

 

Purpose and legal basis

Processing is carried out to protect our overriding legitimate interest in displaying our website and guaranteeing security and stability on the basis of Article 6 (1) (f) GDPR. The collection of data and storage in log files is absolutely necessary to operate the website. There is no right to object to processing due to the exception according to Article 21 (1) GDPR. Insofar as the further storage of log files is required by law, processing is carried out on the basis of Article 6 (1) (c) GDPR. There is no legal or contractual obligation to provide data, however, it is not technically possible to access our website without providing data.

 

Storage period

The aforementioned data is stored for as long as the website is displayed, and for technical reasons beyond that, for a maximum of 7 days.

 

Enquiry form

Type and scope of processing

On our website, we give you the opportunity to contact us via a form provided. The information collected via mandatory fields is required in order to process the enquiry. You can also provide additional information on a voluntary basis that you consider necessary for us to process the contact enquiry.

Your personal data will not be shared with third parties when you use the contact form.

 

Purpose and legal basis

The processing of your data through the use of our contact form is carried out for the purpose of communication and processing your enquiry on the basis of your consent pursuant to Article 6 (1) (a) GDPR. Insofar as your enquiry relates to an existing contractual relationship with us, processing is carried out for the purpose of fulfilling the contract on the basis of Article 6 (1) (b) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not want to provide this data, please contact us by other means.

 

Storage period

If you use the contact form on the basis of your consent, we store the data collected for each enquiry for a period of 8 weeks, starting with the completion of your enquiry or until you with-draw your consent.

If you use the contact form as part of a contractual relationship, we store the data collected for each enquiry for a period of three years from the end of the contractual relationship.

 

User account registration

Type and scope of processing

You have the option to register a user account to use certain areas of our website. The infor-mation collected during registration via the mandatory fields is required to provide access to the user account. You can also provide additional information on a voluntary basis for addi-tional (comfort) features.

To register a user account, your personal data will only be shared in accordance with this Privacy Notice.

 

Purpose and legal basis

We process your data for the purpose of providing you with a user account to fulfil a contract with you pursuant to Article 6 (1) (b) GDPR. There is a contractual obligation to provide your data, as this information is necessary to identify you and to fulfil the contract on our part. There is no legal obligation to provide the data. If you do not provide this information, it won’t be possible to register a user account and thus conclude a contract.

Furthermore, the processing of additional information provided on a voluntary basis for the purpose of providing additional (comfort) features is based on your consent pursuant to Article 6 (1) (a) GDPR. By disabling the features/by deleting the voluntary information in the user account, you can declare withdrawal in accordance with Article 7 (3) GDPR at any time with effect for the future.

 

Storage period

We store your personal data for the duration of the contractual relationship within the context of providing user account. After the end of the contract/after the user account has been deleted, your data will only be stored further if there are legal retention obligations (e.g. tax and com-mercial law).

Additional information that you provide to us on the basis of your consent will only be stored until you withdraw your consent by disabling the features/by deleting the data, but no longer than by the end of the contract on which the provision of the user account is based.

 

Presence on social media platforms

We have fan pages, accounts and channels on the networks mentioned below in order to also provide you with information and offers within social networks and to offer you more ways of contacting us and finding out about our offers. In the following, we inform you about which data we or the respective social network process from you in connection with accessing and using our fan pages/accounts.

 

Data we process from you

If you want to contact us via messenger or direct message through the respective social net-work, we generally process the user name you use to contact us and, if applicable, store further data provided by you insofar as this is necessary to process/respond to your request.

The legal basis is Article 6 (1) (f) GDPR (processing is necessary to protect the legitimate interests of the controller).

 

(Static) usage data we receive from social networks

We receive automated statistics regarding our accounts via Insights functionalities. Among other things, the statistics include the total number of page views, likes, details of page activi-ties and post interactions, reach, video views and details on the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be related to individual persons. We cannot identify you through this.

 

What data the social networks process from you

To view the content of our fan pages or accounts, you do not have to be a member of the respective social network and, in this respect, a user account for the respective social network is not required.

Please note, however, that the social networks also collect and store data from website visitors who don’t have a user account when the respective social network is accessed (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies, over which we have no control. For details, please refer to the privacy policy of the respective social network (see the corresponding links above)

Insofar as you wish to interact with the content on our fan pages/accounts, e.g. comment on, share or like our posts/articles and/or contact us via messenger features, prior registration with the respective social network and the provision of personal data is required.

We have no control over data processing by the social networks within the scope of how they are used by you. To our knowledge, your data is stored and processed in particular in connec-tion with the provision of the respective social network’s services and to analyse user behav-iour (using cookies, pixels/web beacons and similar technologies) on the basis of which adver-tising based on your interests is displayed both within and outside the respective social net-work. It cannot be ruled out that social networks will store your data outside the EU/EEA and share it with third parties.

Information concerning, among other things, the exact scope and purposes of personal data processing, the storage period/erasure as well as guidelines on the use of cookies and similar technologies in the context of registration and use of the social networks can be found in the privacy policy/cookie policy for the social networks. You will also find information about your rights and options to object there.

 

Facebook page

When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information on this via the following link: https://facebook.com/help/pages/insights.

It is not possible for us to draw conclusions about individual users by using the statistical infor-mation transmitted. We only use this information to respond to our users’ interests and to con-tinuously improve and ensure the quality of our online presence.

We only collect your data through our fan page to provide for communication and interaction with us. This collection usually includes your name, message content, comment content and the profile information you provide ‘publicly’.

The processing of your personal data for our above-mentioned purposes is based on our le-gitimate business and communicative interest in offering an information and communication channel pursuant to Article 6 (1) (f) GDPR. If you, as a user, have given your consent to the data processing vis-à-vis the respective provider of the social network, the legal basis of the processing extends to Article 6 (1) (a) and Article 7 GDPR.

As actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorised to have full access to your data. As a result of this, only the provider can directly take and implement appropriate measures to fulfil your user rights (access request, erasure request, objection, etc.). As such, the most effective way of asserting such rights is directly against the respective provider.

We are jointly responsible with Facebook for the personal content of the fan page. Data subject rights can be asserted against Facebook Ireland and us.

In accordance with the GDPR, the primary responsibility for processing Insights data lies with Facebook and Facebook meets all of its obligations from the GDPR in relation to the pro-cessing of Insights data; Facebook Ireland provides data subjects with key information regard-ing the Page Insights Addendum.

We do not make any decisions regarding the processing of Insights data and all other infor-mation resulting from Article 13 GDPR, including legal basis, identity of the controller and stor-age period for cookies on user devices.

You can find further instructions from Facebook (addendum agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

 

Instagram page

When you visit our Instagram page, Instagram collects, among other things, your IP address and other information that is on your PC in the form of cookies. This information is used to provide us, as an operator of the Instagram pages, with statistical information about the use of the Instagram page. Instagram provides more information on this via the following link: https://www.facebook.com/help/instagram/788388387972460?helpref=related.

It is not possible for us to draw conclusions about individual users by using the statistical infor-mation transmitted. We only use this information to respond to our users’ interests and to con-tinuously improve and ensure the quality of our online presence.

We only collect your data through our fan page to provide for communication and interaction with us. This collection usually includes your name, message content, comment content and the profile information you provide ‘publicly’.

The processing of your personal data for our above-mentioned purposes is based on our le-gitimate business and communicative interest in offering an information and communication channel pursuant to Article 6 (1) (f) GDPR. If you, as a user, have given your consent to the data processing vis-à-vis the respective provider of the social network, the legal basis of the processing extends to Article 6 (1) (a) and Article 7 GDPR.

As actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorised to have full access to your data. As a result of this, only the provider can directly take and implement appropriate measures to fulfil your user rights (access request, erasure request, objection, etc.). As such, the most effective way of asserting such rights is directly against the respective provider.

We are jointly responsible with Instagram for the personal content of the fan page. Data subject rights can be asserted against Facebook Ireland and us. In accordance with the GDPR, the primary responsibility for processing Insights data lies with Instagram and Instagram meets all of its obligations from the GDPR in relation to the pro-cessing of Insights data; Facebook Ireland provides data subjects with key information regard-ing the Page Insights Addendum.

We do not make any decisions regarding the processing of Insights data and all other infor-mation resulting from Article 13 GDPR, including legal basis, identity of the controller and stor-age period for cookies on user devices.

You can find further instructions from Instagram: https://help.insta-gram.com/519522125107875.

 

LinkedIn page

LinkedIn is a social network of LinkedIn Inc. based in Sunnyvale, California, USA, which ena-bles the creation of private and professional profiles. Users can cultivate their existing contacts and make new ones. Companies can create profiles where photos and other company infor-mation are uploaded. Other LinkedIn users have access to this information and can write their own articles and share this content with others.

The focus is on a professional exchange on specialist topics with people who have the same professional interests. In addition, LinkedIn is often used by companies and other organisa-tions to recruit employees and present themselves as an interesting employer.

For more information on LinkedIn, please visit: https://about.linkedin.com/

You can find more information on data protection at LinkedIn at: https://www.linkedin.com/le-gal/privacy-policy

We do not collect or process any personal data via our LinkedIn company page.

 

YouTube page

YouTube is a video-on-demand service that allows users to upload, watch and share videos, including movie clips, music clips and amateur content. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

For more information on YouTube, see:

https://www.youtube.com/intl/de/about

For more information on data protection at YouTube, please visit:

https://policies.google.com/privacy

Further questions about data protection are answered here:

https://policies.google.com/technologies/product-privacy

 

YouTube video

Type and scope of processing

We have integrated YouTube video into our website. YouTube video is a component of the video platform of YouTube, LLC, where users can upload content, share it over the internet and receive detailed statistics.

YouTube video allows us to integrate content from the platform into our website.

YouTube video uses cookies and other browser technologies to analyse user behaviour, rec-ognise users and create user profiles. This information is used, among other things, to analyse the activity of the content watched and to create reports. If a user is registered with YouTube, LLC, YouTube video can associate the videos played using the profile.

When you access this content, you connect to servers of YouTube, LLC, Google Ireland Lim-ited, Gordon House, Barrow Street Dublin 4 Ireland, where your IP address and, if applicable, browser data such as your user agent are transmitted.

 

Purpose and legal basis

The use of the service is based on your consent pursuant to Article 6 (1) (a) GDPR.

 

Storage period

We have no control over the specific storage period for the data processed; this is determined by YouTube, LLC. For more information, please see the Privacy Policy for YouTube videos: https://policies.google.com/privacy.

 

jQuery CDN

Type and scope of processing

We use jQuery CDN to properly deliver the content of our website. jQuery CDN is a service of jQuery, which acts as a content delivery network (CDN) on our website.

A CDN helps to make the content of our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you are connecting to jQuery servers, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the above purposes and to maintain the security and functionality of jQuery CDN.

 

Purpose and legal basis

The use of the content delivery network is based on our legitimate interests, i.e. interest in the secure and efficient provision and optimisation of our online offering pursuant to Article 6 (1) (f) GDPR.

 

Storage period

We have no control over the specific storage period for the data processed; this is determined by jQuery. For more information, see the Privacy Policy for jQuery CDN: https://www.stack-path.com/legal/privacy-statement/.

date: 09/2022