Privacy Policy

This Privacy Policy informs you about the collection of personal data when using our website. Personal data is any data that can be personally connected to you, for example name, address, email addresses and user behaviour.

I. Name and address of the controller

The controller within the meaning of Art. 4(7) of the General Data Protection Regulation (‘GDPR’) is:

Drache Umwelttechnik GmbH
Werner-von-Siemens-Str. 24–26
65582 Diez, Germany

Tel. + 49 (0)6432/607-0
Fax. + 49 (0)6432/607-52

Email: mail(at)drache-gmbh.de

Managing director
Dr Alexander Mach

II. Name and address of the data protection officer:

The data protection officer for the controller is:

Dipl.-Jur. Georg Edeler
icertificate GmbH
Nordstrasse 73a
53111 Bonn, Germany

Tel.: +49 228/387 583 00

Email: datenschutz@drache-gmbh.de

III. General information about data processing

1. Purpose and scope of personal data processing:

We collect and use personal data of our users on the basis of applicable laws and regulations to the extent necessary for the provision and maintenance of functions, contents and services offered on the website. When using special services, such as the use of a contact form, the personal data of our users is collected and used subject to the consent of the user.

2. Legal basis for processing personal data

The legal basis for processing personal data is, in the case of consent of the data subject, Art. 6(1)(a) GDPR, in the case of processing personal data for the performance of a contract, Art. 6(1)(b) GDPR, in the case of processing personal data for the performance of a legal obligation, Art. 6(1)(c) GDPR and, in cases where vital interests of the data subject or another natural person require the processing of personal data, Art. 6(1)(d) GDPR.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6(1)(f) GDPR serves as the legal basis for processing.

3. Data erasure and retention period

A data subject’s personal data will be erased or blocked as soon as the purpose or legal obligation for its retention no longer applies. Data may be retained for longer periods if required by law.

4. Encrypted transmission

This website uses SSL (Secure Socket Layer) encryption in conjunction with the highest encryption level supported by your browser for security reasons and to protect the transmission of personal data, such as requests you send to us as the site operator. Usually, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead.

IV. Provision of the website and creation of log files

1. Description and scope of data processing

In the case of mere informational access to the website, i.e. if you do not register or otherwise provide us with information, our system automatically collects personal data and information transmitted by your computer system to our servers. If you wish to view our website, we collect the following data that is technically necessary for us to display our website to you and to guarantee its stability and security:

(1) Information about the browser software, language and version used

(2) The user’s operating system and interface

(3) The user’s IP address

(4) Date and time of access

(5) Content of the request (specific page)

(6) Request status/HTTP status code

(7) Websites from which the user’s system reaches our website

This data is also stored in log files on our system. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for temporary storage of data in this context is Art. 6(1)(f) GDPR.

3. Purpose of data processing

Temporary storage of IP address by the system is necessary to enable delivery of the website to the user’s computer. To this end, the user’s IP address must be stored for the duration of the session.

Data is stored in log files to ensure the website’s functionality. The data is also used to optimise the website and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes is undertaken in this context.

These purposes also encompass our legitimate interest in data processing in accordance with Art. 6(1)(f) GDPR.

4. Retention period

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collected to enable provision of the website, this will be undertaken once the respective session has ended.

Any data stored in log files will be erased within seven days at the latest. Retention for a longer period is not possible. In this case, the users’ IP addresses will be deleted or distorted, so that assignment of the accessing client will no longer be possible.

5. Options for objection and erasure

Objecting to the collection and processing of personal data is only possible in relation to voluntary information provided based on your consent, but not in the case of data in contained log files that are absolutely necessary for the operation of the website.

V. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the user’s web browser or in the web browser on the user’s device (PC, laptop, tablet, smartphone, etc.). If a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that enables unique identification of the browser when the website is accessed again. Cookies do not cause any damage to your device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that relates to the specific device in use. However, this does not provide us with direct information about your identity.

We use cookies to make our website more user-friendly. Some elements of our website require that the requesting browser can be identified even after changing pages.

In this context, the following data is stored and transmitted in the cookies:

(1) Session ID

(2) Consent to the Cookie Notice

2. Legal basis for data processing

The legal basis for processing data in this context is Art. 6(1)(f) GDPR.

3. Purpose of data processing

The purpose of using cookies is to simplify use of websites by users. Some features of our website will not be available without the use of cookies. These features require the browser to be recognised even after changing the page.

We require cookies for the following applications:

(1) To prevent/detect misuse of the website

(2) To save consent to the Cookie Notice

User data collected by technically necessary cookies is not used to create user profiles. These purposes also encompass our legitimate interest in processing personal data in accordance with Art. 6(1)(f) GDPR.

4. Duration of storage and options for objection and removal

Cookies are stored on the user’s computer and transmitted by the computer to our website. Therefore, as a user you have full control of the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings of your web browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our websites, you may no longer be able to use all functions of our website to their full extent.

VI. Email contact

1. Description and scope of data processing

You can contact us via the email addresses provided on the website. In this case, the user’s personal data transmitted along with the email will be stored.

This data will not be shared with any third parties in this context. This data will be used exclusively to process your enquiry.

2. Legal basis for data processing

The legal basis for processing data transferred in the course of sending an email is Art. 6(1)(f) GDPR.

If the intent of the email is to enter into a contract with us, this creates an additional legal basis for its processing in accordance with Art. 6(1)(b) GDPR.

3. Purpose of data processing

We process personal data in such cases solely for processing your enquiry. This also constitutes a legitimate interest in processing this data.

4. Retention period

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has been completed. The conversation has ended when it can be inferred from the circumstances that the matter at hand has been conclusively resolved.

5. Options for objection and erasure

To withdraw your consent to processing personal data sent by email, simply send an informal email to datenschutz@drache-gmbh.de.

All personal data stored in the course of contacting us will be deleted as a result.

6. Options for objection and erasure

The user can withdraw their consent to the processing of personal data at any time. A user who has contacted us by email may object to the storage of their personal data at any time. In such cases, it will not be possible to continue the respective conversation. A conversation may continue under certain circumstances in the case of an objection to optional personal data that is not marked as a mandatory field in the contact forms.

To withdraw your consent to processing personal data sent by email or entered into the contact form, simply send an informal email to datenschutz@drache-gmbh.de.

All personal data stored in the course of contacting us will be deleted as a result.

VII. Rights of data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights in relation to the controller. If you have any questions on the subject of data protection and in particular on the rights of data subjects, please contact our data protection officer (see II. above).

1. Right of access (Art. 15 GDPR)

You can ask the controller to confirm whether we process your personal data.

If such processing is indeed being performed, you can request information from the controller about your personal data processed by us in accordance with Art. 15 GDPR.

2. Right to rectification (Art. 16 GDPR)

You have the right according to Art. 16 GDPR to request the rectification of incorrect or incomplete personal data we have stored about you without undue delay.

3. Right to restriction of processing (Art. 18 GDPR)

Under the conditions set out in Art. 18 GDPR, you may request that the processing of your personal data be restricted.

If processing has been restricted as provided above, you will be informed by the controller before the restriction of processing is lifted.

4. Right to erasure (Art. 17 GDPR)

Pursuant to Art. 17 GDPR, you can request the erasure of your personal data stored by us.

5. Right to third-party information

If you have asserted the right to rectification, erasure or restriction of processing in relation to the controller, they are obliged to inform all recipients to whom the personal data concerning you has been disclosed of such rectification or erasure of the data or restriction of processing, unless this proves impossible or involves disproportionate effort. It is furthermore your right to be informed regarding such recipients.

6. Right to data portability

Pursuant to Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transfer to another controller.

7. Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation, or if the objection concerns direct advertising. In the latter case, you have a general right to object, which we will implement without the need for you to specify a particular situation.

If you wish to exercise your rights to withdraw consent or object, simply send an email to datenschutz@drache-gmbh.de.

8. Right to withdraw consent to data processing

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

(1) Is necessary for entering into, or performance of, a contract between you and a data controller;

(2) Is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

(3) Is based on your explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9(1) GDPR, unless Art. 9(2)(a) or (g) applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

In the cases referred to in (1) and (3), the controller is required to implement suitable measures to safeguard your rights and freedoms and legitimate interests, which shall include at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the state and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.

Created on 17 May 2018

Name	Purpose	Lifetime	Type	Provider
CookieConsent	Saves your consent to using cookies.	1 year	HTML	Website
fe_typo_user	Assigns your browser to a session on the server.	session	HTTP	Website

Name	Purpose	Lifetime	Type	Provider
_ga	Used to distinguish users.	2 years	HTML	Google
_gat	Used to throttle request rate.	1 day	HTML	Google
_gid	Used to distinguish users.	1 day	HTML	Google
_ga_--container-id--	Persists session state.	2 years	HTML	Google
_gac_--property-id--	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.	3 months	HTML	Google
_gcl_au	Used by Google AdSense to experiment with advertisement efficiency.	3 months	HTML	Google
AMP_TOKEN	Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.	1 year	HTML	Google
_dc_gtm_--property-id--	Used by DoubleClick (Google Tag Manager) to help identify the visitors by either age, gender or interests.	2 years	HTML	Google
MUID	Used as unique user identifier. The cookie allows user tracking across many Microsoft domains.	1 year	HTML	Bing
MUIDB	Saves anonymous user data from multiple website visits on multiple sites to test advertisement efficiency.	1 year	HTML	Bing