Privacy policy

Data Protection :
We see data protection as a sign of quality for our customers. Because the protection of your personal data is important to us, particularly as regards compliance with identity law in the processing and use of this information, we would like to provide you with the following information:

I.    Name and address of the controller
The controller within the meaning of the General Data Protection Regulation and other national data protection legislation of the Member States as well as other provisions of data protection legislation is:

Leser GmbH
Gottlieb-Daimler-Strasse 11
77933 Lahr
Germany
Tel.: +49 (0)7821 - 5803 - 0
E-mail: leser@leser.de
Website: www.leser.de

II.    Name and address of the data protection officer
Our data protection officer can be contacted at the aforementioned address, for the attention of Mr. J. Leiser, or by writing an e-mail to the address vadslese(at)leser.de.

III.    General points about data processing

1.    Scope of the processing of personal data
We only ever process our users’ personal data to the extent this is necessary to provide a functioning website as well as our content and services. The processing of our users’ personal data is normally subject to consent thereto being granted by our users. An exception applies in those cases where, for practical reasons, it is not possible to obtain prior consent, and processing of the data is permitted by statutory provisions.

2. Legal basis for the processing of personal data
To the extent that we obtain the consent of the data subject for the processing of his or her personal data, Art. 6 (1) letter a of the EU General Data Protection Regulation (GDPR) forms the legal basis for this.
When the processing of personal data is necessary for the performance of a contract to which the data subject is party, Art. 6 (1) letter b GDPR forms the legal basis for this. This also applies to processing needed to initiate a contract.
To the extent that the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) letter c GDPR forms the legal basis for this.
In the event that vital interests of the data subject or of another natural person necessitate a processing of personal data, Art. 6 (1) letter d GDPR forms the legal basis for this.
If processing is necessary for the purposes of safeguarding the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6 (1) letter f GDPR forms the legal basis for this.

3. Data erasure and storage duration
The data subject’s personal data is erased or blocked as soon as the purpose for which it is stored no longer applies. It may be stored beyond this time if that is permitted by the European or national legislator in EU laws, regulations and other legal acts to which the controller is subject. Data is also blocked or erased when a storage period prescribed by the aforementioned norms expires unless there is a necessity to store the data for a longer period for the purposes of the conclusion or performance of a contract.

IV.    Provision of the website and creation of log files

1. Description and scope of data processing
Each time you visit our website, our system automatically collects data and information from the system of the computer accessing the site.
The following data is collected:

(1)    Information about the browser type and the version used
(2)    The user’s operating system
(3)    The user’s internet service provider
(4)    The user’s IP address
(5)    The time and date of access
(6)    Websites from which the user’s system was directed to our website
(7)    Websites that the user’s system accesses via our website
The data is also stored in the log files of our system. This data is not stored in combination with other personal data of the user.

2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 (1) letter f GDPR.

3. Purpose of data processing
Temporary storage of the IP address by the system is necessary to deliver the website to the user’s computer. For that reason, the user’s IP address must remain stored for the duration of the session.

Data is stored in log files to ensure the correct functioning of the website. Furthermore, the data assist us in optimising the website and ensuring the security of our IT systems. This data is not analysed for marketing purposes.

The aforementioned purposes also constitute our legitimate interest in the processing of data pursuant to Art. 6 (1) letter f GDPR.

4.    Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected. When data is collected in order to provide the website, that data is erased as soon as the respective session ends.

When data is stored in log files, that data is erased no later than after seven days. It is possible for data to be stored for longer. In such cases, the IP addresses of users are deleted or anonymised, meaning that they can no longer be assigned to the clients accessing our website.

5.    Right to object and have data erased
The collection of data in order to provide the website and the storage of data in log files are essential for the operation of the website. Consequently, the user has no right to object to this.

V.    Use of cookies

Preliminary information:
You can find the duration for which cookies are stored in the overview in your browser’s cookie settings. By altering your browser settings you can be informed of the placement of cookies and decide individually whether to accept them, or prevent the acceptance of cookies in specific cases or in general. Different browsers manage cookie settings differently. This is described in the Help menu of each browser, which explains to you how you can alter your cookie settings. You will find these for the respective browsers under the following links:

Internet Explorer:

support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies

Safari:

support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Chrome:

support.google.com/chrome/bin/answer.py

Firefox:

support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Opera:

www.opera.com/help/tutorials/security/privacy/

If cookies are not accepted, the functionality of our website may be restricted.

1. Description and scope of data processing
Our website uses cookies. Cookies are text files that are saved in or by the browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a character string that enables the browser to be identified uniquely when the user returns to the website.

We use cookies to make our website more user-friendly. Some elements of our website also require the accessing browser to be identified after the user moves from one page to another.
The following data is stored and transferred during this process:
(1) Language settings
(2) Items in a shopping basket
(3) Login information
When a user accesses our website, he or she is informed about the use of cookies and his or her consent is obtained to process the personal data used in this connection. At the same time, the user is directed to this data privacy statement.

The legal basis for the processing of personal data through the use of cookies is Art. 6 (1) letter f GDPR.

2. Purpose of data processing
The purpose of the use of technically necessary cookies is to simplify the use of the website for its users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary for the browser to be identified again even after the user moves from one page to another.
We require cookies for the following applications:
(1)    Shopping basket
(2)    Provision of appropriate language settings
(3)    Remembering search terms
User data collected by means of technically necessary cookies is not used to create user profiles.

Analysis cookies are used to improve the quality of our website and its content. These analysis cookies enable us to find out how the website is used and thus continually improve our offer.

Google Analytics
To continually optimise our website and design it in such a way that it meets users’ needs, we use Google Analytics, a web analytics service provided by Google Inc., (https://www.google.com/intl/en-GB/about) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter “Google”). This involves the creation of pseudonymised user profiles and the use of cookies. The information generated by the cookie through your use of this website, such as the
browser type/version,
operating system used,
referrer URL (the page previously visited)
host name of the accessing computer (IP address),
time of the server request

are transmitted to a Google server in the USA and stored there. This information is used to analyse usage of the website, compile reports on website activity and provide other services connected to use of the website and the Internet for the purposes of market research and the needs-based design of these websites. This information is also transferred to third parties as long as this is legally required and provided that these third parties carry out the processing on our behalf. Your IP address is never combined with other Google data. The IP addresses are anonymised so that it is not possible to assign them (IP masking).
You can prevent the installation of the cookies by means of an appropriate setting in the browser software; we would, however, point out that in this case it may not be possible to make full use of the functions on this website.
Furthermore, you can prevent Google from collecting and processing the data generated by the cookie and relating to your use of the website (including your IP address) by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en-GB).
Alternatively to the browser add-on, particularly in the case of browsers on mobile devices, you can also click on this link to prevent the collection of data by Google Analytics. An opt-out cookie is set that prevents the future collection of your data when you visit this website. The opt-out cookie only applies to that browser and only to our website and is stored on your device. If you delete the cookies in that browser, you have to set the opt-out cookie again.
More information about data protection in relation to Google Analytics can be found, for example, in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en-GB).

The aforementioned purposes also constitute our legitimate interest in the processing of personal data pursuant to Art. 6 (1) letter f GDPR.

AWStats
To enable us to statistically analyse our website, we use the AWStats program. The program is open source web analytics software. It is used to analyse log files that the web server generates on the basis of user requests. The program does not use cookie data for the analysis. The statistical analysis is carried out via the log files, which also contain IP addresses. Generally, this data cannot be assigned to particular individuals. This data is not combined with other data sources. The data is also erased after each statistical analysis.
In contrast to other statistics programs, AWStats does not transmit data to a third-party server. The program is installed on its own hosting package. Thus, for example, transfer of data to another country is prevented as our server is located in Germany.

We use Hotjar to better understand the needs of our users and to optimise this service and their experience. Hotjar is a technology service that helps us better understand user behaviour (e.g. how much time they spend on which pages, which links they choose, what users like and dislike, etc.), allowing us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on the behaviour of our users and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to view our website. Hotjar stores this information in a pseudonymised user profile on our behalf. Hotjar is contractually obliged not to sell any of the data collected on our behalf. For more details, see the "About Hotjar" section on the Hotjar support page.

Microsoft Bing Ads
The website uses the “Bing Ads” remarketing function provided by Microsoft Corporation One Microsoft Way, Redmond, WA 98052-6399, USA. (“Microsoft Advertising”). Microsoft Bing Ads stores a cookie on your computer if you came to our website via a Microsoft Bing advertisement. This allows Microsoft Bing and us to detect that someone has clicked on an advertisement, was redirected to our website and has reached a specific target page previously determined (conversion page). We will only be informed of the total number of users that have clicked on a Bing advertisement and then were redirected to the conversion page. Personal information about the user’s identity will not be disclosed.
If you do not wish Microsoft to use information about your behaviour as explained above, you can reject the placing of a cookie that is required for this, e.g. by making a browser setting that deactivates the automatic placing of cook1ies altogether. In addition, you can prevent acquisition by Microsoft of the data generated by the cookie that relate to your use of the website and the processing of these data by Microsoft by declaring your objection at the following link: https://choice.microsoft.com/de-DE/opt-out. More information about data privacy and the cookies used at Microsoft and Bing Ads is provided on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement.

Bing Universal Event Tracking (UET)
On our website, data are acquired and stored with Bing Ads technologies to create usage profiles based on pseudonyms. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service allows us to track the activities of users on our website if they came to our website via Bing Ads advertisements. If you get to our website via such an advertisement, a cookie will be placed on your computer. A Bing UET tag is integrated on our website. This is a code via which, in connection with the cookie, some non-personal data about the use of the website will be stored. This includes the duration of the visit to the website, the areas of the website that were visited and the advertisement via which the user came to the website. Information about your identity is not collected.
The information acquired will be transmitted to Microsoft servers in the USA and stored there for a maximum of 180 days on principle. You can prevent acquisition of the data generated by the cookie that relate to your use of the website and the processing of these data by disabling cookies. This may restrict the functionality of the website.
Moreover, Microsoft can potentially use so-called cross-device tuning to track your user behaviour across multiple electronic devices and due to this may be able to show you personalised advertisements on Microsoft websites and in Microsoft apps. You can disable this behaviour at https://choice.microsoft.com/de-de/opt-out.
More detailed information about Bing’s analysis services is provided on the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/de/53056/2). More detailed information about data privacy at Microsoft and Bing is provided in the Microsoft data privacy statement (https://privacy.microsoft.com/de-de/privacystatement).

Meta Advertising
We have no influence on data collection and further processing by Meta Platforms. Furthermore, it is not clear to us to what extent, where and for how long the data is stored by Meta Platforms, to what extent Meta Platforms complies with its deletion obligations, what evaluations and links are made with the data by Meta Platforms and to whom the data is passed on by Meta Platforms. If you wish to prevent Meta Platforms from processing personal data that you have transmitted to us, please contact us by other means.

Insofar as the data you provide to us via Meta Platforms is also or exclusively processed by Meta Platforms (Insights data), Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is also responsible for data processing within the meaning of the General Data Protection Regulation (GDPR). In this respect, data processing is carried out on the basis of an agreement between jointly responsible parties in accordance with Art. 26 GDPR, which you can view here: www.facebook.com/legal/terms/page_controller_addendum

Furthermore, for the use of certain Meta Platforms products, such as the so-called “Meta Platforms Business Tools”, and for data processing carried out through them, an additional agreement applies between us and Meta Platforms Ireland Ltd. as joint controllers pursuant to Art. 26 GDPR, which can be viewed here: www.facebook.com/legal/controller_addendum

The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

For the processing of your personal data on this website, we, together with Meta Platforms Inc. (“Meta”), are “joint controllers” within the meaning of Art. 26 GDPR, as we use the technical platform and services of Meta Platforms Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA, for Instagram.

By using it, your personal data will be collected, transferred, stored, disclosed and used by Meta Platforms Inc. and transferred to, stored and used in the United States, Ireland and any other country in which Facebook does business, regardless of your place of residence.

Meta Platforms Inc. processes your voluntarily entered data such as name and user name, e-mail address and telephone number.

On the other hand, Meta Platforms Inc. also evaluates the content you share to determine which topics you are interested in, stores and processes confidential messages that you send directly to other users and can determine your location using GPS data, wireless network information or your IP address in order to send you advertising or other content.

Finally, Facebook also receives information when you view content, for example, even if you have not created an account. This so-called “log data” may include your IP address, browser type, operating system, information about the website and pages you have previously visited, your location, your mobile phone provider, the device you are using (including device ID and application ID), the search terms you have used and cookie information.

You can contact Meta Platforms' Data Protection Officer via the online contact form provided by Meta Platforms at www.facebook.com/help/contact/540977946302970.

Facebook

Facebook is part of the Meta Platforms group of companies and shares infrastructure, systems, technology and possibly personal data (e.g. personal data, IP numbers, etc.) with Meta and other companies in the group. You can find more information on data processing in Facebook's privacy policy at www.facebook.com/privacy/policy/

Instagram
Instagram is part of the Meta Platforms Inc. group of companies and shares infrastructure, systems, technology and possibly personal data (e.g. personal data, IP numbers, etc.) with Facebook and other Facebook companies.

We process personal data ourselves via our Instagram page, but at the same time data is also processed by Facebook as the operator of the Instagram platform.

Please check carefully what personal data you share with us via Instagram. As long as you are logged in with your Instagram account and visit our Instagram page, Instagram can assign this to your Facebook profile. We expressly point out that Instagram passes this data on to Facebook and its affiliated companies. Facebook stores the data of its users (e.g. personal information, IP address, etc.) and may also use it for business purposes.

You can find more information on data processing by Instagram and Facebook at www.instagram.com/legal/privacy/ and de-de.facebook.com/policy.php.

Data processing for statistical and marketing purposes at Meta Platforms

Page Insights

Meta Platforms provides us with so-called page insights for our Meta Platforms page: www.Meta Platforms.com/business/a/page/page-insights. This is aggregated data that allows us to gain insight into how people interact with our site. Page Insights may be based on personal data collected in connection with a visit or interaction of persons on or with our site and its content. According to Art. 6 para. 1 lit. f GDPR, this serves to safeguard our legitimate interests in an optimized presentation of our offer and effective communication with customers and interested parties, which predominate in the context of a balancing of interests. You can object to the processing of your data for the aforementioned purposes at any time by changing your settings for advertisements in your Meta Platforms user account accordingly.

Meta Platforms Lead Ads
We use the “Lead Ads” function of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta Platforms”) to collect and process certain personal data of interested parties - so-called leads - via a contact form (so-called “instant form”) displayed on Meta Platforms websites. The content and scope of the data requested in this form depends on the focus of the respective lead campaign. The processing of the data is strictly bound to the purposes pursued with the respective lead ad campaign. These purposes are clearly stated in the lead ad or on the form provided before the specified data is transmitted. Depending on the focus of the lead ad campaign, the legal basis for data processing is either your express consent in accordance with Art. 6 para. 1 lit. a GDPR (e.g. for direct advertising measures such as registration for e-mail newsletter dispatch) or our legitimate interest in the optimal marketing of our offer in accordance with Art. 6 para. 1 lit. f GDPR. The data will not be passed on to third parties. As part of the aforementioned services, data transmitted via instant forms may be stored on servers of Meta Platforms Inc, 1601 Willow Rd, Menlo Park, CA 94025, USA. Further information on data processing via Meta Platforms Lead Ads can be found in Meta Platforms' data policy.

Data processing when contacting us
We collect personal data ourselves when you contact us, e.g. via contact form or messenger. You can see which data we collect when you contact us via the contact form from the relevant contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your request, provided that there are no legal storage obligations to the contrary. We assume that processing has been completed when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

Duration of storage of personal data
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if applicable - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of express consent in accordance with Art. 6 para. 1 lit. a GDPR, this data is stored until the data subject withdraws their consent. If there are statutory retention periods for data that is processed within the framework of legal or similar obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for contract fulfillment or contract initiation and/or we no longer have a legitimate interest in further storage.

When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

3. Duration of storage, right to object and have data erased
Cookies are stored on the user’s computer and transferred from it to our website. You as a user therefore have full control of the use of cookies. By altering the settings in your web browser, you can deactivate or restrict the transfer of cookies. You can delete stored cookies at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to make full use of all the functions of the website.

VI. Newsletter

1. Description and scope of data processing
You can subscribe to a newsletter free-of-charge on our website. When you register for the newsletter, the data in the form is transferred to us.

- Gender
- First name
- Surname
- E-mail address
- Newsletter version
- Registration / Deregistration

The following data is also collected during registration:

(1) Date and time of registration
As part of the registration process, your consent to the processing of data is obtained and you are referred to this data privacy statement.

When you purchase goods or services on our website and enter your e-mail address during that process, that address may then be used by us to dispatch a newsletter. In such a case, the newsletter is sent exclusively for the direct marketing of our own or similar goods or services.
No data is passed onto third parties in connection with the data processing for the dispatch of newsletters. The data is used solely for dispatch of the newsletter.

2. Legal basis for data processing
The legal basis for the processing of data after a user registers for the newsletter is the existence of a consent granted by the user pursuant to Art. 6 (1) letter a GDPR.

The legal basis for the dispatch of the newsletter as a consequence of the sale of goods or services is section 7 (3) of the German Act against Unfair Competition (UWG).

3. Purpose of data processing
The user’s e-mail address is collected in order to deliver the newsletter.

4. Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected. The user’s e-mail address is stored for as long as the subscription to the newsletter is active.

5. Right to object and have data erased
The subscription to the newsletter can be terminated at any time by the user concerned. Each newsletter includes a correspond link for that purpose.

6. If you subscribe to our company's newsletter, the data in the respective input mask will be transmitted to the data controller. Subscription to our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no-one can register with other people's email addresses. When registering for the newsletter, the user's IP address and the date and time of registration are stored. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data is not passed on to third parties. An exception is made if there is a legal obligation to pass on the data. The data is used exclusively for sending the newsletter. Subscription to the newsletter can be cancelled by the data subject at any time. Consent to the storage of personal data can also be revoked at any time. There is a corresponding link in every newsletter for this purpose. The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a) GDPR if the user has given consent. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.

6.1 Use of Brevo Description and purpose: We use Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenickerstraße 126, 10179 Berlin, Germany. Among other things, Brevo is used to organise and analyse the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter is stored on Brevo's servers in Germany. If you do not wish to be analysed by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For the purpose of analysis, the emails sent with Brevo contain a so-called tracking pixel, which connects to the Brevo servers when the email is opened. In this way, it can be determined whether a newsletter message has been opened. We can also use Brevo to determine whether and which links in the newsletter message have been clicked on. Optionally, links in the email can be set as tracking links with which your clicks can be counted.

Legal basis: The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.

Recipient: The recipient of the data is Sendinblue GmbH.

Duration: The data stored by us as part of your consent for the purpose of the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from both our servers and the servers of Brevo after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

Revocation option: You have the option of revoking your consent to data processing at any time with effect for the future. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

Further data protection information: For more information, please refer to Brevo's data security information at: https://www.brevo.com/legal/privacypolicy/. For more information on the analysis functions of Brevo, please refer to the following link: https://help.brevo.com/hc/en-us.

Transfer to third countries: The data will not be transferred to third countries.

VII. Registration

1. Description and scope of data processing
On our website we offer users the option to register. This entails them providing personal data. The data is entered in a form, transferred to us and stored. The data is not passed onto third parties. The following data is collected during the registration process:
When your register, the following data is also stored:
Registration as a customer:
- Customer number
- Post code
- E-mail address
- Password
- Security code

Registration as an interested party:
- Gender
- First name
- Surname
- E-mail address
- Company name
- Street + door number
- Post code
- Place
- Country
- Telephone number
- Password
- Security code
Optional:
- VAT no.
- Fax

The user’s consent to the processing of this data is obtained during the registration process.

2. Legal basis for data processing
The legal basis for the processing of data is the existence of a consent granted by the user pursuant to Art. 6 (1) letter a GDPR.

If the registration is intended for the performance of a contract to which the user is a party, or needed to initiate a contract, the additional legal basis for the processing of data is Art. 6 (1) letter b GDPR.

3. Purpose of data processing
User registration is necessary for the provision of certain content and services on our website.
These are as follows:
- Item prices
- Current orders
- Invoices
- Outstanding receivables
- Conditions
- Contact persons

User registration is necessary for the performance of a contract with the user or for the initiation of a contract.

Data collection and use for contract execution
We collect personal data when you communicate it to us when placing an order or contacting us (e.g. by means of a contact form or by e-mail). Mandatory fields are marked as such since in these cases we inevitably need the data for the execution of the contract or for the processing of your enquiry, and if you do not provide that data you cannot complete the order or send the enquiry. Which data is collected is clear from the respective forms. We use the data communicated by you to execute a contract or process your enquiry. After the contract has been fully executed, your data is restricted for further processing and erased after the expiry of any retention periods stipulated by tax legislation and commercial law unless you have explicitly consented to further use of your data or we have reserved the right to use of the data for a longer period that is permitted by law and about which we inform you in this statement.

4. Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected.
This is the case for data collected during the registration process for the performance of a contract or for the initiation of a contract when the data is no longer required for performance of the contract. Even after a contract has been concluded, it may be necessary to store personal data of the party to the contract in order to satisfy contractual or statutory obligations.

5. Right to object and have data erased
As a user, you can terminate the registration at any time. You can at any time amend the data concerning yourself that has been stored.
If the data is necessary for the performance of a contract or for the initiation of a contract, advance erasure of that data is only possible to the extent that it does not conflict with contractual or statutory obligations to erase data.
Users can raise an objection at any time by sending a message to the contact e-mail described above: vadslese(at)@leser.de

VIII. Contact form and e-mail contact

1. Description and scope of data processing
Our website includes a contact form that can be used to contact us electronically. When a user opts to make contact in this way, the data entered in the form is transferred to and stored by us. This data is:
- Title
- First name
- Name
- Company
- Post code
- Place
- E-mail
- Telephone no.
- Message

When the message is sent, the following data is also stored:
- The user’s IP address
- Date and time of registration
As part of the dispatch process, your consent to the processing of data is obtained and you are referred to this data privacy statement.

Alternatively, you can contact us via the e-mail address provided. We then store your personal data transferred with the e-mail.

No data is passed onto third parties in this connection. The data is used solely for the processing of the correspondence.

2. Legal basis for data processing
The legal basis for the processing of data is the existence of a consent granted by the user pursuant to Art. 6 (1) letter a GDPR.

The legal basis for the processing of data communicated to us when we receive an e-mail from you is Art. 6 (1) letter f GDPR. If the contact by e-mail is directed towards the conclusion of a contract, the additional legal basis for processing is Art. 6 (1) letter b GDPR.

3. Purpose of data processing
We process the personal data from the form solely for the purposes of processing the contact request. If you contact us by e-mail, we also have a required legitimate interest in processing the data.
The other personal data processed during the dispatch process is used to prevent abuse of the contact form and ensure the security of our IT systems.

4. Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected. For the personal data from the input mask of the contact form and for that sent by e-mail, this is the case when the respective correspondence with the user has ended. The correspondence has ended when the circumstances indicate that the matter concerned has been definitively clarified.

The personal data additionally collected during the dispatch process is erased no later than after a period of seven days.

5. Right to object and have data erased
At any time the user has the right to withdraw his or her consent to the processing of personal data. If the user contacts us by e-mail, he or she can at any time object to the storage of his or her personal data. In such a case, the correspondence is not continued.

Users can raise an objection at any time by sending a message to the contact e-mail described above: vadsleser(at)leser.de

All personal data stored during the process of making contact is erased in this case.

YouTube
We use components (videos) of the YouTube company on our website. In doing so, we use the “enhanced data protection mode” option provided by YouTube.
When you retrieve a page that has an embedded video, a connection will be made to the YouTube servers and the content will appear on the website via a communication to your browser.
According to information provided by YouTube, in the “enhanced data protection mode” data is only transferred to the YouTube server, and in particular which of our websites you have visited, if you watch the video. If you are logged into YouTube at the same time, this information will be matched to your YouTube member account. You can prevent this from happening by logging out of your member account before visiting our website.

Further information about data protection by YouTube is provided by Google under the following link: policies.google.com/privacy

IX.    Rights of the data subject
When your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. Right to access

You can request from the controller confirmation of whether we process your personal data.
If that is the case, you can ask to be informed by the controller about the following information:
(1)    The purposes for which the personal data is processed
(2)    The categories of personal data that are processed
(3)    The recipients and categories of recipients to which your personal data was or is still being disclosed
(4)    The planned duration of storage of your personal data or, if it is not possible to provide specific information regarding this, the criteria that apply to the duration of storage
(5)    The existence of a right to rectification or erasure of your personal data, a right to restriction of processing by the controller or a right to object to this processing
(6)    The existence of a right to lodge a complaint with a supervisory authority
(7)    All available information regarding the origin of the data if the personal data is not collected from the data subject
(8)    The existence of any automated decision-making, including profiling, pursuant to Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You are entitled to request information regarding whether your personal data is transferred to a third country or an international organisation. In this connection, you can ask to be notified of the appropriate safeguards pursuant to Art. 46 GDPR in connection with such transfer.

2. Right to rectification
You have the right vis-à-vis the controller to rectification and/or completion if your personal data that has been processed is inaccurate or incomplete. The controller must rectify or complete the data without undue delay.

3. Right to restriction of processing
In the following circumstances, you can request the restriction of processing of your personal data:
(1)    If you contest the accuracy of your personal data for a period enabling the controller to verify the accuracy of the personal data;
(2)    if the processing is unlawful and you oppose the erasure of the personal data and instead request the restriction of its use;
(3)    if the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims, or
(4)    if you have objected to processing pursuant to Art. 21 (1) GDPR pending verification whether the legitimate grounds of the controller override your grounds.
Where processing of your personal data has been restricted, that data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural person or legal entity or for reasons of important public interest of the European Union or of a Member State.
If the restriction of processing was obtained in accordance with the aforementioned prerequisites, you will be informed by the controller before the restriction of processing is lifted.

4. Right to erasure
a)    Erasure obligation
You have the right to obtain from the controller the erasure of personal data concerning yourself without undue delay and the controller has the obligation to erase that data without undue delay where one of the following grounds applies:
(1)    Your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
(2)    You withdraw your consent on which the processing was based according to Art. 6 (1) letter a or Art. 9 (2) letter a GDPR, and where there is no other legal ground for the processing.
(3)    You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
(4)    Your personal data has been unlawfully processed.
(5)    Your personal data has to be erased for compliance with a legal obligation in European Union or Member State law to which the controller is subject.
(6)    Your personal data has been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.
b)    Information to third parties
Where the controller has made your personal data public and is obliged pursuant to Art. 17 (1) GDPR to erase that data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you as a data subject have requested the erasure by such controllers of any links to, or copy or replication of, that personal data.
c)    Exceptions
The right to erasure does not apply to the extent that processing is necessary
(1)    for exercising the right of freedom of expression and information;
(2)    for compliance with a legal obligation which requires processing by European Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3)    for reasons of public interest in the area of public health in accordance with Art. 9 (2) letters h and i as well as Art. 9 (3) GDPR;
(4)    for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 (1) GDPR insofar as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5)    for the establishment, exercise or defence of legal claims.

5. Right to notification
If you have asserted the right to rectification, erasure or the restriction of processing vis-à-vis the controller, the controller is obliged to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
The controller must inform you about those recipients if you request that.

6. Right to data portability
You have the right to receive in a structured, customary and machine-readable format the personal data concerning yourself that you have provided to the controller. You also have the right to transmit that data to another controller without hindrance from the controller to which the personal data has been provided, where
(1)    the processing is based on consent pursuant to Art. 6 (1) letter a GDPR or Art. 9 (2) letter a GDPR or on a contract pursuant to Art. 6 (1) letter b GDPR; and
(2)    the processing is carried out by automated means.
In exercising your right to data portability, you further have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to object
You have the right to object, on grounds arising from your particular situation, at any time to the processing of your personal data, which occurs on the basis of Art. 6 (1) letter e or f GDPR; this also applies to profiling based on these provisions.
The controller no longer processes your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

8. Right to withdrawal of the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. Your withdrawal of your consent does not affect the lawfulness of the processing that has taken place on the basis of the consent before its withdrawal.

9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for entering into, or performance of, a contract between you and the data controller
(2) is authorised by European Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
(3) is based on your explicit consent.
However, these decisions cannot be based on special categories of personal data referred to in Article 9 (1) GDPR, unless Article 9 (2) letter a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
In the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to complain to a supervisory authority
Without prejudice to any other administrative or non-judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State where you live or work or where the infringement allegedly took place, if you believe that the processing of your personal data is in breach of the GDPR.

The competent supervisory authority can be found here at

www.baden-wuerttemberg.datenschutz.de

When you purchase goods or services on our website and enter your e-mail address during that process, that address may then be used by us to dispatch a newsletter. In such a case, the newsletter is sent exclusively for the direct marketing of our own or similar goods or services.
No data is passed onto third parties in connection with the data processing for the dispatch of newsletters. The data is used solely for dispatch of the newsletter.

2. Legal basis for data processing
The legal basis for the processing of data after a user registers for the newsletter is the existence of a consent granted by the user pursuant to Art. 6 (1) letter a GDPR.

The legal basis for the dispatch of the newsletter as a consequence of the sale of goods or services is section 7 (3) of the German Act against Unfair Competition (UWG).

3. Purpose of data processing
The user’s e-mail address is collected in order to deliver the newsletter.

4. Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected. The user’s e-mail address is stored for as long as the subscription to the newsletter is active.

5. Right to object and have data erased
The subscription to the newsletter can be terminated at any time by the user concerned. Each newsletter includes a correspond link for that purpose.

6. If you subscribe to our company's newsletter, the data in the respective input mask will be transmitted to the data controller. Subscription to our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no-one can register with other people's email addresses. When registering for the newsletter, the user's IP address and the date and time of registration are stored. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data is not passed on to third parties. An exception is made if there is a legal obligation to pass on the data. The data is used exclusively for sending the newsletter. Subscription to the newsletter can be cancelled by the data subject at any time. Consent to the storage of personal data can also be revoked at any time. There is a corresponding link in every newsletter for this purpose. The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a) GDPR if the user has given consent. The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.6.1 Use of Brevo Description and purpose: We use Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenickerstraße 126, 10179 Berlin, Germany. Among other things, Brevo is used to organise and analyse the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter is stored on Brevo's servers in Germany. If you do not wish to be analysed by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For the purpose of analysis, the emails sent with Brevo contain a so-called tracking pixel, which connects to the Brevo servers when the email is opened. In this way, it can be determined whether a newsletter message has been opened. We can also use Brevo to determine whether and which links in the newsletter message have been clicked on. Optionally, links in the email can be set as tracking links with which your clicks can be counted.

Legal basis: The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR.

Recipient: The recipient of the data is Sendinblue GmbH.

Transfer to third countries: Data will not be transferred to third countries.

Duration: The data stored by us as part of your consent for the purpose of the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from both our servers and the servers of Brevo after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

Revocation option: You have the option of revoking your consent to data processing at any time with effect for the future. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

Further data protection information: For more information, please refer to Brevo's data security information at: https://www.brevo.com/legal/privacypolicy/. For more information on Brevo's analysis functions, please see the following link: https://help.brevo.com/hc/en-us.

VII. Registration

1. Description and scope of data processing
On our website we offer users the option to register. This entails them providing personal data. The data is entered in a form, transferred to us and stored. The data is not passed onto third parties. The following data is collected during the registration process:
When your register, the following data is also stored:
Registration as a customer:
- Customer number
- Post code
- E-mail address
- Password
- Security code

Registration as an interested party:
- Gender
- First name
- Surname
- E-mail address
- Company name
- Street + door number
- Post code
- Place
- Country
- Telephone number
- Password
- Security code
Optional:
- VAT no.
- Fax

The user’s consent to the processing of this data is obtained during the registration process.

2. Legal basis for data processing
The legal basis for the processing of data is the existence of a consent granted by the user pursuant to Art. 6 (1) letter a GDPR.

If the registration is intended for the performance of a contract to which the user is a party, or needed to initiate a contract, the additional legal basis for the processing of data is Art. 6 (1) letter b GDPR.

3. Purpose of data processing
User registration is necessary for the provision of certain content and services on our website.
These are as follows:
- Item prices
- Current orders
- Invoices
- Outstanding receivables
- Conditions
- Contact persons

User registration is necessary for the performance of a contract with the user or for the initiation of a contract.

Data collection and use for contract execution
We collect personal data when you communicate it to us when placing an order or contacting us (e.g. by means of a contact form or by e-mail). Mandatory fields are marked as such since in these cases we inevitably need the data for the execution of the contract or for the processing of your enquiry, and if you do not provide that data you cannot complete the order or send the enquiry. Which data is collected is clear from the respective forms. We use the data communicated by you to execute a contract or process your enquiry. After the contract has been fully executed, your data is restricted for further processing and erased after the expiry of any retention periods stipulated by tax legislation and commercial law unless you have explicitly consented to further use of your data or we have reserved the right to use of the data for a longer period that is permitted by law and about which we inform you in this statement.

4. Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected.
This is the case for data collected during the registration process for the performance of a contract or for the initiation of a contract when the data is no longer required for performance of the contract. Even after a contract has been concluded, it may be necessary to store personal data of the party to the contract in order to satisfy contractual or statutory obligations.

5. Right to object and have data erased
As a user, you can terminate the registration at any time. You can at any time amend the data concerning yourself that has been stored.
If the data is necessary for the performance of a contract or for the initiation of a contract, advance erasure of that data is only possible to the extent that it does not conflict with contractual or statutory obligations to erase data.
Users can raise an objection at any time by sending a message to the contact e-mail described above: vadslese(at)@leser.de

VIII. Contact form and e-mail contact

1. Description and scope of data processing
Our website includes a contact form that can be used to contact us electronically. When a user opts to make contact in this way, the data entered in the form is transferred to and stored by us. This data is:
- Title
- First name
- Name
- Company
- Post code
- Place
- E-mail
- Telephone no.
- Message

When the message is sent, the following data is also stored:
- The user’s IP address
- Date and time of registration
As part of the dispatch process, your consent to the processing of data is obtained and you are referred to this data privacy statement.

Alternatively, you can contact us via the e-mail address provided. We then store your personal data transferred with the e-mail.

No data is passed onto third parties in this connection. The data is used solely for the processing of the correspondence.

2. Legal basis for data processing
The legal basis for the processing of data is the existence of a consent granted by the user pursuant to Art. 6 (1) letter a GDPR.

The legal basis for the processing of data communicated to us when we receive an e-mail from you is Art. 6 (1) letter f GDPR. If the contact by e-mail is directed towards the conclusion of a contract, the additional legal basis for processing is Art. 6 (1) letter b GDPR.

3. Purpose of data processing
We process the personal data from the form solely for the purposes of processing the contact request. If you contact us by e-mail, we also have a required legitimate interest in processing the data.
The other personal data processed during the dispatch process is used to prevent abuse of the contact form and ensure the security of our IT systems.

4. Duration of storage
The data is erased as soon as it is no longer needed to achieve the purposes for which it was collected. For the personal data from the input mask of the contact form and for that sent by e-mail, this is the case when the respective correspondence with the user has ended. The correspondence has ended when the circumstances indicate that the matter concerned has been definitively clarified.

The personal data additionally collected during the dispatch process is erased no later than after a period of seven days.

5. Right to object and have data erased
At any time the user has the right to withdraw his or her consent to the processing of personal data. If the user contacts us by e-mail, he or she can at any time object to the storage of his or her personal data. In such a case, the correspondence is not continued.

Users can raise an objection at any time by sending a message to the contact e-mail described above: vadsleser(at)leser.de

All personal data stored during the process of making contact is erased in this case.

YouTube
We use components (videos) of the YouTube company on our website. In doing so, we use the “enhanced data protection mode” option provided by YouTube.
When you retrieve a page that has an embedded video, a connection will be made to the YouTube servers and the content will appear on the website via a communication to your browser.
According to information provided by YouTube, in the “enhanced data protection mode” data is only transferred to the YouTube server, and in particular which of our websites you have visited, if you watch the video. If you are logged into YouTube at the same time, this information will be matched to your YouTube member account. You can prevent this from happening by logging out of your member account before visiting our website.

Further information about data protection by YouTube is provided by Google under the following link: policies.google.com/privacy

www.baden-wuerttemberg.datenschutz.de

Please enable JavaScript to view this site in full can. Thank you so much!