Privacy policy

DATA PROTECTION INFORMATION

​– Our handling of your data and your rights – information in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR) –

​This data protection information applies to the collection, processing and use of your personal data when you use our website www.amalphi.de („website“).

​In the following, we would like to inform you about which personal data we collect, process and use for which purpose (hereinafter only “process”) and which rights you are entitled to in this context.

​You will find general information under 1. general information, details on the processing of personal data under 2. processing of personal data and information on the rights to which you are entitled under 3. your rights.

1. general information

1.1 Who is responsible for data processing and who can you contact?
Controller for the purposes of the EU General Data Protection Regulation (GDPR), other national data protection laws applicable in Member states of the European Union and other provisions related to data protection is: Amalphi GmbH, Birkerfeld 42, 83627 Warngau, Germany.

You can reach us electronically at info@amalphi.de and under the contact details given in the imprint.

​You can reach our company data protection officer at dsb@amalphi.de
or via Amalphi GmbH, Birkerfeld 42, 83627 Warngau.

1.2 What data do we process and from what sources does it originate?
We process personal data that is collected when you use our website. Further information on this can be found in section 2 – Processing of personal data.

​1.3. For what purposes do we process your data and on what legal basis?

​1.3.1. We process your personal data in accordance with the relevant data protection regulations, in particular the GDPR and the German Federal Data Protection Act (BDSG), for various purposes.

​1.3.2. In principle, the following purposes of processing can be considered:
Processing

​• for the fulfillment of contractual obligations (Art. 6 para. 1 lit. b GDPR),

• to safeguard legitimate interests (Art. 6 para. 1 lit. f GDPR),

• on the basis of your consent (Art. 6 para. 1 lit. a GDPR)

• and/or due to legal requirements (Art. 6 para. 1 lit. c GDPR).

​1.3.3. Further information on this can be found in Section 2 – Processing of personal data.

​1.4. Who receives your data?

​1.4.1. Service providers employed by us and acting on our behalf (so-called processors, cf. Art. 4 No. 8 GDPR) may receive personal data. We use the following processors or categories of processors:

​• IT service provider

​1.4.2. We will not pass on your data to third parties who process personal data under their own responsibility (so-called controllers, see Art. 4 No. 7 GDPR) without your consent.

​1.5. How long do we store your data?

We only process your personal data for as long as is necessary to fulfill the respective processing purpose. This is only the case for the duration of your visit to our website.

1.5.1. Further information on this can be found in Section 2 – Processing of personal data.

​2. Processing of personal data

​​2.1. Log files

​2.1.1. When you visit our website, the following data record is automatically saved for each visit, whereby this data is not saved together with other personal data of the user.

​• Browser type and version;

• Operating system;

• Internet server provider;

• IP address;

• Date and time of the respective access;

• Visited website;

• Referrer URL (website from which you came to our website);

• Website that you call up after our website;

Name of the retrieved file.

​2.1.2. The personal data in log files are processed on the basis of Article 6(1)(f) GDPR. The purpose of data processing and our legitimate interest are to facilitate the administration and needs-based presentation of our websites and to enable us to detect and track misuse.

​2.1.3. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case when the respective session has ended. If the data is stored in log files, it is deleted to the extent and for as long as is necessary to provide the services. If the data is stored in log files, this is the case after seven days at the latest.

​2.2. Use of cookies

​2.2.1. In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. The cookies can be transmitted to a page when it is accessed and thus enable the user to be identified. Cookies help to simplify the use of websites for users.

​2.2.2. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. We will also inform you about the specific cookies we use before you visit the website. You can delete cookies that have already been set. If you do not accept cookies, the functionality of our website may be restricted.

​2.2.3. The personal data in cookies are processed on the basis of Article 6(1)(f) GDPR. The purpose of data processing and our legitimate interest are to improve the functionality of our website.

​2.3. Contact form

​2.3.1. You will find a contact form on our website that can be used to contact us electronically. Alternatively, you can contact us via the e-mail address provided. If you contact us via one of these channels, the personal data you enter and transmit will be stored automatically.

​​2.3.2. If you use the contact form, the personal data collected consists of the master data entered there (name, email address) and possibly other personal data entered by you in the “Your message” field. If you contact us directly by email, we will collect your email address and any personal data resulting from the text of the email.

​2.3.3. Processing is carried out on the basis of Article 6(1)(a) GDPR.

​3. Your rights

3.1. Access, rectification, erasure, restriction of processing, data portability

​3.1.1. As a data subject affected by data processing, you have the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR.

​3.1.2. To exercise the aforementioned rights, you can contact the office named in Section 1 General Information under 1.

​3.2. Revocation of consent

​3.2.1. If you have given us your consent to process your personal data, you can withdraw this consent at any time. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

​3.2.2. To exercise your right of withdrawal, you can contact the office named in Section 1 General information under 1. Further options can be found below under section 3 Summary: Opt-out options.

​3.3. Right to lodge a complaint with the supervisory authority

​3.3.1. Pursuant to Art. 77 (1) GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that your personal data is being processed unlawfully, in particular in breach of the GDPR. The address of the supervisory authority responsible for Schmittmann is

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach.

​3.4. Right to object pursuant to Art. 21 of the General Data Protection Regulation (GDPR)

​3.4.1. Information about your right to object in accordance with Art. 21 General Data Protection Regulation (GDPR)

​3.4.2. You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (data processing on the basis of a balancing of interests); this also applies to any profiling based on this provision within the meaning of Article 4(4) GDPR.

​3.4.3. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

​3.4.4. You can also object to any direct marketing by us without giving reasons. We will then immediately stop processing your personal data for these purposes.

​3.4.5. The objection can be made in any form and should, if possible, be addressed to the office named in the data protection declaration in section 1 General information under 1. Further options can be found below under section 3.5 Summary: Opt-out options.

​3.5. Summary: Opt-out options

You can also simply withdraw your consent to data processing or object to data processing on the basis of Article 6(1)(f) of the GDPR by clicking on the corresponding button(s) below.