Data protection

Below please find information pursuant to Art. 12, 13 and 21 General Data Protection Regulation (GDPR) concerning the handling of your personal data when using our website www.tbs-online.de and the TBS shopping app.

1. Responsible Party

The responsible party pursuant to the German Data Protection Act is:

TBS Technischer Bedarf GmbH
Häselstr. 2
D-72336 Balingen-Engstlatt

Tel. 0 74 33 / 98 92 57
Fax 0 74 33 / 98 92 58
E-Mail verkauf@tbs-online.de

2. Data Protection Officer

Falk Fuoß
Fuoß Treuhand GmbH
Egert 7
72336 Balingen

Email: Falk.Fuoss@fuoss.eu
Tel. 07433/99814-0

3. Purpose and legal grounds of data processing

3.1 General

We process your personal data in accordance with the provisions of the General Data Protection Regulation, the German Data Protection Act, as well as other applicable data protection regulations. “Personal data” shall refer to all information that relates to an identified or identifiable natural person (“person concerned”); deemed identifiable is a natural person who can be identified, directly or indirectly, particularly by way of assignment to an identifier e.g. a name, to an identification number, to location data, to an online identifier or to one or more particular characteristics that express the physical, physiological, genetic, emotional, economic, cultural or social identity of this natural person.
The purpose of data processing, as well as the corresponding legal grounds are stipulated below

3.2 Informative use of the website

You can visit our website without entering your personal data. If you use our website merely informatively and therefore do not register, login or otherwise disclose details about your person, we shall not collect personal data with the exception of the data transmitted by your browser to enable your visit to the website, as well as information transmitted to us through cookies.

3.2.1 Technical provision of the website

For the technical provision of the website, we must process specific, automatically transmitted information to allow your browser to display our website and to allow you to use the website. This information is collected automatically each time you access our website and is stored in our server log files. This information concerns the computer system of the calling computer. The following information is collected:

IP address;
Browser version / user agent string
Operating system used
Access date
Access time.

We also use cookies to allow you to use our website. Cookies are text files that are stored on your computer system in and/or by the internet browser when you visit a website. A cookie contains a distinctive character string that allows clear identification of the browser upon your next visit to the website. We only use these cookies to allow you to use our website with its technical functions. Some functions of our website cannot be provided without the use of cookies. The following information is stored and transmitted to us in cookies:

Session Cookie: Session ID (expires after 15 min)
Server Cookie: No. application server (expires after 15 min)
Server Cookie: Application-dependent content (expires after 15 min)
Server Cookie: Tracking: refuse agree (expires after 1 year)

We do not use the information gathered through the aforementioned cookies to create user profiles or to evaluate your browsing habits.

This cookie policy was created and updated by CookieFirst.com.

3.2.1.2 Legal grounds

We process your personal data for the technical provision of our website based on the following legal grounds:

To fulfil a contract or execute pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR, insofar as you visit our website to browse our range of products, particularly in our online shop, and to learn about our events; and

to safeguard our legitimate interests pursuant to Art. 6 (1) lit. f GDPR to enable the technical provision of the website. Our legitimate interest lies in our ability to provide you with an attractive, technically-functional and user-friendly website.

3.2.2 Statistical analysis of website usage

3.2.2.1 Purpose and scope of data processing

For the statistical analysis of the use of our website and our shopping app, we use Google Analytics and cookies to enable analysis of your browsing habits. Thus we can improve the quality of our website and its content. We learn how the website and the shopping app is used, which enables us to continuously optimise our range. To do this our online shop system generates a user ID, which is used to analyse browsing habits both on the website and in our shopping app.

The information required for the statistical analysis of our website, particularly the user ID, is not merged with other personal data collected by the website.

Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc. (“Google“). Google Analytics uses “cookies”, text files that are stored on your computer to allow analysis of your website usage. The information generated by the cookie about your usage is usually transferred to the USA and stored there. However, if anonymisation is enabled on this website, the IP address is truncated beforehand by Google within European Union member states or in other states party to the agreement via the European Economic Area. The full IP address is only transferred to a server in the USA and truncated there in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of the website to compile reports about website activities and to deliver other services associated with website and internet use via the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

This website uses Google Analytics with the extension “_anonymizeIp()“. IP addresses are processed in truncated form, which eliminates a direct link to individual persons.

You can prevent the storage of cookies by adjusting your browser software settings accordingly; however, please note that in this case, you may not be able to use all functions of this website to their fullest extent.

You can prevent the collection of the data generated by the cookie and concerning your use of the website (incl. your IP address) by Google, as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link:http://tools.google.com/dlpage/gaoptout?hl=de

Alternatively to the browser plug-in, you can click on this Link to prevent the collection of data by Google Analytics on this website in the future. In doing so, an opt-out cookie is placed on your device. To delete your cookies, you have to click this link again.

Further information on terms of use and data protection concerning Google Analytics can be found at http://www.google.com/analytics/terms/de.html and/or https://www.google.de/intl/de/policies/ .

3.2.2.2 Legal grounds

We process your personal data for the statistical analysis of the use of our website based on the following legal grounds:

Your consent

3.2.3 Crif / Bürgel

Optional we check the creditworthiness of our customers. We transmit personal data collected within the scope of this contractual relationship regarding the application for and execution of this business relationship as well as data on non-contractual behaviour to CRIF Bürgel Ressmann Ulm GmbH & Co KG, Bleichstr. 30, 89077 Ulm and CRIF GmbH, Leopoldstraße 244, 80807 Munich, among others.

The legal basis for this transfer is Article 6 (1) sentence 1 (b) and (f) of the General Data Protection Regulation (GDPR). The data exchange with CRIF GmbH and CRIF Bürgel Ressmann Ulm GmbH & Co KG also serves to fulfil legal obligations to carry out creditworthiness checks (Sections 505a and 506 of the German Civil Code).

CRIF GmbH and CRIF Bürgel Ressmann Ulm GmbH & Co. KG process the data received and also use it for the purpose of profiling (scoring) in order to provide their contractual partners in the European Economic Area and Switzerland and, if applicable, other third countries with information, among other things, to assess the creditworthiness of natural persons. The transfer of personal data to third countries takes place in accordance with Art. 44 et seq. GDPR. Further information on the activities of CRIF and CRIF Bürgel Ressmann Ulm GmbH & Co KG can be found in their information sheet or online at www.crif.de/datenschutz."

3.3 Active use of the website

Aside from purely informative use of our website, you can also actively use our website to purchase goods in our online shop or to contact us. In addition to the aforementioned processing of your personal data as part of purely informative use, we also collect and process further personal data, which we require to transact your order and/or to process and respond to your request.

3.3.1 Creation of a customer account

3.3.1.1 Purpose and scope of data processing

You can create a customer account on our website. As part of creating a customer account, we check whether you and/or your company operate a business as we only supply to business customers. It is necessary to create a customer account to order from our catalogue, to place orders in our online shop, for complaints and to download specific documents that we only offer to our registered customers. You must provide the following data during registration:

Company*
Company tax no./VAT ID no. /Company ID.
Website
Street, house number*
Postcode*
Town/city/locality*
Country*
Contact title*
Contact name and surname*
Telephone number*
Mobile number
Fax number
Email address*
Email address for invoices
Excerpt from the commercial registry or business registration

Mandatory information is marked with an asterisk “*”.

3.3.1.2 Legal grounds

We process your personal data when creating a customer account based on the following legal grounds:

To fulfil a contract or execute pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR.

3.3.2 User requests/call centre

3.3.2.1 Purpose and scope of data processing

To allow us to process and respond to your requests (also in the case of damages in transit) e.g. via the contact form or our email address, telephone or fax number, we process the personal data you have disclosed in this context. In any case such data includes your name and your email address for the reply, as well as other information disclosed in your correspondence

3.3.2.2 Legal grounds

We process your personal data to respond to user requests based on the following legal grounds:

To safeguard our legitimate interests pursuant to Art. 6 (1) lit. f GDPR; our legitimate interest lies in the appropriate response to customer requests.

3.3.3 Orders in the online shop

3.3.3.1 Purpose and scope of data processing

3.3.3.2 Legal grounds

Order

If you order goods in our online shop, we collect personal data to allow us to accept and transact the online order and to dispatch the ordered goods. We collect the details specified in the respective input forms, which is primarily the information of the ordering company. The following data can contain personal references:

Email address of a contact person
Company
Street
Address Line 2
VAT number
Telephone number of the contact person.

Order processing

To be able to dispatch the ordered goods, we disclose the company name, the name of the contact person, contact details and the delivery address to our appointed courier service.

Legal compliance

We also process your personal data to satisfy other legal obligations encountered in connection with transacting the order. In particular these include trade, commercial and fiscal retention periods.

Law enforcement

We also process your personal data to effectively enforce our rights and our legal claims. Similarly we process your personal data to defend ourselves against legal claims. Finally we process your personal data insofar as necessary to defend against or prosecute criminal offences.

We process your personal data to transact orders placed in the online shop based on the following legal grounds:

To fulfil a contract or execute pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR;
To fulfil a legal obligation to which we are subject pursuant to Art. 6 (1) lit. c GDPR in conjunction with trade, commercial or fiscal law, insofar as we are obligated to record and retain your data; and
To safeguard our legitimate interests pursuant to Art. 6 (1) lit. f GDPR, insofar as we assert our legal claims or defend ourselves in legal disputes, or we prevent or resolve criminal offences.

3.3.4 Newsletter

3.3.4.1 Purpose and scope of data processing

We send customers registered in our online shop a newsletter via email, in which we refer to goods in our range. You can opt-out of receiving the newsletter at any time by clicking the corresponding link at the end of the newsletter or by unsubscribing from the newsletter in the customer centre.

3.3.4.2 Legal grounds

We process your personal data to send our newsletter based on the following legal grounds:

To safeguard our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR in conjunction with § 7 (3) German Fair Trade Practices Act (UWG); our legitimate interest is based on our economic interests in the implementation of promotional measures and targeted advertising.

3.3.5 Applications

3.3.5.1 Purpose and scope of data processing

If you apply for a vacancy advertised on our careers page or send us a speculative application, we process the personal data disclosed in your application and/or during the interview to decide whether to offer you a position.

3.3.5.2 Legal grounds

We use your personal data to process your application based on the following legal grounds:

To establish an employment relationship pursuant to Art. 88 (1) GDPR in conjunction with § 26 (1) German Federal Data Protection Act.
If you disclose particular personal data pursuant to Art. 9 GDPR (e.g. application photo, information on religion/denomination or disability), we process this information based on the express consent that you provided upon disclosure of said information pursuant to § 26 (2) and (3) GDPR.
If you disclose details on disabilities, we process this information in order to satisfy legal obligations pursuant to § 26 (3) Sentence 1 GDPR.

4. Categories of recipients

Initially only our employees have knowledge of your personal data. Where legally permissible or prescribed, we also share your personal data with other recipients who render services for us in connection with our website. We restrict the disclosure of your personal data to the extent necessary, particularly to process your order. Sometimes your personal data is processed by our appointed service providers, who are also strictly bound by our instructions for processing your personal data. Sometimes the recipients work independently with the data we supply. Below are categories of the recipients of your personal data:

Banks for transacting the payment,
Logistics service providers for the delivery of goods,
IT service providers for the administration and hosting of our website, as well as the operation of our management software,
External service providers for sending invoices by post,
Legal consultants for enforcement of our claims.

5. Third country transfer

As part of using Google Analytics we transfer your truncated IP address to the USA. The data transfer is based on the implementing decision (EU) 2016/1250 of the EU Commission dated 12 July 2016 pursuant to the European Parliament and Council Directive 95/46/EC concerning the adequacy of the protection provided by the EU-US Privacy Shield.

Otherwise we do not transmit your personal data to countries outside the EU and/or the EEA or to international organisations.

6. Retention periods

6.1 Informative use of the website

For purely informative use of our website, we retain your personal data on our servers solely for the period of your visit to our website. Once you have left our website, we delete your personal data immediately. Furthermore, we have configured Google Analytics in such a way that the data used for the analysis is deleted after 14 months.

The cookies we install are normally deleted again once you have left our website. This does not however apply to Google Analytics cookies:

_ga (serves to distinguish between different users): Retention period 2 years
_gid (serves to distinguish between different users): Retention period 24 hours
_gat (serves to distinguish between requests to doubleclick.net and contains no personal data): Retention period 1 minute

You also have the option to delete installed cookies at any time.

6.2 Active use of the website

For active use of our website we retain your personal data initially for the period of responding to your request and/or for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the execution of a contract.

We also store your personal data as evidence, if necessary, until the start of the limitation period for any legal claims arising from the relationship with you. The limitation period is normally between 12 and 36 months, but can also be up to 30 years.

At the start of the limitation period we delete your personal data, unless we are bound by a statutory retention obligation, e.g. pursuant to the German Commercial Code (§§ 238, 257 (4) HGB) or German Fiscal Code (§ 147 (3), (4) AO). These retention obligations can last up to ten years.

6.3 Applicant data

If you have applied to work for us and we have not offered you a position, we shall delete your data three months after we have informed you of our decision. If an employment relationship is established, the application documents become part of our personnel files.

7. Your rights as the person concerned

As the person concerned, by law you are entitled to assert the following rights against us:

Right to information: pursuant to Art. 15 GDPR at any time you shall be entitled to request confirmation of whether we are processing your data; if this is the case pursuant to Art. 15 GDPR you are also entitled to receive information about this personal data as well as specific details (including the purpose of processing, categories of personal data, categories of recipients, scheduled retention period, your rights, origin of the data, use of automatic decision-making mechanisms and suitable guarantees in the event of third-country transfer) and a copy of your data.
Right to correction: pursuant to Art. 16 GDPR you shall be entitled to request that we correct your personal data if this is inaccurate or incorrect.
Right to deletion: pursuant to the provisions of Art. 17 GDPR you shall be entitled to request that we immediately delete your personal data. The right to deletion shall not apply if the processing of personal data is necessary (i) to exercise the right to freedom of expression and information, (ii) to comply with a legal obligation to which we are bound (e.g. statutory retention obligations) or (iii) to assert, exercise or defend against legal claims.
Right to restricted processing: pursuant to the provisions of Art. 18 GDPR you shall be entitled to request that we restrict the processing of your personal data.
Right to data portability: pursuant to the provisions of Art. 20 GDPR you shall be entitled to request that we transfer the personal data that you have supplied to us in a structured, standard and machine-readable format.
Right of objection: pursuant to the provisions of Art. 21 GDPR you shall be entitled to object to the processing of your personal data, whereby we must cease processing your personal data. The right of objection shall only exist within the boundaries stipulated in Art. 21 GDPR. Furthermore, should our interests oppose such a cessation, we shall be entitled to process your personal data despite your objection.
Right of appeal to a supervisory authority: pursuant to the provisions of Art. 77 GDPR you shall be entitled to appeal to a supervisory authority, particularly in your member state of residence, workplace or the location of the suspected infringement if you suspect that your personal data is being processed in breach of GDPR. The right of appeal shall apply irrespective of any other administrative or judicial legal remedy.

Our relevant supervisory authority is:
Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg [Data Protection and Freedom of Information Commissioner Baden-Württemberg]
Königstraße 10 a
70173 Stuttgart

8. Obligation to provide data

In principle you are not obligated to disclose your personal data. However if you choose not to do so, we shall not be able to make our website available to you, your requests shall not be answered and we shall not conclude contracts with you in our online shop. Personal data that we require for the aforementioned processing purpose is marked with an asterisk “*”.

9. Automatic decision-making / profiling

We do not employ automatic decision-making or profiling (an automatic analysis of your personal circumstances).

Right to object

For reasons pertaining to your individual circumstances, you have the right to object to our processing your personal data pursuant to Art. 6 (1) lit. e (performance of a task carried out in the public interest) or Art. 6 (1) lit. f GDPR (legitimate interest of the responsible party); this shall also apply to profiling based on these provisions. We shall cease processing your personal data unless we can prove compelling and legitimate grounds that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

If your personal data is used for the purpose of direct advertising, you shall have the right to object to the processing of your personal data for the purpose of such advertising at any time. Should you object to data processing for the purpose of direct advertising, your personal data shall no longer be processed for this purpose.

+49 74 33.98 92 57

RIGHT OF RETURN

SITEMAP

Products

Business

Service

Download

Contact