Privacy Policy

Allspan German Horsewould like to thank you for visiting our website and for your interest in our company. Data protection is a top priority for Allspan German Horse. The following statement tells you how we implement data protection provisions at Allspan German Horse, what information we record when you visit our web pages, and how this information is used. First of all: your data is exclusively used for the following purposes, and will not be used in any other way – e.g. for advertising purposes – without your permission.


I. Name and address of the Controller  

The person responsible within the meaning of the Basic Data Protection Regulation and other national data protection laws of the member states and other data protection regulations is the: 

Allspan German Horse Vertrieb GmbH & Co. KG
Am Torney 2 a
23970 Wismar
E-Mail: info@allspan-german-horse.de 
Website: www.allspan-german-horse.de 


II. General information about data processing  

We fundamentally only collect and utilize our users’ personal data to the extent that this is necessary in order to provide a functional website as well as our content and services. As a rule, our users’ personal data is only collected and utilized with the consent of the user. An exception applies in cases where it is not possible to obtain consent in advance for practical reasons, and where data processing is permitted by the statutory provisions.    


1. Legal basis for processing personal data 

If and to the extent that we obtain consent from the data subjects for personal data processing transactions, Art. 6 Sec. 1 lt. a EU General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data. 

In processing personal data that is necessary in order to fulfill a contract with the data subject, Art. 6 Sec. 1 lt. b GDPR serves as a legal basis. This also applies to processing steps that are necessary in order to perform pre-contractual measures. 

If and to the extent that personal data must be processed in order to fulfill a legal obligation to which our company is subject, Art. 6 Sec. 1 lt. c GDPR serves as a legal basis. 

In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 Sec. 1 lt. d GDPR serves as a legal basis. 

If processing is necessary in order to protect a legitimate interest of our company or of a third party, and as long as the interests, basic rights and basic freedoms of the data subject do not outweigh the former interest, Art. 6 Sec. 1 lt. f GDPR serves as a legal basis for the processing.   


2. Data deletion and duration of storage  

The data subject’s personal data will be deleted or blocked as soon as the storage purpose no longer applies. In addition, storage may take place if this is required by European or national legislation through Union ordinances, laws or other regulations to which the Controller is subject. Data will also be blocked or deleted after the end of a storage period established by the abovementioned standards, unless there is a need to continue storing the data in order to conclude or fulfill a contract.  


III. Provision of the website and creation of log files


1. Description and scope of data processing 

Each time our web page is accessed, our system automatically records data and information from the computer system on the accessing computer.  The following data is collected: 

  • Information about the browser type and version used
  • The user’s operating system 
  • The user’s internet service provider 
  • The user’s IP address 
  • Date and time of access 
  • Websites from which the user’s system accesses our web page 
  • Websites accessed by the user’s system via our website. 

The log files contain IP addresses and other data that can be associated with a user. This is the case, for instance, if the link to the website from which the user accessed the web page or the link to the next website the user visits contains personal data.  The data is also saved in our system’s log files. This data is not combined with any other personal data regarding the user.  The user data collected in this way is pseudonymized using technical measures, so it is no longer possible to associate the data with the user accessing the website. This data is not combined with any other personal data regarding the user.    


2. Legal basis for data processing    

The legal basis for temporarily storing the data and log files is Art. 6 Sec. 1 lt. f GDPR. 


3. Purpose of data processing  

The system must temporarily store the IP address in order to deliver the website content to the user’s computer. In order to do this, the user’s IP address must be stored for the duration of the session.  Data is stored in log files in order to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information systems. Data is not analyzed for marketing purposes in this context.  These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 Sec. 1 lt. f GDPR.  


4. Duration of storage

The data will be deleted as soon as it is no longer needed in order to achieve the purpose for which it was collected. If the data was recorded in order to make the website available, this is the case when the respective session ends.    


5. Objection and removal option  

Recording the data in order to make the website available and storing the data in log files is necessary in order to operate the web page. Thus the user does not have the option of objecting to this. 


IV. Use of cookies 


1. Description and scope of data processing 

Our website uses cookies. Cookies are text files that are stored in the user’s web browser or on the user’s computer system by the web browser. For data protection reasons, our website fundamentally does not store any cookies on the user’s computer. For PHP sessions, we only use session cookies. The session cookies used by Weblication are only saved in the web browser’s main memory, so they are deleted when the browser is closed. That is why you generally need to log in again after closing the browser. Visit data that needs to be maintained during a session includes form data, for instance, so that it can be displayed again if there is an incorrect entry. This data is also deleted at the latest when the form is submitted. 


2. Legal basis for data processing  

The legal basis for processing personal data using cookies is Art. 6 Sec. 1 lt. F GDPR. 


3. Purpose of data processing 

The purpose of using necessary cookies is to simplify the use of websites for the users and/or to make websites easier to navigate.  These purposes also constitute our legitimate interest in processing personal data pursuant to Art. 6 Sec. 1 lt. f GDPR.  


4. Duration of storage 

Cookies are not stored on the user’s computer. 


5. Analysis by Google Analytics  

This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics also uses cookies, in other words text files that are stored on your computer to analyze your use of the website (see above under IV 1 - 4).  

As a rule, the information generated by the cookie about your use of the website will be transmitted to a Google server in the United States and stored there. However, we have enabled the Google Analytics IP anonymization function on this web page, so Google will first shorten your IP address within member states of the European Union or in other states that are party to the Agreement on the European Economic Area.  

Google will use this information to analyze your use of the website, to compile reports on the website activities and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be associated with any other data held by Google.  

You can prevent data generated by the cookies and relating to your use of the website (including your IP address) from being recorded and shared with Google, as well as from being processed by Google, by downloading and installing the browser plugin under the following link: http://tools.google.com/dlpage/gaoptout. This will place an opt-out cookie that prevents your data from being recorded when you visit this website in the future.  

More information about the terms of use and about data protection with Google Analytics can be found under www.google.com/analytics/terms/de.html  and under https://www.google.de/intl/de/policies/


V. Contact form, online application and email contact 


1. Description and scope of data processing 

  a.) Our web page features a contact form / application form that can be used to contact us electronically. If a user takes advantage of this option, the data entered on the input screen will be transmitted to us and saved. This involves the following data: 

  • Title, first and last name 
  • Company 
  • Industry/application area 
  • Street name, house number, postal code, city and country 
  • Phone 
  • Email 
  • Desired salary, if applicable 
  • Application materials 

When you send the message, the following data will also be saved:  

  • The user’s IP address  
  • Date and time of registration   

In order to process your data, we will obtain your consent as part of the submission step and provide a reference to this data privacy policy. 

  b.) Alternatively, users can contact us via the provided email address. In this case, the user’s personal data that is transmitted along with the email will be saved.   

  c.) Data is not shared with third parties. The data will exclusively be used for conducting the conversation and/or for the application process. 


2. Legal basis for data processing   

a.) The legal basis for processing data with consent from the user is Art. 6 Sec. 1 lt. a GDPR. 

b.) The legal basis for processing data transmitted in the course of sending an email is Art. 6 Sec. 1 lt. f GDPR. If the goal of the email contact is to conclude a contract, an additional legal basis for processing is Art. 6 Sec. 1 lt. b GDPR. 


3. Purpose of data processing  

We exclusively process personal data from the input screen for the purpose of handling the contact request. In the case of an email contact, this also establishes our necessary legitimate interest in processing the data.  The other personal data processed during the submission step serves to prevent any misuse of the contact form and to ensure the security of our information systems.  


4. Duration of storage 

  a.) The data will be deleted as soon as it is no longer needed for the purpose for which it was collected. For personal data from the input screen and personal data provided by email, this is the case when the respective conversation with the user has ended. The conversation has ended when the circumstances indicate that the matter in question has been resolved.   

  b.) For personal data from the input screen in the online application function and personal data submitted by email as part of an application, this is the case when the relevant application process is complete and there is no risk of a legal objection. 

By submitting the declaration of consent as part of the online application, you agree to our storing of applications for a period of 2 years so that we can also consider you for future job openings.  

Any additional personal data collected during the submission step will be deleted at the latest after seven days. 


5. Objection and removal option

The user has the option to revoke the consent for processing personal data at any time. If the user contacts us by email, he or she can object to the storage of the personal data at any time. In this case, the conversation cannot be continued and/or the application can no longer be considered.  

Please send your revocation of consent and/or your objection to data storage via email to info@allspan-german-horse.de, or in writing to our company address given above. In this case, all personal data stored in the context of establishing contact will be deleted.   


VI. Rights of the data subject 

If your personal data is processed, you are considered a data subject in the sense of GDPR and you have the following rights with regard to the Controller: 


1. Right to information 

You can request confirmation from the Controller as to whether your personal data is being processed by us.  If such processing is taking place, you can request information from the Controller about the following matters:  

  1. the purposes for which personal data is being processed; 
  2. the categories of personal data being processed; 
  3. the recipients and/or categories of recipients to whom the relevant personal data has been or will be disclosed;  
  4. the planned duration of storage for your personal data or, if no concrete information is available in this regard, criteria for determining the duration of storage;  
  5. whether you have the right to rectification or deletion of your personal data, the right to restrict processing by the Controller, or the right to object to this processing;  
  6. whether you have the right to lodge a complaint with a supervisory authority;  
  7. all available information about the origin of the data if the personal data was not collected from the data subject; 
  8. whether an automated decision-making process exists, including profiling pursuant to Art. 22 Sec. 1 and 4 GDPR and – at least in these cases – relevant information about the logic involved as well as the scope and desired effects of such processing for the data subject. 

You have the right to request information about whether your personal data is transmitted to a third country or an international organization. In this context, you can request information about the suitable guarantees pursuant to Art. 46 GDPR in conjunction with this transmission.


2. Right to rectification  

You have the right to have your data rectified and/or completed by the Controller if your processed personal data is incorrect or incomplete. The Controller must rectify this data immediately.  


3. Right to restrict processing 

Under the following conditions, you can request that processing of your personal data be restricted: 

  1. if you dispute the accuracy of your personal data for a period that allows the Controller to check the accuracy of the personal data;  
  2. if the processing is unlawful and you refuse to have the personal data deleted, instead requesting that use of the personal data be restricted;  
  3. if the Controller no longer needs the personal data for the intended processing purposes, but you need it in order to establish, exercise or defend legal claims, or  
  4. if you have lodged an objection to processing pursuant to Art. 21 Sec. 1 GDPR and it has not yet been determined whether the Controller’s legitimate reasons outweigh your reasons.

If you have restricted the processing of your personal data, this data may only be processed – aside from its storage – with your consent; or in order to establish, exercise or defend legal claims; or in order to protect the rights of another natural or legal person; or in the case of substantial public interest by the Union or a member state.  If processing was restricted according to the above requirements, you will be informed by the Controller before any restriction is lifted. 


4. Right to erasure 

  a) Erasure obligation 

You can ask the Controller to delete personal data concerning you immediately and the Controller is obligated to erase this data immediately if one of the following reasons applies: 

  1. Your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed. 
  2. You withdraw your consent upon which processing was based pursuant to Art. 6 Sec. 1 lt. a or Art. 9 Sec. 2 lt. a GDPR, and there is no other legal basis for the processing.  
  3. You object to the processing pursuant to Art. 21 Sec. 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing pursuant to Art. 21 Sec. 2 GDPR. 
  4. The personal data was unlawfully processed.  
  5. The personal data must be erased in order to comply with a legal obligation under Union law or the law of the member states to which the Controller is subject.  
  6. The personal data was collected for information society services pursuant to Art. 8 Sec. 1 GDPR. 

  b) Information for third parties

Where the Controller has made your personal data public and is obligated to erase this personal data pursuant to Art. 17 Sec. 1 GDPR, the Controller, with consideration for the available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform Controllers processing the personal data that you as a data subject have requested the erasure by such Controllers of any links to this personal data and any copies or replications of this personal data. 

  c) Exceptions 

The right to erasure does not apply to the extent that processing is necessary

  1. for exercising the right to freedom of expression and information; 
  2. for compliance with a legal obligation which requires processing under Union law or the law of the member states to which the Controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;  
  3. for reasons of public interest in the area of public health pursuant to Art. 9 Sec. 2 lt. h and i as well as Art. 9 Sec. 3 GDPR; 
  4. for archiving purposes, scientific or historical research purposes and statistical purposes that are in the public interest pursuant to Art. 89 Sec. 1 GDPR, to the extent that the right named in Section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or  
  5. for the establishment, exercise or defense of legal claims. 


5. Right to information 

If you have asserted your right to rectification, erasure or restriction of processing toward the Controller, the Controller must inform all recipients to whom your personal data was disclosed about this rectification or erasure of data or restriction of processing, unless this proves impossible or involves disproportionate effort.  You have the right to obtain information from the Controller about these recipients. 


6. Right to data portability 

You have the right to receive personal data concerning you which you have provided to the Controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data to another Controller without being prevented from doing so by the Controller that originally received the personal data, where   

  1. the processing is based on consent pursuant to Art. 6 Sec. 1 lt. a GDPR or Art. 9 Sec. 2 lt. a GDPR or on a contract pursuant to Art. 6 Sec. 1 lt. b GDPR and 
  2. the processing is carried out by automated means. 

In exercising this right, you also have the right to have your personal data transmitted directly from one Controller to another, where technically feasible. This may not adversely affect the freedoms or rights of others.  The right to data portability does not apply if processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.  


7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you pursuant to Art. 6 Sec. 1 lt. e or f GDPR, including profiling based on those provisions.  

The Controller will no longer process your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for establishing, exercising or defending legal claims.  

If your personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.  

If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes. 

In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications. 


8. Right to withdraw consent for data protection  

You have the right to withdraw your consent for data processing at any time. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.  


9. Automated individual decision-making, including profiling  

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision  

  1. is necessary for concluding or fulfilling a contract between you and the Controller, 
  2. is permissible under Union or member state law to which the Controller is subject and which also lays down suitable measures to safeguard your rights and freedoms as well as your legitimate interests; or  
  3. is based on your explicit consent. 

However, such decisions may not be based on special categories of personal data referred to in Art. 9 Sec. 1 GDPR, unless Art. 9 Sec. 2 lt. a or g applies and suitable measures to safeguard your rights and freedoms as well as your legitimate interests are in place. 

In the cases referred to in (1) and (3), the Controller will implement suitable measures to safeguard your rights and freedoms as well as your legitimate interests, at least the right to obtain human intervention on the part of the Controller, to express your point of view and to contest the decision. 


10. Right to lodge a complaint with a supervisory authority 

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are domiciled, your place of work or the place where the alleged infringement occurred, if you consider that the processing of personal data relating to you is in breach of the DPA.  

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 DSGVO. 


VII. Use of social media buttons  

We use “social plugins” (hereinafter referred to as buttons) from social networks such as Facebook and LinkedIn. Where these buttons are displayed on the web page, they have not already established contact with the Facebook or LinkedIn servers. Only by clicking on these buttons do you provide your consent to communicate with Facebook or LinkedIn, and a connection is then created. The button remains enabled until you click on it again or delete your cookies. More information about cookies can be found in our cookie policy. 

Once the button is clicked, it creates a direct connection to the server of the social network in question. The content of the button is then transmitted from the social networks directly to your browser, which integrates it into the web page.  

Once a button is clicked, the social network in question can already collect data, regardless of whether you interact with the button. If you are logged in to a social network, your visit to this website can be associated with your user account.  

If you are a member of a social network and do not want data collected during your visit to our website to be associated with your saved member data, you will need to log out of the social network in question before clicking on the buttons.  

We do not have any influence over the scope of data that social networks collect through their buttons. The purpose and scope of this data collection and the further processing and use of this data by the social networks in question, as well as your rights and setting options to protect your privacy in this regard, can be found in the data privacy policies for the respective social networks.    


VIII. Our social media appearances


Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, Google+ etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered.

In detail: If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).

Responsibility and assertion of rights

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

Storage time

The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular, retention periods – remain unaffected.

We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g. in their privacy policy, see below).


Individual social networks

Facebook 

We have a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.

We have signed an agreement with Facebook on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Facebook are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum

You can customise your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads

Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/


X. Changes to this data privacy statement 

We occasionally make changes to this data privacy statement to ensure that it corresponds to the current legal requirements and covers all of our offerings.  

Your statutory rights to information, rectification, blocking, deletion and objection remain unaffected by such changes.

Further information for customers and suppliers you will find under: 


Information about customer’s and supplier’s data processing according to article 13 and 14 GDPR

We are writing to inform you according to article 13 and 14 of the General Data Protection Regulation (GDPR) about the processing of your personal data, which are collected as part of business relationships, and about the rights that you are entitled to as a person concerned.  


Name and contact details of the person responsible

Allspan German Horse Vertrieb GmbH & Co. KG
Am Torney 2 a
23970 Wismar
E-Mail: info@allspan-german-horse.de 
Website: www.allspan-german-horse.de  


Legal bases and purposes of processing   

We process your personal data  

  • in accordance with article 6, paragraph 1, point b GDPR for the fulfillment of the contractual obligations as a part of our business relationship, 
  • in accordance with article 6, paragraph 1, point c GDPR for the fulfillment of our legal obligations,  
  • in accordance with article 6, paragraph 1, point f GDPR for the protection of legitimate interests, such as the assertion or defense of legal claims and the safeguarding of our business transactions,  
  • in accordance with article 6, paragraph 1, point a GDPR based on your consent, that you have voluntarily provided data, which exceeds the contractual or statutory requirements. You can revoke this consent at any time if you no longer agree to further data processing.

Verarbeitete Datenkategorien  

We process personal data which we receive or collect in the context of business relationships. These include  

  • General company data (name, address, VAT number, ...)  
  • Contact details of contact persons (name, function, telephone number, e-mail, fax, ...)  
  • Company register data  
  • Credit data and conditions  
  • Information on processing of payment transactions (account data, ...)  
  • Access data as part of the business process  

Recipients of personal data   

Within our organization and the group, your data will only be processed by those employees who need them to fulfill contractual or legal obligations as well as to safeguard our legitimate interests.  

Third parties commissioned by us - for example IT service providers and contractual partners - only receive data they need to fulfill the agreed upon tasks. They are contractually obliged to process your data only as part of our orders and instructions.  

In case of legal disputes and payment problems, the data will also be passed on to lawyers, collection agencies and other such persons and/or bodies.  Authorities, public bodies and institutions such as financial and administrative authorities receive only data that we are legally obliged to transmit.  

In all cases, we take care of the confidentiality of your personal data and process those only if there is a valid legal basis.  


Duration of data storage  

Your personal data will be stored – where necessary - for the duration of the contractual relationship and in accordance with the statutory storage and documentation obligations.  


Rights of the persons concerned  

The consent given by you can be withdrawn at any time by contacting the stated address or e-mail address.  

In addition, in accordance with the data protection regulations, you can at any time  

  • request information about your data stored,  
  • request the correction, deletion or restriction of the processing of stored data,  
  • object to the processing of data that we process on the basis of overriding legitimate interests, for reasons that arise due to your particular situation;  
  • claim your right to data portability.  

You also have the option to forward a complaint to the:  

Landesbeauftragte für den Datenschutz Baden-Württemberg  

Postfach 10 29 32, 70025 Stuttgart, Telefon: 0711 615541 - 0, E-Mail: poststelle@lfd.bwl.de 



Many thanks for your attention!

Diese Webseite verwendet Cookies. Durch die Nutzung der Webseite stimmen Sie der Verwendung von Cookies zu. Datenschutzinformationen