top of page

Privacy Policy

This privacy policy informs you about the type, scope, and purpose of processing personal data (hereinafter referred to as "data") within our online offering and related websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "online offering"). Regarding the terminology used, such as "personal data" or its "processing," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR). ​ 

JM-Metzger GmbH
Nordstraße 45
74219 Moeckmuehl
Deutschland

 

Court of Registration: Amtsgericht Stuttgart
Commercial Register No.: HRB 107184
Managing Director: Jürgen Metzger
Telefon: +49 6298 93 77 00

E-Mail: metzger@jm-metzger.de

Types of data processed

  • Inventory data (e.g., names, addresses)

  • Contact data (e.g., email, phone numbers)

  • Content data (e.g., text entries, photographs, videos)

  • Usage data (e.g., websites visited, interest in content, access times)

  • Meta/communication data (e.g., device information, IP addresses)

Processing of Special Categories of Data (Art. 9 para. 1 GDPR)

We generally do not process special categories of data unless users provide them for processing, e.g., by entering them into online forms.

Categories of Persons Affected by Processing

Customers, prospects, suppliers, visitors, and users of the online offering. Hereinafter, we collectively refer to the affected persons as "users."

Purpose of Processing

  • Providing the online offering, its content, and functions

  • Fulfilling contractual services, customer service, and support

  • Responding to contact inquiries and communication with users

  • Marketing, advertising, and market research

  • Security measures

01. Relevant Legal Bases

In accordance with Article 13 GDPR, we inform you of the legal bases for our data processing. Unless the legal basis is specified in the privacy policy, the following applies:

  • The legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 GDPR;

  • The legal basis for processing to fulfill our services and carry out contractual measures and respond to inquiries is Art. 6 para. 1 lit. b GDPR;

  • The legal basis for processing to fulfill our legal obligations is Art. 6 para. 1 lit. c GDPR; and

  • The legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR.

If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

02. Changes and Updates to the Privacy Policy

We ask that you regularly check the content of our privacy policy. We will update the privacy policy whenever changes in our data processing make it necessary. We will notify you if these changes require an action on your part (e.g., consent) or any other individual notification.

03. Security Measures

03.1 We take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of technology, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons. These measures ensure a level of protection appropriate to the risk. These include securing the confidentiality, integrity, and availability of data by controlling physical access to data, as well as the access, input, transfer, availability, and separation of data. Additionally, we have established procedures to ensure data subject rights, data deletion, and response to data threats. We also consider the protection of personal data in the development and selection of hardware, software, and procedures, following the principle of data protection by design and by default (Art. 25 GDPR).

03.2 One of our security measures includes the encrypted transmission of data between your browser and our server.

04. Collaboration with Processors and Third Parties
04.1 If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit data to them, or otherwise grant them access to the data, this is done only on the basis of legal permission, your consent, a legal obligation, or our legitimate interests (e.g., in the use of agents, web hosts, etc.).

04.2 If we commission third parties to process data based on a so-called "data processing agreement," this is done in accordance with Art. 28 GDPR.

05. Transfers to Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosure, or transmission of data to third parties, this is done only if it is to fulfill our (pre)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only under the special conditions of Art. 44 ff. GDPR. This means the processing takes place, for example, on the basis of specific guarantees, such as the officially recognized determination of an EU-equivalent level of data protection (e.g., for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "Standard Contractual Clauses").

06. Rights of Data Subjects

06.1 You have the right to request confirmation as to whether data concerning you is being processed and to request information about this data, as well as further information and a copy of the data, in accordance with Art. 15 GDPR.

06.2 You have the right, in accordance with Art. 16 GDPR, to request the rectification of inaccurate data concerning you or the completion of incomplete data.

06.3 You have the right, under the conditions of Art. 17 GDPR, to request the immediate deletion of data concerning you or, alternatively, to request the restriction of processing in accordance with Art. 18 GDPR.

06.4 You have the right to request the data concerning you that you have provided to us in accordance with Art. 20 GDPR and to request that it be transmitted to other controllers.

06.5 You also have the right, according to Art. 77 of the GDPR, to lodge a complaint with the competent supervisory authority.

07. Right of Withdrawal

You have the right to revoke your consent at any time with effect for the future, in accordance with Art. 7 para. 3 GDPR.

08. Right to Object

You may object to the future processing of your personal data at any time, in accordance with Art. 21 GDPR. The objection may be specifically directed against processing for direct marketing purposes.

08.1 We use temporary and permanent cookies (non-essential cookies are only used if you have actively consented to them when selecting the cookies). Cookies are small files that are stored on users' devices (a detailed explanation of cookies and their functions can be found in the last section of this privacy policy). Some cookies serve security purposes or are necessary for the operation of our online offering (e.g., for displaying the website or storing user decisions when confirming the cookie banner). In addition, we and our technology partners use cookies for reach measurement and marketing purposes, about which users are informed in this privacy policy.

08.2 You can generally object to the use of cookies for online marketing purposes via various services, especially in the case of tracking, by visiting the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, you can prevent the storage of cookies by disabling them in your browser settings. Please note that disabling cookies may result in limited functionality of this online offering.

09. Data Deletion

09.1 Data processed by us will be deleted or restricted in accordance with Articles 17 and 18 of the GDPR. Unless explicitly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose, and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted. That means the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

09.2 According to legal requirements, records are kept particularly for 6 years in accordance with § 257 para. 1 HGB (commercial books, inventories, opening balances, annual accounts, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

10. Contact

10.1 When contacting us (e.g., via contact form or email), the user's details will be processed for handling the contact request and its processing, according to Art. 6 para. 1 lit. b) GDPR.

10.2 User information may be stored in our Customer Relationship Management System ("CRM System") or similar request organization systems.

10.3 We delete inquiries when they are no longer necessary. We review the necessity every two years. Requests from customers with a customer account are stored permanently, and we refer to the customer account data for deletion. If statutory archiving obligations apply, deletion will occur after the expiration of such obligations (end of commercial law (6 years) and tax law (10 years) retention obligations).

11. Access Data and Logfiles

11.1 We collect data on every access to the server where this service is located (so-called server log files) based on our legitimate interests, according to Art. 6 para. 1 lit. f. GDPR. Access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

11.2 Logfile information is stored for security reasons (e.g., to investigate abuse or fraud) for a maximum of seven days and then deleted. Data that needs to be retained for evidence purposes is exempt from deletion until the relevant incident is fully resolved.

12. Cookies & Reach Measurement

12.1 Cookies are information transmitted from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.

12.2 We use "session cookies," which are only stored for the duration of the current visit to our online presence (e.g., to store your login status or enable the shopping cart function and thus the use of our online offering). A randomly generated unique identification number, the so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you finish using our online offering and log out or close your browser.

12.3 Users are informed about the use of cookies in the context of pseudonymous reach measurement within this privacy policy.

12.4 If users do not want cookies stored on their computer, they are asked to disable the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. The exclusion of cookies may lead to functional limitations of this online offering.

12.5 You can object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and additionally via the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

13. Google Analytics

13.1 Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering as defined by Art. 6 para. 1 lit. f. GDPR), we use Google Analytics, a web analysis service provided by Google LLC ("Google"). Google uses cookies (cookies are only used if you have actively consented by selecting the corresponding option). The information generated by the cookie about users' use of the online offering is usually transmitted to a Google server in the USA and stored there.

13.2 Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

13.3 Google will use this information on our behalf to evaluate users' use of our online offering, to compile reports on activities within this online offering, and to provide us with further services related to the use of this online offering and internet usage. In doing so, pseudonymous usage profiles of the users may be created from the processed data. We use Google Analytics to display ads placed within Google's advertising services and those of its partners only to users who have shown an interest in our online offering or who exhibit certain characteristics (e.g., interests in specific topics or products based on the websites visited), which we transmit to Google (so-called "remarketing" or "Google Analytics audiences"). With the help of remarketing audiences, we also want to ensure that our ads match users' potential interests and do not appear intrusive.

13.4 We use Google Analytics with IP anonymization enabled. This means that the IP address of users is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

13.5 The IP address transmitted by the user's browser will not be merged with other data held by Google. Users can prevent the storage of cookies by selecting the appropriate settings in their browser software; users can also prevent Google from collecting and processing the data generated by the cookie and related to their use of the online offering by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

13.6 For more information on data usage by Google, settings, and opt-out options, visit Google's websites: https://www.google.com/intl/en/policies/privacy/partners ("Data usage by Google when you use our partners' websites or apps"), https://policies.google.com/technologies/ads ("Data usage for advertising purposes"), and https://adssettings.google.com/authenticated ("Manage the information Google uses to show you ads").

 

14. Integration of Third-Party Services and Content

14.1 We use third-party content or service offerings based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. GDPR) to integrate their content and services, such as videos or fonts (collectively referred to as "content"). This always requires that the third-party providers of this content recognize the users' IP addresses, as they cannot send the content to their browsers without the IP address. The IP address is therefore necessary for displaying this content. We strive to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics)

bottom of page