Data protection

Version 28/04/2022

Data Privacy Statement as applicable to the Naber website


This Data Privacy Statement applies to all contents provided at www.naber.com. The protection of personal data is very important to us. We therefore operate our website in accordance with all the applicable laws and regulations pertaining to the protection of personal data and to data integrity. Below, you will see what information we may collect, how we handle it and whom we may furnish it with.

Personal data


On our website, we only collect your personal data (e.g. names, addresses, phone numbers or e-mail addresses) if you provide them on a voluntary basis and to whose collection you have given your consent. We may also collect your personal data if thus permitted by the pertinent legal regulations on the protection of personal data.

Purpose


The personal data you have provided will only be used by Naber to process your requests. After such processing, any such data will be deleted. Neither will we sell your personal data to third parties, nor commercialise them in any other way, shape or form.

Transfer to third parties


We find having information on our customers and interested parties important because they help us to optimise our services. It is not part of our business to sell this information or pass it on to third parties.

Contract data processing


We have commissioned shopware AG to provide and technically support our website. If personal data is collected, stored and processed, this is done as specified by Naber GmbH and only as set forth in art. 28 GDPR. We check up on the protection of your personal data at shopware AG’s on a regular basis. The contractor will not pass on personal data to third parties.

Consent


We will only use your personal data for marketing purposes, e.g. online surveys or product information, if you have given your express consent. You do so electronically and can revoke such consent at any time by sending us an e-mail.

Communication or use-related data


If you access our website via telecommunication services, communication-related data (e.g. your IP address) or use-related data (e.g. start and end of the session and data on the telecommunication services you use) are generated automatically. These may allow conclusions to be drawn on personal data. If a collection, processing and use of your communication-related or use-related data is mandatory, it is also covered by data protection laws and regulations.

Google Analytics by Google


This website uses Google Analytics, a Google Inc. (“Google“) web analysis service. Google Analytics uses so-called cookies, text files stored on your computer that allow an analysis of your use of the website. As a rule, this user information generated by the cookie is transferred to a server in the U.S. and stored there. If the IP-address anonymisation function has been activated, however, within Member States of the EU or in other EEA countries Google will shorten your IP address. The full IP address will only in exceptional cases be transferred to a Google server in the U.S. and shortened there. Google will use this information on behalf of and for the operator of this website in order to analyze your use of this website, collate reports on the website activities and to render other services in the context of website use and Internet use. Your IP address transmitted by your browser within the framework of Google Analytics will not be correlated with other Google data. You can prevent the storage of cookies by adjusting your browser software accordingly. We have to point out, however, that you will then not be able to use our website’s functions in full. You can also prevent the transfer to Google of the data generated by the cookie and relating to your use of this website (including your IP address) and such data’s processing by Google by clicking on the following link (http://tools.google.com/dlpage/gaoptout?hl=en) and  downloading and installing the browser plug-in.

For further information on the terms and conditions of use and on data protection, please consult http://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. We would like to inform you that in order to guarantee an anonymised registration of IP addresses (the so-called IP masking) on this website Google Analytics has been extended by the code “gat._anonymizeIp();”.

Use of the YouTube service


We integrate videos on our website using the services of the provider YouTube (Google Inc.). For the videos embedded on our website, the enhanced privacy mode offered by YouTube is activated. This means that information about the visitors to our website is only stored if they decide to play the embedded video. Nevertheless, it can happen that through the use of the YouTube service, information is transmitted to servers of YouTube/Google in the US. It is also possible that cookies are stored on your device. We neither know the contents of the information recorded nor do we have any influence on the collection and storage of information by YouTube. If you do not agree with the data collection, please do not start the corresponding video. For more information about the collection of your data, please see the privacy policy of YouTube (Google Inc) under: https://www.google.de/intl/de/policies/privacy/

Our social media appearances

This privacy policy applies to the following social media presence of the Naber GmbH

Facebook: https://www.facebook.com/naber.deutschland
Instagram: https://www.instagram.com/naber_deutschland/
Pinterest: https://www.pinterest.de/naber_deutschland/
LinkedIn: https://www.linkedin.com/company/naber-gmbh


Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, X etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your de-vice or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way, you can see interest-based advertising inside and outside your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depend-ing on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.


Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).


Responsibility and assertion of rights

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).


Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.


Storage time

The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory pro-visions – in particular, retention periods – remain unaffected.


We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).


Your rights

You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.


Individual social networks

Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta’s statement, the collected data will also be transferred to the USA and to other third-party countries.

You can customize your advertising settings independently in your user account. Click on the following link and log in:
https://www.facebook.com/settings?tab=ads.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://www.facebook.com/help/566994660333381.

Details can be found in the Facebook privacy policy:
https://www.facebook.com/about/privacy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active


Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission.
Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://privacycenter.instagram.com/policy/ and
https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal information, see the Instagram Privacy Policy:
https://privacycenter.instagram.com/policy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active


Pinterest


We have a profile at Pinterest. The operator is Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. Details on how they handle your personal data can be found in the privacy policy of Pinterest:
https://policy.pinterest.com/de/privacy-policy.


LinkedIn

We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you want to disable LinkedIn advertising cookies, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://www.linkedin.com/legal/l/dpa and
https://www.linkedin.com/legal/l/eu-sccs.

For details on how they handle your personal information, please refer to LinkedIn's privacy policy:
https://www.linkedin.com/legal/privacy-policy

Automatically collected non-personal data


When you access our website, sometimes information will be collected automatically (i.e. not with any registration or log-on) that have nothing to do with specific persons (e.g. the browser and operating system that are being used, the name of the domain you last visited,  number of visits, average duration of such visits, pages called up). We will use this information to find out how attractive our website is and to improve its efficiency and contents.

Your rights


If you no longer assent to the storage of your personal data or these have become incorrect, we will see to their deletion, correction or blocking if thus instructed and in accordance with the pertinent legal regulations. You have the right to receive information on all the personal data we have stored on you. The details of this right of information are set forth in the General Data Protection Regulation, Federal Data Protection Act (GDPR, esp. art. 15) and the new Federal Data Protection Act (FDPA-new §§ 34 ff). Our contact details are:

Naber GmbH, Enschedestr. 24, 48529 Nordhorn, Germany, phone: +49 5921 704-0, naber(at)naber.com



"Cookies" – information automatically stored on your computer


Most of the cookies we use will automatically be purged from your hard drive when your browser session has ended. These so-called session cookies are needed to provide you with a shopping basket on more than one page, for example. We also use cookies that stay on your hard drive. When you visit us again, these will automatically register that you have visited us before and what input and settings you prefer. These temporary or permanent cookies (service lives of 1 month to 10 years) are stored on your hard drive and are automatically deleted after a certain time, with their service life possibly extended if you use our online shop again. Cookies help us make our services more user-friendly and secure. They allow us, for example, to provide you with information on our website that is geared to what you are interested in. Cookies are thus to make surfing as easy as possible for you. Most browsers allow you to reject cookies or delete them after a visit to a website. Without cookies, however, you can no longer use certain online shop functions.

Data integrity


Naber takes technical and organisational security measures to protect your personal data from inadvertent or unlawful deletion or alteration or from loss, unauthorised transfer or illegitimate access.

Links to other websites


The Naber website features links to other websites. Naber is not responsible for these other websites’ data privacy policies or contents.

Queries and comments


Should you have any queries or comments on this Data Privacy Policy, please click on “Kontakt” (contact) in the top line of the screen and send us an e-mail. As the Internet evolves, we will also continually adapt our Data Privacy Policy. We will announce any such amendment on this page in good time. Please do therefore call up this page on a regular basis if you want to remain up-to-date.

Registration on our website


The data subject has the option to register on the Internet site of the data processor by providing personal data. Which personal data is transmitted to Naber GmbH here depends on the respective input mask, which is used for the registration. The personal data entered by the data subject is collected and stored solely for internal use by Naber GmbH and for its own purposes. Naber GmbH can arrange for disclosure to one or more order processors, for example a parcel service provider, which also uses the personal data exclusively for internal purposes attributable to Naber GmbH.

Subscription to our newsletter


On the Internet site of Naber GmbH, the users have the opportunity to subscribe to our company’s newsletter. Which personal data is transmitted to Naber GmbH on ordering the newsletter depends on the input mask used for this purpose.

Naber GmbH informs its customers and business partners about company offers at regular intervals by means of a newsletter. Our company’s newsletter can fundamentally only be received by the data subject if
(1) the data subject is a specialist retailer registered with us and has a valid e-mail address.
(2) the data subject registers for the newsletter.
For legal reasons, a confirmation e-mail is first sent to the e-mail address entered by a data subject for newsletter dispatch in the double-opt-in procedure. This confirmation email serves to check that the owner of the e-mail address authorised the receipt of the newsletter as the data subject.

The personal data collected in the context of registering for the newsletter is used exclusively for the dispatch of our newsletter. Furthermore, subscribers to the newsletter may also be notified by e-mail if this is necessary for the operation of the newsletter service or registration is required for this, for example in case of changes to the newsletter offer or changes to the technical conditions. The personal data collected in the context of the newsletter service is not disclosed to third parties. The subscription to our newsletter may be cancelled by the data subject at any time. The data subject’s consent to the storage of personal data provided for the newsletter dispatch may be revoked at any time. There is a corresponding link in each newsletter for revoking consent. It is also possible to unsubscribe from the newsletter at any time, either directly on the Internet site of the data processor or by notifying the data processor of this by other means.

Newsletter tracking


The newsletters of Naber GmbH contain so-called tracking pixels. A tracking pixel is a miniature graphic which is embedded in such emails, which are sent in HTML format, to enable log file recording and log file analysis. This makes statistical evaluation of the success or failure of online marketing campaigns possible. Based on the embedded tracking pixel, Naber GmbH can see whether and when an e-mail was opened by a data subject and which links in the e-mail were accessed by the data subject.

Such personal data collected via the tracking pixels contained in the newsletters is stored and evaluated by Naber GmbH so as to optimise the newsletter despatch and to adapt the content of future newsletters better to the interests of the data subject. This personal data is not disclosed to third parties. Data subjects are entitled to revoke the separate declaration of consent provided for this via the double-opt-in procedure at any time. After revocation, this personal data is deleted by the data processor. Deregistration from receipt of the newsletter is automatically regarded by Naber GmbH as revocation.

Contact possibility via the Internet site


Due to legal regulations, the Naber GmbH Internet site contains information that enables quick electronic contact with our company as well as direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the data processor by e-mail or through a contact form, the personal data provided by the data subject is automatically stored. Such personal data, voluntarily transmitted to the data processor by a data subject is stored for the purpose of processing or contacting the data subject. This personal data is not disclosed to third parties.
The following data is transmitted via the contact form: subject, your message to us, company name, customer number, name, address, telephone, fax number and mail address. The following data is transmitted via the returns service form: customer number, company name, contact person, telephone number, mail address, name, address, delivery note number, product number, product description and reason for the return.

Data protection for applications and in the application process


Naber GmbH collects and processes the personal data of applicants for the purpose of completing the application process. The processing can also be carried out electronically. This is particularly the case if an applicant submits corresponding application documents to the data processor by electronic means (e-mail). If the data processor concludes a contract of employment with an applicant, the data transmitted is stored for the purpose of processing the employment relationship in accordance with the legal provisions. If the data processor does not conclude a contract of employment with the applicant, the application documents are automatically deleted two months after notification of the rejection decision, unless deletion precludes other legitimate interests of the data processor. Other legitimate interest in this sense include, for example, the obligation to furnish evidence in a lawsuit in accordance with the General Act on Equal Treatment (AGG).

Cookies


Some of the web pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective, and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognise your browser the next time you visit.
You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for specific cases or generally, and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.
Cookies which are required to carry out the electronic communication process or to provide certain functions requested by you (e.g. shopping basket function) are stored on the basis of Art. 6 para. 1 lit. a GDPR. The user gives his consent to the use of cookies. The website operator may also use technically necessary cookies without consent.
Consent: if other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, you can decide yourself which cookies you allow. For this, simply tick the permitted cookies in the “Cookies” pop-up window. You can open the window at any time by clicking on the fingerprint below left.

Contact data of the data protection officer


The company Naber has appointed Dr. Johannes Schröder as its data protection officer.

Contact data:

Postal address: To the data protection officer of Naber GmbH
Enschedestr. 24
48529 Nordhorn

Tel.: +49 5461-886299
Mail (preferred): datenschutz(at)naber.com

Information obligations according to the EU General Data Protection Regulation (GDPR)

General

We take the protection of your personal data very seriously. We treat your personal data confiden-tially and in accordance with the statutory data protection regulations and this declaration. Personal information is information that personally identifies you. This information sheet explains what data we collect and what we use it for. It also explains how and for what purpose.

Responsible post

Company name: Naber GmbH
Address: Enschedestraße 24, 48529 Nordhorn, Germany
Tel.: +49 5921 704-0
Fax: +49 5921 704-140
E-Mail: info@naber.com
Internet: www.naber.com

Data Protection Officer (external)

Dr. Johannes Schröder
Griegstraße 6, 49565 Bramsche, Germany
Tel.: +49 5461 886299
E-Mail: datenschutz@naber.com

Legal basis for the processing of personal data

We only process personal data if there is a legal basis, i.e. if

  • the data subject has given their consent (Art. 6, para. 1, lit. a GDPR),
  • it is for the fulfilment of a contract (Art. 6, para. 1, lit. b GDPR),
  • legitimate interests (Art. 6, para. 1, lit. f GDPR) exist,
  • it is for the fulfilment of a legal obligation (Art. 6, para. 1, lit. c GDPR).

Processing of data, data categories and groups of data subjects

All personal data is collected and processed in accordance with the EU General Data Protection Regulation (GDPR) and the Act to Adapt Data Protection Law to Regulation (EU) 2016/679 and to Implement Directive (EU) 2016/680 (DSAnpUG-EU). We process the following data from you:

Company name, first name and surname of contact person and (end) customer, address, telephone and fax number, e-mail, bank details, contracts, orders, delivery notes, invoices.

The data belongs to the following data categories: identification data, communication data, financial data, order and contract data and billing data.

The following groups of people are affected: customers, prospective customers, suppliers, sales representatives and employees.

Use of your data (purpose)

This data is collected
  • to identify you as a customer,
  • to process your request, your order appropriately,
  • to fulfil orders,
  • for correspondence with you,
  • for invoicing,
  • for informational purposes.

Your rights as a data subject

As a data subject you have the right at any time
  • to free information about your stored personal data (Art. 15 GDPR), its origin and recipient and the purpose of the processing of your data,
  • to rectification (Art. 16 GDPR),
  • to blocking (right to restriction of processing, Art. 18 GDPR),
  • to deletion of this data subject to any statutory retention requirements (Art. 17 GDPR),
  • to complain to the competent supervisory authority (Art. 77 GDPR),
  • to data portability (Art. 20 GDPR).

Disclosure of data

Data is not disclosed to third parties unless this is necessary to fulfil your request/order. The data is not transferred to third countries.

Automated decision making and profiling

No automated decision-making procedures according to Art. 22 GDPR or other profiling measures according to Art. 4 No. 4 GDPR are carried out.

Revocation of consent

You may revoke your consent granted at any time with effect for the future. If you wish to exercise your right of revocation, an e-mail to E Naber GmbH (see above) is sufficient.

Deletion of personal data

The personal data collected by us is deleted after the purpose is finished, taking into account the statutory retention requirements.

Technical-organisational measures

We take technical and organisational measures to process your data with a high degree of security. Importance is especially attached to the following points:

  • Confidentiality (Art. 32 para. 1 lit. b GDPR), especially physical, electronic and internal access control and isolation control
  • Integrity (Art. 32 para. 1 lit. b GDPR), especially data transfer, data entry, processing, documentation and order control
  • Availability and resilience (Art. 32 para. 1 lit. b GDPR), especially availability control and recoverability
  • Process for regularly testing, assessing and evaluating (Art. 32 para. 1 lit. d GDPR; Art. 25 para. 1 GDPR), especially data protection management, data-protection-friendly default settings and organisation control