en de

Privacy policy

General and mandatory information

Data protection

The purpose of data protection and our goal as DINOL GmbH is to handle personal data in such a way that individuals’ personal rights are protected.

To ensure that this goal is achieved, bodies responsible for personal data processing are required to comply with the regulations set out in EU legislation (the General Data Protection Regulation (GDPR)) and national data protection laws.

Personal data may only be collected and processed if doing so is permissible under the GDPR or another law. The main fundamental principles of the GDPR are:

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation and erasure concepts
  • Integrity and confidentiality

Acting responsibly when handling personal data and using IT systems and applications in a risk-conscious manner are additional key objectives that DINOL GmbH pursues.

The controller’s duties to provide information and the rights of data subjects

Name and contact details of the controller and, if applicable, their deputy

The controller responsible for data processing on this website is:

DINOL GmbH
Pyrmonter Strasse 76

32676 Lügde, Germany

+49 (0)5281 – 982 980

info@dinol.com

The controller is the natural or legal person that takes decisions about the purposes and means of personal data processing (e.g. names, email addresses, etc.), either alone or jointly with others.

Contact details of the data protection officer

You can contact our data protection officer by emailing datenschutz@wuerth-it.com.

Purpose of collecting, processing or using data

DINOL GmbH is a specialist operating in the trade of corrosion protection materials, adhesives, sealants, fillers, sprayable noise protection materials and associated application equipment.

Data is collected, processed or used to fulfil this corporate purpose or supporting secondary purposes, such as providing a customer consulting service.

Groups of data subjects and related data or categories of data

Groups of data subjects include:

  • Current employees;
  • Former employees;
  • Applicants;
  • Prospects;
  • Customers;
  • Suppliers;
  • Service providers; and
  • Other business partners.

The relevant data includes all personal data required to fulfil the respective purpose. A detailed explanation, outlining what specific data belonging to data subjects is processed, is provided below.

Legal bases

Personal data processing is only lawful if permitted by law (i.e. if there is a legal basis, or if the data subject has given their consent).

In our company, we only process personal data in accordance with legal provisions, which generally include:

  • consent to personal data processing (Article 6 (1) (a) of the GDPR);
  • the need to process personal data for the performance of a contract or to initiate a contract (Article 6 (1) (b) of the GDPR);
  • the need to process personal data to comply with a legal obligation (Article 6 (1) (c) of the GDPR); or
  • our processing of personal data based on one of our own or a third party’s legitimate interests (Article 6 (1) (f) of the GDPR).

Special feature of the legal basis for processing data for contractual purposes

DINOL GmbH’s range of products is aimed exclusively at tradespeople. So, when we process personal data for contractual purposes, unless stated otherwise on a case-by-case basis the legal basis for doing so is:

  • Article 6 (1) (b) of the GDPR if you are a registered sole trader or freelancer, and your data is being processed for the purpose of performance of the contract or taking steps prior to implementing the contract; or
  • Article 6 (1) (f) of the GDPR if you are an employee of a company (e.g. an employee in Purchasing), and your data is being processed based on DINOL GmbH’s legitimate interest. DINOL GmbH’s legitimate interest in this case is selling its own goods and services, which is justified in particular by entrepreneurial freedom and professional freedom.

For the sake of simplicity, we will only refer to ‘data processing for contractual purposes’ below.

Potential recipients in the event of data transfer

The potential recipients of transferred personal data are:

  • Public bodies (insofar as we are legally required to transfer personal data);
  • Service providers and other business partners (insofar as data transfer is necessary for the fulfilment of the respective purpose and is legally permissible, or the data subject has given their consent to this effect).

Planned data transfer to third countries or international organisations

Should it become necessary to transfer data to third countries (countries that are not member states of the European Union) or to international organisations, this will be done exclusively for the conclusion or fulfilment of contracts – insofar as doing so does not conflict with the data subject’s legitimate interests – taking into account all the requirements under data protection law. If we transfer your data to a third country or to an international organisation on a case-by-case basis, we will provide you with the information required for this situation.

Standard data erasure deadlines

Personal data is erased in accordance with the respective legal or contractual regulations on data erasure, taking into account legal or contractual retention requirements. Such legal obligations result from the German Commercial Code (HGB) and the German Fiscal Code (AO), among other legislation. The retention or documentation periods specified therein are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.

Furthermore, other legal provisions may require a longer retention period, such as the preservation of evidence in the context of statutory limitation provisions. The regular limitation period in this regard is three years; however, limitation periods of up to 30 years or even longer in individual cases may be applicable. Personal data that is not subject to a legal or contractual retention or erasure obligation is erased once it becomes unnecessary for fulfilment of the respective purpose.

Your rights with respect to data protection (Article 12 et seq. of the GDPR)

Data subjects have various rights with regard to data protection, which are explained below. The above contact details can be used to exercise these rights.

Right of access (Article 15), right to rectification (Article 16), right to restriction of processing (Article 18) and right to erasure (Article 17)

In the context of the applicable legal provisions, you have the right, at any time, to access for free information about the personal data the controller has saved about you, its origin, the recipients and the purpose of data processing, as well as a right to have your personal data rectified, blocked or erased if applicable.

Right to object (Article 21 of the GDPR)

Every data subject has the right to object to the processing of their data if data processing is based on Article 6 (1) (f) of the GDPR or for direct marketing purposes. If you object to processing of your personal data, we will review your objection on a case-by-case basis. If we are required to erase your personal data under data protection law due to your objection, we will erase your data taking into account legal retention requirements. The lawfulness of processing carried out until you submit your objection is not affected by said objection.

Obligation to disclose data

Every data subject has the right to find out whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is required to provide the personal data and of the possible consequences of failure to provide such data.

Right to lodge a complaint with the competent supervisory authority

The data subject has the right to lodge a complaint with the competent supervisory authority if they believe that their rights have been infringed. The competent supervisory authority in matters of data protection law is the State Commissioner for Data Protection in the federal state that our company’s registered office is located in. However, the data subject can in principle also contact the supervisory authority in their place of residence or in the place of the alleged infringement. A list of data protection commissioners and their contact details is available at: https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.

Right to data portability

You have the right to have data that we process automatically after obtaining your consent or for the fulfilment of a contract sent either to yourself or a third party in a commonly used, machine-readable format. If you request that your data be transferred directly to another controller, this will only be done to the extent that it is technically feasible.

Revoking your consent to data processing

Some data processing operations can only be carried out with your express consent. You can revoke any consent you have already given at any time. All you need to do to do this is send an informal message by email to one of the email addresses provided above. The lawfulness of data processing carried out until such time that you revoke your consent remains unaffected by said revocation.

Email marketing without a newsletter subscription, and your right to object

If we receive your email address in connection with the sale of goods or services and you have not objected accordingly, we reserve the right based on Section 7 (3) of the German Act against Unfair Competition (UWG) to regularly email you offers for products that are similar to the ones you have already purchased from our range. This serves to protect our legitimate interests in contacting our customers for marketing purposes, which outweigh our interests in the context of balancing of interests. You can object to this use of your email address at any time by letting us know using the contact options provided below or by clicking on the link provided for this purpose in the marketing email, without incurring any costs other than the transmission costs in accordance with the basic tariffs.

Email marketing with a newsletter subscription

If you sign up to our newsletter, we will use the data required for this purpose, or that you provided separately, to regularly send you our email newsletter based on your consent in accordance with the first sentence of Article 6 (1) (a) of the GDPR. You can unsubscribe from our newsletter at any time, either by letting us know using the contact options provided below, or by clicking on the link provided for this purpose in the newsletter. Once you have unsubscribed from our newsletter, we will erase your email address, unless you have expressly consented to further use of your data or we have reserved the right to further lawful use of your data beyond this, which we inform you of in this policy.

SSL and TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content that you send to us as the site operator (e.g. as part of purchase orders or requests). An encrypted connection is recognisable by the fact that the browser’s address bar changes from ‘http://’ to ‘https://’ and by a padlock icon appearing in your browser’s address bar.

Third parties cannot read the data you send to us when SSL or TLS encryption is enabled.

  • Data collection on our website

Cookies

DINOL GmbH’s website sometimes uses what are known as ‘cookies’. Cookies are used to make our website more user-friendly, more effective and more secure. Cookies are small text files that are stored on your computer and saved by your browser.

You can make settings in your browser so that you are informed of cookies being set and only accept cookies on a case-by-case basis for certain situations, or categorically prevent the setting of cookies, as well as enable automatic deletion of cookies when you close your browser. This website’s functionality may be limited if you disable cookies.

We process cookies for contractual purposes if they are necessary to implement the electronic communication process or to provide our services (e.g. shopping basket function). DINOL GmbH uses these cookies primarily for the purpose of processing your order requests in the online shop. Insofar as other cookies (e.g. cookies designed to analyse your browsing behaviour) are stored, they are addressed separately in this privacy policy and are only processed once you have given your prior consent.

An overview of enabled cookies is provided on this page: Cookie information. You can also change the cookie settings here at any time.

‘Do Not Track’ settings

You can control the storage of cookies using the ‘Do Not Track’ (DNT) settings in your web browser. Depending on what browser you use, DNT is either a setting in the browser settings, or what is known as a ‘plugin’ or ‘add-on’. When the DNT setting is enabled, the browser indicates that this tool’s tracking measures are undesirable without your explicit consent. If the setting is enabled, our tools’ tracking functions are anonymised. Please note that the process for enabling the DNT setting is different depending on what web browser you are using.

Server log files

When you visit our website, we process information in what are known as ‘server log files’, which your browser sends to us automatically. The purpose of data processing is to display the website properly and to guarantee secure website operation.

Categories of processed data

The categories of data collected are:

• Browser type and version

• Operating system used and version

• Referrer URL

• Host name of the accessing computer

• Page accessed

• Time of the server request

• IP address

This data is not combined with data from other sources.

Legal basis

The legal basis for data processing is Article 6 (1) (f) of the GDPR. As the website operator, we have a legitimate interest in displaying the website properly and in guaranteeing secure website operation.

Storage period

The data processed in connection with the collection of server log files is stored in accordance with the legal retention periods.

Google Analytics

We use functions of Google Analytics, a web analytics service, to statistically analyse how our website is used. The provider is Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. We have concluded a commissioned data processing contract with Google. In the context of our use of Google Analytics, your personal data may be transmitted to Google LLC servers in the USA. Google LLC has concluded what are known as the European Commission’s ‘standard contractual clauses’ with us for transmission of personal data to Google LLC registered in the USA. They can be accessed here: https://privacy.google.com/businesses/processorterms/.

IP anonymisation

We have enabled the IP anonymisation function on this website. This means that Google will truncate your IP address before it is transmitted to the USA within member states of the European Union or other states that are parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to and stored by Google on a server in the USA. Google will use this information on behalf of the operator of this website to analyse your use of the website, compile reports on website activities and provide additional services associated with website and internet use for the website operator.

Demographics in Google Analytics

We also use the ‘demographics’ function of Google Analytics. This allows us to compile reports containing statements concerning website visitors’ ages, genders and interests. This data comes from Google’s interest-based marketing and from visitor data made available by third-party providers. This data cannot be assigned to a specific individual. You can disable this function at any time using the ad settings in your Google account or categorically prohibit Google Analytics’ collection of your data as outlined in the ‘Objecting to data collection’ section.

For further information about Google Analytics and Google’s privacy policy, visit:

https://www.google.com/intl/de/policies/privacy/ (Allgemeine Google-Datenschutzerklärung)

https://support.google.com/analytics/answer/6004245?hl=de (Datenschutz bei Google Analytics)

https://policies.google.com/terms?hl=en#toc-software (Google’s Terms of Service)

https://policies.google.com/technologies/cookies?hl=de (Übersicht zur Verwendung von Cookies durch Google)

Legal basis

Google Analytics is used to statistically analyse our website based on Article 6 (1) (a) of the GDPR (your consent).

You can prevent the use of cookies by not consenting to the same. However, please note that if you do not consent to the use of cookies, you may be unable to use all of this website’s functions in full.

If you do not, or no longer, agree to the storage and use of your data, you can stop said storage and use here. In this case, your decision will be stored in the form of a cookie. If you delete your cookies, this particular cookie will be deleted too. The next time you visit our site, you will then be asked again whether we may use cookies for web analytics purposes.

Google reCAPTCHA

We use ‘Google reCAPTCHA’ (hereinafter referred to as ‘reCAPTCHA’) on our website. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’).

reCAPTCHA allows us to check whether data is being input on our website (e.g. in a contact form) by a human or by an automated program. To this end, reCAPTCHA analyses the website visitor’s behaviour using various attributes. This analysis process starts automatically as soon as the visitor accesses the website. reCAPTCHA evaluates various types of information (e.g. IP address, length of time the visitor spends on the website, or the user’s mouse movements) for analysis purposes. The data collected during the analysis is forwarded to Google.

reCAPTCHA analyses run completely in the background. Website visitors are not informed that analysis is taking place.

Data is processed based on Article 6 (1) (f) of the GDPR. The website operator has a legitimate interest in protecting its online presence from automated and abusive espionage activities and from spam.

For more information about Google reCAPTCHA and Google’s privacy policy, visit: https://www.google.com/intl/en/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

Google Maps

We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to conveniently use the map function. The provider is Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. In the context of our use of Google Maps, personal data may also be transmitted to Google LLC servers in the USA. Google LLC has concluded what are known as the European Commission’s ‘standard contractual clauses’ with us for transmission of personal data to Google LLC registered in the USA. They can be accessed here: https://privacy.google.com/businesses/processorterms/.

When you visit our website, Google is informed that you have accessed the corresponding sub-page on our website. This information is provided regardless of whether Google provides a user account that you are logged into, or whether such a user account does not exist. If you are logged into Google, your data will be assigned directly to your account. If you do not want this information to be assigned to your Google profile, you must log out of your Google account before accessing a map. Google stores your data in user profiles and uses it for the purposes of marketing, market research and/or designing its website as needed. Analysis such as this takes place (even for users who are not logged in) in particular to provide needs-based marketing and to inform other social media users of your activities on our website. You have a right to object to the creation of such user profiles and must contact Google to exercise this right.

The legal basis for DINOL GmbH’s data processing operations is Article 6 (1) (a) of the GDPR (your consent). You can revoke your consent at any time. Revoking your consent does not affect the lawfulness of data processing operations carried out up until such time that you revoke your consent.

For further information about Google Maps and Google’s privacy policy, visit:

https://www.google.com/intl/de/policies/privacy/ (Allgemeine Google-Datenschutzerklärung)

https://policies.google.com/terms?hl=en#toc-software (Google’s Terms of Service)

  • Links to Facebook, YouTube and Instagram

We have links to the social media platforms Facebook, YouTube and Instagram on our website. This is indicated by means of a corresponding icon on our website featuring the respective social media platform’s corresponding logo, and behind which a corresponding link to our respective social media profile is hidden. Social plugins (e.g. the Facebook ‘Like’ button) are not integrated here.

Our links to the social media services do not cause any of your personal data to be transmitted to these services. They are normal hyperlinks that are not regularly used for data transfer purposes. Clicking on the link takes you directly to our profile on the social media service in question. Data is only transmitted if you are logged into your user account with the corresponding social media service. You can then link or share content from our website directly using the social media service or, in the case of YouTube, watch the videos on our YouTube channel. This may allow the relevant social media service to learn what content you have viewed on our website.

The controllers who are exclusively responsible for the social media services we have linked are:

for Facebook and Instagram and their websites: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;

for YouTube and its website: YouTube, LLC, 901 Cherry Ave., St. Bruno, CA 94066, USA.

For more information about the purpose and scope of data collection, and about the further processing and use of your data by the social media service in question, please refer to the respective service’s privacy policy. The privacy policies can be accessed online.

On the social media services mentioned, you will also find information about potential settings for protecting your privacy and about your further rights regarding the relevant social media service’s collection, processing and use of your data, among other things.

You yourself are responsible for data transfer to the aforementioned social media services, since you become active yourself by logging into your respective social media account and clicking on the respective link, thereby initiating subsequent data processing by the social media service in question.

YouTube

We have embedded YouTube videos in our website. They are stored on www.youtube.com and can be played directly from our website. The provider is Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. In the context of our use of YouTube, personal data may be transmitted to Google LLC servers in the USA. Google LLC has concluded what are known as the European Commission’s ‘standard contractual clauses’ with us for transmission of personal data to Google LLC registered in the USA. They can be accessed here: https://privacy.google.com/businesses/processorterms/.

YouTube videos on our website are all embedded in ‘Privacy-Enhanced Mode’. In other words, no data about you as a user is transmitted to YouTube if you do not play the videos. Data is only transmitted when you play the videos. We do not have any influence over this data transfer. You will be explicitly informed before data transfer that your data will be transmitted to YouTube if you play the video. This happens regardless of whether YouTube provides a user account that you are logged into, or whether such a user account does not exist. If you are logged into Google, your data will be assigned directly to your account.

If you do not want this information to be assigned to your YouTube profile, you must log out of your Google account before playing the video. YouTube stores your data in user profiles and uses it for the purposes of marketing, market research and/or designing its website as needed. You have a right to object to the formation of such user profiles and must contact YouTube to exercise this right.

The legal basis for DINOL GmbH’s data processing operations is Article 6 (1) (a) of the GDPR (your consent). You can revoke your consent at any time. Revoking your consent does not affect the lawfulness of data processing operations carried out up until such time that you revoke your consent.

For more information about YouTube and Google’s privacy policy, visit:

https://www.google.com/intl/de/policies/privacy/ (Allgemeine Google-Datenschutzerklärung)

https://policies.google.com/terms?hl=en#toc-software (Google’s Terms of Service)

https://www.youtube.com/static?gl=DE&template=terms&hl=de (YouTube’s Terms of Service)

Contact form

If you send us requests using the contact form, we will save your information from the request form (including the contact details you specified there) for the purpose of processing the request and in the event of any follow-up questions.

Categories of personal data

If you send requests using the contact form, we will process the following categories of personal data:

• Company

• Name

• Title

• Street and number

• Postcode and town/city

• Email address

• Telephone number

• Your message

Legal basis

The data entered in the contact form is processed based on our legitimate interest in offering our customers an easy way of contacting us, in improving the quality of our consulting service (Article 6 (1) (f) of the GDPR) and for contractual purposes. You are also welcome to voluntarily provide us with information above and beyond the mandatory information. The legal basis for this information is Article 6 (1) (a) of the GDPR (your consent). Processing of the data contained in the voluntary information serves the purpose of improving the service we offer you and enabling us to offer you more comprehensive support. You can revoke your consent to processing of the data provided voluntarily at any time. To do so, please use the contact options mentioned above.

Storage period

We will store the data you entered in the contact form until you request that we erase the same or the purpose of data storage ceases to apply (e.g. once processing of your request is complete). Legal retention requirements may be an exception to this rule.

Zendesk chat tool

We use the Zendesk tool provided by Zendesk, Inc., 89 Market Street, San Francisco, CA 94103, USA, to provide a customer chat tool in our online shop.

Data processing in the context of our use of Zendesk

When you use the chat function, we process the following data:

  • All the information you provide in the chat
  • Visitor path
  • Browser version
  • IP address
  • Location-based data
  • Platform
  • User agent

Legal basis

Data processing for provision of the chat function is based on Article 6 (1) (f) of the GDPR (our legitimate interest in offering our customers an easy way of communicating with us for the purpose of processing service requests).

Processing for the purpose of analysing how the chat function is used is based on your consent (Article 6 (1) (a) of the GDPR). You can revoke this consent at any time. Revoking your consent does not affect the lawfulness of data processing operations carried out up until such time that you revoke your consent.

Storage period

The data you entered for the purpose of using the chat tool and that we stored will be stored for the duration of the time your request is being processed and will be erased once processing of your request is complete.

Transfer to third countries

Data may be transmitted to the USA in the context of our use of Zendesk. Appropriate safeguards that we concluded with Zendesk exist for this purpose under Article 46 (2) (c) of the GDPR (‘EU standard contractual clauses’).

Online shop

You can register in our online shop to use additional functions on the site. We only use the data entered for this purpose to use the offer or service in question that you have registered for. The mandatory data requested during registration must be provided in full. Otherwise, we will reject your registration request.

Categories of processed data

The following data is processed in the context of use of the online shop:

Company information

• Company*

• Tax number / VAT ID

• Telephone number*

• Address*

• Town/city*

• Postcode*

• Country*

• Industry*

• Business licence

Personal information

• First name*

• Last name*

• Email address*

Legal basis

Mandatory information (marked with ‘*’) entered when you register in our online shop is processed for contractual purposes.

You are also welcome to voluntarily provide us with information above and beyond the mandatory information. The legal basis for this information is Article 6 (1) (a) of the GDPR (your consent). Processing of the data contained in the voluntary information serves the purpose of improving the service we offer you and enabling us to offer you more comprehensive support. You can revoke your consent to processing of the data provided voluntarily at any time. To do so, please use the contact options mentioned above.

Contact by email

If important changes (such as changes to the scope of the offer or technically necessary changes) are made, we will use the email address provided during registration to inform you to this effect.

Storage period

We will store the data collected during registration for as long as you are registered in our online shop as a customer. Once your registration credentials for the online shop have been deleted, access to your DINOL customer account for the online shop will be removed. Your DINOL customer account will not be closed, and your customer data will be retained. Legal retention periods remain unaffected.

Processing of customer data outside of the online shop

We also collect, process and use personal data outside of the online shop environment, insofar as it is necessary for establishing, designing or amending the contract.

Categories of data

We require the following data to register you as one of our customers:

• Company name with legal form (e.g. GmbH)

• Company’s registered office (street / building number / postcode / town/city)

• Contact’s first name and last name

• Telephone number

You are welcome to provide us with the following data voluntarily:

• Email address – However, please note that we require this as part of your access credentials for our online shop.

• A different billing address (if applicable)

Storage period

We will store the collected data for as long as you maintain a business relationship with us. Your data will be erased once the business relationship has ended. Legal retention periods remain unaffected by this.

Shipping providers

We will pass on your address to the service providers mentioned below for the purpose of shipping ordered goods. The legal basis for this is Article 6 (1) (b) of the GDPR (data processing for the fulfilment of contracts).

If you have given us your express consent to do so while or after placing your purchase order, we will pass on your email address and telephone number to the selected shipping provider in accordance with the first sentence of Article 6 (1) (a) of the GDPR, so that this provider can contact you before delivery for the purpose of notifying you of or coordinating delivery.

You can revoke your consent at any time by sending us a message using the contact options provided below or by sending a message directly to the shipping provider on the contact address listed below. Once you have revoked your consent, we will erase your data provided for this purpose, unless you have expressly consented to further use of your data or we have reserved the right to further lawful use of your data beyond this, which we inform you of in this policy.

General Logistics Systems Germany GmbH & Co. OHG (GLS)

GLS Germany-Strasse 1 – 7

36286 Neuenstein, Germany

For detailed information about the purpose and scope of data processing by GLS, visit https://gls-group.com/GROUP/en/data-protection/gls-germany

Schenker Deutschland AG

Lyoner Strasse 15

60528 Frankfurt am Main, Germany

For detailed information about the purpose and scope of data processing by Schenker, visit https://www.dbschenker.com/de-de/meta/datenschutz

Payment service providers

For purchase orders placed in our online shop, we offer you the option of paying by instant bank transfer, credit card, direct debit or purchase on account. Payment is processed by the payment service provider Unzer E-Com GmbH, Vangerowstrasse 18, 69115 Heidelberg, Germany. We will transfer the personal data you enter in the order form to Unzer for this purpose. We will transfer the data provided in the context of the ordering process to Unzer exclusively for the purpose of processing payment in accordance with Article 6 (1) (b) of the GDPR. Transfer will only take place insofar as it is actually required for processing payment. As part of payment processing, Unzer processes and stores the personal data we transmitted, and transmits it to the bodies necessary to process the transaction, in particular to the credit institutions, banks and credit card institutions involved. For detailed information about Unzer’s data collection and user data processing activities, please refer to the privacy policy: https://www.unzer.com/en/datenschutz/

Instant bank transfer

If you select the ‘SOFORT’ payment method, the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany, to whom we pass on the information you provided during the ordering process and information about your purchase order in accordance with Article 6 (1) (b) of the GDPR. SOFORT GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data is transferred for the sole purpose of payment processing with the payment service provider SOFORT and only to the extent necessary for this purpose. For detailed information about SOFORT GmbH’s data collection and user data processing activities, please refer to the privacy policy: https://www.sofort.de/datenschutz.html

Credit check for purchase on account

If you select the purchase on account and direct debit payment methods, personal and other data (e.g. shopping basket, invoice amount, order history, payment history) are transmitted to Unzer E-Com GmbH, Vangerowstrasse 18, 69115 Heidelberg, Germany, during the course of the ordering process for the purpose of conducting a credit check to protect our legitimate interest in determining our customers’ solvency and eliminating the possibility of payment defaults. Unzer transmits your personal data to the following credit agencies (this sample list is not exhaustive) in accordance with Article 6 (1) (f) of the GDPR:

  • Schufa Holding AG
  • CRIF Bürgel GmbH
  • Arvato Infoscore GmbH
  • Universum Business GmbH
  • Bisnode D&B Austria GmbH

The credit check may contain probability values (‘score values’). If score values are included in the credit check result, they are based on a scientifically recognised mathematical and statistical method. The likes of address data is also, but not exclusively, used in the calculation of the score values. You can object to this processing of your data at any time by sending a message to the data controller responsible for data processing or to Unzer. However, Unzer may still be entitled to process your personal data if doing so is necessary for the purpose of contractual payment processing.

For detailed information about Unzer’s data collection and user data processing activities, please refer to the privacy policy: https://www.unzer.com/en/datenschutz/

Disclaimer

DINOL GmbH’s privacy policy does not apply to third-party applications, products, services, websites or social media functions that are accessible using links we provided for information purposes. If you click on these links, you will leave DINOL GmbH’s website, so information about you may be collected or transmitted in this respect by third parties. DINOL GmbH has no control over third-party websites and makes no recommendations and gives no guarantees whatsoever about these websites or their privacy practices. We therefore suggest that you carefully read and review the privacy policies of all websites you may interact with before allowing them to collect, process and use your personal data.

Last updated: March 2021