Privacy Policy

We are very pleased about your interest in our company. Data protection is of particular importance to the management of Arnold Klümpen GmbH & Co. KG. The use of the Internet pages of Arnold Klümpen GmbH & Co. KG is generally possible without any indication of personal data. However, if a data subject wishes to use special services of our company via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection provisions applicable to Arnold Klümpen GmbH & Co. KG. By means of this privacy policy, our company intends to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.
As the controller responsible for processing, Arnold Klümpen GmbH & Co. KG has implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security vulnerabilities such that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

1. Definitions

The privacy policy of Arnold Klümpen GmbH & Co. KG is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easy to read and understand for both the general public and our customers and business partners. To ensure this, we would like to explain the terminology used in advance. In this privacy policy, we use, among others, the following terms:

a) Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data Subject
Data subject means any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

c) Processing
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of Processing
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization
Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller
Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor
Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient
Recipient means a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities that may receive personal data in the context of a particular inquiry under Union or Member State law shall not be regarded as recipients.

j) Third Party
Third party means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent
Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and Address of the Controller Responsible for Processing

Arnold Klümpen GmbH & Co. KG
Engelsray 1
47623 Kevelaer
Germany
Phone: +49 (28 32) 97 66 15
E-Mail: edv@kluempen-leather.de
Website: www.kluempen-leather.de

3. Cookies

The Internet pages of Arnold Klümpen GmbH & Co. KG use cookies. Cookies are small text files that are stored on your device by your browser. Many websites and servers use cookies. A cookie often contains a so-called cookie ID, which is a unique identifier of the cookie. It consists of a sequence of characters that allows the websites and servers to recognize the individual browser in which the cookie is stored. This enables the visited websites and servers to differentiate the individual browser of the data subject from other browsers containing other cookies.
Through the use of cookies, the Arnold Klümpen GmbH & Co. KG can provide the users of this website with more user-friendly services that would not be possible without the cookie setting. Cookies allow us to recognize your browser on your next visit and simplify your user experience. For example, the online shop remembers the items a customer has placed in the virtual shopping cart via a cookie.
The data subject can prevent the setting of cookies at any time through the appropriate settings of the browser used and thus permanently object to the setting of cookies. Furthermore, cookies already set can be deleted at any time via your browser or other software programs. This is possible in all common browsers. Disabling cookies may result in functional limitations of this website.

4. Collection of General Data and Information

The website of Arnold Klümpen GmbH & Co. KG collects general data and information each time the website is accessed by a data subject or an automated system. This general data and information are stored in the server log files. The following can be recorded:
a) Browser types and versions used
b) Operating system of the accessing system
c) Website from which the accessing system reached our website (referrer)
d) Sub-websites, which are accessed via an accessing system
e) Date and time of access to the website
f) Internet protocol address (IP address)
g) Internet service provider of the accessing system
h) Other similar data and information used for threat prevention in case of attacks on our information technology systems

This information does not allow any conclusions to be drawn about the person. Rather, this information is needed to:
a) Deliver the content of our web pages correctly
b) Optimize the content of our web pages and advertising
c) Ensure the long-term functionality of our information technology systems and the technology of our website
d) Provide law enforcement authorities with the data necessary for criminal prosecution in the event of a cyber-attack

These anonymously collected data and information are evaluated by Arnold Klümpen GmbH & Co. KG, both statistically and with the aim of increasing data protection and data security in our company, to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

5. Contact Possibility via the Website

The website of Arnold Klümpen GmbH & Co. KG contains information that enables quick electronic contact to our company and immediate communication with us, including an e-mail address. If a data subject contacts the controller responsible for processing by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data collected on a voluntary basis by the data subject are used exclusively to process the conversation.
There is no transfer of this personal data to third parties.

6. Routine Erasure and Blocking of Personal Data

The controller responsible for processing processes and stores personal data only for the period necessary to achieve the storage purpose or as provided by the European legislator or another legislator in laws or regulations to which the controller is subject.
If the storage purpose ceases to apply or a prescribed storage period expires, the personal data are routinely blocked or erased in accordance with legal requirements.

7. Rights of the Data Subject

a) Right of Confirmation
Every data subject has the right granted by the European legislator to obtain from the controller confirmation as to whether personal data concerning him or her are being processed.

b) Right of Access
Every data subject has the right granted by the European legislator to obtain from the controller free information about his or her stored personal data and a copy of that information. Furthermore, the European directives and regulations grant the data subject access to the following information:

• Purposes of processing
• Categories of personal data
• Recipients or categories of recipients to whom personal data have been or will be disclosed
• Planned storage period or criteria for determining that period
• Existence of the right to request rectification or erasure of personal data
• Existence of the right to lodge a complaint with a supervisory authority
• If the data were not collected from the data subject: all available information about their source
• Existence of automated decision-making, including profiling, and meaningful information about the logic involved

If personal data have been transferred to a third country, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer.

c) Right to Rectification
Every data subject has the right granted by the European legislator to obtain immediate rectification of inaccurate personal data concerning him or her.

d) Right to Erasure (“Right to be Forgotten”)
Every data subject has the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay if one of the following grounds applies:

• Personal data are no longer necessary for the purposes for which they were collected
• Withdrawal of consent and no other legal basis for processing exists
• Objection to processing and no overriding legitimate grounds for processing exist
• Personal data have been unlawfully processed
• Erasure is required for compliance with a legal obligation
• Personal data have been collected in relation to the offer of information society services to a child

e) Right to Restrict Processing
Every data subject has the right granted by the European legislator to obtain restriction of processing of personal data where one of the following applies:

• Accuracy of the personal data is contested
• Processing is unlawful and the data subject opposes erasure and requests restriction instead
• Controller no longer needs the personal data but they are required by the data subject for legal claims
• Objection to processing pending verification of grounds

f) Right to Data Portability
Every data subject has the right granted by the European legislator to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used, and machine-readable format, and the right to transmit those data to another controller without hindrance.

g) Right to Object
Every data subject has the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time to processing of personal data based on Article 6(1)(e) or (f) GDPR, including profiling.

h) Automated Individual Decision-Making, Including Profiling
Every data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, unless the decision is necessary for entering into or performance of a contract, is authorized by Union or Member State law, or is based on explicit consent.

i) Right to Withdraw Consent
Every data subject has the right granted by the European legislator to withdraw consent at any time.

8. Data Protection in Applications and the Application Procedure

The controller collects and processes personal data of applicants for the purpose of managing the application procedure. Processing may also be carried out electronically. If an employment contract is concluded with an applicant, the data transmitted by the applicant will be stored for the purpose of performing the employment relationship in compliance with legal requirements. If no employment contract is concluded, the application data will be automatically erased two months after notification of the rejection decision, unless other legitimate interests of the controller conflict.

9. Legal Basis for Processing

Art. 6(1)(a) GDPR serves as the legal basis for processing operations for which we obtain consent. Where the processing of personal data is necessary for the performance of a contract to which the data subject is party, Art. 6(1)(b) GDPR serves as legal basis. If legal obligations require processing, Art. 6(1)(c) GDPR applies. If processing is necessary to protect vital interests, Art. 6(1)(d) GDPR applies. Otherwise, Art. 6(1)(f) GDPR serves as legal basis for processing, based on the legitimate interests pursued by our company.

10. Legitimate Interests Pursued by the Controller or a Third Party

If processing is based on Art. 6(1)(f) GDPR, our legitimate interest is conducting our business in favor of the well-being of all our employees and shareholders.

11. Duration of Storage

The criteria for the duration of storage of personal data are the respective statutory retention periods. After expiration of that period, the data will be routinely deleted, unless they are required for contract fulfillment or contract initiation.

12. Legal or Contractual Requirements to Provide Personal Data; Necessity for Contract Conclusion; Consequences of Non-Provision

Provision of personal data may be required by law or contract. Failure to provide personal data may mean we cannot conclude a contract. Prior to providing personal data, the data subject must contact our staff, who will inform whether provision is mandatory.

13. Web Fonts from Fast.Fonts.Net and Fonts.com

This site uses web fonts provided by Monotype GmbH (fonts.com and fast.fonts.net). Your browser loads the required web fonts into its browser cache to display texts and fonts correctly. Loading these web fonts requires a connection to the fonts.com servers, which may result in the transmission of your IP address to fonts.com. This is done in the interest of consistent and attractive presentation. If your browser does not support web fonts, a standard font from your computer will be used. Further information can be found at https://www.fonts.com/info/legal and in the privacy policies of Fonts.com and Monotype.

14. Google Maps

This site uses the Google Maps API. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the features of Google Maps, your IP address must be stored and usually transmitted to a Google server in the USA. The provider of this site has no influence on this data transmission. The use of Google Maps is in the interest of an appealing presentation and easy findability of the places we have specified on our site. Further information can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

15. Absence of Automated Decision-Making

As a responsible company, we refrain from automated decision-making or profiling.
This privacy policy was created using the DGD privacy policy generator in cooperation with IT and data protection lawyer Christian Solmecke.

16. Hosting and Content Delivery Networks (CDN)

a) Vercel
We host our website on Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. Vercel is a cloud hosting provider and CDN. When you visit our website, your IP address and other technical data required for content delivery are collected. The legal basis is Art. 6(1)(f) GDPR (legitimate interest). More information: https://vercel.com/legal/privacy-policy

b) Cloudflare
We use Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA, as a CDN. Cloudflare processes data about website visitors. The legal basis is Art. 6(1)(f) GDPR. More information: https://www.cloudflare.com/privacypolicy/

c) Sanity.io
We use Sanity.io (Sanity Inc., 149 New Montgomery Street, 4th Floor, San Francisco, CA 94105, USA) for content management. No personal data are directly transmitted to Sanity. Content from Sanity is delivered via our servers. More info: https://www.sanity.io/privacy

d) Next.js
Our website is built with Next.js, a framework by Vercel. Next.js itself does not collect personal data. However, features like Image Optimization may result in data processing by Vercel as described above.

e) Cloudflare Turnstile
To protect our contact form from spam, we use Cloudflare Turnstile (Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA). Turnstile analyzes user behavior to distinguish automated access from genuine users. The following data are processed:

• Anonymized IP address
• Technical information about browser and device
• Behavioral analysis during form use
• Cookie information

Processing is based on Art. 6(1)(f) GDPR (legitimate interest for abuse protection). More details: https://www.cloudflare.com/privacypolicy/

Disclaimer

1. Content of the Online Offer
   Arnold Klümpen GmbH & Co. KG assumes no responsibility for the topicality, correctness, completeness, or quality of the information provided. Liability claims against the author for material or immaterial damages caused by the use or non-use of the information or by the use of incorrect or incomplete information are excluded unless there is proven intentional or grossly negligent fault on the part of the author. All offers are non-binding. The author expressly reserves the right to change, add to, delete, or temporarily or permanently discontinue publication of parts of the pages or the entire offer without separate notice.

2. References and Links
   In the case of direct or indirect references to third-party websites (“hyperlinks”) over which Arnold Klümpen GmbH & Co. KG has no control, liability would only arise if Arnold Klümpen GmbH & Co. KG was aware of the content and it was technically possible and reasonable for Arnold Klümpen GmbH & Co. KG to prevent use of illegal content.