– Information according to Articles 13, 14 and 21 of the General Data Protection Regulation (“GDPR”) –
This Data Protection Declaration will inform you about which personal data, in the course of the use of e-CompTrol, are collected from you, processed, and/or used by us, STULZ GmbH, (the “Processing”). We process personal data in order to offer you our services. Personal data are any information relating to an identified or identifiable natural person.
STULZ GmbH (“we” or “us”), is the controller for the processing of personal data in the course of the use of e-CompTrol. Our contact details are: STULZ GmbH, Holsteiner Chaussee 283, 22457 Hamburg, Germany, phone: +49 40 5585 0, fax +49 40 5585 352, info@stulz.de. You can find further details about us in the imprint.
You can reach our data protection officer via email at: datenschutz@stulz.de or under our address with the addition “The data protection officer”.
To the extent that personal data are processed in the course of the use of e-CompTrol, this is done solely to facilitate the proper deployment of e-CompTrol and of the functionalities made available in it to users. To the extent not further specified in this Data Protection Declaration, the legal basis for the processing of your personal data in the course of the use of e-CompTrol and the functions deployed there is Article 6(1)(f) GDPR. This standard of permission allows the processing of personal data as part of the “legitimate interest” of the controller. Our legitimate interest consists of providing our customers with the ability to control their climate control units via mobile devices, give them an overview of the operating process of their climate control unit and to facilitate support inquiries.
During the use, e-CompTrol automatically transfers general information to our server. This information is stored exclusively for purposes of technical administration of e-CompTrol. As an example, the webserver and statistical programs used routinely store: date and time of accessing, operating system, IP address, browser type and version, error message.
In order to ensure that only you have, or a party authorized by you has, access to the regulation of your climate control unit through e-CompTrol, it shall be necessary for you to register with e-CompTrol. For this purpose, the following data are stored: your first and last name, a user name to be chosen by you, a password to be set by you, and your email address.
You can also enter the following optional data through your account with e-CompTrol, and update these data as needed: address, telephone, fax, and mobile number, contacts (additional addresses), object description, object photo.
A series of data is stored through your climate control unit in order to identify and to operate the device. These include:
In accordance with the standard configuration, the data are regularly read from your climate control unit and saved in a databank at e-CompTrol. In this way, you can obtain an overview of the operating process of the climate control unit. It is possible to deactivate this function at any time.
For your convenience and in order to support the operation of new climate control units on your premises and as part of our online support, we can view the data deposited by you at e-comptrol - insofar as you provide us with your consent to do so. Legal basis of processing your data in case of your consent is Article 6(1)(a) GDPR. You can withdraw your consent at any time.
In order to make the visit to e-CompTrol attractive and to facilitate the use of certain functions, on various sites we use so-called cookies. These are small text data files that are deposited on your end device. The cookies used by us are erased immediately after the end of the browser session, i.e., after closing your browser, (so-called session cookies). You can adjust your browser so that you are informed about the placement of cookies and can decide on an individual basis whether to accept them or to preclude their acceptances in certain cases or generally. Also, you can adjust your browser so that it automatically erases cookies once the browser is closed. In the event cookies are not accepted, the functionality of e-CompTrol may be reduced. The legal basis for use of technically necessary cookies by e-CompTrol is our legitimate interest in maintenance of the proper operation of e-CompTrol, Article 6(1)(f) GDPR.
We employ service providers in the course of processing when rendering performances, particularly for providing, servicing and maintenance of IT systems. Moreover, personal data are transferred to third persons or locations only if you provided your consent or we are obligated to do so by law.
Your personal data will be stored in our system’s log files by us to the extent that and as long as such is necessary for the processing purposes pursued by us. If you use, for example, the functions provided by us in e-CompTrol, then we will store the data recorded in connection therewith until the respective use relationship has been resolved or terminated. To the extent there exist any statutory or contractual retention periods extending beyond this date, which periods provide for further storage of your data, your personal data shall be erased after expiration of the respective retention periods, insofar as you have not expressly consented to the further use of your data or unless any other legal basis entitles us to further use. The legal basis for temporary storage of the data and the log files is our legitimate interest in the proper operation and improvement of the DAM and in securing the safety of our information technology systems, Article 6(1)(f) GDPR. These data will not be stored together with any other personal data. A log rotating mechanism ensures that only fourteen (14) logs are stored from time to time and the respective oldest ones are overwritten.
If your personal data are processed, then you are the data subject within the meaning of the GDPR, and you are entitled to the following rights vis-à-vis the controller: If the statutory prerequisites are present, then you have the right to obtain from us (i) access to personal data or the processing of personal data concerning you (Article 15 GDPR); (ii) the rectification, erasure, and restriction of personal data or data processing concerning you (Articles 16 through 18 GDPR), and (iii) the transfer of personal data concerning you (Article 20 GDPR). Upon request, you would receive your personal data in a structured, commonly used, and machine-readable format. Should the erasure be contradicted by any retention duties pursuant to statute, contracts, tax law, or commercial law, or any other statutorily grounded reasons, then in lieu of the erasure, only the blocking of your data can take place.
If you believe that the processing of your personal data set forth in this Data Protection Declaration infringes any statutory provision, you may lodge a complaint against this, without prejudice to any other administrative or judicial remedy, with a supervisory authority, in particular in the member state of your habitual residence, place of work, or place of the alleged infringement. Under the following link, you can find the addresses and links of all German data protection supervisory authorities and German, European, and international data protection officers: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Information on your right to object under Article 21 GDPR
You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(f) GDPR (data processing on the basis of our legitimate interest). If you object, then we shall no longer process your personal data unless (i) we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights, and freedoms, or (ii) the processing serves the establishment, exercise, or defense of legal claims. The objection can be made without using any particular form. To assert the aforementioned rights and/or to receive more specific information concerning them, please contact our data protection officer or contact us directly at the addresses set forth in items 2 and 3.