Privacy Policy

1. An overview of data protection

General
The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data collection on our website

Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.

How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form or in the electronic chat.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website
The party responsible for processing data on this website is:

NOSTA Holding GmbH
Buchenbrink 1
49086 Osnabrück

Telefon: +49 (0)541-9333-0
E-Mail: info@nosta.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

3. Data protection officer

Statutory data protection officer
We have appointed a data protection officer for our company.
amerdis GmbH
Udo Wehkamp
Telephone: + 49 251 489 570 - 41
Email: dsb@amerdis.de


4. Data collection on our website

Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

reCaptcha

We use Google's reCaptcha service to determine whether a human or a computer is making a particular entry in our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the described data processing is Art. 6 (1) lit. f of the General Data Protection Regulation. There is a legitimate interest on our side in this data processing to ensure the security of our website and to protect us from automated entries (attacks).

Chat with Userlike
At various places on our website you are offered a chat as a contact option.

This website uses Userlike, a live chat software of the company Userlike UG (haftungsbeschränkt). Userlike uses "cookies" to enable a personal conversation in the form of a real-time chat with you.

The data collected is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. The data is also stored with our chat service provider Userlike.

Legal basis for processing:
The processing is carried out on the basis of Art. 6 (1) f) EU-DSGVO.

Data collected:
Content of the chat, date and time of the call, browser type/version, operating system used, URL of the previously visited website, and amount of data sent.

Storage period:
We delete the data from us after 12 months.

Further information on data protection:

For more information on how we handle your data through the live chat function, as well as your rights and settings options for protecting your personal data, please contact our data protection officer or refer to Userlike's privacy policy at www.userlike.de/privacy_policy.

Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.

To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.

We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Handling of supplier data via shipzero

Sources
We process personal data that we have received from you or from publicly available sources in the course of our business relationship.

Data
Relevant personal data are names, address data and telecommunications data. In addition, this may also include inquiry, offer and order data, data from the fulfillment of our contractual obligation, product data, documentation data, as well as other data comparable to the mentioned categories.

Purpose of processing

The processing of your personal data (Art. 4 No. 2 GDPR) is carried out in accordance with the provisions of the GDPR and the Federal Data Protection Act for the following purposes: For the fulfilment of contractual obligations (Art. 6 para. 1 (b) GDPR), as is necessary for the execution and organization of the business relationship. In addition, we may use this data for additional purposes in the context of our business relationship and for analysis purposes.

Security measures

We train all our employees who come into contact with personal data and oblige them to comply with data protection requirements in accordance with the principles of the GDPR for the processing of personal data, as defined in Article 5 (1) GDPR.

Use and disclosure of personal data

We only use the personal data for our own purposes in the course of the business relationship. In the event of the involvement of third parties in work processes that would make it necessary to temporarily pass on your data for processing solely for this purpose, we apply the same high standards and oblige the third party to comply with data protection regulations within the framework of an agreement on order data processing in accordance with Art. 28 GDPR.  

Duration of storage

We process and store your personal data for the duration of our business relationship and in accordance with the statutory retention periods.

Right to information

Every data subject has the right to information pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, as well as the right to data portability pursuant to Article 20 GDPR. The restrictions according to §§ 34 and 35 BDSG apply to the right to information and the right to erasure. In addition, there is the right to lodge a complaint with a data protection authority (Art. 77 GDPR in conjunction with § 19 BDSG).

Responsibilities

If you have any questions regarding the processing of your personal data, you are welcome to contact our data protection officer, who is also available for information, suggestions and complaints.

Data protection information for appointment bookings via Microsoft Bookings

We would like to inform you below about the processing of personal data in connection with the use of "Bookings".

Purpose of processing

We use the "Bookings" tool to be able to arrange appointments between our customers and our sales staff. (Hereinafter: "online booking").

Person responsible

The person responsible for data processing directly related to the implementation of online bookings is NOSTA Holding GmbH.

Order processing contract

We use Microsoft 365 and Microsoft Bookings, to carry out our appointment bookings by sending a link via email.

Microsoft 365 and Microsoft Bookings are a service provided by Microsoft Ireland Operations, Ltd.

We have concluded an order processing contract with the provider.

Microsoft Bookings is part of the cloud application Office 365. Microsoft reserves the right to process customer data for its own business purposes. This poses a data protection risk for Microsoft Bookings users.

Please note that we have no influence on Microsoft's data processing activities. To the extent that Microsoft Bookings processes personal data in connection with Microsoft's legitimate business operations, Microsoft is an independent data controller for such use and, as such, is responsible for compliance with all applicable laws and obligations of a data controller.

More information about the purpose and scope of data collection and processing by Microsoft Bookings can be obtained from Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

There you will also find more information about your rights in this regard. Microsoft also processes your personal data in the USA. EU standard contracts with Microsoft on Office 365 and Teams are in place to ensure an adequate level of data protection. You can access the EU standard contractual clauses at https://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF.

The following personal data is subject to processing:

User details: display name, email address, preferred language, metadata: e.g. date, time, phone number, location.

Cookies

Cookie Consent with CookieFirst

This website uses CookieFirst's cookie content technology to obtain your consent to the storage of certain cookies on your end device and to document this consent in accordance with data protection regulations. The provider of this technology is Digital Data Solutions B. V. , Plantage Middenln 42a, 1018 DH Amsterdam, website: cookiefirst.com (hereinafter “CookieFirst”).

When you enter our website, the following personal data is transferred to CookieFirst: 

  • Your consent(s) or the revocation of your consent(s)
  • Your IP address 
  • Information about your browser 
  • Information about your terminal device 
  • Information about the time of your visit to the website 
  • Furthermore, CookieFirst stores a cookie in your browser in order to provide you with the consent or information you have given or to be able to assign their revocation. The data collected in this way is stored until you request us to delete the CookieFirst.

Delete the cookie itself or the purpose for which the data is stored is no longer applicable. Mandatory statutory storage obligations remain unaffected. CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. Article 6, paragraph 1 p. 1 lit. c DSGVO.

Order Processing Agreement 
We have entered into an order processing agreement with CookieFirst. This is a data protection contract which guarantees that CookieFirst processes the personal data of our website visitors only according to our instructions and in compliance with the DSGVO. 

Do góry / Przewiń do góry