Privacy Policy

Name and address of the controller

Responsible in terms of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and other provisions with data protection character is the:

B&B Sachsenelektronik GmbH

Leipziger Str. 40

09648 Mittweida

Telephone: +49 (0) 3727 6297 0

Facsimile:  +49 (0) 3727 6297 24

E-Mail: datenschutz@bb-gruppe.de

Privacy Policy for the use of Google Fonts

On these web pages external fonts, Google fonts are used. Google Fonts is a service of Google Inc. (“Google”). The integration of these web fonts is done by a server call, usually a Google server in the USA. This will be transmitted to the server, which of our websites you have visited. Also, the IP address of the browser of the terminal of the visitor of this website is stored by Google. For more information, see the Google Privacy Policy, which you can access here:

www.google.com/policies/privacy/

Collection of general data and information

The website of the group collects a series of general data and information each time the website is accessed by an affected person or an automated system. This general data and information is stored in the log files of the server. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrers), (4) the sub-web pages, which can be accessed via (5) the date and time of access to the website, (6) an Internet Protocol (IP) address, (7) the Internet service provider of the accessing system and (8) other similar data and information used in the event of attacks on our information technology systems.

When using this general data and information, the group does not draw any conclusions about the person concerned. Rather, this information is required to (1) properly deliver the contents of our website, (2) to optimize the contents of our website, (3) to ensure the continued functioning of our information technology systems and the technology of our website, and (4) to law enforcement agencies in the Case of cyberattack, provide the information necessary for law enforcement. This anonymously collected data and information is therefore statistically and further evaluated by the Group with the aim of increasing the privacy and data security of our group in order to ultimately ensure the best possible level of protection of the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.

Routine deletion and blocking of personal data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of the storage or, if so required by the European directives and regulations or any other legislator in laws or regulations, that of the controller subject to was provided.

If the storage purpose is omitted or if a storage period prescribed by the European directives and regulations or any other relevant legislature expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

Rights of the data subject

a) Right to confirmation

Each data subject has the right, as granted by the European Di- rective and Regulatory Authority, to require the controller to confirm whether personal data relating to him / her are being processed. If an affected person wishes to exercise this right of confirmation, they can contact our data protection officer or another employee of the controller at any time.

b) Right to information

Any person affected by the processing of personal data shall have the right granted by the European legislature and the legislature at any time to obtain free information from the controller on the personal data stored about him and a copy of that information.

Furthermore, the data subject has a right of access as to whether personal data has been transmitted to a third country or to an international organization. If this is the case, then the data subject has the right to obtain information about the appropriate guarantees in connection with the transfer.

If an affected person wishes to exercise this right to information, they can contact our data protection officer at any time.

c) Right to rectification

Any person affected by the processing of personal data has the right granted by the European legislator to demand the immediate correction of inaccurate personal data concerning him. Furthermore, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration, taking into account the purposes of the processing.

If an affected person wishes to exercise this right to rectification, they can contact our data protection officer at any time.

d) Right to cancellation (right to be forgotten)

Any person affected by the processing of personal data shall have the right granted by the European Directives and Regulators to require the controller to immediately delete the personal data concerning him, provided that one of the following reasons is satisfied and the processing is not required:

  • The personal data has been collected for such purposes or otherwise processed for which they are no longer necessary.
  • The person concerned revokes the consent on which the processing was based on Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR and lacks any other legal basis for the processing.
  • According to Art. 21 (1) GDPR, the data subject submits an objection against the processing and there are no legitimate reasons for the processing, or the person concerned objects to the processing according to Art. 21 (2) GDPR.
  • The personal data was processed unlawfully.
  • The deletion of personal data is necessary to fulfill a legal obligation under Union or national law, to which the controller is subject.
  • The personal data were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.

If any of the above reasons are correct and an affected person wishes to arrange for the deletion of personal data held by the Group, they may contact our Privacy Officer at any time. The data protection officer will arrange that the request for deletion be fulfilled immediately.

e) Right to restriction of processing

Any person affected by the processing of personal data has the right granted by the European directive and regulatory authority to require the controller to restrict the processing if one of the following conditions applies:

  • The accuracy of the personal data is contested by the data subject for a period of time that enables the person responsible to verify the accuracy of the personal data.
  • The processing is unlawful, the data subject refuses to delete the personal data and instead requests the restriction of the use of personal data.
  • The controller no longer needs the personal data for processing purposes, but the data subject needs them to assert, exercise or defend legal claims.
  • The person concerned has objection to the processing acc. Art. 21 para. 1 DSGVO and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the data subject.

If one of the above conditions is met and an affected person wishes to request the restriction of personal data stored by the Group, they may contact our Data Protection Officer at any time. The data protection officer will initiate the restriction of the processing.

f) Data transferability

Any person affected by the processing of personal data shall have the right granted by the European Di- rective and Regulatory Authority to receive the personal data concerning him / her provided to a controller by the data subject in a structured, common and machine-readable format. It also has the right to transmit this data to another person without hindrance by the controller to whom the personal data was provided, provided that the processing is based on the consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) Subparagraph (a) of the DSGVO or on a contract pursuant to Article 6 (1) (b) of the GDPR and processing by means of automated procedures, unless the processing is necessary for the performance of a public-interest or public-authority task; which has been transferred to the person responsible.

Furthermore, in exercising their right to data portability under Article 20 (1) of the GDPR, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another, insofar as this is technically feasible and if not so the rights and freedoms of others are impaired.

In order to assert the right of data transferability, the data subject may at any time contact the appointed data protection officer.

g) Right to object

Jede von der Verarbeitung personenbezogener Daten betroffene Person hat das vom Europäischen Richtlinien- und Verordnungsgeber gewährte Recht, aus Gründen, die sich aus ihrer besonderen Situation ergeben, jederzeit gegen die Verarbeitung sie betreffender personenbezogener Daten, die aufgrund von Art. 6 Abs. 1 Buchstaben e oder f DSGVO erfolgt, Widerspruch einzulegen. Dies gilt auch für ein auf diese Bestimmungen gestütztes Profiling.

B & B Sachsenelektronik GmbH will no longer process your personal data in the event of an objection, unless we can prove compelling reasons for processing that are worthy of protection that outweigh the interests, rights and freedoms of the data subject, or the processing serves the purpose of asserting, exercising or Defense of legal claims.

In order to exercise the right of opposition, the data subject may directly contact the data protection officer.

h) Right to revoke a data protection consent

Any person affected by the processing of personal data has the right, granted by the European directive and regulatory authority, to revoke consent to the processing of personal data at any time.

If the data subject wishes to assert their right to withdraw consent, they can contact our data protection officer at any time.

i) Right to complain to a supervisory authority

Each data subject has the right to complain to a supervisory authority if the data subject considers that the processing of his or her personal data is contrary to the GDPR. The supervisory authority responsible for the [company] is responsible for the Saxon State Data Protection Officer. Information can be found at https://www.saechsdsb.de.

Legal basis of processing

The processing of personal data serves the purpose of fulfilling a contract to which the data subject is a party, as is the case, for example, in processing operations necessary for the provision of services or consideration. Thus, the processing is based on Art. 6 I lit. b DSGVO. The same applies to processing operations that are necessary to carry out pre-contractual measures, such as in cases of inquiries about our services.

Duration for which the personal data is stored

The criterion for the duration of the storage of personal data is the respective statutory retention period. After the deadline, the corresponding data will be routinely deleted, if they are no longer required to fulfill the contract or to initiate a contract.