Imprint & Privacy


Responsible for content and presentation:

Christian Zang GmbH
Ideas for surface technology

Ossenpaß 11
D-47623 Kevelaer
Tel.: +49 (0) 28 32 / 97 95-70
Fax: +49 (0) 28 32 / 97 95-73

E-Mail: info@christianzang.de
Internet: www.christianzang.de

Managing Director: Christian Zang

VAT ID No.: DE 217108759
Tax ID No.: 113/5760/0810

Local Court: Kleve, HRB 4588

Responsible for layout and design:

www.2do-digital.de


Disclaimer

1. Introduction

The following information is intended to provide you, as a “data subject,” with an overview of how we process your personal data and your rights under data protection laws. In general, you can use our website without providing any personal data. However, if you wish to use specific services offered by our company via our website, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain your consent.

The processing of personal data, such as your name, address, or email address, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to “Christian Zang GmbH.” Through this privacy policy, we would like to inform you about the scope and purpose of the personal data we collect, use, and process.

As the data controller, we have implemented numerous technical and organizational measures to ensure the most comprehensive protection possible for the personal data processed via this website. However, internet-based data transmissions may inherently involve security vulnerabilities, meaning that absolute protection cannot be guaranteed. For this reason, you are free to provide us with personal data through alternative channels, such as by phone or mail.

You, too, can take simple and easy-to-implement steps to protect your data from unauthorized access by third parties. We would therefore like to provide you with some tips on how to handle your data securely:

Protect your account (login, user account, or customer account) and your IT system (computer, laptop, tablet, or mobile device) with strong passwords.

Only you should have access to the passwords.

Make sure you only use your passwords for a single account (login, user account, or customer account).

Do not use the same password for different websites, applications, or online services.

This is especially important when using IT systems that are publicly accessible or shared with others: You should always log out after each session on a website, app, or online service.

Passwords should be at least 12 characters long and chosen in such a way that they cannot be easily guessed. Therefore, they should not include common everyday words, your own name, or the names of relatives, but should instead include uppercase and lowercase letters, numbers, and special characters.

2. Data Controller

The controller within the meaning of the GDPR is:

Christian Zang GmbH
Ossenpaß 11, 47623 Kevelaer, Germany
Phone: +49 (0) 28 32 / 97 95-70
Fax: +49 (0) 28 32 / 97 95-73
Email: info@christianzang.de
Representative of the data controller: Christian Zang

3. Data Protection Officer

You can contact the Data Protection Officer as follows:

René Floitgraf
Phone: +49 2402 924598-0
Fax: +49 2402 924598-9
Email: rf@complipro.de

You can contact our Data Protection Officer directly at any time with questions or suggestions regarding data protection.

4. Definitions

This Privacy Policy is based on the terminology used by European legislators and regulators when enacting the General Data Protection Regulation (GDPR). Our Privacy Policy is intended to be easy to read and understand for the general public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

In this Privacy Policy, we use the following terms, among others:

1. Personal Data

Personal data refers to any information relating to an identified or identifiable natural person. A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

2. Data subject

A data subject is any identified or identifiable natural person whose personal data is processed by the data controller (our company).

3. Processing

Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution, or any other form of making available, alignment or combination, restriction, erasure, or destruction.

4. Restriction of processing

Restriction of processing refers to the marking of stored personal data with the aim of limiting its future processing.

5. Profiling

Profiling means any form of automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

6. Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures that ensure the personal data is not attributed to an identified or identifiable natural person.

7. Data processors

A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

8. Recipient

A recipient is a natural or legal person, public authority, agency, or other body to whom personal data is disclosed, regardless of whether or not that entity is a third party. However, public authorities that may receive personal data in the course of a specific investigative mandate under Union law or the law of the Member States are not considered recipients.

9. Third Party

A third party is a natural or legal person, public authority, agency, or other body other than the data subject, the controller, the processor, and the persons authorized to process the personal data under the direct authority of the controller or the processor.

10. Consent

Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, expressed in the form of a statement or by a clear affirmative action, by which the data subject indicates that they consent to the processing of their personal data.

5. Legal basis for processing

Article 6(1)(a) of the GDPR (in conjunction with Section 25(1) of the TDDDG (formerly the TTDSG)) serves as the legal basis for our company’s processing activities in which we obtain consent for a specific processing purpose.

If the processing of personal data is necessary for the performance of a contract to which you are a party—as is the case, for example, with processing operations required for the delivery of goods or the provision of other services or consideration—the processing is based on Article 6(1)(b) of the GDPR. The same applies to processing operations necessary for the implementation of pre-contractual measures, such as in cases of inquiries regarding our products or services.

If our company is subject to a legal obligation that requires the processing of personal data—such as to comply with tax obligations—the processing is based on Article 6(1)(c) of the GDPR.

In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and their name, age, health insurance information, or other vital information had to be disclosed to a doctor, a hospital, or other third parties. In such cases, the processing would be based on Article 6(1)(d) of the GDPR.

Ultimately, processing operations may be based on Article 6(1)(f) of the GDPR. This legal basis applies to processing operations not covered by any of the aforementioned legal bases, provided that the processing is necessary to safeguard a legitimate interest of our company or a third party, unless the interests, fundamental rights, and freedoms of the data subject override those interests. We are permitted to carry out such processing operations in particular because they were specifically mentioned by the European legislator. In this regard, the legislator took the view that a legitimate interest could be assumed if you are a customer of our company (Recital 47, Sentence 2 of the GDPR).

6. Technology

6.1 SSL/TLS Encryption

This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential information—such as orders, login credentials, or contact requests—that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address bar of your browser displays “https://” instead of “http://” and by the lock icon in your browser’s address bar.

We use this technology to protect the data you submit.

6.2 Data Collection When Visiting the Website

When you use our website solely for informational purposes—that is, if you do not register, provide us with any information, or give consent to processing activities requiring consent—we collect only the data that is technically necessary to provide the service. This typically includes data that your browser transmits to our server (stored in so-called server log files). Our website collects a range of general data and information each time you or an automated system accesses a page. This general data and information is stored in the server’s log files. The following may be collected:

  1. types and versions of browsers used,
  2. the operating system used by the accessing system,
  3. the website from which a connecting system accesses our website (known as a referrer),
  4. the subpages accessed via a connecting system on our website,
  5. the date and time of a visit to the website,
  6. an Internet Protocol (IP) address and,
  7. the Internet service provider of the accessing system.

We do not use this general data and information to identify you personally. Rather, this information is needed to

  1. to deliver the content of our website correctly,
  2. to optimize the content of our website as well as the advertising for it,
  3. to ensure the continued functionality of our IT systems and the technology behind our website, as well as
  4. to provide law enforcement agencies with the information necessary for criminal prosecution in the event of a cyberattack.

We therefore use the data and information collected for statistical purposes and to enhance data protection and data security within our company, with the ultimate goal of ensuring an optimal level of protection for the personal data we process. The data from the server log files is stored separately from any personal data provided by a data subject.

The legal basis for data processing is Article 6(1)(f) of the GDPR. Our legitimate interest stems from the purposes of data collection listed above.

7. Cookies

7.1 Legal Basis for the Use of Cookies

The data processed by cookies, which is necessary for the proper functioning of the website, is therefore required to safeguard our legitimate interests and those of third parties pursuant to Article 6(1)(f) of the GDPR.

For all other cookies, you have provided your consent via our opt-in cookie banner in accordance with Article 6(1)(a) of the GDPR.

8. Content of our Website

8.1 Contact Us / Contact Form

When you contact us (e.g., via the contact form or email), personal data is collected. The specific data collected when using a contact form is indicated on the respective contact form. This data is stored and used exclusively for the purpose of responding to your inquiry or for establishing contact and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your inquiry pursuant to Art. 6(1)(f) of the GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) of the GDPR. Your data will be deleted after your inquiry has been fully processed; this is the case when it can be inferred from the circumstances that the matter in question has been conclusively resolved and there are no legal retention obligations preventing deletion.

9. Plugins and other services

9.1 Font Awesome

Our website uses web fonts to ensure consistent font display. These fonts are provided by Fonticons Inc., 307 S Main St Ste 202, Bentonville, AR, USA. When you visit a page, your browser loads the necessary web fonts into its cache to display text and fonts correctly.

To this end, the browser you are using must connect to the servers of Fonticons, Inc. As a result, Fonticons, Inc. becomes aware that our website has been accessed via your IP address. The use of Font Awesome is permitted only upon your express consent in accordance with Article 6(1)(a) of the GDPR.

If your browser does not support Font Awesome, a default font will be used on your device.

For more information about Fonticons Inc.'s privacy policy, please visit: https://fontawesome.com/privacy.

9.2 Use of Google Analytics
(1) This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies,” which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is typically transmitted to and stored on a Google server in the United States. However, if IP anonymization is enabled on this website, your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website and internet usage to the website operator.

(2) The IP address transmitted by your browser as part of Google Analytics is not combined with other data held by Google.

(3) You can prevent cookies from being stored by adjusting your browser settings accordingly; however, please note that in this case you may not be able to use all features of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

(4) This website uses Google Analytics with the “_anonymizeIp()” extension. This shortens IP addresses during processing, thereby preventing any personal identification. If the data collected about you is personally identifiable, such identification is immediately ruled out, and the personal data is promptly deleted.

(5) We use Google Analytics to analyze and regularly improve the use of our website. The statistics we collect allow us to enhance our offerings and make them more appealing to you as a user. In the exceptional cases where personal data is transferred to the United States, Google has submitted to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Article 6(1)(f) of the GDPR.

(6) Third-party provider information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of Service:
http://www.google.com/analytics/terms/de.html, Privacy Policy Overview:
http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the Privacy Policy:
http://www.google.de/intl/de/policies/privacy

(7) This website also uses Google Analytics to track visitor activity across devices using a user ID. You can disable cross-device tracking of your usage in your customer account under “My Data” > “Personal Data.”

9.3 Integration of Google Maps
(1) We use Google Maps on this website. This allows us to display interactive maps directly on the website and enables you to use the map feature conveniently.

(2) When you visit the website, Google receives information that you have accessed the relevant page of our website. In addition, the data collected during your visit to our website is transmitted. This occurs regardless of whether you are logged in to a Google user account or do not have a user account. If you are logged in to Google, your data will be directly associated with your account. If you do not wish for this data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising, market research, and/or to tailor its website to your needs. Such analysis is carried out in particular (even for users who are not logged in) to deliver targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, in which case you must contact Google to exercise this right.

(3) For more information on the purpose and scope of data collection and its processing by the plugin provider, please refer to the provider’s privacy policy. There you will also find further information about your rights in this regard and settings options for protecting your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the United States and has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

9.4 Privacy Policy Regarding the Use of Google reCAPTCHA
We use the Google service reCaptcha to determine whether a human or a computer is entering data into our contact or newsletter form. Google uses the following data to verify whether you are a human or a computer: the IP address of the device used, the webpage you are visiting on our site where the reCaptcha is embedded, the date and duration of the visit, the identification data of the browser and operating system type used, your Google account if you are logged in to Google, mouse movements on the reCaptcha fields, and tasks requiring you to identify images. The legal basis for the described data processing is Article 6(1)(f) of the General Data Protection Regulation. We have a legitimate interest in this data processing to ensure the security of our website and to protect ourselves against automated inputs (attacks).

10. Your rights as a data subject

10.1 Right to Confirmation

You have the right to request confirmation from us as to whether personal data concerning you is being processed.

10.2 Right of access (Art. 15 of the GDPR)

You have the right to request, at any time and free of charge, information from us regarding the personal data we have stored about you, as well as a copy of this data, in accordance with applicable legal provisions.

10.3 Right to Rectification, Article 16 of the GDPR

You have the right to request the correction of inaccurate personal data concerning you. You also have the right to request that incomplete personal data be completed, taking into account the purposes of the processing.

10.4 Erasure (Article 17 of the GDPR)

You have the right to request that we delete your personal data without delay, provided that one of the grounds specified by law applies and the processing or storage is not necessary.

10.5 Restriction of processing (Article 18 of the GDPR)

You have the right to request that we restrict the processing of your personal data if any of the legal requirements are met.

10.6 Data Portability, Article 20 of the GDPR

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller to whom the personal data has been provided, without hindrance from us, provided that the processing is based on consent pursuant to Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR or on a contract pursuant to Article 6(1)(b) of the GDPR, and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Furthermore, when exercising your right to data portability under Article 20(1) of the GDPR, you have the right to have your personal data transmitted directly from one controller to another, provided that this is technically feasible and does not adversely affect the rights and freedoms of others.

10.7 Right to object under Article 21 of the GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data carried out pursuant to Article 6(1)(e) (data processing in the public interest) or (f) (data processing based on a balancing of interests) of the GDPR.

This also applies to profiling based on these provisions within the meaning of Article 4(4) of the GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.

In certain cases, we process personal data for the purpose of direct marketing. You may object at any time to the processing of your personal data for such marketing purposes. This also applies to profiling, insofar as it is related to such direct marketing. If you object to the processing of your personal data for direct marketing purposes, we will no longer process your personal data for these purposes.

In addition, you have the right to object, on grounds relating to your particular situation, to the processing of your personal data that we carry out for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) of the GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

You are free to exercise your right to object, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures that use technical specifications.

10.8 Withdrawal of Consent Under Data Protection Law

You have the right to withdraw your consent to the processing of personal data at any time, with effect for the future.

10.9 Filing a complaint with a supervisory authority

You have the right to file a complaint with a data protection supervisory authority regarding our processing of personal data.

This privacy policy was created with the assistance of the data protection software CompliPro DSMS.

Scroll to Top