Privacy Policy

This privacy policy applies to the use of our websites at www.tinnit.de, hereinafter referred to as „Website“.

We attach great importance to data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR). We collect and process your personal data in order to offer you the Website mentioned above. This statement describes how and for what purpose your data is collected and used, and what choices you have regarding personal data.

We treat your personal data confidentially and in accordance with legal regulations. By using this Website, you consent to the collection, use, and transfer of your data in accordance with this privacy policy.

1 Responsible contact

The responsible for the collection, processing, and utilization of your personal data as defined in Article 4(7) of the General Data Protection Regulation (DSGVO) is:

TinniT Technologies GmbH
Essenweinstr. 25
76131 Karlsruhe
Germany

Email: kontakt@tinnit.de
Website: www.tinnit.de 

Phone: +49 (0)721 18316-31
Fax: +49 (0)721 18316-40

If you wish to object to the collection, processing, or use of your data by us in accordance with this privacy policy as a whole or for individual measures, you can address your objection to the controller.

You can save and print this privacy policy at any time.

As this website is continually evolving, changes to this privacy policy may be made. We recommend that you regularly check and read this privacy policy on our website.

2 General Use of the Website

2.1 Hosting

The hosting services used by us serve the provision of the following services: infrastructure and platform services, computing capacity, storage space, and database services, security services, and technical maintenance services that we use for the purpose of operating the Website.

In this context, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6(1) lit. f GDPR in conjunction with Art. 28 GDPR.

2.2 Access Data

We collect information about you when you use this Website. We automatically collect information about your usage behavior and your interaction with us and record data about your computer or mobile device. We collect, store, and use data about every access to our online offer (so-called server log files). Access data includes:

  • Name and URL of the accessed file
  • Date and time of access
  • Amount of data transferred
  • Notification of successful access (HTTP response code)
  • Browser type and version
  • Operating system
  • Referer URL (i.e., the page from which you came to the site)
  • Websites that are accessed by the user’s system through our website
  • Internet service provider of the user
  • IP address and requesting provider

We use this log data without assignment to your person or other profiling for statistical evaluations for the purpose of operation, security, and optimization of our online offer, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services, as well as for billing purposes, to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, search for and fix errors, and improve our services.

This also represents our legitimate interest pursuant to Art. 6(1) S. 1 lit. f GDPR.

We reserve the right to check the log data retrospectively if, on the basis of concrete evidence, the legitimate suspicion of illegal use exists. We store IP addresses for a limited period of 7 days in log files. We delete the IP address after 7 days. IP addresses are stored for security reasons and to clarify cases of misuse. In addition, we store the IP addresses if you have an account with us.

2.3 Cookies

We use so-called session cookies to optimize our online offer. A session cookie is a small text file that is sent by the respective servers when you visit a website and is stored on your hard drive. This file as such contains a so-called session ID, with which various requests from your browser can be assigned to the joint session. This enables your computer to be recognized when you return to our website. These cookies are deleted after you close your browser.

We also use persistent cookies (also small text files stored on your device) in a limited way, which remain on your device and enable us to recognize your browser the next time you visit. These cookies are stored on your hard drive and delete themselves after the specified time. Their lifespan ranges from 1 month to 10 years. This allows us to present our offer in a more user-friendly, effective, and secure manner and, for example, to display information that is specifically tailored to your interests on the page.

Our legitimate interest in using cookies pursuant to Art. 6(1) S. 1 lit. f GDPR is to make our website more user-friendly, effective, and secure.

The cookies store the following data and information, among others:

  • Log-in information
  • Language settings
  • Entered search terms
  • Information about the number of visits to our website and the use of individual functions of our website
  • When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address, or similar data that would enable the cookie to be assigned to you are not placed in the cookie. Based on cookie technology, we only receive pseudonymized information, for example, about which pages were visited, etc.

You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.

2.4 Email contact

If you contact us (e.g., via contact form or email), we will store your details to process the request and in case of follow-up questions.

This also constitutes our legitimate interest pursuant to Art. 6(1) S. 1 lit. f GDPR.

We only store and use further personal data if you consent to it or if this is legally permissible without special consent.

2.5 Google Maps

Our website uses the Google Maps API to display a geographical map showing our location. This service is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When using Google Maps, data about the use of Google’s map functions by visitors to our websites is collected, processed, and used. Information about data usage by Google can be found in Google’s privacy policy at https://policies.google.com/privacy. You can also change your personal privacy settings there.

2.6 Google Fonts

In our online presence, we use Google Fonts to display external fonts. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as „Google“.

To enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing and economically operating our online presence.

Through the connection established to Google when our website is accessed, Google can determine from which website your request has been sent and to which IP address the font display is to be transmitted.

Google provides further information, in particular about options for preventing data usage, at the following links:

https://adssettings.google.com/authenticated

https://policies.google.com/privacy

2.7 Google reCAPTCHA

In our online presence, we use Google reCAPTCHA to check and prevent interactions on our website through automated access, such as bots. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as „Google.“

Through this service, Google can determine from which website a request is sent and from which IP address you use the reCAPTCHA input box. In addition to your IP address, Google may collect other information necessary for providing and ensuring this service.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our online presence and in defense against unwanted automated access, such as spam.

Google provides further information about the general handling of your user data at the following link:

https://policies.google.com/privacy

2.8 Storage Period

Unless specifically stated, we only store personal data for as long as it is necessary to fulfill the purposes pursued.

3 Your Rights as a Data Subject

Under the applicable laws, you have various rights regarding your personal data. If you wish to exercise these rights, please send your request by email or by mail with clear identification of your person to the address mentioned in Section 1.

Below you will find an overview of your rights.

3.1 Right to Confirmation and Information

You have the right to obtain confirmation from us at any time as to whether or not personal data concerning you are being processed. If this is the case, you have the right to request from us free information about the personal data stored about you, along with a copy of this data. Furthermore, you have the right to the following information:

  • the purposes of processing;
  • the categories of personal data processed;
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly in the case of recipients in third countries or international organizations;
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
  • the existence of the right to rectification or erasure of personal data concerning you or restriction of processing by the controller or a right to object to such processing;
  • the existence of a right to lodge a complaint with a supervisory authority;
  • if the personal data is not collected from you, all available information about the origin of the data;
  • the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

If personal data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

3.2 Right to Rectification

You have the right to demand from us without undue delay the
rectification of inaccurate personal data concerning you. Taking into
account the purposes of processing, you have the right to request the
completion of incomplete personal data, including by means of a
supplementary statement.

3.3 Right to Erasure

Pursuant to Art. 17 para. 1 GDPR, you have the right to demand that personal data concerning you be deleted without undue delay, and we are obliged to delete personal data without undue delay if one of the following reasons applies:

  • The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
  • You withdraw your consent on which the processing according to Art. 6 para. 1 lit. a) GDPR or Art. 9 para. 2 lit. a) GDPR is based, and there is no other legal basis for the processing.
  • You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR.
  • The personal data has been unlawfully processed.
  • The erasure of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which we are subject.
  • The personal data was collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.

If we have made the personal data public and we are obliged, pursuant to Art. 17 para. 1 GDPR, to erase the personal data, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

3.4 Right to Restriction of Processing

You have the right to demand that we restrict the processing if one of the following conditions is met:

  • You contest the accuracy of the personal data for a period enabling us to verify the accuracy of the personal data.
  • The processing is unlawful, and you oppose the erasure of the personal data and request the restriction of its use instead.
  • We no longer need the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of legal claims, or
  • You have objected to processing pursuant to Art. 21 para. 1 GDPR pending the verification whether our legitimate grounds override yours.

3.5 Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where:

  • The processing is based on consent pursuant to Art. 6 para. 1 lit. a) GDPR or Art. 9 para. 2 lit. a) GDPR or on a contract pursuant to Art. 6 para. 1 lit. b) GDPR, and
  • The processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

3.6 Right to Object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e) or f) GDPR, including profiling based on those provisions. We shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise or defense of legal claims.

Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Art. 89 para. 1 GDPR, you, on grounds relating to your particular situation, have the right to object to processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

3.7 Automated Decisions Including Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Automated decision-making based on the collected personal data does not take place.

3.8 Right to Withdraw Consent to Data Protection

You have the right to withdraw your consent to the processing of personal data at any time.

3.9 Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, in
particular in the Member State of your habitual residence, place of
work, or place of the alleged infringement, if you consider that the
processing of personal data relating to you infringes the GDPR.

4 Data Security

We strive to ensure the security of your data within the framework of applicable data protection laws and technical possibilities.

Your personal data is transmitted securely by us. We use encryption techniques in the transmission of data on our website, but please note that data transmission over the Internet (e.g., when communicating by email) may have security vulnerabilities. A complete protection of data against access by third parties is not possible.

To secure your data, we maintain technical and organizational security measures according to Art. 32 GDPR, which we constantly adapt to the state of the art.

We also do not guarantee that our services will be available at specific times; disruptions, interruptions, or failures cannot be ruled out. The servers we use are regularly and carefully secured.

5 Disclosure of Data to Third Parties, No Data Transfer to Non- Eu Countries

In principle, we use your personal data only within our company.

If and to the extent we involve third parties in the performance of contracts (e.g., logistics service providers), they will receive personal data only to the extent that the transmission is necessary for the corresponding service.

In the event that we outsource certain parts of data processing („data processing on behalf of the controller“), we contractually obligate processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.

Data transfer to entities or persons outside the EU, except for the cases mentioned in this statement in Section 2, does not take place and is not planned.