Data protection

Last update: 01.07.2022

1. Scope of application 

Dallmeier electronic GmbH & Co.KG (hereinafter referred to as Dallmeier electronic or provider) appreciates your visit to our website and your interest in our company and our products. We take the protection of your personal data very seriously, because we want you to feel safe when visiting our website.

Dallmeier electronic collects, stores or processes data only for its own business purposes. In principle, our websites are available to all users without personal data being collected. Personal data will only be requested, processed and used to the extent necessary to provide services or content that you have requested.

This privacy policy provides you as a user with an overview of the type, scope and purposes of the collection and use of personal data on this website by Dallmeier electronic. Furthermore, data subjects will be informed of their rights by means of this privacy policy. 

The collection and processing of personal data, such as the name, address, e-mail address or telephone number of a person concerned, is carried out in accordance with the requirements of the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Dallmeier electronic, such as the German Federal Data Protection Act (BDSG-neu). 

As far as we collect, store or process personal data, this is done within a data centre. To protect the security of your data during transmission, we use encryption methods (e.g. SSL) via HTTPS. Our servers are protected by firewall and virus protection. Back-up and recovery procedures as well as role and authorisation concepts are a matter of course for us.

Our employees are obliged to observe the regulations of the EU-GDPR, the German Tele Media law (TMG) and the German Federal Data Protection Act (BDSG) when handling data.

As the data processor, Dallmeier electronic has implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, for example by post. 

2. Definitions 

Dallmeier electronic's data protection declaration is based on the terms used by the European guideline and regulation authorities when issuing the General Data Protection Regulation (GDPR). In this privacy policy and on our website we use the following terms, among others, which we would like to explain in advance:

a)      Personal Data
Personal data refers to all information relating to an identified or identifiable natural person (hereinafter "data subject"). Identifiable is a natural person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. 

b)      Data subject
Data subject refers to any identified or identifiable natural person whose personal data are processed by the data processor. 

c)      Processing
Processing means any operation or series of operations carried out with or without the aid of automated procedures in relation to personal data, such as the collection, organisation, sorting, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction of these data. 

d)      Limitation of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing. 

e)      Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not assigned to an identified or identifiable natural person. 

f)       Data controller or data processor
Data controller or data processor is the natural or legal person, public authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are laid down by EU law or by the law of the Member States, the controller or the specific criteria for his appointment may be laid down in accordance with EU law or the law of the Member States. 

g)      Contract data processor
Processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the data controller. 

h)      Recipient
Recipient is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. However, authorities which may receive personal data under EU law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing. 

i)        Third Party
A third party is a natural or legal person, authority, institution or other body other than the data subject, the data processor, the data processor and the persons authorised to process the personal data under the direct responsibility of the data processor or the data processor. 

j)        Consent
Consent shall mean any informed and unequivocal expression of will voluntarily given by the data subject in the particular case in the form of a declaration or other clear affirmative act by which the data subject indicates his or her consent to the processing of personal data concerning him or her. 

k)      Violation of the protection of personal data
Violation of the protection of personal data is a breach of security that leads to destruction, loss or alteration, whether unintentional or unlawful, or to unauthorised disclosure or access to personal data that has been transmitted, stored or otherwise processed. 

3. Responsible legal entity and data protection officer 

The responsible legal entity within the meaning of the GDPR, other data protection laws in force in the Member States of the European Union and other provisions of a data protection nature is 

Dallmeier electronic GmbH & Co.KG
Bahnhofstr. 16
93047 Regensburg - Germany
Phone: +49 941 8700-0
Fax: +49 941 8700-180
Website: www.dallmeier.com
E-Mail: info@ dallmeier.com

We will be happy to answer your questions regarding the processing of your personal data if this data protection declaration could not answer your questions. If necessary, please send us an e-mail or contact our data protection officer:

Christian Volkmer
Projekt 29 GmbH & Co.KG
Ostengasse 14
93047 Regensburg
info@ projekt29.de
Telefon: +49 941 298693-0
Fax: +49 941 298693-16

4. Cookies 

Dallmeier electronic's Internet pages use cookies. Cookies are text files which are stored on a computer system via an Internet browser. They make it possible to store specific information related to the device on the user's access device (PC, smartphone, etc.). On the one hand, they serve the user-friendliness of websites and thus the users (e.g. storage of login data). On the other hand, the cookies are used to collect statistical data on the use of the website and to analyse them in order to improve the offer for the user. Users can influence the use of cookies. Most browsers have an option with which the storage of cookies is restricted or completely prevented. However, it is pointed out that the user experience and comfort can be limited without cookies. 

5. Use of Matomo (known as Piwik before January 2018) 

This website uses Matomo, an open source software for statistical analysis of user access. Matomo uses "cookies", which are text files placed on the user's computer, to help the website analyse how users use the site. The information generated by the cookie about the use of this website is stored on the provider's server in Germany. Users can prevent the installation of cookies by setting their browser software accordingly. However, we would like to point out to users that in this case they may not be able to use all functions of this website in full. 

6. Social Media 

All references to our social media sites are simple links without any data exchange.

Social media presences on Facebook

For the social media presences shown here:

we rely on the technical platform and services of Facebook Ireland Ltd.

Please be aware that you use this Facebook or Instagram page and the functions thereof on your own responsibility. This applies particularly for use of the interactive functions (e.g., commenting, sharing, evaluating). Alternatively, you can also retrieve the information offered on this page via our internet offering. When you visit our Facebook page, Facebook collects your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us as the operator of the Facebook pages with statistical information about the utilisation of these Facebook pages. For more information from Facebook on this subject, follow this link: http://de-de.facebook.com/help/pages/insights.

The data collected about you in this context is processed by Facebook Ltd. and may be transmitted to countries outside the European Union during processing. Facebook provides a general description of the information it receives and how it is used in its data use guidelines. The guidelines also contain information about how to contact Facebook and the setting options for adverts.

The data use guidelines can be accessed via the following link:
http://de-de.facebook.com/about/privacy

Facebook's complete data guidelines are available here: 
https://de-de.facebook.com/full_data_use_policy

The ways in which Facebook uses the data collected during visits to Facebook pages for its own purposes, the extent to which activities on the Facebook page are attributed to individual users, how long Facebook stores this data, and whether data from a visit to a Facebook page is forwarded to third parties are not definitively and clearly specified by Facebook and are not known to us. When you access a Facebook page, the IP address assigned to your user end device is transmitted to Facebook. According to information from Facebook, this IP address is anonymised (for "German" IP addresses). Facebook also stores information about the end devices of its users (e.g., as part of the "Login notification" function); this may enable Facebook to allocate IP addresses to individual users. If you are currently logged into Facebook as a user, there is a cookie with your Facebook ID on your end device. This allows Facebook to verify that you have visited this page and how you used it. This also applies for all other Facebook pages. Through the Facebook buttons embedded in other websites, Facebook is also able to record your visits to those websites and associate them with your Facebook profile. On the basis of this data, content or advertisements can be tailored to your activities and offered to you. If you want to avoid this, you should log off or disable the "Stay logged on" function, delete the cookies present on your device, and close and restart your browser. This will delete Facebook information that can be used to identify you directly. You will then be able to use our Facebook page without having your Facebook ID disclosed. If you access interactive functions on the page (Like, Comment, Share, Messages, etc.), a Facebook login mask appears. Upon completing any necessary login process, you are recognisable to Facebook as a certain user again. To learn how to manage or delete existing information about you, go to the following Facebook support pages: https://de-de.facebook.com/about/privacy#

As an information service provider, we also do not collect or process any data generated by your use of our service. Facebook Ireland is solely responsible for the implementation of these rights as they relate to the data stored by Facebook Ireland following joint processing. You also have a right to object and complain about us as described above.

If you do not wish the data processing activities described here to be performed in future, please cancel the connection between your user profile and my/our paged by activating the functions "I no longer like this page" and/or "Unsubscribe from this page".

7. Information about the Dallmeier LinkedIn page

For the information service offered here, we rely on the technical platform and services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

Please be aware that you use this LinkedIn page and the functions thereof on your own responsibility. This applies particularly for use of the interactive functions. When you visit our LinkedIn page, LinkedIn collects your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us as the operator of the LinkedIn pages with statistical information about the utilisation of the LinkedIn page.

The data collected about you in this context is processed by LinkedIn and may be transmitted to countries outside the European Union during processing. LinkedIn provides a general description of the information it receives and how it is used in its data use guidelines. The guidelines also contain information about how to contact LinkedIn and the setting options for adverts.

The data use guidelines can be accessed via the following link:
https://www.linkedin.com/legal/privacy-policy

The agreement with LinkedIn regarding joint responsibility as defined in Article 26 GDPR (version of 21/8/2020) is available for review at:
https://legal.linkedin.com/pages-joint-controller-addendum

We process data independently when you contact us through contact forms (otherwise known as LinkedIn Lead Generation Forms). Our legitimate interest in the use of the Lead Gen Forms relates to marketing purposes as part of our business preparation, new customer acquisition and customer retention activities. Lead Gen Forms are forms which enable the contact forms to be incorporated in the company profile or as sponsored content. By using these Lead Gen Forms services, we offer prospects a function via which you as the user can make their email address or other user information available for use.

If you are a member of the LinkedIn platform through your personal profile, LinkedIn can assign the call of the abovementioned contents and functions to the user profiles there. More information about data protection and the Lead Gen Ads from LinkedIn is available here: 
https://www.linkedin.com/legal/privacy-policy and https://business.linkedin.com/de-de/marketing-solutions/native-advertising/lead-gen-ads

The most recent version of this data protection statement can be found under the item "Data protection" on our LinkedIn page.

8. Collection of general data and information 

Every time a person or an automated system accesses the website, the provider's website collects a series of general data and information. This general data and information is stored in the log files of the server. We may record (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrer), (4) the subwebsites which are accessed via an accessing system on our website, (5) the date and time of access to the Website, (6) an Internet Protocol address (IP address), (7) the Internet service providers of the accessing system, and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems. 

When using this general data and information, the provider does not draw any conclusions about the person concerned. Rather, this information is required to (1) correctly deliver the contents of our website, (2) optimise the contents of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack. These anonymously collected data and information are therefore evaluated statistically by the provider on the one hand and also with the aim of increasing data protection and data security in our company in order ultimately to ensure an optimum level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a person concerned. 

9. Newsletter

When registering for the provider's newsletter, the data entered by the website visitor is used exclusively for the purpose of using the newsletter service. Users may be informed by e-mail of circumstances relevant to the service or registration (e.g. changes to the newsletter offer or technical circumstances).The data that are entered into the input mask during registration are collected. These are: E-mail address and country. Further data will not be collected. The data will be used exclusively for sending the newsletter and will not be passed on to third parties. You can revoke your consent to the storage of your personal data and its use for the newsletter dispatch by the provider at any time. In each newsletter you will find a corresponding link. In addition, the revocation can be declared via the other contact options indicated on the website. 

10. Contact Dallmeier 

If a website user contacts the provider by e-mail or contact form, the information provided by him will be stored for the purpose of processing the request and for possible follow-up questions. 

11. Deletion and blocking of personal data 

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as this is necessary to achieve the purposes stated herein or as provided for in the various storage periods provided for by law. After the respective purpose or expiry of these periods, the corresponding data will be blocked or deleted as a matter of routine and in accordance with statutory regulations. 

12. Rights of the data subject 

As a person affected by the processing of personal data, you have the following rights. If you wish to assert any of these rights, please contact our data protection officer. To ensure that data can be locked at any time, this data must be kept in a lock file for control purposes. You can also request the deletion of the data, as far as no legal archiving obligation exists. If such an obligation exists, we will block your data on request.

You can make changes or withdraw your consent by notifying us accordingly with effect for the future. 

a)        Right to confirmation
You have the right to ask Dallmeier electronic to confirm whether personal data concerning you will be processed. 

b)        Right to information
You have the right to receive free information from Dallmeier electronic about the personal data stored about you.

c)        Right to correction
You have the right to request the immediate correction, including completion, of any inaccurate personal data concerning you. 

d)         Right to data deletion (right to be forgotten)

  • You have the right to request Dallmeier electronic to delete your personal data immediately, provided that one of the following reasons applies and insofar as processing is not necessary: 
  • The personal data have been collected or otherwise processed for purposes for which they are no longer necessary.
  • You withdraw your consent on which the processing is based pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal basis for the processing.
  • You object to processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for processing, or you object to processing pursuant to Article 21(2) GDPR.
  • The personal data have been processed unlawfully.
  • The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which Dallmeier electronic is subject. 

e)        Right to limitation of processing
You have the right to request Dallmeier electronic to restrict processing if one of the following conditions applies:

  • The accuracy of the personal data is contested by the data subject for a period which enables Dallmeier electronic to check the accuracy of the personal data.
  • The processing is unlawful, the data subject refuses to delete the personal data and instead requests a restriction on the use of the personal data.
  • Dallmeier electronic no longer needs the personal data for the purposes of processing, but the data subject does need them to assert, exercise or defend legal claims.
  • The data subject has filed an objection to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether Dallmeier electronic's justified reasons outweigh those of the data subject. 

f)        Right to data portability
You have the right to receive the personal data concerning you, as the data subject, provided by you to a data controller in a structured, common and machine-readable format. You also have the right to transmit this data to another data controller without obstruction by the data controller to whom the personal data have been provided, provided that the processing is based on the consent provided for in Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract in accordance with Article 6(1)(b) GDPR and that the processing is carried out using automated procedures, unless the processing is necessary for the performance of a task in the public interest or in the exercise of public authority conferred on the data controller.

Furthermore, when exercising your right to data transferability pursuant to Art. 20 para. 1 GDPR, you have the right to request that the personal data be transferred directly by a data controller to another data controller, insofar as this is technically feasible and provided that the rights and freedoms of other persons are not affected by this. 

g)          Right to object
You have the right to object at any time to the processing of personal data concerning you on the basis of Article 6(1)(e) or (f) of the GDPR for reasons arising from your particular situation.

Dallmeier electronic will no longer process personal data in the event of an objection, unless we can prove compelling reasons worthy of protection for the processing, which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

If Dallmeier electronic processes personal data in order to carry out direct advertising, the person concerned has the right to object at any time to the processing of the personal data for the purpose of such advertising. If the data subject objects to Dallmeier electronic processing for direct advertising purposes, Dallmeier electronic will no longer process the personal data for these purposes. 

h)        Right to revoke consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time. 

13. Data protection for applications and during the application procedure 

Dallmeier electronic collects and processes the personal data of applicants for the purpose of processing the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends corresponding application documents to Dallmeier electronic by electronic means, for example by e-mail. If Dallmeier electronic concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If Dallmeier electronic does not conclude an employment contract with the applicant, the application documents will be deleted six months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the data controller. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG). 

14. Changes to our data protection regulations

We reserve the right to occasionally adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply for your next visit.

Data protection information duties

Last update: 24.07.2023

Adjust your cookie preferences

The protection of your personal data is of particular concern to us. We process your personal data (short "data") therefore exclusively on the basis of the legal regulations. With this data protection declaration we want to inform you comprehensively about the processing of your data in our company and the data protection claims and rights to which you are entitled within the meaning of Art. 13 of the European General Data Protection Regulation (EU GDPR).

1. Who is responsible for data processing and to whom can you turn?

Responsible is:

Dallmeier electronic GmbH & Co.KG
Bahnhofstrasse 16
93047 Regensburg
E-Mail: info@ dallmeier.com
Tel.: +49 941 8700-0

The corporate data protection officer is:

Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-Mail: anfragen@ projekt29.de
Tel.: +49  941 298693-0

2. Which data are processed and from which sources do these data originate?

We process the data that we have received from you as part of the contract initiation or processing, on the basis of consents or as part of your application to us or as part of your staff.

Personal data includes:

In the case of contractual and business partners, your master and contact data, including, for example, your first and last name, address, contact data (e-mail address, telephone number, fax), if applicable the name of your legal representative, company, commercial register number, VAT number, company number, contact person contact data, bank data.

For applicants and employees, this includes, for example, first and last name, address, contact data (e-mail address, telephone number, fax), date of birth, data from curriculum vitae and job references, bank data, religious affiliation, photographs, and for employees, tax and insurance data.

For journalists, this includes first and last name, e-mail address, order or employer.

For visitors to our company, this includes name, company affiliation and signature.

In addition, we also process the following other personal data:

  • Information on type and content of contract data, order data, turnover and voucher data, customer and supplier history as well as consulting documents
  • Advertising and sales data
  • Information from your electronic dealings with us (e.g. IP address, log-in data)
  • Other data that we have received from you within the framework of our business relationship (e.g. in customer meetings)
  • The documentation of your declaration of consent for the receipt of e.g. newsletters
  • Photography within the framework of events

3. For what purposes and on what legal basis are the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 as amended:

- To fulfil (pre-)contractual obligations (Art 6 Abs. 1lit.b GDPR):

The processing of your data is carried out for the purchase of goods or services for the processing of contracts, in the case of employees for the processing of contracts for your employment in our company. The data will be processed in particular for the initiation of business transactions and the execution of contracts with you.

- To fulfil legal obligations (Art 6 Abs. 1 lit.c GDPR):

A processing of your data is necessary for the purpose of the fulfilment of different legal obligations e.g. from the commercial code or the tax code.

- To safeguard legitimate interests (Art 6 Abs. 1 lit.f GDPR):

On the basis of a weighing of interests, data processing may take place beyond the actual fulfilment of the contract in order to safeguard the legitimate interests of us or third parties. Data processing to safeguard legitimate interests may take place, for example, in the following cases:

  • Advertising or marketing (see No. 4)
  • Measures for business management and further development of services and products
  • Maintaining a group-wide customer database to improve customer service
  • In the context of legal proceedings
  • Sending of information and press releases that do not promote sales

-  Within the scope of your consen (Art 6 Abs. 1lit.a GDPR):

If you have given us your consent to process your data, e.g. to send you our newsletter, to participate in the business club, to fundraise, to publish photos, to win prizes, etc., we will not use your data for any other purpose.

4. Processing of personal data for advertising purposes

In the case of existing business relationships, we are entitled under the legal requirements of § 7 Abs.3 UWG to use the e-mail address you provided when concluding the contract for direct advertising for our own similar goods or services. You will receive these product recommendations from us irrespective of whether you have subscribed to a newsletter or not.

When participating in the BusinessClub or newsletter we refer to the consent given by you at registration (Art. 6 Abs. 1 lit. a GDPR).

In the case of advertising for the purposes of new acquisition, we invoke the protection of legitimate interests (Art 6 Abs. 1 lit. f GDPR).

You may at any time object to the use of your personal data for advertising purposes in whole or in part without incurring any costs other than the transmission costs according to the basic tariffs.

A message in text form is sufficient for this purpose. Of course, every e-mail always contains an unsubscribe link.

5. Who receives my data?

If we use a service provider in the sense of order processing, we will nevertheless remain responsible for the protection of your data. All contract processors are contractually obliged to treat your data confidentially and to process it only within the scope of the service provision. The contract processors commissioned by us will receive your data if they need the data to perform their respective services. These are, for example, IT service providers that we need for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.

These data are made available to the group companies if necessary for the execution of the contract. Customer data is stored separately for each company, with our parent company acting as a service provider for the individual participating companies.

If there is a legal obligation and in the context of legal proceedings, authorities and courts as well as external auditors may be recipients of your data.

In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of initiating and fulfilling contracts.

6. How long will my data be stored?

We process your data until the end of the business relationship or until the expiry of the applicable statutory retention periods (e.g. from the German Commercial Code, the Tax Code or the Working Hours Act); furthermore until the end of any legal disputes in which the data is required as evidence.

7. Is personal data transferred to a third country?

In principle, we do not transfer any data to a third country. In individual cases, data will only be transferred on the basis of an adequacy decision by the European Commission, standard contractual clauses, suitable guarantees or your express consent.

8. What data protection rights do I have?

You have the right to information, correction, deletion or restriction of the processing of your stored data at any time, the right to object to the processing, the right to data transfer and the right to lodge a complaint in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to correction:

If we process your data that is incomplete or incorrect, you can demand that we correct or complete it at any time.

Right to deletion:

You can demand that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent an immediate deletion, e.g. in the case of legally regulated storage obligations.

Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no legal or statutory obligation to retain data in this respect.

Right to limitation of processing:

You can demand that we restrict the processing of your data if

  • You dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data
  • The processing of the data is unlawful, but you refuse to delete it and instead demand a restriction on the use of the data
  • We no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • You have objected to the processing of the data

Right to data transferability:

You may request that we make available to you the data you have provided to us in a structured, common and machine-readable format and that you may transfer such data to another responsible person without our interference, provided that

  • We process this data on the basis of an agreement given and revocable by you or for the fulfilment of a contract between us, and
  • This processing shall be carried out by automated means

If technically feasible, you may request us to transfer your data directly to another responsible person.

Right of objection:

If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can prove compelling grounds for processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of appeal:

If you are of the opinion that we violate German or European data protection law when processing your data, please contact us in order to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the above rights against us, please contact our data protection officer. In case of doubt, we can request additional information to confirm your identity.

9. Am I obliged to provide data?

The processing of your data is necessary to conclude or fulfil your contract with us. If you do not provide us with this data, we will generally have to refuse to conclude the contract or will no longer be able to execute an existing contract and will therefore have to terminate it. However, you are not obliged to give your consent to data processing with regard to data which is not relevant for the performance of the contract or which is not required by law.

Privacy Policy - SeMSy Mobile Client App

Last update: 19.07.2023

Preambel

This service (hereinafter referred to as "App") is provided by 

Dallmeier electronic GmbH & Co.KG
Bahnhofstrasse 16
93047 Regensburg
E-Mail: info@ dallmeier.com
Tel.: +49 941 8700-0

(hereinafter "we" or "us") as the responsible party within the meaning of the applicable data protection law.

Within the scope of the app, we provide you with mobile and professional access to Dallmeier camera and recording systems via the Dallmeier Connect Service. After creating an account, the latest Dallmeier cameras can be integrated directly, quickly and easily via a QR code and assigned to a location (site). Current Dallmeier recording systems can be integrated just as easily as an option, which also supports access to older camera generations as a link (proxy).

When you use the app, we process personal data about you. Personal data means any information relating to an identified or identifiable natural person. Because protecting your privacy when using the app is important to us, we would like to inform you in the following which personal data we process when you use the app and how we handle this data. In addition, we inform you about the legal basis for the processing of your data and, insofar as the processing is necessary to protect our legitimate interests, also about our legitimate interests.

You can access this privacy policy at any time under the menu item Settings/Information/End User Privacy Policy within the app.

1. Information on the processing of your data

Certain information is already processed automatically as soon as you use the app. We have listed exactly which personal data is processed for you below:

1.1 Information collected during the download process

When downloading the app, certain required information is transmitted to the app store selected by you (e.g. Google Play or Apple App Store), in particular the user name, the e-mail address, the customer number of your account, the time of the download, payment information and the individual device identification number may be processed. The processing of this data is carried out exclusively by the respective App Store and is beyond our control.

1.2 Information that is collected automatically

As part of your use of the app, we automatically collect certain data that is required for the use of the app. These are e.g. 

  • your IP address, times of contact with our servers
  • Performance reports (app start-up time, time until the first rendered frame)
  • Crash reports (error messages and system variables at the time of the crash).

This data is automatically transmitted to us, 

  1. to provide the Service and related features to you; 
  2. improve the functions and features of the App; and
  3. prevent and remedy misuse and malfunctions. 

This data processing is justified by the fact that. 

  1. the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art. 6 para. 1 lit. b) GDPR for the use of the App, or 
  2. we have a legitimate interest in ensuring the functionality and error-free operation of the App and in being able to offer a service that is in line with the market and interests, which here outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) f) GDPR.

1.3 Creation of a user account (registration) and login

When you create a user account or log in, we use your access data (e-mail address and password) to grant you access to your user account and to manage it ("mandatory data"). Mandatory data within the scope of registration are marked with an asterisk and are required for the conclusion of the user contract. If you do not provide this data, you will not be able to create a user account.

In addition, you can provide your first name and surname as voluntary details during registration.
We use the mandatory information to authenticate you when you log in and to follow up on requests to reset your password. The information you provide as part of the registration or login process will be processed and used by us, 

  1. to verify your eligibility to manage the user account; 
  2. enforce the App's Terms of Use and any rights and obligations associated therewith; and 
  3. to contact you to send you technical or legal notices, updates, security messages or other communications relating to, for example, the administration of the User Account.

This data processing is justified by the fact that 

  1. the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art. 6(1)(b) GDPR for the use of the App, or 
  2. we have a legitimate interest in ensuring the functionality and fault-free operation of the App, which here outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) f) GDPR.

1.4 Use of the app

Within the framework of the app, you can enter, manage and edit various information and activities. This information includes, in particular, data on the Creation of sites, as well as the assignment of cameras to sites, user invitations and user administration.

The app also requires the following permissions:

  • Internet access: This is required to generally establish a connection to cameras and recorders or to be informed about alarms.
  • Camera access: This is required so that you can scan the QR code to integrate Dallmeier cameras. However, this authorisation is optional; Dallmeier cameras can also be integrated by entering a security code.
  • Microphone: This is required so that you can use the audio talkback function of the app. However, this authorisation is optional, the app can also be used without the talkback function. 
  • Push Notification: This is required so that you receive a corresponding notification for alarms that you define yourself. However, this authorisation is optional; the app can also be used without push notification. 

The processing and use of usage data is carried out for the provision of the service. This data processing is justified by the fact that the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art. 6 (1) lit. b) GDPR for the use of the app.

For optional processing, the basis is your consent pursuant to Art. 6 para. 1 lit. a) GDPR.

2. Disclosure and transfer of data

In addition to the cases explicitly mentioned in this data protection declaration, your personal data will only be passed on without your express prior consent if this is permitted or required by law. This may be the case, for example, if the processing is necessary to protect the vital interests of the user or another natural person.

2.1 The data provided by you during registration will be shared within the Dallmeier group of companies for internal administrative purposes, including joint customer support, to the extent necessary.

Any disclosure of the personal data is justified by the fact that we have a legitimate interest in disclosing the data for administrative purposes within our group of companies and that your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) f) GDPR are not overridden.

2.2 If it is necessary to clarify illegal or abusive use of the app or for legal prosecution, personal data will be forwarded to the law enforcement authorities or other authorities and, if necessary, to injured third parties or legal advisors. However, this only happens if there are indications of unlawful or abusive behaviour. A transfer may also take place if this serves the enforcement of terms of use or other legal claims. We are also legally obliged to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offences subject to fines and the tax authorities.

Any disclosure of personal data is justified by the fact that

  1. the processing is necessary for compliance with a legal obligation to which we are subject pursuant to Art. 6 para. 1 lit. f) GDPR in conjunction with national legal requirements to disclose data to law enforcement authorities, or 
  2. we have a legitimate interest in disclosing the data to the aforementioned third parties if there are indications of abusive behaviour or in order to enforce our terms of use, other conditions or legal claims and your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) GDPR are not overridden.

2.3 We rely on contractually affiliated companies of the Dallmeier Group as well as the following third-party companies and external service providers to provide our service:

Microsoft Azure      

  • Hosting of backend services

Service provider:

Microsoft Ireland Operations Ltd.
One Microsoft Place
South County Business Park
Leopardstown
Dublin 18 – Ireland

Google Firebase    

  • Provision of push messages
  • Crash and performance reports

Service provider:

Google Inc.
1600 Amphitheatre Parkway
Mountain View
CA 94043 - USA

Any disclosure of personal data is justified by the fact that

  1. we have a legitimate interest in disclosing the data for administrative purposes within our group of companies and your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f) GDPR are not overridden, and 
  2. we have carefully selected our third-party companies and external service providers as processors within the scope of Art. 28 (1) GDPR, regularly checked them and contractually obliged them to process all personal data exclusively in accordance with our instructions.

2.4 As our business evolves, we may change the structure of our business by changing its legal form, establishing, buying or selling subsidiaries, divisions or components. In such transactions, customer information may be transferred along with the part of the business being transferred. Any transfer of personal information to third parties to the extent described above will be done in accordance with this Privacy Policy and applicable data protection law.

Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as required and that your rights and interests in the protection of your personal data within the meaning of Article 6 (1) (f) of the German Data Protection Regulation (GDPR) do not outweigh this interest.

3. Data transfers to third countries

We also process data in countries outside the European Economic Area ("EEA"). This concerns in detail:

Google Firebase ein Dienst der Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google only receives pseudonymous data from you, primarily a unique ID of your installed app. 

In order to ensure the protection of the personal rights of users also in the context of these data transfers, we make use of the standard contractual clauses of the EU Commission in accordance with Art. 46 (2) c) GDPR and the EU adequacy decision for the USA in connection with the certification of Google in accordance with the TransAtlantic Data Privacy Framework when structuring the contractual relationship.

4. Changes of purpose

Processing of your personal data for purposes other than those described will only take place if permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.

5. Period of data storage

We delete or anonymise your personal data as soon as it is no longer required for the purposes for which we collected or used it in accordance with the above paragraphs. As a rule, we store your personal data for the duration of the usage or contractual relationship via the app plus a period of 365 days, during which we keep backup copies after deletion, unless this data is needed for longer for criminal prosecution or to secure, assert or enforce legal claims. 

Specific statements in this privacy policy or legal requirements for the retention and deletion of personal data, in particular data that we are required to retain for tax reasons, remain unaffected.

6. Your rights as a data subject

6.1 Right to information

You have the right to request information from us at any time about the personal data we process that concerns you within the scope of Art. 15 GDPR. To do this, you can send a request by post or email to the address below.

6.2 Right to rectify inaccurate data

You have the right to request that we correct personal data relating to you without delay if it is incorrect. To do so, please contact us at the addresses below.

6.3 Right to erasure

You have the right to demand that we delete the personal data relating to you under the conditions described in Art. 17 GDPR. These conditions provide in particular for a right to erasure if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an obligation to erase under Union law or the law of the Member State to which we are subject. For the period of data storage, please also see section 5 of this data protection declaration. To exercise your right to erasure, please contact us at the addresses below.

6.4 Right to restriction of processing

You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the duration that the verification of the accuracy requires, as well as in the event that the user requests restricted processing instead of erasure in the case of an existing right to erasure; furthermore, in the event that the data are no longer necessary for the purposes pursued by us, but the user requires them for the assertion, exercise or defence of legal claims, as well as if the successful exercise of an objection is still disputed between us and the user. To exercise your right to restrict processing, please contact us at the contact addresses below.

6.5 Right to data portability

You have the right to receive from us the personal data relating to you that you have provided to us in a structured, commonly used, machine-readable format in accordance with Article 20 GDPR. To exercise your right to data portability, please contact us at the contact addresses below.

7.  Right of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out, inter alia, on the basis of Article 6(1)(e) or (f) GDPR, in accordance with Article 21 GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

8. Right of complaint

If you are of the opinion that we violate German or European data protection law when processing your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

9. Contact

If you have any questions or comments about our handling of your personal data, or if you wish to exercise the rights as a data subject set out in sections 6 and 7, please contact 

Dallmeier electronic GmbH & Co.KG
Bahnhofstrasse 16
93047 Regensburg
E-Mail: info@ dallmeier.com
Tel.: +49 941 8700-0

Our data protection officer can be reached at the following contact details: 

Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Tel.: +49 941 298693-0
Fax: +49 941 298693-16
E-Mail: anfrage@ projekt29.de

10. Changes to this data protection declaration

We always keep this data protection declaration up to date. Therefore, we reserve the right to change it from time to time and to update any changes in the collection, processing or use of your data. The current version of the privacy policy is always available under Settings/Information/End User Privacy Policy within the app.