Data protection declaration

This declaration regulates the protection of your personal data, which is an important concern for us. We have taken all technical and organizational measures to properly implement the legal requirements of data protection and are continuously developing these further.

To make the data protection declaration easier to understand, we first explain some important terms of the General Data Protection Regulation (GDPR)

Personal data is all information that can be used to determine the identity of a person. Identification can be done directly or indirectly via various characteristics.
Typical examples of direct personal data are name, address, e-mail addresses, telephone number, location data, date of birth. Typical examples of indirect personal data are IP addresses or user data that are stored in server log files.
A data subject is an identified or identifiable natural person whose personal data is processed.

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or linking, restriction, erasure or destruction.
Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or other body to which personal data are disclosed, whether or not they are a third party. However, authorities which may receive personal data in the context of a particular investigation in accordance with Union or Member State law shall not be regarded as recipients; the processing of these data by the authorities mentioned is carried out in accordance with the applicable data protection regulations in accordance with the purposes of the processing.

A third party is a natural or legal person, authority, institution or other body, other than the data subject, the controller, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or processor.
The consent of the data subject is any voluntary, specific, informed and unambiguous expression of will in the form of a declaration or other unambiguous confirmatory act by which the data subject indicates that he or she agrees to the processing of personal data concerning him or her.

We would like to point out that
1. data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps and that complete protection of the data against the Access by third parties is not possible.
2. that your browser transmits your IP address when you visit our website. The IP address is required in order to be able to clearly identify the device you use for data transport.

Information on data collection in accordance with Article 13 GDPR for customers
As of March 2021

1.Responsible person
The company
ABC Autoglas Europe GmbH
Konrad-Zuse-Str. 16,
66459 Kirkel-Limbach
Tel.: +49 6841 98480 0
Fax.: +49 6841 98480 80
Mail: kirkel@abc-autoglas.de

legally represented by the managing directors Marc Pfaff, Markus J. Schmidt
processes your personal data and is therefore responsible for compliance with the protection of your personal data.

2. Data protection officer
You can contact our data protection officer at

Obere Rischbachstr.102
66386 St. Ingbert
Tel.: +49 6894 888327
Fax: +49 6894 888328
.

3. Purposes (legitimate interests), legal basis for processing
We process your personal data for the purposes stated below on the following legal basis:

Purpose and legal basis
Consent Art 6 (1) a GDPR
• Advertising by email in the form of price lists
Contract or pre-contractual relationship Art 6 (1) b GDPR
Your personal data will be processed to fulfill the contract concluded with you or to carry out pre-contractual measures that are carried out at your request.

For example:
• Payment transactions
• Shipping by freight forwarder
• Complaints handling
• Debt collection for debt collection
Legal obligation Art. 6 (1) c GDPR in connection with


In financial accounting:
• Preparation of balance sheets
• Storage obligations under the Tax Code, including for commercial and business letters, accounting documents, other documents for taxation § 140 ff. AO 238, 257 HGB
• Customs processing Union Customs Code (UCC) Regulation EU No. 952/2013
Customs Ordinance (ZollV)
• E-mail archiving GoBD
• To grant the rights of those affected according to the Data Protection Ordinance and the Federal Data Protection Act Art. 15-23, 39 GDPR
• Destruction/deletion of files and data carriers Art. 17 GDPR
Legitimate interests Art. 6 (1) f GDPR


We process your personal data to protect our own legitimate interests in accordance with your personal rights under GDPR, these include:
• To increase sales and for marketing purposes, we use a computer-controlled ABC analysis.
• To protect against bad debts, we carry out a credit check by Creditreform.
• To protect our own legal claims and to defend them, we store relevant data.
• To protect against payment defaults in the event of damage, we may take out transport insurance.
• To maintain IT security and to protect against attacks, we log the connection data.
• Logging takes place for billing purposes and tracking of Internet usage, telephone data and emails.
• Direct advertising via catalog serves to increase sales and provide information to our customers.
• Providing information via our website is a legitimate interest.

• To clean up the data, we destroy files and data storage media when the purpose no longer applies or the retention periods have been met.
• To protect the house rules, the premises and building are monitored by a security service.

4. Recipients or categories of recipients
We may pass on your personal data to the following recipients or categories of recipients:
Tax consultants, tax authorities, debt collection agencies, Creditreform, external service providers, document shredders, lawyers, shipping companies, customs authorities

5. Third country
The controller has no intention of transmitting your personal data to a third country or an international organization.

6. Duration of storage
Your personal data will be deleted, as stated in this data protection declaration, as soon as the purpose for which it was collected no longer applies, unless we are legally obliged to store it. As a rule, your personal data will be deleted no later than 10 years after the end of the order.

7. Right to information, correction, deletion, restriction, data portability
You have the right to information about the personal data concerning you (Art. 15 GDPR), the processing purposes, the categories of personal data, the recipients or categories of recipients to whom your data has been or will be disclosed, in particular recipients in third countries, and the planned storage period. If data was not collected by us, you have the right to information about the origin of the data. In addition, you have the right to rectification (Art. 16 GDPR) or to erasure of your data (Art. 17 GDPR) or to restriction of processing (Art. 18 GDPR) as well as the right to data portability (Art. 20 GDPR). The right to data portability includes the provision of the personal data concerning you in a structured, common and machine-readable format so that the data can be transmitted to another controller without hindrance.
In addition, you have the right to object to processing (Art. 21 GDPR) if we process your data on the basis of a legitimate interest asserted by us (Art. 6 Para. 1 Clause 1 Letter f GDPR) and you have reasons that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you can object without specifying a particular situation.

8. Revocation of consent
If you have given us consent to process your personal data, you have the right to revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until the revocation. If you have given us consent to process your personal data, you have the right to revoke your consent at any time, without affecting the legality of the processing carried out on the basis of the consent until the revocation (Art. 7 (3) GDPR.)
You can assert your rights of objection or revocation using the contact details of the person responsible or data protection officer.
9. Right to complain
You have the right to complain to the supervisory authority in your place of residence (Art. 77 GDPR).
In Saarland:
Independent Data Protection Center Saarland, Fritz-Dobisch-Straße 12, 66111 Saarbrücken, Tel. 0681 947810

10. Necessity of providing personal data
You are neither legally nor contractually obliged to provide us with your personal data. However, the provision of your personal data is necessary to carry out pre-contractual measures or within the framework of the contractual relationship and for the purposes mentioned.

11. Automated decision-making
Automated decision-making based on personal data, including profiling and scoring, does not take place.

12. Processing for other purposes (change of purpose)
Further processing for purposes other than those for which the personal data was collected does not take place. Should this become necessary, we will provide you with information about this other purpose and all other relevant information before this further processing.

14. Data security
We use the SSL (Secure Socket Layer) process on our website. The data transfer is encrypted with 256 bits if your browser supports this. Otherwise, 128-bit encryption is used. You can recognize the encrypted transfer by a lock symbol in your browser.
In addition, we have taken technical and organizational measures to ensure the ongoing security of your data.

15. Tools/plugins used on this website
This website uses tools/plugins from various providers.

15. 1 Tools/Plugins with consent, Art. 6 (1) S.1 lit. a GDPR
No tools/plug-ins are integrated. 

16. Status of the data protection declaration
This data protection declaration is dated September 7, 2020. It is subject to adjustment if the content of our website changes, the legal regulations change or official requirements have to be implemented.
© 2021 ZEiD GmbH. This data protection declaration is protected by copyright.