It matters to us that the personal data belonging to our customers and visitors are protected and secure. We have therefore designed our website to gather and/or process as little personal data as possible. All data gathering, processing and use is in compliance with the GDPR as well as the nationally applicable data protection laws and only with your consent. In this data protection policy, we state which information is gathered and how it is used.
The party responsible for compliance with EU General Data Protection Regulation (GDPR) is
Gamma-Scout GmbH & Co. KG
+ 49 (0) 221-200 540 91
Personal data such as name, address, phone number or email address are gathered when an individual chooses to use our contact form or our online shop or registers their device. We use your freely submitted data purely for the purpose of contacting you. Data gathered in the course of registration and purchases made in the online shop are used only for device support and sales management.
The legal basis for processing such data is point (a) of Article 6(1) of the GDPR.
The website provider automatically gathers and stores information in so-called server logfiles which are automatically transmitted by your browser. These are:
We do not store this data or any other personal data.
The legal basis for this is the stipulation of point (f) of Art. 6(1) (legitimate interest) of the EU General Data Protection Regulation (GDPR). Our requirements in respect of the GDPR (legitimate interest) are to facilitate fault analysis, optimize the website and ensure the security of the IT systems.
These data are automatically deleted after 30 days.
In an exception to that, data can be stored for purposes of criminal prosecution in the event of misuse beyond this time limit until the process of evidence preservation has been completed.
Such data is not exploited for marketing purposes nor is it combined with other data sources.
The gathering of data for provision to the website and the storage of data in logfiles is essential for the website to operate. The user therefore has no rights of objection to this.
Not accepting cookies does not negatively impact the functionality of our website, other than its administration.
Cookies are small text files deposited on your computer. The cookies we use are deleted at the end of the browser session (known as session cookies).
The legal basis for this processing is point (b) of Art. 6(1) of the GDPR (fulfillment of your enquiry).
We use Google Fonts on our website for the presentation of external fonts. This is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereafter referred to as “Google”.
Through certification compliant with the EU-US Privacy Shield, Google guarantees that the EU’s data protection regulations are also observed in the processing of data in the USA.
To enable the presentation of certain fonts on our website, visiting our site establishes a connection to the Google server in the USA.
The legal basis for this is point (f) of Art. 6(1) of the GDPR. Our legitimate interest is in the optimization and commercial operation of our website.
The connection to Google established by calling up our website enables Google to identify the website from which your enquiry was sent and the IP address to which it should transmit the font representation.
Google offers further information on this subject at https://adssettings.google.com/authenticated and https://policies.google.com/privacy, particularly in respect of the options for preventing data usage.
Statistical analysis of the logfiles is in an anonymized form that does not allow any inference to the individual or their data. The legal basis for this is the stipulation of General Data Protection Regulation (GDPR) Art. 6(1) point (f) (legitimate interest). Our requirements in respect of the GDPR (legitimate interest) is the facilitation of defect analysis and website optimization.
We do not conduct tracking.
We use a wide range of technical and operational means to protect the personal data that we gather. Our provisions and security procedures are subject to regular checks and adapted as necessary to developments.
All our employees are bound by data confidentiality.
Pursuant to Art. 15 of the GDPR, you have the right to demand confirmation from the controller as to whether they are processing personal data relating to you.
If such processing exists, you have the right to receive information pertaining to this personal data as well as the following:
The data subject has the right to request that the controller immediately correct incorrect personal data relating to the data subject. 2Taking into consideration the purposes of the processing, the data subject has the right to request the completion of incomplete personal data – also with a supplementary explanation.
You have the right to request that the controller immediately delete your personal data, and the controller is obliged to delete the personal data immediately, as long as one of the following reasons applies:
If the controller has published the personal data and is obliged to delete it pursuant to paragraph 1, they must also take appropriate measures, allowing for available technology and implementation costs, to inform other controllers processing the personal data that a data subject has requested the deletion of all links to said personal data or of copies or replications of said personal data.
Paragraphs 1 and 2 do not apply insofar as the processing is necessary
You have the right to request restrictions in processing by the controller if one of the following prerequisites applies:
If processing has been restricted pursuant to (1), this personal data – irrespective of its storage – may only be processed with the permission of the data subject or to enforce, exercise or defend legal claims or to protect the rights of another person or legal entity or for reasons relating to an important public interest of the EU or a member state.
A data subject who invokes the restriction of processing pursuant to (1) must be informed by the controller prior to any lifting of said restriction.
The controller will inform all recipients of published personal data of each amendment or deletion of personal data or a processing restriction pursuant to Article 16, Article 17(1) and Article 18 unless it proves impossible or involves disproportionate effort. 2The controller will inform the data subject of these recipients if the data subject so requests.
You have the right to receive personal data relating to you that you have provided to a controller in a structured, commonly used and machine-readable format. You also have the right to request that a controller transmits this personal data directly to another controller where the following applies:
In exercising this right, you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. This right may not adversely affect the rights or freedoms of others.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions. The controller shall no longer process your personal data unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
You have the right to withdraw your consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly and adversely affects you. This does not apply if the decision
However, such decisions shall not be based on special categories of personal data referred to in Article 9(1) of the GDPR, unless point (a) or (g) of Article 9(2) applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
In the cases referred to in points (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
Status of our data protection policy: May 2018