Privacy policy
Data protection at a glance
We take the protection of your personal data very seriously! We treat your personal data confidentially and in accordance with the statutory data protection regulations.
The following information is intended to provide an overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified.
General and mandatory information
When you use this website, various personal data are collected. Personal data is data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
The data controller for this website is:
PHILIPP ForstWerkzeuge GmbH
Am Markbach 12
D-76547 Sinzheim
Telephone: +49 7221 99561-0
E-mail: info@philipp.eu
We would like to point out that data transmission on the internet can have security gaps. Complete protection of data against access by third parties is not possible.
Data protection officer
We have appointed a data protection officer for our company.
For all questions on the subject of data protection in connection with our products, services or the use of this website, you can also contact our data protection officer directly at any time.
The data protection officer can be reached at the following e-mail address: datenschutz@philipp.eu
Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)
If the data processing is based on Art. 6 (1) a, e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims (objection pursuant to Art. 21 (1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will then no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).
Hosting and Content Delivery Networks (CDN)
External hosting
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers.
This may include IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website visits and other data generated via this website.
The hoster is used to fulfil the contract with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR). Our hoster will only process your data to the extent that this is necessary to fulfil its service obligations and to comply with our instructions regarding this data. In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.
Server log files
We have a legitimate interest in the presentation and optimisation of our website without technical errors, which requires the recording of server log files.
For technical reasons, we automatically store information in so-called server log files that your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not combined with other data sources. The collection of this data is based on Art. 6 (1) f GDPR.
Encryption of your data
For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can identify an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If encryption is activated, the data you transmit to us cannot be read by third parties.
Cookies
Our internet pages use so-called “cookies”, which are small text files and do not cause any damage to your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, third-party cookies may also be stored on your end device when you enter our site (third-party cookies). These allow us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function in the online shop or the display of videos). Other cookies are used to evaluate user behaviour or display advertising.
Cookies that are necessary to carry out the electronic communication process and to provide certain functions that you have requested (necessary cookies) are stored on the basis of Art. 6 (1) f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to optimize its services and provide them free of technical errors.
You can configure your browser so that you are informed about the placement of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the scope of this privacy policy and, if necessary, request your consent.
Plugins and other tools
YouTube
This website uses plugins of the YouTube site operated by Google. The operator of the site is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. This information is usually transferred to a Google server in the US and stored there.
To use the YouTube functions, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no control over this data transfer.
If you are logged into your YouTube account, you enable YouTube to link your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Further information on the handling of user data can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy
Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the Google Maps functions, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. We have no control over this data transmission. If Google Maps is activated, Google may use Google Fonts to display the fonts in a uniform manner. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
Google Maps is used to ensure an appealing presentation of our online services and to make it easy to find the places we have indicated on the website. If a corresponding consent request has been made, the processing is carried out exclusively on the basis of Art. 6 (1) a GDPR and § 25 (1) TTDSG (Telecommunications-Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the Act. The consent can be revoked at any time.
Data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ und https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
More information on the handling of user data can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Userlike Chat
This website uses a live chat provided by Userlike UG (haftungsbeschränkt), Probsteigasse 44-46, 50670 Cologne, Germany. You can use the live chat like a contact form to chat with our staff almost in real time.
When starting the chat, the following personal data is collected:
- date and time of the call
- browser type/version
- if specified: first name, last name and e-mail address
Depending on the course of the conversation with our staff, further personal data may be required during the chat, which will be entered by you. The nature of this data depends largely on your enquiry or the problem you describe to us. The purpose of processing all this data is to provide you with a fast and efficient means of contact and thus to improve our customer service.
In addition, we store the history of the live chats for a period of 14 days. This serves to process possible contractual enquiries or the implementation of pre-contractual measures based on the enquiry. The data processing is therefore based on Art. 6 (1) b GDPR. If you do not wish this, you are welcome to inform us thereof using the contact details below. Stored live chats will then be deleted by us without delay.
The storage of chat data also serves to ensure the security of our information technology systems. This is also our legitimate interest, which is why the processing is permissible according to Art. 6 (1) f GDPR.
Further information can be found in the data protection provisions of Userlike UG (haftungsbeschränkt): https://www.userlike.com/de/terms#privacy-policy
Data processing in social media
We maintain publicly accessible profiles on social networks. The individual social networks used by us can be found below.
Social networks such as can usually comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media sites triggers numerous processing operations relevant to data protection, in detail:
If you are logged into your social media account and visit our social media site, the operator of the social media portal can link this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by collecting your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. This is how you can be shown interest-based advertising inside and outside the respective social media site. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Please also note that we are not able to track all processing procedures on the social media portals. Depending on the provider, the operators of the social media portals may therefore carry out further processing procedures. For details, please refer to the terms of use and data protection provisions of the respective social media portals.
Legal basis
Our social media sites are intended to ensure the most comprehensive presence possible on the internet. This is a legitimate interest within the meaning of Art. 6 (1) f GDPR. Insofar as a corresponding consent request has been made, the processing is carried out exclusively on the basis of Art. 6 (1) a GDPR; the consent can be revoked at any time. The analysis processes initiated by the social networks may be based on different legal grounds, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) a GDPR).
Controller and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we and the operator of the social media platform are jointly responsible for the data processing operations triggered by this visit. In principle, you can assert your rights (information, rectification, erasure, restriction of processing, data portability and objection) both to us and to the operator of the respective social media portal.
Please note that despite the joint responsibility with the social media portal operators, we do not have full control over the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
Storage period
The data collected directly by us via the social media site will be erased from our systems as soon as the purpose for storing the data no longer applies, you ask us to erase the data, revoke your consent to store the data or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no control over the storage period of your data that is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below). Social networks in detail:
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the US and other third countries.
We have entered into a joint processing agreement (controller addendum) with Facebook. This agreement specifies the data processing operations for which we or Facebook are responsible when you visit our Facebook page. You can view this agreement at the following link: www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in: www.facebook.com/settings.
For details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.
We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal data, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875.
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
If you would like to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
For details on how they handle your personal data, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy:
https://privacy.xing.com/de/datenschutzerklaerung.
Analysis tools
Matomo
This website uses the open source web analytics service Matomo.
Matomo allows us to collect and analyse data about the use of our website by website visitors. This enables us to find out, among other things, which pages were viewed when and from which region they were viewed. We also collect various log files and can measure whether our website visitors perform certain actions.
If a corresponding consent request has been made, the processing is carried out exclusively on the basis of Art. 6 (1) a GDPR and § 25 (1) TTDSG.
Consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
IP anonymisation
We use IP anonymisation for the analysis with Matomo. This means that your IP address is truncated before analysis so that it can no longer be clearly traced back to you.
Hosting
We host Matomo exclusively on our “own servers”, which are provided by our hoster. In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.
Contact form
If you send us requests via the contact form, your details from the request form, including the contact details you provide there, will be stored by us for the purpose of processing the request and in the event of follow-up questions. To contact us via the contact form, it is necessary to enter your e-mail address. All other data provided by you is voluntary.
The processing of this data is based on Art. 6 (1) b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) GDPR) or, in the case of data transmitted voluntarily by you, on your consent (Art. 6 (1) (a) GDPR), which can be revoked at any time.
The data you enter in the contact form will remain with us until you request us to erase it.
Newsletter / Infomailing
You can subscribe to our newsletter on this website.
We want to share relevant content for our customers through our newsletter and better understand what readers are actually interested in. If you do not want the analysis of usage behaviour, you can cancel your subscription to the newsletters or deactivate graphics in your e-mail preferences.
We use the “CleverReach” service to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach can be used to organise and analyse the newsletter dispatch. The data you enter for the purpose of receiving newsletters (e.g. email address) is stored by us and on CleverReach’s servers in Germany and Ireland.
The storage serves the sole purpose of sending you the newsletter and being able to prove your registration. You can cancel your subscription to the newsletter at any time. A corresponding unsubscribe link can be found in every newsletter. A message to the contact details given above or in the newsletter is of course also sufficient for this purpose.
The data is collected exclusively uses pseudonyms and is used for general statistical evaluations as well as for the optimisation and further development of our content and customer communication. This is done with the help of small graphics embedded in the newsletter (so-called pixels). A link with your other personal data does not take place. The legal basis for this is our aforementioned legitimate interest in accordance with Art. 6 (1) sentence 1 f GDPR.
To order our newsletters by e-mail, we use the double opt-in procedure and process your data accordingly. We will only send you newsletters by e-mail if you confirm in our notification e-mail by clicking on a link that you are the owner of the e-mail address provided.
If you confirm your e-mail address, we will store your e-mail address, the time of registration and the IP address used for registration until you cancel your subscription to the newsletter.
The stored data will be stored by us and CleverReach until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe. This does not affect data we have stored for other purposes.
After you have unsubscribed from the newsletter distribution list, your email address will be stored by us and CleverReach in a blacklist if necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be combined with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6 (1) f GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
Use of SalesViewer® technology:
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.
The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
Drop-shipping and delivery via freight forwarders
To be able to supply our customers as quickly and cheaply as possible, we also use so-called drop-shipping (direct trade), which means that our suppliers or the manufacturer deliver the products we offer directly to our customers.
This procedure requires us to pass on personal data such as names, addresses, e-mail addresses and telephone numbers to our suppliers and, in particular, to the forwarding agents commissioned, as otherwise it would not be possible to carry out the “drop shipment” within the scope of fulfilling the order.
When you place an order with us, we pass on your personal data to the transport company charged with the delivery and to the payment service provider charged with processing the payment. Only such data is passed on that the respective service provider requires to fulfil its task.
The legal basis for this is Art. 6 (1) lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
Credit checks
In the case of a purchase on account or any other method of payment for which we make advance payments, we may carry out a credit check (scoring). For this purpose, we transmit your entered data to credit agencies and insurers. The probability of a payment default is determined on the basis of this data. In the event of an excessive risk of non-payment, we may refuse the relevant type of payment.
The credit check is carried out on the basis of the fulfilment of the contract (Art. 6 (1) b GDPR) as well as to avoid payment defaults (legitimate interest according to Art. 6 (1) f GDPR).
Payment transactions
Payment transactions are made exclusively via an encrypted connection.
With encrypted communication, the payment data you transmit to us cannot be read by third parties.
eCommerce and payment providers
Processing of customer and contract data
We collect, process and use personal customer and contract data in order to establish, define the content of and amend our contractual relationships. We collect, process and use personal data about the use of this website (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user. The legal basis for this is Art. 6 (1) b GDPR.
The collected customer data will be erased after completion of the order or termination of the business relationship and expiry of any existing statutory retention periods. Statutory retention periods remain unaffected.
PayPal
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).
Data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.
For details, please refer to PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter referred to as “Mastercard”).
Mastercard may transfer data to its parent company in the US. The transfer of data to the US is based on Mastercard’s Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html und https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.
VISA
The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter “VISA”).
The Great Britain is considered a secure third country under data protection law. This means that Great Britain has a level of data protection that corresponds to the level of data protection in the European Union.
VISA may transfer data to its parent company in the US. The data transfer to the US is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html.
For more information, please refer to the VISA privacy policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
Information on the use of our online shop
Registration in our online shop
You can register in the online shop to use additional functions. We will only use the data you provide for the purpose of using the respective service or offer for which you have registered. The mandatory information requested during registration must be provided in full.
The data entered during registration is processed for the purpose of implementing the user relationship established by registration and, if necessary, for initiating further contracts (Art. 6 (1) b GDPR) as well as for providing information about current offers and new products.
The data you entered during registration will remain with us until you ask us to erase it.
Applicant data
We offer you the opportunity to apply with us by e-mail, post or via the online application form on this website.
Below we inform you about the scope, purpose and use of your personal data collected as part of the application process.
We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.
Scope and purpose of data collection
If you send us an application, we will process your associated personal data insofar as this is necessary to decide on the establishment of an employment relationship.
The legal basis for this is § 26 BDSG (Federal Data Protection Act) in conjunction with Art. 6 (1) b GDPR and – if you have given your consent – Art. 6 (1) a GDPR. The consent can be revoked at any time.
Your personal data will only be passed on within our company to persons who are involved in processing your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG (new) and Art. 6 (1) b GDPR for the purpose of implementing the employment relationship.
Retention period of the data
If we are unable to offer you a job, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 (1) f GDPR) for up to four months from the end of the application process (rejection or withdrawal of application). In this regard, we adhere to the recommendation of the State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg.
The data is then erased and the physical application documents are destroyed in accordance with the relevant regulations. The retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the above-mentioned period (e.g. due to an impending or pending legal dispute), the data will only be erased when the purpose for continued storage no longer applies.
The data may also be stored for a longer period if you have given your consent (Art. 6 (1) (a) GDPR) or if there are legal obligations to store data that prevent the erasure thereof.
Admission to our pool of applicants
If we are unable to offer you a job at the moment, we may be able to include you in our pool of applicants. Should you be accepted, all documents and details from your application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.
Inclusion in the pool of applicants is based exclusively on your express consent (Art. 6 (1) a GDPR). Your consent is given voluntarily and is not related to the current application process. You can revoke your consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, provided there are no legal reasons for retention.
The data from the pool of applicants will be irrevocably deleted no later than two years after consent has been given.