Privacy Policy – Your Data in Safe Hands

This document can be printed out for storage purposes using the “print” command in the browser.

Provider and responsible person

SBF Spezialleuchten GmbH
Zaucheweg 4, 04316 Leipzig, Germany

Provider email address: info(at)sbf-germany.com

Types of data collected

Among the types of Personal Data that this Application collects, by itself or through third parties, there are: tracker; email address; usage data; first name; last name.

Full details of each type of personal data processed are provided in the appropriate sections of this Privacy Policy or selectively through explanatory texts that are displayed before data collection.
Personal data may be provided voluntarily by the user or, in the case of usage data, collected automatically when this application is used.
Unless otherwise stated, the provision of all data requested through this application is mandatory. If the user refuses to provide the data, this may result in this application being unable to provide the user with its services. In cases where this Application expressly states that providing personal information is voluntary, users may choose not to provide such data without any consequences for the availability or functionality of the service.
Users who are uncertain about which personal data is mandatory can contact the provider.
Any use of cookies — or other tracking tools — by this Application or by providers of third-party services used by this Application is for the purpose of providing the service requested by the user and for any other purposes described in this document and in the Cookie Policy.

Users are responsible for all personal data of third parties obtained, published or shared through this application.

Type and place of data processing

processing methods

The provider processes users' personal data in a proper manner and takes appropriate security measures to prevent unauthorized access and transmission, alteration or destruction of data.
Data processing is carried out using computers or IT-based systems in accordance with organizational procedures and procedures that are specifically aimed at the specified purposes. In addition to the person responsible, other persons could also operate this application internally (personnel administration, sales, marketing, legal department, system administrators) or externally — and in this case as necessary, appointed by the person responsible as contract processors (such as providers of technical services, delivery companies, hosting providers, IT companies or communication agencies) — and thus have access to the data. An up-to-date list of these participants can be requested from the provider at any time.

site

The data is processed at the provider's branch and at all other locations where the bodies involved in data processing are located.

Depending on the user's location, data transfers may include the transfer of the user's data to a country other than their own. To find out more about where the submitted data is processed, users can consult the section with detailed information on the processing of personal data.

Storage period

Unless otherwise specified in this document, personal data is processed and stored for as long as required by the purpose for which it was collected and may also be kept longer due to a legal obligation to be fulfilled or based on the user's consent.

Purposes of processing

Personal data about the user is collected so that the provider can provide the service and also comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of the user or third party), detect malicious or fraudulent activity. In addition, data is collected for the following purposes: optimizing and disseminating data traffic, managing user databases, platform services and hosting, contacting the user, displaying content from external platforms, accessing third-party profiles, creating and managing backup copies and managing contacts and sending messages.

Users can find further detailed information about these processing purposes and the personal data used for the respective purpose in the “Detailed information on the processing of personal data” section of this document.

Facebook permissions required for this application

This application may require certain Facebook permissions to perform actions with the user's Facebook account and obtain information, including personal data, from it. Using this service, this application connects to the user profile on the social network Facebook, provided by Facebook Inc.

For more information about the following permits, please see Facebook Approval Documentation as well as the Facebook privacy policy.

The following approvals are required: general information, email, device information, usage data, and trackers.

Detailed information on the processing of personal data

Personal data is collected for the following purposes using the following services:

View content from external platforms

With this type of service, users can view and interact with content hosted on external platforms directly from this application. Such services are often referred to as widgets, i.e. small elements that are placed on a website or in an application. They provide specific information or perform a specific function and often enable interaction with the user.
This type of service may still be able to collect web traffic data for the pages where the service is installed, even when users aren't using it.

Google Maps Widget (Google LLC)

Google Maps is a map visualization service provided by Google LLC, which allows this application to include corresponding content on its pages.

Personal Data processed: Usage Data; Tracker.

Place of processing: United States — Privacy statement.

Google Fonts (Google LLC)

Google Fonts is a font visualization service provided by Google LLC, which allows this application to incorporate corresponding content on its pages.

Personal Data processed: Usage Data; Tracker.

Place of processing: United States — Privacy statement.

Create and manage backup copies

These types of services allow the owner to store and manage this application as backup copies on external servers managed by the service provider itself. The backup copies may include the source code and content as well as the data that the user transmits to this application.

Sectigo CodeGuard (Sectigo Limited)

Sectigo CodeGuard is a service provided by Sectigo Limited for creating and managing backup copies.

Personal data processed: email.

Place of processing: United Kingdom — Privacy statement.

Contacting the user

mailing list or newsletter

By signing up to the mailing list or newsletter, the user's email address is added to the contact list of people who may receive email messages with commercial or promotional information related to this application. In addition, your email address may be added to this list when you sign up for this application or after you make a purchase.

Personal Data processed: email; usage data; tracker.

contact form

By completing the contact form with their information, users authorize this application to use their details to respond to requests for information, offers, or other inquiries provided in the header of the form.

Personal data processed: email address; usage data.

Optimizing and disseminating data traffic

With this type of services, this application can distribute its content through servers located in different countries and optimize its performance.
Which personal data is processed depends on the characteristics and method of execution of the services, the function of which is to filter communications taking place via this application and the user's browser.
Given the widespread use of this system, it is difficult to determine the places where content containing users' personal data is delivered.

Cloudflare (Cloudflare, Inc.)

Cloudflare is a traffic optimization and distribution service provided by Cloudflare Inc. By integrating Cloudflare's features, the service filters all traffic that takes place through this application, i.e. the communication that takes place through this application and the user's browser, while also allowing the collection of analytical data that this application contains.

Personal data processed: trackers; various types of data as described in the service's privacy policy.

Place of processing: United States — Privacy statement.

Bunny CDN (BunnyWay d.o.o.)

Bunny CDN is a service provided by BunnyWay d.o.o., for optimizing and disseminating data traffic.

Personal data processed: usage data.

Place of processing: Slovenia — Privacy statement.

Platform services and hosting

The purpose of these services is to host and operate main components of the application for this application so that this application can be offered from a uniform platform. Such platforms provide the provider with a whole range of tools — such as analysis and comment functions, user and database management, e-commerce and payment processing — which include the processing of personal data.
Some of these services work with geographically distributed servers, making it difficult to determine where the personal data is stored.

Ionos (IONOS Group SE)

Ionos is a platform provided by IONOS Group SE that allows the owner to build, host and operate this application.

Personal data processed: email.

Place of processing: Germany — Privacy statement.

Webflow (Webflow, Inc.)

Webflow is a platform provided by Webflow, Inc., which allows the owner to build, host, and operate this application. Webflow can be personalized in many ways and can host websites with content ranging from simple blogs to complex e-commerce platforms.

Personal Data processed: Usage Data; Tracker.

Place of processing: United States — Privacy statement — Opt out.

Managing contacts and sending messages

These types of services allow you to manage a database of email contacts, phone numbers, or any other contact information to communicate with the user.
The services may also collect data about the date and time the message was read by the user, and when the user interacts with incoming messages, for example by clicking on links contained therein.

Vertigo Media (Vertigo Media Group)

Vertigo Media is a service provided by Vertigo Media Group for managing email addresses and sending messages.

Personal data processed: email.

Place of processing: United States — Privacy statement.

Managing user databases

These types of services allow the provider to create user profiles by first using the email address, name, or other information that the user has submitted to this application, as well as tracking user activity through analytical functionalities. This personal data can also be compared with publicly available information about the user (such as profiles on social media) and used to build a personal profile that the provider can view and use to improve this application.
Some of these services may also provide for the sending of timed messages to the user, such as emails that this application links to specific actions.

HubSpot CRM (HubSpot, Inc.)

HubSpot CRM is a user database management service provided by HubSpot, Inc.

Personal Data processed: email address; last name; usage data; tracker; first name.

Place of processing: United States — Privacy statement.

Access to third-party profiles

Using these types of services, this application reads profile information from your third-party profiles and translates this into actions.
These services are not automatically activated, but require the explicit consent of the user.

Access to the Facebook profile (Meta Platforms, Inc.)

Using this service, this application connects to the user profile on the social network Facebook, provided by Meta Platforms, Inc.

Requested permits: email; device information; usage data; tracker.

Place of processing: United States — Privacy statement — Opt out.

Information about opting out of interest-based advertising

In addition to any opt-out feature provided by the services listed in this document, users can learn more about how to opt out of interest-based advertising in the relevant section of the Cookie Policy in general.

cookie policy

This application uses trackers. Further information can be found in the cookie policy.

More information for users

Legal basis for processing

The provider may only process personal data from users if one of the following applies:

Users have given their consent for one or more specific purposes.
data collection is necessary to fulfill a contract with the user and/or for pre-contractual measures resulting from it;
processing is necessary to fulfill a legal obligation to which the provider is subject;
the processing is in connection with a task carried out in the public interest or in the exercise of public authority delegated to the provider;
processing is necessary to protect the legitimate interests of the provider or a third party.

In any case, the provider is happy to provide information about the specific legal basis on which the processing is based, in particular whether the provision of personal data is a legal or contractual obligation or a prerequisite for concluding a contract.

More information about storage time

Therefore, the following applies:

Personal data collected for the purpose of fulfilling a contract concluded between the provider and the user will be stored until this contract has been fully fulfilled.
Personal data collected to protect the legitimate interests of the provider will be kept for as long as is necessary to fulfill these purposes. Users can obtain more detailed information about the provider's legitimate interests in the relevant sections of this document or by contacting the provider.

In addition, the provider is permitted to store personal data for a longer period of time if the user has consented to such processing, as long as the consent is not withdrawn. In addition, the provider may be required to store personal data for a longer period of time if this is necessary to comply with a legal obligation or by order of an authority.

After the retention period has expired, personal data will be deleted. Therefore, the right to information, the right to deletion, the right to correction and the right to data portability cannot be asserted after the retention period has expired.

Users' rights under the General Data Protection Regulation (GDPR)

Users can exercise certain rights with regard to their data processed by the provider.

To the extent permitted by law, users have, in particular, the right to do the following:

Withdraw your consent at any time. If the user has previously consented to the processing of personal data, he can withdraw his own consent at any time.
File an objection to the processing of your data. The user has the right to object to the processing of their data if the processing is carried out on a legal basis other than consent.
Get information about your data. The user has the right to know whether the data is being processed by the provider, to receive information about individual aspects of the processing and to receive a copy of the data.
Have it checked and corrected. The user has the right to check the accuracy of their data and to request that they be updated or corrected.
Request that the processing of your data be restricted. Users have the right to restrict the processing of their data. In this case, the provider will not process the data for any purpose other than storage.
Request deletion or other removal of personal data. Users have the right to request that the provider delete their data.
receive your data and have it transferred to another person responsible. The user has the right to receive his data in a structured, common and machine-readable format and, if technically possible, to have it transmitted unhindered to another person responsible.
File a complaint. Users have the right to lodge a complaint with the competent supervisory authority.

Users also have the right to be informed about the legal basis for data transfer abroad or to an international organization that is subject to international law or was founded by two or more countries, such as the UN, and about the security measures taken by the provider to protect their data.

Details of the right to object to processing

If personal data is processed in the public interest, in the exercise of a public authority delegated to the provider or to protect the legitimate interests of the provider, the user may object to this processing by providing a justification relating to his particular situation.

Users are informed that they can object to the processing of personal data for direct marketing at any time free of charge without giving reasons. If the user objects to processing for direct marketing purposes, the personal data will no longer be processed for these purposes. Users can find out whether the provider processes personal data for direct marketing purposes in the relevant sections of this document.

How the rights can be exercised

All requests to exercise user rights can be directed to the owner using the contact details provided in this document. These inquiries can be made free of charge and will be answered by the provider as early as possible, at the latest within one month, and will provide users with the legally required information. The provider will inform all recipients to whom personal data has been disclosed, if any, of any correction or deletion of personal data or restriction of processing. Unless this proves impossible or involves disproportionate effort. The provider shall inform the user of these recipients if the user so requests.

More information about data collection and processing

Legal measures

The user's personal data may be processed by the provider for law enforcement purposes within or in preparation for legal proceedings resulting from improper use of this application or associated services.
The user declares that he is aware that the provider could be required by the authorities to provide personal data.

More information about the user's personal data

In addition to the information set out in this privacy policy, this application may provide the user with further contextual information relating to specific services or to the collection and processing of personal data upon request.

System logs and maintenance

For operational and maintenance purposes, this application and third-party services may collect files that record the interaction taking place via this application (system logs) or use other personal data (such as IP address) for this purpose.

Information not included in this privacy statement

Further information about the collection or processing of personal data can be requested from the provider at any time using the contact details provided.

Changes to this privacy statement

The provider reserves the right to make changes to this privacy policy at any time by informing users on this page and, where applicable, about this application and/or - as far as technically and legally possible - by sending a message about the user's contact details available to the provider. Users are therefore advised to visit this page regularly and in particular to check the date of the last change given at the bottom of the page.

Insofar as changes relate to the use of data based on the user's consent, the provider will - if necessary - obtain new consent.

Definitions and legal information

Personal data (or data)

Any information by which, directly or in conjunction with other information, the identity of a natural person is or can be determined.

usage data

Information that this application (or third-party services that use this application) automatically collects, such as: the IP addresses or domain names of the computers of users using this application, the Uniform Resource Identifier (URI) addresses, the time of the request, the method used to send the request to the server, the size of the response file received, the numeric code that indicates the status of the server response (successful result, error, etc.), the country of origin, the functions used by the user Browser and operating system, the various times per call (e.g. how much time was spent on each page of the application) and information about the path followed within an application, in particular the order of the pages visited, as well as other information about the device's operating system and/or the user's IT environment.

user

The person using this application who, unless otherwise stated, agrees with the person concerned.

Affected person

The natural person to whom the personal data relate.

Contract processor (or order processor)

Natural or legal person, authority, agency or other body that processes personal data on behalf of the person responsible, as described in this privacy policy.

Responsible person (or provider, sometimes also owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, decides on the purposes and means of processing personal data and the means used for this purpose, including security measures relating to the operation and use of this Application. Unless otherwise stated, the person responsible is the natural or legal person through whom this application is offered.

This application

The hardware or software tool used to collect and process the user's personal data.

Dienst

The service offered through this application, as described in the relevant terms and conditions (if available) and on this website/application.

European Union (or EU)

Unless otherwise stated, all references in this document to the European Union include all current member states of the European Union and the European Economic Area (EEA).

cookie

Cookies are trackers that consist of a small data set stored in the user's browser.

trackers

The term tracker means any technology — such as cookies, unique identifications, web beacons, embedded scripts, e-tags, or fingerprinting — that allows users to be tracked, e.g. by allowing access to or storage of information on the user device.

Legal notice

This privacy statement applies exclusively to this application, unless otherwise stated in this document.

Last updated: December 19, 2024

Iubenda hosts this content and only collects to ask them.