We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of Max Leyh. The use of the Internet pages of Max Leyh is generally possible without providing any personal data. However, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we generally obtain consent from the data subject. The processing of personal data, such as the name, address, email address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Max Leyh.
The data protection declaration of Max Leyh is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Among other terms, this data protection declaration uses the following: personal data, data subject, processing, restriction of processing, profiling, pseudonymization, controller, processor, recipient, third party, and consent in accordance with the legal definitions of the GDPR.
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is: Max Leyh, Roter Buck 54, 74564 Crailsheim, Germany, Tel.: 017655229495, Email: contact@max-leyh.de, Website: https://www.max-leyh.de.
The website of Max Leyh collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be the browser types and versions used, the operating system used by the accessing system, the website from which an accessing system reaches our website (so-called referrer), sub-websites which are accessed via an accessing system on our website, the date and time of access to the website, an Internet Protocol address (IP address), the Internet service provider of the accessing system, and any other similar data and information that may be used in the event of attacks on our information technology systems. When using these general data and information, Max Leyh does not draw any conclusions about the data subject.
The website of Max Leyh contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (email address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to. If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or deleted in accordance with legal requirements.
Each data subject shall have the right to confirmation, information, rectification, erasure (right to be forgotten), restriction of processing, data portability, objection, as well as the right not to be subject to a decision based solely on automated processing. Furthermore, each data subject has the right to withdraw consent to the processing of personal data at any time. To exercise these rights, the data subject may contact any employee of the controller at any time.
The controller has integrated components of LinkedIn Corporation on this website. The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. On each individual call-up to our website that is equipped with a LinkedIn component, this component causes the browser used by the data subject to download a corresponding representation of the component from LinkedIn. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transfer by logging out of their LinkedIn account before accessing our website. The applicable data protection provisions of LinkedIn are available at https://www.linkedin.com/legal/privacy-policy.
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If processing of personal data is necessary for the performance of a contract, the processing is based on Art. 6(1) lit. b GDPR. If our company is subject to a legal obligation, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, processing of personal data may be necessary to protect the vital interests of the data subject (Art. 6(1) lit. d GDPR). Finally, processing operations could be based on Art. 6(1) lit. f GDPR if processing is necessary for the purposes of the legitimate interests pursued by our company.
If the processing of personal data is based on Article 6(1) lit. f GDPR, our legitimate interest is the carrying out of our business activities in favor of the well-being of all our employees and our shareholders.
The criterion for the duration of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, provided that it is no longer necessary for the fulfillment of the contract or the initiation of a contract.
We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions. Before providing personal data, the data subject must contact any of our employees.
As a responsible company, we do not use automatic decision-making or profiling.