Data Protection Information
Thank you for visiting our website and for your interest in our company. The purpose of this notice is to inform you about the processing of your personal or personal-related data (hereinafter referred to as "Data"). This includes your email or IP address.
1 Person responsible for data processing
Schofer Germany – THE CHAIN COMPANY GmbH & Co. KG
Freiburger Straße 3
75179 Pforzheim
Telefon: +49 (0) 7231-91 03 0
Telefax: +49 (0) 7231-10 15 99
Email: info@schofer.com
Web: www.schofer.com
You can reach our data protection officer as follows:
Email: datenschutz@schofer.com
2 Informational use
For the informational use of our websites, we only collect the Data that your internet browser automatically transmits to us, such as
• IP address (network address)
• address of the website you came from
• address of the retrieved files (retrieval address = URL)
• date and time of a retrieval
• as well as the operating system and browser version of your end device (user agent)
The Data is stored in (technical) protocols (logs).
2.1 Storage period
The storage period for this Data (logs) is 90 days.
2.2 Legal basis for data processing
The above-mentioned Data is technically necessary to provide you with our websites and to ensure stability and security, in accordance with Art. 6 para. 1 lit. f) GDPR.
3 Cookies
We use cookies and similar technologies to enable certain functions within our websites. A cookie is a small packet of information and consists of a pair of Data, a key and a value. A cookie is managed by the internet browser on the user's end device and is therefore stored there. We may use cookies if they are absolutely necessary for the operation of our websites. Some cookies are used by third-party providers that we have integrated into our websites. Our website works exclusively with technically necessary cookies that are required for the operation of the website and for which no separate consent of the website visitor is required.
An overview of all cookies used, including storage period and the corresponding legal basis, is provided below:
| Name | Function | Storage period | Legal basis |
|---|---|---|---|
| store | Saves the language selected by the user. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| section_data_ids | Stores user-specific information relating to actions initiated by the user, such as the display of wish lists and checkout information. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| section_data_clean | Set when a user changes language. The presence of this cookie causes JavaScript to reload certain sections of the page to display the correct shop view. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| recently_viewed_product | Saves the product IDs of the most recently viewed products for easy navigation. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| recently_viewed_product_previous | Saves the product IDs of the most recently viewed products for easy navigation. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| recently_compared_product | Saves the product IDs of the previously compared products for easy navigation. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| recently_compared_product_previous | Saves the product IDs of the previously compared products for easy navigation. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| product_data_storage | Saves the configuration for product data used for the "Recently viewed" and "Compare products" functions. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| private_content_version | Adds a random, unique number and time to pages with user content to prevent them from being cached on the server. It is set in several places: in PHP, in JavaScript as a cookie and in JavaScript for local storage. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| mage-messages | Saves error messages and other notifications that are displayed to the user. The messages are deleted from the cookie after they have been displayed to the user. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| mage-cache-storage-section-invalidation | Saves information about which sections of the page need to be invalidated and removed. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| mage-cache-storage | Local storage of visitor-specific content that enables e-commerce functions. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| mage-cache-sessid | Determines when the browser's local memory should be cleared at the end of the session. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| form_key | A security mechanism that contains a randomly generated value to prevent cross-site request forgery (CSRF) attacks by helping to determine whether a request originates from a genuine source or a malicious actor. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
| X-Magento-Vary | Indicates when a new version of a page needs to be provided from the cache. Supports the performance of the website. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest)) |
| PHPSESSID | Saves the user session in the shop so that login status, shopping basket and form data can be assigned to the session. | One hour | Art. 6 para. 1 lit. f GDPR (legitimate interest) |
4 Contact / enquiry form
When you contact us by email, contact form or enquiry form, the Data you provide, e.g. your email address, your name, your telephone number and the content of the message, will be processed to clarify your enquiry.
4.1 Storage period
After storage is no longer required for these purposes, we delete the Data arising in this context, or restrict processing if there are statutory retention obligations (archiving obligations for business and commercial letters).
4.2 Legal basis for data processing
The processing is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, which are carried out at the request of the data subject, in accordance with Art. 6 para. 1 lit. b) GDPR.
Alternatively, the processing is carried out in our and your interest in processing your request, pursuant to Art. 6 para. 1 lit. f) GDPR.
5 Webshop
If you wish to place an order in our webshop, it is necessary for the conclusion of the contract that you provide your personal Data, which we require for the processing of your order. Necessary mandatory information is marked separately, further information is voluntary.
Customer Account:
As a user of our shop, you can apply for a customer account using the appropriate form. After your request has been checked, your account will be created and you will receive an email with a link where you can assign your password. By assigning a password, your account will be created in the shop.
Payment, credit check and dispatch:
In order to process payments, we forward the necessary payment data (e.g. name, invoice) to our bank and to the credit institution commissioned with the payment or to the payment service provider selected by you during the ordering process.
The payment method purchase on account is subject to a credit check, so that your master data is first transmitted to a credit agency.
If it is necessary to dispatch your order, we will pass on the necessary Data (e.g. name, address) to our selected dispatch service providers.
Further information on the payment and shipping service providers used as well as credit agencies can be found in the overview of integrated service providers further down in our data protection information.
Order enquiry:
You can send us an order enquiry within our webshop. You first select the products you require and you can then send us the order enquiry using your customer account.
5.1 Storage period
In principle, we process your master data (customer account) as long as you are registered with us in the shop. As soon as the account is deleted, the Data will also be deleted from the shop.
Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of up to ten years (within our ERP system). After this period has expired, your Data will be deleted accordingly.
5.2 Legal basis for data processing
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, pursuant to Art. 6 (1) (b) GDPR.
Alternatively, the processing is carried out in our and your interest in processing your request, pursuant to Art. 6 para. 1 lit. f) GDPR.
A possible credit check of your person (e.g. when purchasing on account) is carried out for our own protection, in accordance with Art. 6 para. 1 lit. f) GDPR.
The legal storage (archiving) of your address, payment and order data is based on legal obligations in accordance with Art. 6 para. 1 lit. c) GDPR. The legal obligation arises primarily from Section 147 of the German Fiscal Code (AO).
6 Integrated service providers
Below you will find an overview of all service providers who are involved in the provision and further development of our websites and in enabling special functions.
6.1 Hosting and development
| Service provider | Purpose and legal basis | Notes |
|---|---|---|
| Barthelmess EDV-Service GmbH |
|
|
7 Your rights
You have the following rights with regard to us concerning the Data related to you:
• Right to information,
• Right to rectification or erasure,
• Right to restriction of processing and
• Right to data portability.
7.1 Right to lodge a complaint with a supervisory authority
You also have the right to complain to a data protection supervisory authority about the processing of your Data by us. The supervisory authority directly responsible for us is:
https://www.baden-wuerttemberg.datenschutz.de/kontakt-aufnehmen/
7.2 Right to object to direct marketing and processing in our legitimate interest
Insofar as we process your Data exceptionally on the basis of Art. 6 para. 1 lit. f) GDPR (legitimate interests), you have the right to object to the processing of Data concerning you at any time for reasons arising from your particular situation. If we cannot demonstrate compelling legitimate grounds for further processing that override your interests, rights and freedoms, or if we process your Data for the purpose of direct marketing, we will no longer process your Data (see Art. 21 GDPR). If we enable you to exercise your objection by technical means, we will inform you about this in the individual data processing operations above in our data protection information.
7.3 Right of cancellation if consent has been granted
You have the right to withdraw your consent to the collection and use of your Data at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. You can revoke or individually configure your cookie consent in our Consent Manager (cookie banner).
7.4 Contact options regarding your rights
You can contact us at any time to exercise your rights. The best way to do this is to use the following email address: info@schofer.com.
You are also welcome to use one of the contact options in our legal notice or contact our data protection officer directly (contact details above).
8 FriendlyCaptcha
To protect our web forms from misuse by automated programs (so-called bots), we use the “FriendlyCaptcha” service (FriendlyCaptcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany).
FriendlyCaptcha is used to ensure the security of our website and to avoid spam as far as possible. When FriendlyCaptcha is used, technical information such as IP address, time stamp or referrer data is processed. This data is used exclusively to prevent attacks and to validate human interaction.
8.1 Legal basis for data processing
The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in securing our web forms and protecting against misuse.
8.2 Storage time
The data collected is used exclusively to defend against automated attacks and is deleted after 30 days at the latest. Further information can be found in FriendlyCaptcha's privacy policy: