Privacy Notice

Privacy Noticeof Adalbert Zajadacz GmbH & Co. KG

The provisions of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) apply across Europe. We would like to inform you on the processing of personal data as carried out by our company in accordance with this regulation (compare Articles 13 and 14 of the GDPR). Should you have any questions or remarks regarding this privacy policy, you can send these to the email address provided under paragraph 2 and/or 3 at any time.

I. Overview

In this section of the privacy policy, you can find information regarding its scope, the controller, their data protection officer, and data security.

1. Scope

Fundamentally, the data processing carried out by Adalbert Zajadacz GmbH & Co. KG can be divided into two categories:

  • All data required for the execution of a contract with Adalbert Zajadacz GmbH & Co. KG will be processed for the purpose of contract performance. If external service providers such as logistics companies or payment service providers are involved in the performance of the contract, your data shall be transferred to these to the extent to which it is required in each case.
  • Upon accessing the website/application, various pieces of information will be exchanged between your device and our server. This can also include personal data. The information which is collected in this manner will be used, among other things, to optimise our website or to display advertising in your device’s browser.
  • This privacy policy applies to the following offers:
  • our on-line offer, retrievable at www.zajadacz.de;
  • whenever reference is made to this privacy policy from one of our other offers (e.g. websites, sub-domains, mobile applications, web services, or inclusions on third-party websites), irrespective of the manner in which you access or use these.
  • All of these offers together are also referred to as “Services”.

2. Controller

The controller – i.e. the person who determines the purposes and means of the processing of personal data – in connection with the Services is

Adalbert Zajadacz GmbH & Co. KG
Lessingstraße 46
21629 Neu Wulmstorf
Telephone: +49 (0)40-70077-0
Email: datenschutz@zajadacz.de

3. Data Protection Officer

You can contact our Data Protection Officer as follows:
Contact form: https://www.dsextern.de/anfragen
DS EXTERN GmbH
Dipl.-Kfm. Marc Althaus
Frapanweg 22
D-22589 Hamburg

4. Data Security

In order to develop the measures required in Art. 32 GDPR and, with it, to achieve a level of protection which is appropriate to the risk, we have established an information security management system within our company.
II. Data Processing Activities in Detail
In this section of the privacy policy, we provide you with information regarding the processing of personal data within the framework of our Services in detail. For greater clarity, we have arranged this information according to specific features of our Services. When using our Services normally, various functions and thus, various processing activities, may take effect, either consecutively or simultaneously.

Data Security
In order to develop the measures required in Art. 32 GDPR and, with it, to achieve a level of protection which is appropriate to the risk, we have established an information security management system within our company.

II. Data Processing Activities in Detail

In this section of the privacy policy, we provide you with information regarding the processing of personal data within the framework of our Services in detail. For greater clarity, we have arranged this information according to specific features of our Services. When using our Services normally, various functions and thus, various processing activities, may take effect, either consecutively or simultaneously.

1. General Points concerning Data Processing Activities

The following applies to all data processing activities presented below, unless otherwise specified:

a. No duty to provision
No contractual or legal obligation to provide personal data exists. You are not obligated to provide data.


b. Consequences of Failure to Provide
Failure to provide required data (data which is marked as mandatory field when it is being entered) will result in an inability to render to Service in question. Otherwise, failure to provide this data will, where applicable, result in our services not being able to be rendered in the same form and quality.

c. Consent
In certain cases, you have the opportunity to also give us consent to carry out further processing activities (where applicable, for only part of the data) in connection with those processing activities presented below. In this case, we provide you with information regarding all modalities and the scope of the consent, as well as regarding the purposes which we pursue with these processing activities, separately and in connection with the submission of each corresponding declaration of consent.

d. Transfer of Personal Data to Third Countries
In the event that we transfer any data to third countries, i.e. countries outside the European Union, this transfer takes place exclusively in compliance with legislative requirements placed on legitimacy.
The requirements placed on legitimacy are regulated by Art. 44-49 GDPR.

e. Hosting with External Service Providers

To a large extent, the way in which we process data involves so-called hosting service providers, which provide us with storage space and processing capacities in their data centres, and which also process personal data on our behalf and in accordance with our instructions. These service providers either exclusively process data within the EU, or we have ensured an adequate level of data protection with help from the EU standard contractual clauses for data protection.

f. Transfer to Government Authorities
We transfer personal data to government authorities (including law enforcement authorities) if this is required to fulfil a legal obligation to which we are subject (legal basis: point (c) of Art. 6(1) GDPR) or to assert, exercise or defend legal claims (legal basis: point (f of Art. 6(1) GDPR).

g. Retention Period
We will only store your data for as long as we require it to fulfil the respective processing purposes for which it was collected. Should this data no longer be required for the fulfilment of contractual or legal obligations, it shall be regularly erased, unless its retention continues to be necessary for a fixed term. Reasons for this could, for example, be the following:

  • The fulfilment of retention obligations according to commercial and tax law
  • The preservation of evidence for legal disputes within the framework of statutory limitation periods
  • Equally, we are able to continue to store your data if you have expressly given your consent for us to do so.
  • h. Data Categories
  • Personal master data: Title, address/gender, first name, surname, date of birth
  • Address data: Street, house number, address supplements where necessary, post code, town, country
  • Contact details: Telephone number(s), fax number(s), email address(es)
  • Subscription data: Information regarding the service through which you registered; times and technical information surrounding the registration, confirmation and logout; data which you provided when registering
  • Order data: Ordered products, prices, payment and delivery information
  • Payment data: Account data, credit card details, data regarding other payment services
  • Access data: Date and time at which you visited our Service; the page from which the accessing system reached our page; the pages which were accessed during the use of the site; data regarding the identification of the session (session ID); furthermore, the following information relating to the accessing computer system: internet protocol address (IP address) used, browser type and version, device type, operating system, and similar technical information
  • Application data: CV, references, supporting documents, work samples, certificates, pictures

h. Data Categories

  • Personal master data: Title, address/gender, first name, surname, date of birth
  • Address data: Street, house number, address supplements where necessary, post code, town, country
  • Contact details: Telephone number(s), fax number(s), email address(es)
  • Subscription data: Information regarding the service through which you registered; times and technical information surrounding the registration, confirmation and logout; data which you provided when registering
  • Order data: Ordered products, prices, payment and delivery information
  • Payment data: Account data, credit card details, data regarding other payment services
  • Access data: Date and time at which you visited our Service; the page from which the accessing system reached our page; the pages which were accessed during the use of the site; data regarding the identification of the session (session ID); furthermore, the following information relating to the accessing computer system: internet protocol address (IP address) used, browser type and version, device type, operating system, and similar technical information
  • Application data: CV, references, supporting documents, work samples, certificates, pictures

2. Accessing the Website/Application

Here, we describe how the personal data which we receive from you when you access our Services is processed. We would like to make particular reference to the fact that the transfer of access data to external content suppliers (see ‘b’ below) is inevitable due to the way in which the transfer of information on the internet technically works.

a. Information Concerning Processing

Category of DataIntended PurposeLegal BasisLegitimate Interests, where applicableRetention period
Access dataEstablishment of the connection, presentation of the contents of the Service, the discovery of attacks on our website through unusual activity, troubleshootingPoint (f) of Art. 6(1) GDPRProper functioning of Services, security of data and business processes, prevention of improper use, prevention of damages through interventions in information systems7 days

b. Information Concerning Processing

Category of RecipientAffected DataLegal Basis for the TransferLegitimate Interests, where applicable
External content suppliers who provide content (e.g. pictures, videos, embedded posts from social networks, advertisement banners, fonts, update information) which is required for displaying the ServiceAccess dataProcessing (Art. 28 GDPR)Proper functioning of Services, (accelerated) presentation of contents
Hosting service providersAccess dataProcessing (Art. 28 GDPR)

“EVI” Zajadacz app

Registration is required to use the app. You can apply for access to the shop using the contact details provided above.

What does our app use authorisations for?
Full use of the app requires adequate authorisations, that is, to be more precise, the below authorisations for the Apple iOS and Android operating systems.

Camera access (iOS, Android)
We need to have access to your device camera. We do not collect or store any data, but access is only required for you to be able to scan bar codes.

Positioning service/access to locations (iOS / Android)
This is required for the optional route planning.

Photos/media/files and storage (Android)
Several applications must be able to read, write and delete flash drive contents – including contents from storage devices connected via USB ports and microSD cards – since apps are otherwise limited to the often restricted internal device storage spaces.

WiFi connection data (Android)
This is used for accessing WiFi connections, including the names of connected devices, WiFi connections and the WiFi status (on/off).

Other (Android)

  • Calling off network connections;
  • Controlling the lighting;
  • Accessing all the networks:
  • Controlling vibration alarms;
  • Reading the Google service configuration.
  • When accessing app contents, our server may save identification data (IP address) and other information (date, time, accessed pages) for data security purposes. This data will only be analysed for statistical purposes and in an anonymised or pseudonymised form (that is, IP addresses shortened by several figures or addresses encrypted to other figures).

3. Application

During an application process, we process your personal data as follows:

a. Information Concerning Processing

Category of DataIntended PurposeLegal BasisLegitimate Interests, where applicableRetention period
Address data, contact dataIdentification, making contact, communication regarding contract initiationPoint (b) of Art. 6(1) GDPR6 months
personal master dataIdentification, making contact, age verificationPoint (b) of Art. 6(1) GDPR6 months
Application dataSelection of applicantsPoint (b) of Art. 6(1) GDPR6 months

b. Recipients of Personal Data

Category of RecipientAffected DataLegal Basis for the TransferLegitimate Interests, where applicable
Email service providersAll those mentioned under a.Processing (Art. 28 GDPR)
Email archiving service providersAll those mentioned under a.Processing (Art. 28 GDPR)

4. Customer Account

The following information describes how we process your personal data when you open a customer account.

a. Information Concerning Processing

Category of DataIntended PurposeLegal BasisLegitimate Interests, where applicableRetention period
Email address, personal master data, registration data and financial data (if required)Provision of a closed customer area to purchase goods and servicesPoints (b) and (f) of Art. 6(1) GDPRCustomer retention, goods supplies and service provisionDuring the customer relationship, unless this is contrary to other legal retention periods.

b. Recipients of Personal Data

Category of RecipientAffected DataLegal Basis for the TransferLegitimate Interests, where applicable
Email service providersAll those mentioned under a.Processing (Art. 28 GDPR)
Email archiving service providersAll those mentioned under a.Processing (Art. 28 GDPR)

5. Contact by Email

Find out how we process your personal data when you get in touch with us by email:

a. Information Concerning Processing

Category of DataIntended PurposeLegal BasisLegitimate Interests, where applicableRetention period
Personal master data, contact data, contents of the queries/complaints/objectionsProcessing of QueriesPoints (b) and (f) of Art. 6(1) GDPRCustomer loyalty, improvement of our Service1 year archiving for 10 years
Order dataContract brokering/service provisionPoint (b) of Art. 6(1) GDPR1 year archiving for 10 years

b. Recipients of Personal Data

Category of RecipientAffected DataLegal Basis for the TransferLegitimate Interests, where applicable
Email service providersAll those mentioned under a.Processing (Art. 28 GDPR)
Email archiving service providersAll those mentioned under a.Processing (Art. 28 GDPR)

6. Contact form

Find out how we process your personal data when you get in touch with us by email:

a. Information Concerning Processing

Category of DataIntended PurposeLegal BasisLegitimate Interests, where applicableRetention period
Contact detailsProcessing of QueriesPoint (a) of Art. 6(1) GDPR1 year archiving for 10 years
personal master dataProcessing of QueriesPoint (a) of Art. 6(1) GDPR1 year archiving for 10 years
Free textProcessing of QueriesPoint (a) of Art. 6(1) GDPR1 year archiving for 10 years

b. Recipients of Personal Data

Category of RecipientAffected DataLegal Basis for the TransferLegitimate Interests, where applicable
Hosting service providersAll those mentioned under a.Processing (Art. 28 GDPR)
Email archiving service providerAll those mentioned under a.Processing (Art. 28 GDPR)
Companies to which the query refersAll those mentioned under a.Processing (Art. 28 GDPR)

7. Tracking

Below, we shall describe how, with help from tracking technologies, your personal data is processed for the analysis and optimisation of our Services, as well as for advertising purposes.The description of tracking procedures also contains information on how you can prevent or object to data processing. Please take note that the so-called “opt-out” declaration, i.e. the rejection of processing, is generally saved via cookies. If you use our Services via a new end device or in another browser, or when you have deleted the cookies placed by your browser, you must declare your rejection once more. The tracking procedures presented only process personal data in pseudonymised form. A connection with a concrete, identifiable natural person, i.e. a merging of the data with information about the bearer of the pseudonym, does not occur.

a. Tracking for the analysis and optimisation of our services and their use, as well for the measurement of the success of advertising campaigns and optimisation of the presentation of advertisements

(1) Purposes of the Processing

Analysing user behaviour through tracking helps us to review the effectiveness of our Services, to optimise them and adjust them to meet the needs of the user, as well as to resolve errors. Furthermore, it serves the purpose of establishing specific values in regard to our Services (reach, intensity of use, surfing behaviour of the user) statistically – on the basis of uniform, standard processes – and thus of receiving values which are comparable across the market. Tracking for the measurement of the success of advertising campaigns serves to optimise our advertisements for the future, as well as to enable marketers and advertisers a corresponding optimisation of their advertisements. Tracking for the optimisation of the display of advertisements serves the purpose of showing users advertising which is tailored to their interests, in order to increase the success, and thus the revenues, of advertising.

(2) Legal Basis of Processing

For services which enable the behaviour of data subjects to be traced on the internet, and when creating user profiles, an informed consent within the meaning of the GDPR is required.

(3) The tracking procedures used in detail

Name of the ServiceOperating PrinciplePossibility to Prevent Processing (Opt-out)Transfer of Data to Third Countries?Adequacy Decision (Art. 45 GDPR), where applicableAppropriate Safeguards (Art. 46 GDPR), where applicable
Google AnalyticsWeb Analysishttps://tools.google.com/dlpage/gaoptout?hl=en-GBNo
Google MapsMarketinghttps://tools.google.com/dlpage/gaoptout?hl=en-GBNo
WiredmindsMarketingwww.zajadacz.de/datenschutzNo

If you would like to decide against interests-based advertising, you can also visit the website http://youronlinechoices.com/, click on “Your Ad Choices” and follow the instructions in order to either completely prohibit the use of your data for interests-based advertising for those service providers which are listed there, or to create custom settings. You will continue to receive advertisements, however, these will no longer be based on your interests.

III. Data Subject Rights

1. Right to Object

If we process your personal data for the purposes of direct advertising, you have the right to object at any time to the processing of personal data about your person for such advertising purposes with effect for the future.
Furthermore, you have the right to object at any time, on grounds relating to your particular situation and with effect for the future, to the processing of personal data about your person that is based on point (e) or (f) of Art. 6(1) GDPR.
You may exercise your right to object free of charge. 
You can contact us via the contact details stated in I.2.

2. Right of Access

You have the right to learn whether personal data concerning your person is being processed by us, what personal data this concerns, where applicable, as well as additional information in accordance with Art. 15 GDPR.

3. Right to Rectification

You have the right to request that we immediately rectify inaccurate personal data concerning your person (Art. 16 GDPR). Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

4. Right to erasure (“right to be forgotten”)

You have the right to request that personal data concerning your person be deleted immediately, insofar as one of the reasons listed in Art. 17(1) GDPR is applicable, and insofar as the processing of the data is not required for a purpose as regulated in Art. 17(3) GDPR.

5. Right to Restriction of Processing

You are entitled to request the restriction of the processing of your personal data in the case of the existence of one of the conditions set out in points (a) to (d) of Art. 18(1) GDPR

6. Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. Furthermore, you have the right to transmit this data to another controller without hindrance from us, or to have this data transmitted directly from us, insofar as this is technically feasible. This shall always apply when the basis of the data processing is consent or a contract, and where the data is automatically processed. Thus, this does not apply to data which is only available in paper form.

7. Right to Withdrawal of Consent

Insofar as processing takes place based on your consent, you have the right to withdraw that consent at any time. In doing so, the lawfulness of the processing which was carried out based on consent until the time of its withdrawal shall not be affected.

8. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority.

Our website uses the wiredminds GmbH (www.wiredminds.de) tracking pixels technology to analyse the visitors’ behaviour.
Data may be collected, processed and stored, from which user profiles are created under a pseudonym. Where possible and appropriate, these user profiles will be completely anonymised. In this context, cookies can be used. Cookies are small text files that are stored in the internet browser of the website visitor that serve the purpose of the recognition of the internet browser on future visits. The data that is collected, which can also include personal data, will be transferred directly to wiredminds or collected directly by wiredminds. wiredminds is able to use information which is left during visits to the web pages for the creation of user profiles. The data collected in this way will not be used in order to identify the user of this website personally without the explicit consent of the data subject, and it will not be not combined with the personal data of the holder of the pseudonym. If IP addresses are collected, they will be anonymised immediately through the erasure of the last numerical block.
If you object to this, please click here. Opt out from tracking

Reservation of Changes
We reserve the right to amend this Privacy Policy at any time taking into account the applicable regulations

Neu Wulmstorf, June 2018