Политика конфиденциальности

The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection legislation is:

EazyClean Technologies GmbH
Doncaster Platz 5, 45699 Herten, Germany
Phone: +49 2366 5695105
Email: info@eazyclean.com
Website: https://eazyclean.com

We take the protection of your personal data very seriously and treat it confidentially in accordance with applicable data protection legislation, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). This privacy policy informs you about how we collect and process personal data.

Our services are primarily aimed at business customers (B2B). Personal data processing therefore predominantly occurs within the context of business relationships. If you use our website as a consumer, the following information applies equally.

We process personal data for the following purposes:

• Provision and operation of this website
• Processing of enquiries and communication
• Business initiation, quotation preparation and contract performance
• Provision of our services (service, maintenance, repair, machine sales)
• Newsletter dispatch and direct marketing to business customers
• Web analytics and optimisation of our online offering
• Online advertising and remarketing
• Ensuring IT security and abuse prevention
• Compliance with legal obligations (e.g. retention requirements)

In processing data we observe the principles of lawfulness, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (Art. 5 GDPR).

The processing of your personal data is based on the following legal grounds:

• Art. 6(1)(a) GDPR (Consent) – You have given consent for one or more specific purposes (e.g. newsletter sign-up, cookie consent).
• Art. 6(1)(b) GDPR (Contractual performance) – Processing is necessary for the performance of a contract or pre-contractual measures (e.g. quotation request, service agreement).
• Art. 6(1)(c) GDPR (Legal obligation) – Processing is necessary to comply with a legal obligation (e.g. tax record-keeping requirements).
• Art. 6(1)(f) GDPR (Legitimate interest) – Processing is necessary for the purposes of our legitimate interests, provided your interests do not override them (e.g. web analytics, direct marketing to B2B customers, IT security).

Where we use cookies and similar technologies that are not strictly necessary, we obtain your consent in accordance with Section 25 TDDDG (German Telecommunications Digital Services Data Protection Act).

Depending on usage, we process the following categories of personal data:

• Master data (name, company, address)
• Contact data (email address, phone number)
• Content data (message content, enquiries, quotation details)
• Usage data (pages visited, access times, click behaviour)
• Connection / technical data (IP address, browser type, operating system, referrer URL, device type)
• Contractual data (subject matter, scope of services, duration)
• Payment data (bank details, invoice data – only insofar as required for processing)
• Location data (city-level only, no GPS tracking – where collected via analytics tools)
• Cookie and tracking data (consent status, pseudonymous usage profiles)

Personal data is collected from the following sources:

• Directly from you (contact forms, quotation requests, phone calls, emails)
• Automatically when visiting our website (server log files, cookies, analytics tools)
• From publicly available sources (commercial registers, company websites – in B2B context)
• From business partners or group companies (where permitted)

Your personal data may be disclosed to the following recipients or categories of recipients, insofar as this is necessary:

• Hosting and IT service providers (web hosting, email hosting, cloud services)
• Web analytics and marketing service providers (Google, Microsoft)
• Newsletter and email marketing providers
• CRM and ERP systems
• Payment service providers and accounting software
• Tax advisors, auditors and lawyers (where legally required)
• Public authorities (where legally obliged)

Where data processors are engaged, they are contractually bound in accordance with Art. 28 GDPR.

8.1 Server Log Files

Each time our website is accessed, the web server automatically records the following data:

• IP address of the requesting device
• Date and time of access
• Name and URL of the requested file
• Volume of data transferred
• Notification of successful retrieval (HTTP status code)
• Browser type and version
• Operating system
• Referrer URL (previously visited page)

The legal basis is Art. 6(1)(f) GDPR (security and error analysis). Log data is typically deleted after 14 days.

8.2 Contacting Us

If you contact us by email, telephone or contact form, we store your details (name, email address, message content) to process your enquiry. The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures / contract performance) or Art. 6(1)(f) GDPR (legitimate interest in responding to your enquiry).

8.3 Forms, Quotation Requests and Business Initiation

You can use quotation request forms, service request forms and contact forms on our website. The data entered (name, company, email, phone, message, desired service) is stored to process your request and may be recorded in our CRM system. The legal basis is Art. 6(1)(b) GDPR.

8.4 Internal Analytics and Evaluation Tools

We use our own evaluation mechanisms to analyse the use of our website (e.g. evaluation of form submissions, lead tracking). This data is pseudonymised and serves internal optimisation purposes. The legal basis is Art. 6(1)(f) GDPR.

We use a consent management tool to obtain and document your consent to the use of cookies and similar technologies. On your first visit to our website, you will be informed about the technologies used and can grant or refuse consent. Your consent settings are saved and can be revoked at any time.

The legal basis for the consent management tool is Section 25(1) TDDDG in conjunction with Art. 6(1)(c) GDPR (proof of consent).

We use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies and similar technologies that enable an analysis of your use of our website.

The information generated is usually transferred to a Google server in the USA and stored there. We have activated IP anonymisation so that your IP address is truncated within the EU/EEA before transmission.

The legal basis is your consent pursuant to Art. 6(1)(a) GDPR in conjunction with Section 25(1) TDDDG. Data transfer to the USA is based on the EU-US Data Privacy Framework. You may revoke your consent at any time via our consent management tool.

We use Google Ads and the associated conversion tracking. When you click on a Google advertisement, a conversion cookie is stored on your device. This cookie enables us to record whether a user has performed a specific action on our website (e.g. quotation request).

In addition, we use Google Remarketing to target you with tailored advertisements across the Google advertising network after you have visited our website.

The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time and disable personalised advertising in your Google account settings.

We use Microsoft Clarity and/or Microsoft Advertising (Bing Ads) provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA. Microsoft Clarity records anonymised user behaviour on our website (e.g. heatmaps, session recordings). Microsoft Advertising enables conversion tracking and remarketing via the Microsoft advertising network.

The legal basis is your consent pursuant to Art. 6(1)(a) GDPR. Data transfer to the USA is based on the EU-US Data Privacy Framework.

In a B2B context, we create internal usage profiles and lead scores based on your behaviour on our website (e.g. pages visited, services enquired about, industry classification). This serves the purpose of needs-based communication and prioritisation of sales activities.

The legal basis is our legitimate interest pursuant to Art. 6(1)(f) GDPR (efficient business initiation in the B2B sector). No automated individual decision-making within the meaning of Art. 22 GDPR takes place.

We send newsletters and business emails to existing and prospective business customers. Newsletter registration is carried out via a double opt-in procedure. As part of newsletter distribution, we measure open and click rates to optimise our content.

The legal basis for the newsletter is your consent pursuant to Art. 6(1)(a) GDPR. In the B2B context, we rely on Section 7(3) UWG (German Act Against Unfair Competition) and Art. 6(1)(f) GDPR for direct marketing via email in existing business relationships.

You may object to the use of your email address for advertising purposes at any time, without incurring any costs other than the transmission costs at basic rates (e.g. unsubscribe link in the newsletter).

Our website uses cookies and similar technologies (e.g. local storage, pixels). Cookies are small text files that are stored on your device.

We distinguish between:

• Strictly necessary cookies – These are required for the operation of the website (legal basis: Section 25(2) No. 2 TDDDG).
• Analytics and marketing cookies – These are only set with your consent (legal basis: Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR).

You can change your cookie settings at any time via our consent management tool or block and delete cookies in your browser settings.

We store personal data only for as long as is necessary for the respective processing purposes or where statutory retention periods apply:

• Contractual data: Duration of the business relationship plus statutory retention periods (typically 6 or 10 years under HGB/AO)
• Contact enquiries: Until fully processed, then 3 years (standard limitation period)
• Newsletter data: Until consent is revoked
• Server log files: Typically 14 days
• Analytics data: According to the settings of the respective tool (typically 14–26 months for Google Analytics)

Once the retention period expires, data is routinely deleted unless it is still required for contract performance or for legal reasons.

In connection with the use of Google and Microsoft services, personal data is transferred to the USA. The transfer is based on the EU-US Data Privacy Framework (DPF) pursuant to Art. 45 GDPR, provided the respective service provider is certified under the DPF. In addition, we employ Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR.

Further information about the EU-US Data Privacy Framework is available at dataprivacyframework.gov.

Within the scope of a business relationship, you are required to provide those personal data that are necessary for the establishment, performance and termination of a business relationship and for the fulfilment of the associated contractual obligations. Without this data, we will generally be unable to conclude the contract or execute the order.

The general use of our website is possible without providing personal data. Unless you submit an enquiry or enter into a contractual relationship, you are not obliged to provide personal data. However, technically necessary data (e.g. IP address in server log files) is recorded automatically.

Under the GDPR you have the following rights with regard to your personal data:

• Right of access (Art. 15 GDPR) – You can request information about your data stored by us.
• Right to rectification (Art. 16 GDPR) – You can request the correction of inaccurate data.
• Right to erasure (Art. 17 GDPR) – You can request the deletion of your data, provided no statutory retention obligations apply.
• Right to restriction of processing (Art. 18 GDPR) – You can request the restriction of processing under certain conditions.
• Right to data portability (Art. 20 GDPR) – You can request the transfer of your data in a machine-readable format.
• Right to object (Art. 21 GDPR) – You can object to the processing of your data where the processing is based on Art. 6(1)(e) or (f) GDPR. This applies in particular to processing for direct marketing purposes.
• Right to withdraw consent (Art. 7(3) GDPR) – You can withdraw consent at any time with effect for the future.

To exercise your rights, please contact: info@eazyclean.com

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data. The supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestr. 2–4
40213 Dusseldorf, Germany
Website: www.ldi.nrw.de

We employ technical and organisational security measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our website uses SSL/TLS encryption for secure data transmission. Our security measures are regularly reviewed and adapted to technological developments.

Our website may contain links to third-party websites. We have no influence over their content or privacy practices and accept no responsibility for them. Please inform yourself directly with the providers of linked websites regarding their privacy policies.

We reserve the right to amend this privacy policy to reflect changes in the legal situation, technical developments or changes to our services. The current version is always available on this page. We recommend that you review this privacy policy regularly.