Data Protection Statement for the purpose of Information Requirements in accordance with Articles 13 / 14 of the General Data Protection Regulations

1. Introduction The following data protection advice informs you as an affected person, how we process your data, which personal data we collect about you when you visit our website, and where applicable, use our web services.
   1. 1. Person responsible for data handling & processing The person responsible within the meaning of the General Data Protection Regulations (GDPR) and other national data protection laws of member states as well as other data protection legislation is:
      
      HQ-Europe GmbH
      Kalkofen 6
      58638 Iserlohn
      Germany
      +49 (0) 2371 9533 700
      E-Mail: info@hq-europe.com
      Website: www.hq-europe.com
2. General Information concerning data processing
   1. Scope and purpose of processing personal data Personal related data of our users is processed using measures which are necessary for the preparation of a fully functional website as well as the use of its contents and performance. Technical data (e.g. web browser, operating system or time the page was viewed) will be recorded automatically by our technical information system as soon as our website has been entered.
   2. Legal basis for the processing of personal-related data When we have received permission from the affected person, Article 6 paragraph 1 lit. f of the GDPR serves as a legal basis. To fulfil a contract, it is necessary to process the personal related data of a contract party who is the affected person. Article 6 paragraph 1 lit. b of the GDPR serves as a legal basis. This is also valid for processing procedures which are necessary for carrying out preliminary contractual arrangements. Where it is necessary to process personal related data for the fulfilment of a legal obligation that our company is subject to, Article 6 paragraph 1 lit. c of the GDPR serves as a legal basis.
      For the situation where it is necessary to process the essential interests of the affected person or another physical person, Article 6 paragraph 1 lit. d of the GDPR serves as a legal basis.
      If processing is necessary for safeguarding a justified interest of our company or a third party and does not pre dominate the interests, basic rights and fundamental freedom of the affected person’s aforementioned interests, Article 6 paragraph 1 lit. f of the GDPR serves as a legal basis for processing.
   3. Data recipient and recipient categories Personal related details are not generally passed on to third parties. For the operation of this website, it may however be necessary that technical service providers receive information concerning personal details. In these cases we specify, where known, the scope of the data to the data receiver.
   4. Forwarding to a third country Our company web servers are situated within the European Union (EU) and the European Economic Area (EEA), and none of our data processing takes place outside of the EU or EEA respectively. Nevertheless, various useful services for our users (e.g. Google maps USA) are tied-in to our system, and users are informed of third country forwarding.
   5. Length of data storage and criteria for defining length of storage. Personal related data of the affected person will be deleted or blocked as soon as the reason for storage is not applicable. Moreover, storage can take place if intended by a European or national legislator by way of harmonised decrees, laws or other regulations to which the responsible person is subject to. Blocking or deleting the data will take place when the named standard prescribed storage deadline expires, unless the necessity still exists for continued data storage regarding conclusion of a contract or contract fulfilment.
   6. Personal rights If your personal data has been processed, you are an affected person within the meaning of the GDPR, and you are entitled to the following rights from us as those responsible:
      • The right to information about your personal data processed by us in accordance with Article 15 of the GDPR.
      • The right to the amendment of any incorrect or incomplete personal data stored by us in accordance with Article 16 of the GDPR.
      • The right for your personal data to be deleted in accordance with Article 17 of the GDPR, in so far as the requirements for this have been fulfilled.
      • The right to limitations of the processing in accordance with Article 18 of the GDPR, in so far as the requirements for this have been fulfilled.
      • As an affected person, the right to receive your personal data which you provided us with in a structured, established machine readable format, in so far as the requirements for data transfer in accordance with Article 20 of the GDPR have been fulfilled.
      • As an affected person, the right to objection against the processing of your personal data in accordance with Article 21 of the GDPR as the result of a specific situation, and in so far as the data processing takes place on the basis of authorised interests in accordance with Article 6 paragraph 1 lit. f GDPR.
      • The right to a retraction of your given agreement in accordance with Article 7 paragraph 3 of the GDPR.
      If you wish to make use of your rights, make contact with the address of the responsible person given above. Furthermore, in accordance with article 77 of the GDPR in connection with paragraph 19 of the German General Data Protection Act you have the right to complain to a data protection supervisory body, when you are of the opinion that the processing of your personal data has not been rightfully carried out. You can contact the supervisory authorities at your usual place of residence or place of work as well as our company headquarters. A list of supervisory bodies and their addresses can be found under: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
3. Data processing in detail
   1. Transfer by means of SSL- / TLS encoding For security reasons, this website uses SSL and TLS encoding respectively to protect the transfer of confidential information. Encoded connection is guaranteed by using a Hypertext-Transfer Protocol (https://). In this situation, data transferred to us by a user can not be read by a third party.
   2. Preparation of the website and creating log files
      1. Description and scope of the processing of personal related data Every request to our website automatically records data from the requesting end user’s system. The following data can be recorded:
         • Browser type used and version
         • User’s operating system
         • User’s IP Address
         • Date and time of access
         • Websites that the user of our website reached (Referrer)
         • Websites that the user of our website called up
         The data will also be stored in our system log files. Storing this data with other personal data of the user will not take place.
      2. Legal basis for the processing of personal related data Legal basis for the temporary storage of data and the log files is Article 6 paragraph 1 lit. f GDPR.
      3. Purpose of data storage Temporary storage of IP-Addresses by our system is necessary, in order to enable the use of our website on the end user’s system. Therefore, the user’s IP-Address has to be stored for the duration of the session. Storing in log files takes place in order to ensure the functional ability of the website. Moreover, this data is also used to optimise the website and to ensure the security of our technical information system. Our legitimate interest for data processing is in accordance with Article 6 paragraph 1 lit. f GDPR.
      4. Recipient of data Recipients of data are where necessary, technical service providers, who are involved in the maintenance of our website.
      5. Duration of storage Data will be deleted as soon as it is no longer required for the intended purpose. In the case of recording data for the preparation of the website, data will be deleted when the session is finished. Data recorded in log files will be deleted after 7 days, however further storage is also possible. In this case, the user IP-Addresses will be deleted or de-familiarized so that mapping of call-up clients is no longer possible.
      6. Obligation for preparation, objections, retractions and removal possibilities Recording of data for the preparation of the website and storing of data in log files is absolutely necessary for the operation of the website. For this reason, objections are excluded.
   3. Use of Cookies
      1. Description and scope of data processingOur website uses cookies. Cookies are text files that are stored on an internet browser or on the user’s computer system internet browser. When a user calls up a website, a cookie can then be stored on his operating system. Our cookies are so called “session cookies”, which will be automatically deleted at the end of your session or visit.
      2. Legal basis for data processingThe legal basis for the processing of personal related data and the use of cookies is Article 6 paragraph 1 lit. f GDPR.
      3. Purpose of data processing
         The website operator has a legitimate interest in the storing of cookies for the website to be free of technical faults and to optimise preparation of his services. Our legitimate reasons for this interest in processing personal related data are in accordance with Article 6 paragraph 1 lit. f GDPR.
      4. Duration of storage, objections and removal possibilitiesCookies will be stored on the user’s computer and transferred from there to our system. The user has full control over the use of cookies, and by changing his internet browser settings, the transfer of cookies can be activated, deactivated or limited. Previously stored cookies can be deleted at anytime, and this can also happen automatically. Should cookies on our website be deactivated, it is possible that the user may not be able to use all of our website functions.
   4. Email contact
      1. Description and scope of data processing of personal related details Contacting us by using the email address provided is also possible. In this situation, the user’s personal data sent with the email will be recorded. This information will only be used for processing the conversation. No data from this conversation will be provided to a third party.
4. Conclusion You are kindly advised to brief yourself regularly on the contents of the data protection statement.
   1. Alterations to the data protection advice We reserve the right to alter the data protection advice in order to conform with any changes to the legal basis, changes to our services or to data processing.
   2. Status of Data Protection Advice This data protection advice is currently from 29.10.2018