Privacy policy

Alle Druschke Kältekammern stehen nebeneinander ein einer großen Halle

Datenschutzerklärung

Who is responsible and how to contact us?

Responsible Parties

Responsible for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

Druschke Cryo Tech GmbH
Am Bruchweg 2
63571 Gelnhausen Meerholz
Germany

Phone: +49 (0) 6051 916 678 0
Email: info@druschkecryo.com

 

Data Protection Officer

Erich Zimmermann
c/o ZiDa-Datensicherheit GmbH
Office: Mannheim
Schwarzwaldstraße 17
68163 Mannheim
Germany

Website: www.zida-datensicherheit.de
Email: e.zimmermann@zida-gmbh.de

 

What is this Privacy Policy about?

This Privacy Policy fulfills the statutory requirements for transparency regarding the processing of personal data. Personal data refers to any information relating to an identified or identifiable natural person. This includes, for example, name, age, postal address, telephone number, date of birth, email address, IP address, or user behavior when visiting a website. Information for which no reference to a person can be established, or only with disproportionate effort (e.g., through anonymization), does not constitute personal data.

The processing of personal data—such as collection, retrieval, use, storage, or transmission—always requires a legal basis and a defined purpose. Stored personal data will be deleted as soon as the purpose of processing has been achieved and there are no lawful reasons for further retention.

Specific storage periods or criteria for storage are provided in the respective processing operations. Independently of this, personal data may be stored in individual cases for the establishment, exercise, or defense of legal claims or where statutory retention obligations exist.

 

Who Receives Personal Data?

Personal data processed on the website is disclosed to third parties only when necessary to fulfill the stated purposes and when covered by a legal basis, such as consent or the safeguarding of legitimate interests.

In individual cases, personal data may be disclosed to third parties if this serves the establishment, exercise, or defense of legal claims. Possible recipients include law enforcement authorities, legal counsel, auditors, courts, or similar entities.

Where service providers are engaged for the operation of the website and process personal data on behalf of the controller within the scope of commissioned processing pursuant to Article 28 GDPR, these service providers may also be recipients of personal data. Further information on the use of processors and web services is provided in the overview of the individual processing operations.

 

Are cookies used?

Cookies are small text files that are sent to a device’s browser during a visit to the website and stored there. As an alternative to cookies, information may also be stored in the browser’s local storage.

Some functions of the website cannot be provided without the use of cookies or local storage (technically necessary cookies). Other cookies enable various analyses, for example allowing recognition of the browser used when revisiting the website and transmitting various information (non-essential cookies).

Cookies help make the website more user-friendly and effective by enabling an understanding of how the website is used and identifying preferred settings, such as country and language preferences. Where third parties process information via cookies, the information is collected directly via the browser.

Cookies do not cause any damage to a device. They cannot execute programs and do not contain viruses.

Information about the specific services for which cookies are used is provided in the respective processing operations. Detailed information on the cookies used can be found in the cookie settings or in the consent manager of this website.

 

Cookie Overview

DomainCookie namePurpose / DescriptionCategoryStorage Duration
.druschkecryo.com_gcl_auMarketing and conversion tracking cookie to measure the success of Google advertising campaignsMarketingapprox. 3 months
druschkecryo.comreal_cookie_bannerStorage of the user’s cookie and consent settingsTechnically necessaryup to 1 year
druschkecryo.comwp-wpml_current_languageStorage of the language selected by the user (multilingual website)FunctionalSession

 

What Rights Apply Under the GDPR?

Subject to the statutory provisions of the GDPR, the following rights apply to data subjects:

  • Right of access (Article 15 GDPR): Access to information about the personal data stored, including meaningful details of processing, and receipt of a copy of the data.
  • Right to rectification (Article 16 GDPR): Correction of inaccurate or incomplete data stored by the controller.
  • Right to erasure (Article 17 GDPR): Deletion of personal data, provided processing is not required for freedom of expression and information, compliance with a legal obligation, reasons of public interest, or the establishment, exercise, or defense of legal claims.
  • Right to restriction of processing (Article 18 GDPR): Limitation of processing where the accuracy of the data is contested, processing is unlawful, the data is no longer needed but retention is required for legal claims, or an objection under Article 21 GDPR has been raised.
  • Right to data portability (Article 20 GDPR): Receipt of personal data provided on the basis of consent (Article 6(1)(a) GDPR) or contract (Article 6(1)(b) GDPR) in a structured, commonly used, machine-readable format, or transmission to another controller where technically feasible.
  • Right to object (Article 21 GDPR): Objection to processing based on Article 6(1)(e) or (f) GDPR for reasons arising from a particular situation, or objection to direct marketing. This right does not apply where compelling legitimate grounds for processing outweigh the interests of the data subject or where processing serves legal claims. Where this right does not apply to specific processing operations, this will be indicated accordingly.
  • Right to withdraw consent (Article 7(3) GDPR): Withdrawal of consent at any time with effect for the future.
  • Right to lodge a complaint (Article 77 GDPR): Submission of a complaint to a supervisory authority if the processing of personal data is believed to violate the GDPR. The supervisory authority of the habitual residence, place of work, or the controller’s registered office may be contacted.

 

Competent supervisory authority

The supervisory authority responsible for us is:

The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany

Phone: +49 (0) 611 1408-0
Email: poststelle@datenschutz.hessen.de
Website: https://datenschutz.hessen.de

Irrespective of this, the supervisory authority of the habitual residence or place of work may also be contacted.

 

How Is Personal Data Processed in Detail?

Below we inform about the individual processing operations, the scope and purpose of data processing, the legal basis, any obligation to provide data, and the respective storage duration. Automated decision-making in individual cases, including profiling, does not take place.

 

Website Provision

Nature and scope of processing

When accessing and using the website, personal data is collected that the browser automatically transmits to the servers. The following information is temporarily stored in log files:

  • Referrer (previously visited website)
    • Requested website or file
    • Browser type and browser version
    • Operating system used
    • Device type used
    • Time of access
    • IP address in anonymized form (used solely to determine the location of access)

Additionally, personal data may be processed within the scope of web analytics services, provided that corresponding consent has been given.

The website is hosted by an external service provider.

 

Hosting Service Provider

united-domains GmbH
Management: Dr. Thorsten Fuchs, Michael Klemund
Gautinger Straße 10
82319 Starnberg
Germany

The hosting provider processes personal data generated when accessing the website—such as IP addresses, log files, metadata, and communication data—on behalf of the controller under a data processing agreement pursuant to Article 28 GDPR.

 

Purpose and Legal Basis

Processing is carried out to safeguard the overriding legitimate interest in providing the website and ensuring system security and stability pursuant to Article 6(1)(f) GDPR.

The collection of data and storage in log files is strictly necessary for website operation. Due to the exception under Article 21(1) GDPR, there is no right to object to this processing.

Where further storage of log files is required by law, processing is carried out pursuant to Article 6(1)(c) GDPR.

There is no statutory or contractual obligation to provide the data. However, without this data, access to the website is technically not possible.

 

Storage duration

The aforementioned data is stored for the duration of website display and, for technical reasons, for a maximum of eight weeks thereafter.

 

Presences on Social Media Platforms

Fan pages, accounts, or channels are maintained on the social networks listed below to provide information and offers, as well as additional contact options regarding services. The following explains which data is processed by the controller or the respective social network when these pages are accessed and used.

 

Data Processed by the Controller

When contact occurs via messenger or direct message through a social network, the username used for communication and any additional data provided are processed insofar as this is necessary to respond to the request.

Legal basis: Article 6(1)(f) GDPR, as processing is necessary to safeguard the legitimate interests of the controller.

 

(Static) Usage Data from Social Networks

Through insight functionalities, automated statistics about the accounts are received, including total number of page views, likes, page activities and post interactions, reach, video views, demographic breakdown (e.g., gender distribution).

These statistics are aggregated and cannot be attributed to individuals.

 

Data processed by Social Networks

Viewing the content of fan pages or accounts does not require membership or a user account. However, social networks may collect and store data from visitors without accounts when their platforms are accessed, for example technical data necessary to display the website, and may use cookies and similar technologies over which the controller has no influence. Details are provided in the respective social network’s privacy policies.

Interaction with content on fan pages or accounts—such as commenting, sharing, liking posts, or contacting via messenger functions—requires prior registration with the respective social network and the provision of personal data.

The controller has no influence over the data processing carried out by social networks. To the best of current knowledge, data is processed for service provision and usage analysis using cookies, pixels, and similar technologies, and may be used for interest-based advertising.

It cannot be ruled out that personal data is stored outside the EU or the EEA and disclosed to third parties.

Information on the scope, purposes, storage duration, deletion, cookie use, rights, and objection options is available in the privacy policies and cookie guidelines of the respective social networks.

 

Instagram (Meta Platforms)

An online presence is maintained on the Instagram platform to communicate with users and provide information about services.
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When visiting the Instagram page, Meta processes personal data, such as IP address, device information, and usage behavior, under its own responsibility.
Only anonymized statistics known as insights regarding the use of content are received. These do not contain personal data of individual users.

It cannot be ruled out that personal data processed by Meta is transferred to servers in third countries, in particular the United States.
Further information on data processing by Instagram can be found in Meta’s privacy policy:
https://www.facebook.com/privacy/policy/

Legal basis: Article 6(1)(f) GDPR.

 

Facebook Fan Page

A fan page is operated on the Facebook platform.
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When visiting the Facebook fan page, Meta processes users’ personal data. Joint responsibility with Meta exists for this processing pursuant to Article 26 GDPR.
The agreement on joint responsibility is available at:
https://www.facebook.com/legal/terms/page_controller_addendum

Full access to the data processed by Meta is not available; only anonymized usage statistics are received.
It cannot be ruled out that personal data is transferred to third countries, such as the United States.

Legal basis: Article 6(1)(f) GDPR.

 

Use of a Consent Management Tool

A consent management tool is used on the website to obtain, manage, and document user consent for the use of cookies and similar technologies in a data protection-compliant manner.

Data processed:
• Consent status (granted, refused, withdrawn)
• Time of consent
• Pseudonymous user ID
• Browser and device information

Legal basis: Article 6(1)(c) GDPR and Article 6(1)(f) GDPR.

 

Google Tag Manager

Google Tag Manager is used on the website.
Provider: Google Ireland Limited, Dublin, Ireland.

Google Tag Manager is used to manage website tags. When the service is loaded, the IP address is transmitted to Google for technical reasons. Activation occurs only after prior consent.

Legal basis: Article 6(1)(a) GDPR.

 

Web Analytics with etracker

To analyze the use of the website, the web analytics service etracker is used.
Provider: etracker GmbH, Hamburg, Germany.

Processing occurs only after prior consent.

Legal basis: Article 6(1)(a) GDPR.

 

YouTube Embeddings

The website may include videos from the YouTube platform.
Provider: Google Ireland Limited, Dublin, Ireland.

When accessing a page containing an embedded YouTube video, a connection to YouTube servers is established. YouTube is informed which page was visited. Logged-in users may have their behavior linked to their profile.

YouTube may use cookies or comparable recognition technologies such as device fingerprinting. Personal data may be transferred to servers of Google LLC in the United States.
Embedding occurs only after prior consent.

Legal basis: Article 6(1)(a) GDPR.

 

Data Transfers to Third Countries

In connection with the use of certain services, personal data may be transferred to third countries, in particular the United States.
In addition, the use of social media platforms and embedded content such as Instagram, Facebook, and YouTube may involve transfers of personal data to third countries.

Such transfers occur only after prior consent and in accordance with Articles 44 et seq. GDPR. The respective providers are independently responsible for further processing.