Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form or in the electronic chat.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
NOSTA Holding GmbH
Telefon: +49 (0)541-9333-0
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
Statutory data protection officer
We have appointed a data protection officer for our company.
Telephone: + 49 251 489 570 - 41
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
We use Google's reCaptcha service to determine whether a human or a computer is making a particular entry in our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the described data processing is Art. 6 (1) lit. f of the General Data Protection Regulation. There is a legitimate interest on our side in this data processing to ensure the security of our website and to protect us from automated entries (attacks).
Chat with Userlike
At various places on our website you are offered a chat as a contact option.
This website uses Userlike, a live chat software of the company Userlike UG (haftungsbeschränkt). Userlike uses "cookies" to enable a personal conversation in the form of a real-time chat with you.
The data collected is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. The data is also stored with our chat service provider Userlike.
Legal basis for processing:
The processing is carried out on the basis of Art. 6 (1) f) EU-DSGVO.
Content of the chat, date and time of the call, browser type/version, operating system used, URL of the previously visited website, and amount of data sent.
We delete the data from us after 12 months.
Further information on data protection:
Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
Handling of supplier data via shipzero
We process personal data that we have received from you or from publicly available sources in the course of our business relationship.
Relevant personal data are names, address data and telecommunications data. In addition, this may also include inquiry, offer and order data, data from the fulfillment of our contractual obligation, product data, documentation data, as well as other data comparable to the mentioned categories.
Purpose of processing
The processing of your personal data (Art. 4 No. 2 GDPR) is carried out in accordance with the provisions of the GDPR and the Federal Data Protection Act for the following purposes: For the fulfilment of contractual obligations (Art. 6 para. 1 (b) GDPR), as is necessary for the execution and organization of the business relationship. In addition, we may use this data for additional purposes in the context of our business relationship and for analysis purposes.
We train all our employees who come into contact with personal data and oblige them to comply with data protection requirements in accordance with the principles of the GDPR for the processing of personal data, as defined in Article 5 (1) GDPR.
Use and disclosure of personal data
We only use the personal data for our own purposes in the course of the business relationship. In the event of the involvement of third parties in work processes that would make it necessary to temporarily pass on your data for processing solely for this purpose, we apply the same high standards and oblige the third party to comply with data protection regulations within the framework of an agreement on order data processing in accordance with Art. 28 GDPR.
Duration of storage
We process and store your personal data for the duration of our business relationship and in accordance with the statutory retention periods.
Right to information
Every data subject has the right to information pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, as well as the right to data portability pursuant to Article 20 GDPR. The restrictions according to §§ 34 and 35 BDSG apply to the right to information and the right to erasure. In addition, there is the right to lodge a complaint with a data protection authority (Art. 77 GDPR in conjunction with § 19 BDSG).
If you have any questions regarding the processing of your personal data, you are welcome to contact our data protection officer, who is also available for information, suggestions and complaints.
Data protection information for appointment bookings via Microsoft Bookings
We would like to inform you below about the processing of personal data in connection with the use of "Bookings".
Purpose of processing
We use the "Bookings" tool to be able to arrange appointments between our customers and our sales staff. (Hereinafter: "online booking").
The person responsible for data processing directly related to the implementation of online bookings is NOSTA Holding GmbH.
Order processing contract
We use Microsoft 365 and Microsoft Bookings, to carry out our appointment bookings by sending a link via email.
Microsoft 365 and Microsoft Bookings are a service provided by Microsoft Ireland Operations, Ltd.
We have concluded an order processing contract with the provider.
Microsoft Bookings is part of the cloud application Office 365. Microsoft reserves the right to process customer data for its own business purposes. This poses a data protection risk for Microsoft Bookings users.
Please note that we have no influence on Microsoft's data processing activities. To the extent that Microsoft Bookings processes personal data in connection with Microsoft's legitimate business operations, Microsoft is an independent data controller for such use and, as such, is responsible for compliance with all applicable laws and obligations of a data controller.
There you will also find more information about your rights in this regard. Microsoft also processes your personal data in the USA. EU standard contracts with Microsoft on Office 365 and Teams are in place to ensure an adequate level of data protection. You can access the EU standard contractual clauses at https://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF.
The following personal data is subject to processing:
User details: display name, email address, preferred language, metadata: e.g. date, time, phone number, location.
Cookie Consent with CookieFirst
This website uses CookieFirst's cookie content technology to obtain your consent to the storage of certain cookies on your end device and to document this consent in accordance with data protection regulations. The provider of this technology is Digital Data Solutions B. V. , Plantage Middenln 42a, 1018 DH Amsterdam, website: cookiefirst.com (hereinafter “CookieFirst”).
When you enter our website, the following personal data is transferred to CookieFirst:
Order Processing Agreement
We have entered into an order processing agreement with CookieFirst. This is a data protection contract which guarantees that CookieFirst processes the personal data of our website visitors only according to our instructions and in compliance with the DSGVO.