Privacy policy

Personal data means all the information that can be used to identify a person. This includes names, email addresses, IP addresses and telephone numbers (hereinafter referred to as “data”). Information that cannot be attributed to the identify of a specific person is not personal data (e.g. the number of visitors to a website).

Data processing means any form of using personal data whether automated or not (e.g. the collection, recording, organisation, structuring, storing, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, deletion or destruction, hereinafter collectively referred to as “processing”).

We process the following data within the scope of our digital offers:

• Master data (names, addresses, customer account, contact person)
• Contact data (email, telephone number, fax)
• Digital data (IP address, browser type, device details, access details, server log files)
• User data (scope of use of the digital offers, inputs and communication with us)
• Order data (e.g. payment details, bank details)

We process the data of the following data subjects

• Business partners and customers, as well as their agents
• Prospective customers, senders of communication
• Applicants
• Other users of our digital offers

We process data for the following purposes

• The provision of our digital offers and their continuous improvement e.g. user-friendliness
• Marketing e.g. email newsletter, company presence on social networks, to collect feedback
• Communication e.g. via our online contact form
• To measure reach e.g. usage statistics, profiles of repeat visitors
• Measures to maintain data security
• To provide information
• Enable and respond to enquiries

You can generally use our digital offers without providing data other than the automatically collected server log files. Your data will also be collected when you use additional functions of our digital offers e.g. if you contact us via our online contact form or create a user account.

Whenever personal data is collected, this only happens lawfully as per the GDPR:

• Consent (Article 6 (1a) GDPR) – when you provide your consent to the processing of your data for one or more purposes.
• To perform a contract (Article 6 (1b) GDPR) – processing is necessary for the performance of a contract with you, or in order to take steps prior to entering into a contract with you.
• Legal obligation (Art. 6 (1c) GDPR) – if processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate interests (Art. 6 (1f) GDPR) – if there is a legitimate interest in the processing except where such interests are overridden by the interests of the data subject (fundamental rights and freedoms, protection of personal data).
• The GDPR applies throughout the European area. As a result of various opening clauses for national legislation, more specific regulations may also be in force on the basis of national laws.

We ensure compliance with legal requirements through technical and organisational measures in order to guarantee an appropriate level of data protection in line with the relevant risk. This also includes, in particular, measures to ensure compliance with data protection principles such as lawfulness, transparency, purpose, data minimisation, accuracy, storage limitation, integrity and confidentiality.

We work together with various companies, organisations and people to provide our digital offers, e.g. IT companies or other service providers whose offers are included within our digital offers. There are therefore instances where we pass on data to these external service providers to enable us to provide the respective service. This only happens taking into account the statutory regulations. In addition, we conclude the legally required contracts with these service providers to protect your data and require these providers to comply with the above-specified provisions to protect personal data and to ensure their adherence to data protection principles.

It may also be the case that we give your data to other bodies within our company organisation or disclose data to these parties. This is for administrative purposes based on our legitimate business interest insofar as this is necessary to fulfil our contractual obligations to you, if you have provided consent or there is another type of legal permission.

If we process data outside of the European Union (EU) or the European Economic Area (EEA) or transfer data outside of this region (e.g. to service providers outside this area), this only takes place in accordance with the statutory provisions. This requires your express consent or a contractual or legal stipulation and the country outside of the EU/EEA must have a recognised level of data protection or it can ensure data protection based on the contractual obligations of the recipient (EU standard protection clauses, certifications, binding corporate rules “BCR”, Articles 44-49 GDPR).

To provide our digital services, we use servers of web hosting providers and use their storage space, processing capacity or maintenance services. The web hosting provider automatically collects and stores data that occurs within the context of communication in so-called server log files, which are automatically transmitted by your browser. These are:

• Browser type and version
• Operating system
• Referrer URL
• IP address
• Time of retrieval and visited webpages

These server log files are primarily used to ensure the smooth operation of the server. This data is not merged with other data sources. We reserve the right to review the server log files retrospectively, if there are specific indications of unlawful use or if we are obliged to do so by a prosecuting authority.

Cookies are text files that are stored on your computer via your browser by the websites or domains you visit. By using this stored information (such as a cookie ID, IP address, browser, operating system), it is possible to recognise users when returning to a website. Cookies are used to optimise the services and functions of our website and make them more user friendly e.g. easier website navigation or to display the webpage correctly.

Most of the cookies we use are “session cookies” that are automatically deleted at the end of your visit. Permanent cookies, however, are stored on your device for up to approx. 2 years until you delete them. Permanent cookies enable us to recognise your browser on your next visit.

First-party cookies are cookies that are set by our website whereas third-party cookies originate from third-party providers. Essential cookies are necessary for the service to function correctly (e.g. function, security), whereas non-essential cookies are used for advertising, marketing or statistical purposes or to measure the reach or for personalisation of a created user profile.

As a rule, you must first consent to all non-essential cookies whereas essential cookies can be used to fulfil our obligations even without consent.

Opt out: When visiting our website for the first time, you will select your cookie settings and consent to the use of cookies. At a later date you can find the consent tool to manage your cookie settings in the footer of our website, where you can also revoke your consent to cookies. You can also set your browser to tell you when cookies are being sent and only permit cookies on a case-by-case basis, disable cookies from being accepted in specific cases or generally, set cookies to automatically delete when closing your browser or to delete cookies stored locally on your computer, or do this using corresponding software. Deactivating cookies may restrict some of the functions of our digital services. The corresponding browser settings can be made with any current browser and you will find detailed instructions in their help section. Here are the instructions to manage cookies for a few common browsers:

Chrome: https://support.google.com/chrome/answer/95647?tid=311257454

Safari: https://support.apple.com//guide/safari/sfri11471/mac?tid=311257454

Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox

Internet Explorer: https://support.microsoft.com/help/17442/windows-internet-explorer-delete-manage-cookies?tid=311257454

Microsoft Edge: https://support.microsoft.com/help/4027947/windows-delete-cookies?tid=311257454

SSL-encryption ensures data security on the internet by verifying the identity of the site server through the browser by means of a session security key. You can recognise SSL-encryption by the change of the domain prefix from “http” to “https”. The SSL-encryption we use significantly increases the security of data transmission.

You can use our contact form to get in contact with us, find us on social media or send us an enquiry via another form of communication such as email or telephone. When you do so, we will process your data, if this is necessary to respond to your enquiry or process your order, and we will store your data for follow-up questions. This processing occurs on the basis of your contractual or pre-contractual relationship with us or as a result of our legal obligations or otherwise on the basis of our lawful commercial interests in responding to your enquiry.

To hold “video chats”, we use the services of Microsoft Teams. Teams is part of Microsoft Office 365 owned by the Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399 USA. Teams is used to hold video calls, share screens and hold audio meetings. This data of the communication participants will be processed as well as their registration and contact details, profile data, voice transmissions, shared contents and chat records. Microsoft Teams may also process your usage data and meta data for security purposes, service optimisation, marketing purposes or their own business purposes. For this reason, please also note the privacy statement of Microsoft Teams: https://privacy.microsoft.com/privacystatement
Services agreement: https://www.microsoft.com/servicesagreement/

Microsoft maintains servers in locations including the EU, the US and Canada. Depending on capacity and utilisation, your data may also be processed on servers in one of these countries.

Applications to enter into an employment relationship may be sent to us via our website or alternatively, by email. Our personnel department and if applicable, the decision-makers of specialist departments, keep the data processed in the selection process strictly confidential. Your data will not be passed on to third parties without your consent. We are supported in personnel recruitment exclusively by service providers domiciled in Germany. Details will be automatically deleted no more than six months after candidates have been advised that they have not been successful in gaining employment with us. Data protection cannot be ensured when unencrypted emails are sent. We recommend encrypting your email attachments as a minimum. As it is technically impossible to guarantee absolute data security when sharing data on the internet, you can also use alternative methods (e.g. post).

We send you electronic messages, emails, fax or newsletters (customer information, new products etc.), if you have signed up for these giving your consent or if it is legally permitted in other cases based on our legitimate interests in the context of advertising to repeat customers. For security reasons, subscribing to our newsletter is subject to verifying your email address in a single confirmation email (double opt-in process). In addition, your IP address as well as the date and time of the newsletter request is saved for documentation purposes and our legal protection. You can revoke your subscription at any time, for example, by using the “unsubscribe function” included in the newsletters or by email. We keep addresses that have unsubscribed from the newsletter in a “block list”, including the former consent. These are kept for three years, based on our legitimate interest so that we are able to provide information at a later date or ward off claims, and evidence that consent was correctly obtained.

Our newsletters contain a tracking pixel to measure the success of individual newsletter campaigns. This is a tiny graphic embedded in an html format, which makes it possible to record server log files (see server log files above) and analyse them to evaluate and optimise the respective newsletter campaign.

We use Google Analytics, a web analytics service provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043-1351, USA; responsible within the EU / EEA as Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”). Web analytics evaluate user behaviour and visitor volumes to optimise a website (for instance, analysis of website and subpages, dwell time, the website from which our website was referred, number of clicks etc.) using a tracking pixel / cookies, which record this data. The generated user profiles are generally transmitted to a Google server in the US and stored there. However, we have activated IP anonymisation on our webpages and so, within the member states of the European Union or in other contracting parties of the European Economic Area, your IP address will be truncated to the last two digits. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and truncated there. This truncation removes the personal reference of your IP address or this is made significantly more difficult to determine. On our behalf, Google uses the specified information to analyse your use of the website, to compile reports of website activities and to provide other services associated with website usage. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data.

You can deactivate the future use of cookies and delete cookies that are already active. For more information see above under “Cookies”. 
Opt out: In addition, you can object to the use of data collected by Google and prevent this being processed by Google. Install an additional program (browser plugin) for your browser using the following link, to automatically deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout. Please also read the Google’s privacy policy at https://policies.google.com/privacy

Google Analytics terms of service: https://www.google.com/analytics/terms/

Further information about Google Analytics: https://marketingplatform.google.com/about/analytics/

Some content in our digital offers comes from third-party providers, whose offers are embedded in our digital offers e.g. videos, graphics, maps. This makes it necessary to transmit your IP address to the third parties so that the relevant content can be displayed. Generally, cookies or pixel tags are used, which analyse the use of this content. This information can be stored on your device and associated with information from other sources.

To find our locations more easily, we have embedded an excerpt of the online map service from Google in our website. When you access our webpages that have Google Maps components, Google receives access to your personal data such as your IP address. Google is not permitted to combine this data with data and information from other Google services. We cannot exclude the possibility of data transfer to third parties through Google. To prevent Google Maps from working, disable JavaScript in your browser. You can do this in any current browser (see help functions). However, this will mean that you will no longer be able to use the map service on our website. Please also note the following information:

Terms of use of Google Maps: https://www.google.com/help/terms_maps/

Privacy policy: https://policies.google.com/privacy

Opt-out browser add-on: https://tools.google.com/dlpage/gaoptout?hl=en

Ad settings: https://adssettings.google.com/authenticated.

YouTube is a video portal of YouTube, LLC, (901 Cherry Ave., San Bruno, CA 94066, USA; subsidiary of Google, hereinafter “YouTube”). Our website integrates YouTube videos to better present our products, services and company, and we also include links to the YouTube website. By accessing the webpages that contain YouTube videos, this automatically retrieves YouTube content. This allows YouTube to receive information about the webpage you visited as well as your IP address, irrespective of whether you actually clicked a YouTube video. This data may be combined with your YouTube user account when logged in and assigned to you. You can prevent this by logging out of your YouTube user account before visiting our website.

Please also note the following information:

YouTube terms of use: https://www.youtube.com/yt/about/

Privacy policy: https://policies.google.com/privacy

Opt-out browser add-on: https://tools.google.com/dlpage/gaoptout?hl=en

Ad settings: https://adssettings.google.com/authenticated

We operate various portals and online presences on social networks, also called social media. In this context, we process the data of portal users to directly communicate with them or to provide information about us. We use social media for purposes such as company presentation by means of social plugins, feeds, shared content and links to our online presence.

Generally, user data within social networks is used for market research and advertising purposes, and if appropriate, a user profile may be created based on the respective user behaviour. User profiles will then be used regularly for personalised advertising. This is done by storing and using cookies on the user’s system together with the user’s IP address. This data also includes information on the types of content that the user views or interacts with, or the actions they take as well as information about the user’s devices (e.g. IP addresses, operating system, browser type, language settings, cookie data). In doing so, the user has their own influence on the corresponding user data through their behaviour (e.g. by reacting, tagging, sharing, commenting etc.).

User data can also be processed outside of the EU by the portal operators. This may present risks for users because, for example, it can be difficult to enforce user’s rights.

As an operator, we may be provided with statistical information about the use of our online presence. However, we do not know how the individual social media platform operators use data for their own purposes, to what extent activities on the respective social media site is linked to individual users, how long this data is stored and whether data is passed on to third parties. This data may be transferred to countries outside of the European Union. A more detailed explanation of the respective processing procedures and types including opt-out options, can be found in the privacy statements of the respective social networks, which are linked below.

If you are currently registered as a user of a social media platform, your device will have a cookie with your individual identifier. This enables the respective social media platform to track that you have visited this page and how you have used it. This also applies to all other pages of the social media platform. Buttons embedded in other websites also enable your visits to these website pages to be recorded and linked to your social media profile. This data is then used to show you tailored content or advertising.

If you wish to avoid your activities being tracked using cookies while signed into a social network, you should sign out of the respective social network and change the setting so you are always signed out (disable “stay signed in”), delete the cookies on your device, and close and restart your browser. However, if you are not signed in, you will no longer be able to carry out certain processes or use interactive functions (like, comment, share, message etc.).

• Meta: social network; provider: Meta Platforms Ireland Ltd. 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland (“Meta“ or “Facebook“ or “Instagram”) Website: https://www.instagram.com; Privacy policy: https://instagram.com/about/legal/privacy; https://www.facebook.com/policy.
  Facebook pages or Instagram profiles: within the framework of using the social networks of Meta – we are jointly responsible with Meta for collecting data of visitors to our presences (“fan page”). Please refer to the Facebook and Instagram privacy policies for further information. As explained in the Facebook and Instagram privacy policies, Meta collects and uses information for example, to provide analytics for us to show how our fan pages are used. We have concluded a special agreement with Meta (“information about page insights” https://www.facebook.com/legal/terms/page_controller_addendum), which outlines Meta’s security measures and in which, Meta agrees to fulfil the data subject rights. The rights of users (particularly the right to information, erasure, objection and complaint to the responsible supervisory authority), are not restricted by our agreements with Meta.
  You can find details of how Meta uses data from visiting Facebook or Instagram pages for its own purposes (to what extent activities on the pages are assigned to individual users, how long Meta stores this data and whether data from visiting Facebook is passed on to third parties), from the corresponding Meta privacy policies. If this is not conclusively and clearly specified in the privacy policies, we cannot exclude the possibility of Meta further processing your data.
• LinkedIn: social network; provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website: https://www.linkedin.com; Privacy policy: https://www.linkedin.com/legal/privacy-policy; Standard contractual clauses (guaranteed level of data protection when processing takes place in third countries): https://legal.linkedin.com/dpa; Opt-out possibility: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out; Data processing agreement: https://legal.linkedin.com/dpa.
• Xing: social network; provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

When you use our services as our business partner, we process your data to fulfil our contractual obligations and/or to respond to pre-contractual enquiries. This is the only purposes of our data processing. The only reason to transmit your data to third parties is if this is required to fulfil our contractual obligations (e.g. to process your data to prepare a quotation; disclose your data to transport companies or other auxiliary services to deliver goods; disclose your data to payment providers and banks to process payment), if we are legally obliged to do so (e.g. to process your data to fulfil legal commercial and tax requirements; customs clearance), or based on our legitimate interests.

You can create a customer account within the scope of our digital offer (“myARI”). The necessary data will be collected in the registration process. You will be advised which fields and details are required and processed to provide your user account. Generally, these are names, addresses, customer number, email address, password, and username if applicable. Your data is not publicly visible to third parties and is used to process shipments and orders, for product information and to use other services. In principle, this data is not passed on to third parties unless it is required to pursue our claims or there is a legal obligation to do so. We store your IP address together with the time of access to provide evidence of registration and any misuse of a customer account at registration or to prevent use based on our legitimate interest. You can cancel your customer account at any time, at which point we will delete all the data that we are not obligated to keep for legal reasons. In this scenario, you are responsible for the prior storage of your data. We reserve the right to contact you through your customer account about information relevant to users e.g. in the case of technical changes.

In addition, we use two-factor authentication, which provides additional security as you will be requested to provide a further method of authentication as well as your password, for example, a code will be sent to a mobile device.

E-commerce in “myARI”: Via myARI, you can use a wide range of services (check your order or delivery status, product information, handle returns, size safety and control valves etc.). At this time, however, it is not possible to purchase, order or pay for products or raise invoices through this portal.

You have rights as a data subject, particularly those specified in Articles 15-21 GDPR. Accordingly, you have the right to information, at any time and at no charge, about your stored personal data, the source thereof, recipients, and the purpose of data processing, and the right to request a copy of this data. You have a right to rectification, blocking, erasure and for the transfer of your data in a structured, commonly used and machine-readable format. You have a right to object to the processing of your data on grounds relating to their particular situation. You can revoke your consent at any time with future effect. You also have a right to complain to the competent supervisory authority. The competent supervisory authority for data protection matters is the state Data Protection Authority for North-Rhine Westphalia (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen). If you have any other questions on the subject of data protection you can, of course, contact us at any time.

We observe a principle of data minimisation and avoidance. The details you provide and your personal data are subject to our automatic erasure and blocking principle. We only store your data for as long as is needed to achieve the specified purposes or for the statutory retention periods. Once the respective purpose no longer applies or these storage periods have passed, the corresponding data will be routinely blocked or deleted in accordance with legal requirements. Data is erased sooner if there are other reasons for this such as you have revoked your consent or if we are no longer permitted to continue processing. Reasons for retention include the fulfilment of commercial or tax-related retention periods of up to 10 years; retention due to statutory warranty or comparable obligations for 4 years; to maintain evidence as part of limitation periods for criminal litigation while there is a likelihood of requests from authorities; to maintain storage periods in accordance with the Telecommunications Act or other legislation.

We reserve the right to amend this privacy policy from time to time to ensure that it always corresponds to the current legal requirements, or to implement changes to our services in the privacy policy, e.g. when launching new services. The new privacy policy would then apply to your return visit, which is why it is important to check the information in our privacy policy regularly.

These cookies are essential to the correct functioning of the website. They are required for some of the following actions.

•  Save items in a basket for online purchases
• Save your cookie settings for this website
• Save language settings
• Log into our portal. We need to check whether you are logged in.

These cookies are used to collect statistical information about the use of our website, they are also called analytical cookies. We use this data to improve the performance and optimise our website.

These cookies enable greater functionality for our website visitors. These cookies can be placed by our external service providers or our own website. The following functions can be activated or not activated when you accept this category.

• Live chat services
• View online videos
• Social media sharing buttons
• Log into our website using social media.

These cookies are placed by external advertising partners and are used to create profiles and track data across multiple websites. When you accept these cookies, we can display our advertising on other websites based on your user profile and preferences. These cookies also store data about how many visitors have seen or clicked our adverts, helping us to optimise our advertising campaigns.