1. Data privacy at a glance

General information

The protection of your personal data is particularly important to us. We make every effort to protect your data in the best possible way. The following information will give you a simple overview of what happens to your personal data when you visit our website.

According to Article 4 No. 1 of the General Data Protection Regulation (GDPR), personal data is any information relating to an identified or identifiable natural person, such as your name, address or email address.

In addition, data about your usage behavior may also be collected when you visit our website, for example through cookies or other tracking technologies. This data may be passed on to third parties (e.g. social networks such as Facebook) if you interact with corresponding functions on our website.

For more information on the subject of data protection and the specific measures we take to protect your data, please refer to the full privacy policy.

Data collection on our website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the legal notice of this website or in the following privacy policy.

How do we record your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority. You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under “Right to restriction of processing”.

2. Person responsible

The controller responsible for data processing on this website is:

BaF Brothers and Friends GmbH
Dornierstraße 20
48477 Hörstel

Vertreten durch den Geschäftsführer:

Sascha Conrad

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

3. Data Protection Officer

Data protection officer required by law

We have appointed a data protection officer for our company.

René Floitgraf
Frankenstrasse 34
52223 Stolberg
CompliPro GmbH

Telefon: +49 2402 9245980
E‑Mail: rf@complipro.de

4. General notes and mandatory information

Data protection

As the operator of this website, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Legal basis for data processing

If the data processing is based on Article 6(1)(e) or (f) GDPR, you have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data; this also applies to profiling based on these provisions. The specific legal basis for the processing can be found in this privacy policy. If you object, we will no longer process your affected personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims (objection under Article 21(1) GDPR). Direct marketing: If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such advertising purposes; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection under Article 21(2) GDPR). To exercise your right to object, you can contact us at any time, e.g., via our contact form or by email.

Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).

If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.
SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, erasure and rectification

You have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be used with your consent or for the assertion, exercise or defense of legal claims.

Objection to advertising e-mails

We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Disclosure of data to third parties

We only pass your personal data on to third parties if:

  • You have expressly consented to the transfer of the data (cf. Art. 6(1)(a) GDPR).
  • The transfer of the data is necessary for the performance of a contract (cf. Art. 6(1)(b) GDPR).
  • The transfer of the data is necessary for compliance with legal obligations (cf. Art. 6(1)(c) GDPR).
  • Vital interests of you or other persons need to be protected (cf. Art. 6(1)(d) GDPR).
  • The transfer of the data is of legitimate interest to our company or to third parties, and your interests, rights, and freedoms do not outweigh this (cf. Art. 6(1)(f) GDPR).

Additionally, we may use service providers who are involved in the provision of our website or other services. In these cases, it may be necessary for these service providers to gain access to your personal data in the course of their work. We have concluded data processing agreements with these service providers in accordance with Art. 28 GDPR to meet data protection requirements and ensure the protection of your data.

It may also occur that personal data is transferred to third parties located outside the EU or the European Economic Area (so-called third countries). In such cases, we ensure that the transfer complies with the requirements of the GDPR, e.g., through the conclusion of standard contractual clauses or other appropriate safeguards.

We take all legally required data protection measures to ensure the secure and reliable processing of your data, such as through technical and organizational security measures (e.g., encryption).

5. data collection on our website

Analysis tools and tools from third-party providers

When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following privacy policy.
You can object to this analysis. We will inform you about the objection options in this privacy policy.

Cookies

The websites partially use so-called cookies. Cookies do not cause any harm to your computer and do not contain viruses. Cookies are used to make our offerings more user-friendly, effective, and secure. Cookies are small text files that are stored on your device and saved by your browser. Most of the cookies we use are so-called “session cookies.” These are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit. You can configure your browser to be informed about the setting of cookies and to allow cookies only on a case-by-case basis, exclude the acceptance of cookies in certain cases, or generally, and enable the automatic deletion of cookies when you close your browser. Disabling cookies may limit the functionality of this website. Legal basis of cookies: Cookies that are necessary for the electronic communication process or to provide certain functions you desire (e.g., shopping cart function) are stored based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically flawless and optimized provision of its services. To the extent that other cookies (e.g., cookies for analyzing your browsing behavior or for advertising) are stored, this is done only with your explicit consent according to Art. 6(1)(a) GDPR. These are separately addressed in this privacy policy. You can change or revoke your cookie settings at any time by accessing our cookie settings.

Essential Cookies

Our website uses essential cookies that are necessary for its basic functionality. These cookies do not store personal data and do not require consent.

NameProviderPurposeStorage Duration
pll_languagebafwoman.comStores the language selected by the user and ensures that the website is displayed in the correct language.1 year
wpEmojiSettingsSupportsbafwoman.comChecks whether the browser can properly display emojis.Session

Since these cookies are essential for the operation of the website, they cannot be disabled.

Server log files

The provider of the sites automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is collected for technical purposes, such as troubleshooting, optimizing our website, and for security (e.g., defense against attacks). The collection of this data is based on Art. 6(1)(f) GDPR, as the website operator has a legitimate interest in the technically flawless display and optimization of the website.

This data will not be merged with other data sources. The data is generally stored for a period of 7 to 30 days and then deleted or anonymized.

IP addresses: If the storage of IP addresses occurs, they will be anonymized, if technically possible and reasonable, in order to ensure data protection.

Google Webfonts und Adobe TypeKit-Fonts

Diese Seite nutzt zur einheitlichen Darstellung von Schriftarten so genannte Web Fonts, die von Google und Adobe bereitgestellt werden. Die Google Fonts und Adobe TypeKit-Fonts sind lokal installiert. Eine Verbindung zu Servern von Google oder Adobe findet dabei nicht statt.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions – in particular retention periods – remain unaffected.

6. changes to the data protection provisions

This privacy policy is currently valid and has the status of February 2025.

To ensure the best possible protection of your data in the future, we reserve the right to adjust this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g., when introducing new services. In the case of significant changes, we will actively inform you. For your next visit, the new privacy policy will apply. Therefore, we recommend that you regularly review our information and notices regarding data processing.

Status: February 2025