DEEN

General and mandatory information

Data protection

The purpose of data protection and our goal as DINOL GmbH is to handle personal data in such a way that individuals’ personal rights are protected.

To ensure that this goal is achieved, bodies responsible for personal data processing are required to comply with the regulations set out in EU legislation (the General Data Protection Regulation (GDPR) and national data protection laws.

Personal data may only be processed if doing so is permissible under the GDPR or another law. The main fundamental principles of the GDPR are:

  • Lawfulness, fairness and transparency (Article 5 (1) (a) of the GDPR)
  • Purpose limitation (Article 5 (1) (b) of the GDPR)
  • Data minimisation (Article 5 (1) (c) of the GDPR)
  • Accuracy (Article 5 (1) (d) of the GDPR)
  • Storage limitation and erasure concepts (Article 5 (1) (e) of the GDPR)
  • Integrity and confidentiality (Article 5 (1) (f) of the GDPR)

The controller’s duties to provide information and the rights of data subjects

Name and contact details of the controller and, if applicable, their deputy

The controller responsible for data processing on this website is:

DINOL GmbH
Pyrmonter Strasse 76

32676 Lügde, Germany

+49 (0)5281 – 982 980

info@dinol.com

The controller is in accordance with Article 4 No. 7 of the GDPR the natural or legal person that takes decisions about the purposes and means of personal data processing (e.g. names, email addresses, etc.), either alone or jointly with others.

Contact details of the data protection officer

You can contact our data protection officer by emailing datenschutz@wuerth-it.com.

Purpose of processing data

DINOL GmbH is a specialist operating in the trade of corrosion protection materials, adhesives, sealants, fillers, sprayable noise protection materials and associated application equipment.

Data is processed to fulfil this corporate purpose or supporting secondary purposes, such as providing a customer consulting service.

Groups of data subjects and related data or categories of data

Groups of data subjects include:

  • Current employees;
  • Former employees;
  • Applicants;
  • Prospects;
  • Customers;
  • Suppliers;
  • Service providers; and
  • Other business partners.

The relevant data includes all personal data required to fulfil the respective purpose. A detailed explanation, outlining what specific data belonging to data subjects is processed, is provided below.

Legal bases

Personal data processing is only lawful if permitted by law (i.e. if there is a legal basis, or if the data subject has given their consent).

In our company, we only process personal data in accordance with legal provisions. The legality is established when one of the following permission norms is present:

  • consent to personal data processing (Article 6 (1) (a) of the GDPR);
  • the need to process personal data for the performance of a contract or to initiate a contract (Article 6 (1) (b) of the GDPR);
  • the need to process personal data to comply with a legal obligation (Article 6 (1) (c) of the GDPR);
  • our processing of personal data based on one of our own or a third party’s legitimate interests (Article 6 (1) (f) of the GDPR).

Special feature of the legal basis for processing data for contractual purposes

DINOL GmbH’s range of products is aimed exclusively at tradespeople. So, when we process personal data for contractual purposes, unless stated otherwise on a case-by-case basis the legal basis for doing so is:

  • if you are a registered sole trader or freelancer, and your data is being processed for the purpose of performance of the contract or taking steps prior to implementing the contract, Article 6 (1) (b) of the GDPR; or
  • if you are an employee of a company (e.g. an employee in Purchasing), Article 6 (1) (f) of the GDPR, and your data is being processed based on DINOL GmbH’s legitimate interest. DINOL GmbH’s legitimate interest in this case is selling its own goods and services, which is justified in particular by entrepreneurial freedom and professional freedom.

For the sake of simplicity, we will only refer to ‘data processing for contractual purposes’ below.

Potential recipients in the event of data transfer

The potential recipients of transferred personal data are:

  • Public bodies (insofar as we are legally required to transfer personal data);
  • Service providers and other business partners (insofar as data transfer is necessary for the fulfilment of the respective purpose and is legally permissible, or the data subject has given their consent to this effect).

Planned data transfer to third countries or international organisations

Should it become necessary to transfer data to third countries (countries that are not member states of the European Union except for the EFTA states Norway, Liechtenstein, and Iceland.) or to international organisations, this will be done exclusively for the conclusion or fulfilment of contracts – insofar as doing so does not conflict with the data subject’s legitimate interests – taking into account the requirements under data protection law, Article 44 et seq. GDPR. If we transfer your data to a third country or to an international organisation on a case-by-case basis, we will provide you with the information required for this situation.

Standard data erasure deadlines

Personal data is erased in accordance with the respective legal or contractual regulations on data erasure, taking into account legal or contractual retention requirements. Such legal obligations result from the German Commercial Code (HGB) and the German Fiscal Code (AO), among other legislation. The retention or documentation periods specified therein are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.

Furthermore, other legal provisions may require a longer retention period, such as the preservation of evidence in the context of statutory limitation provisions. The regular limitation period in this regard is three years; however, limitation periods of up to 30 years or even longer in individual cases may be applicable. Personal data that is not subject to a legal or contractual retention or erasure obligation is erased once it becomes unnecessary for fulfilment of the respective purpose (Article 17 (1) (a) GDPR)

Your rights with respect to data protection (Article 12 et seq. of the GDPR)

Data subjects have various rights with regard to data protection, which are explained below. The above contact details can be used to exercise these rights.

Right of access (Article 15 GDPR), right to rectification (Article 16 GDPR), right to restriction of processing (Article 18 GDPR) and right to erasure (Article 17 GDPR)

In the context of the applicable legal provisions, you have the right, at any time, to access for free information about the personal data the controller has saved about you, its origin, the recipients and the purpose of data processing, as well as a right to have your personal data rectified, blocked or erased if applicable.

Right to object (Article 21 of the GDPR)

Every data subject has the right to object to the processing of their data if data processing is based on Article 6 (1) (f) of the GDPR. If you object to processing of your personal data, we will review your objection on a case-by-case basis. If we are required to erase your personal data under data protection law due to your objection, we will erase your data taking into account legal retention requirements. The lawfulness of processing carried out until you submit your objection is not affected by said objection.

Obligation to disclose data (Article 13 (2) (e) GDPR)

Every data subject has the right to find out whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is required to provide the personal data and of the possible consequences of failure to provide such data.

Right to lodge a complaint with the competent supervisory authority (Article 13 (2) (d) GDPR)

The data subject has the right to lodge a complaint with the competent supervisory authority if they believe that their rights have been infringed. The competent supervisory authority in matters of data protection law is the State Commissioner for Data Protection in the federal state that our company’s registered office is located in. However, the data subject can in principle also contact the supervisory authority in their place of residence or in the place of the alleged infringement. A list of data protection commissioners and their contact details is available at: https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.

Right to data portability (Article 20 GDPR)

You have the right to have data that we process automatically after obtaining your consent or for the fulfilment of a contract sent either to yourself or a third party in a commonly used, machine-readable format. If you request that your data be transferred directly to another controller, this will only be done to the extent that it is technically feasible.

Revoking your consent to data processing (Article 7 (3) GDPR)

Some data processing operations can only be carried out with your express consent. You can revoke any consent you have already given at any time without providing reasons. All you need to do to do this is send an informal message by email to one of the email addresses provided above. The lawfulness of data processing carried out until such time that you revoke your consent remains unaffected by said revocation.

Email marketing without a newsletter subscription, and your right to object in accordance with Article 21 GDPR

If we receive your email address in connection with the sale of goods or services and you have not objected accordingly, we reserve the right based on Section 7 (3) of the German Act against Unfair Competition (UWG) to regularly email you offers for products that are similar to the ones you have already purchased from our range. This serves to protect our legitimate interests in contacting our customers for marketing purposes, which outweigh our interests in the context of balancing of interests within the meaning of Article 6(1)(f) GDPR. You can object to this use of your email address at any time by letting us know using the contact options provided below or by clicking on the link provided for this purpose in the marketing email, without incurring any costs other than the transmission costs in accordance with the basic tariffs.

Email marketing with a newsletter subscription

If you sign up to our newsletter, we will use the data required for this purpose, or that you provided separately, to regularly send you our email newsletter based on your consent in accordance with the first sentence of Article 6 (1) (a) of the GDPR. You can unsubscribe from our newsletter at any time, either by letting us know using the contact options provided below, or by clicking on the link provided for this purpose in the newsletter without providing reasons. Once you have unsubscribed from our newsletter, we will erase your email address, unless you have expressly consented to further use of your data or we have reserved the right to further lawful use of your data beyond this, which we inform you of in this policy.

SSL and TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content that you send to us as the site operator (e.g. as part of purchase orders or requests). An encrypted connection is recognisable by the fact that the browser’s address bar changes from ‘http://’ to ‘https://’ and by a padlock icon appearing in your browser’s address bar.

Third parties cannot read the data you send to us when SSL or TLS encryption is enabled.

  • Automatic data processing when visiting our website – purposes and legal bases for data collection

Visiting and purely informational use of our website is possible without you having to provide personal data yourself (e.g., through registration or submission in online forms). However, to view our website and use it in a user-friendly, effective, stable, and secure manner, we automatically collect and process the necessary pseudonymized technical data in conjunction with your device and browser.

  • Automatic Data Collection and Processing by Web Server

To display the individual web pages belonging to our website, our web servers automatically collect and process the following personal data transmitted by your browser:

• Accessed address on the web server (URL)

• The “User-Agent” identifier, which may contain additional information depending on the browser

• Operating system used

• Browser type and version

• Referrer URL (last visited page, if transmitted)

• Date and time of the server request

• IP address

These data are temporarily stored in so-called server log files. No personal evaluation of these data takes place, and they are not merged with other data sources.

The pseudonymized technical communication data collected and processed to enable the use of the website (connection establishment) are temporarily stored in log files, so-called server log files, by our web servers. We use the server log files for internal system-related purposes, particularly for technical administration and to ensure the stability and security of our web servers and website, e.g., to identify and track unauthorized or abusive access attempts to our web servers via the stored IP address. The legal basis for these data processing activities of the server log files is Article 6(1)(f) GDPR, which permits the processing of personal data within the scope of our legitimate interests, provided that your fundamental rights, freedoms, or interests do not prevail. Our legitimate interests lie in the easy administration and secure operation of our website.

  • Use of Cookies and Other Technologies

To make the visit to our website user-friendly and attractive and to enable the use of certain functions, we sometimes use so-called “cookies” on our website. These are small text files that are stored on your device and assigned to the browser you are using, through which certain information flows to the entity that sets the cookie (here, us).

Cookies cannot execute programs, transmit viruses to your device, or cause any other damage to your device.

Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Session cookies allow various requests from your browser to be assigned to a common session. This enables us to recognize your browser when you use multiple web pages of our website or return to our website without closing your browser. We use session cookies to provide certain functions you have requested. Another type of cookie (so-called persistent cookies) remains on your device for a specified duration and allows us to recognize your browser on your next visit.

Persistent cookies are equipped with an expiration date and are therefore automatically deleted after a certain period. You can also manually delete them at any time in your browser’s security settings.

You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or generally, and to activate the automatic deletion of cookies when closing the browser. If cookies are generally deactivated, the functionality of this website may be limited, as some cookies are necessary for the proper functioning of this website.

The legal basis for data processing carried out with the help of cookies is, in the case of technically necessary cookies and (partly) functional cookies, Article 6(1)(f) GDPR/§ 25(2) TDDDG, which permits the processing of personal data within the scope of our legitimate interests, provided that your fundamental rights, freedoms, or interests do not prevail. Our legitimate interests lie in the technically error-free and optimized provision of our website and certain functions and offers of our website that you desire.

The legal basis for data processing carried out with the help of cookies is, in the case of non-technically necessary cookies, e.g., for analysis and statistics cookies, marketing cookies, and partly for functional cookies, your consent in accordance with Article 6(1)(a) GDPR/§ 25(1) TDDDG. You can withdraw your consent at any time with effect for the future.

Details about cookies and an overview of the cookies used can be viewed at any time on all pages of our website under the gear icon, which is always located at the bottom left of all pages. There, you can also withdraw your consent.

Google Maps

On this website, we use the Google Maps service. This allows us to display interactive maps directly on the website and enables you to conveniently use the map function. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. In the course of using Google Maps, personal data may also be transmitted to the servers of Google LLC in the USA. For the transmission of personal data to Google LLC, based in the USA, Google LLC has concluded so-called standard contractual clauses of the European Union Commission with us.

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data is directly associated with your account. If you do not wish the association with your profile at Google, you must log out of your Google account before accessing a map. Google stores your data as usage profiles and uses them for advertising, market research, and/or demand-oriented design of its website. Such evaluation is carried out in particular (even for non-logged-in users) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

The legal basis for data processing by Würth IT GmbH is Article 6(1)(a) GDPR and § 25(1) TDDDG, your consent. You can withdraw your consent at any time. The legality of the data processing carried out up to the point of withdrawal remains unaffected.

Further information about Google Maps and Google’s privacy policy can be found at:

• https://www.google.com/intl/de/policies/privacy/ (General Google Privacy Policy) • https://policies.google.com/terms?hl=de#toc-software (Terms of Use for Google Services)

  • Links to Facebook, YouTube, Instagram and LinkedIn

We have links to the social media platforms Facebook, YouTube, Instagram and LinkedIn on our website. This is indicated by means of a corresponding icon on our website featuring the respective social media platform’s corresponding logo, and behind which a corresponding link to our respective social media profile is hidden. Social plugins (e.g. the Facebook ‘Like’ button) are not integrated here.

Our links to the social media services do not cause any of your personal data to be transmitted to these services. They are normal hyperlinks that are not regularly used for data transfer purposes. Clicking on the link takes you directly to our profile on the social media service in question. Data is only transmitted if you are logged into your user account with the corresponding social media service. You can then link or share content from our website directly using the social media service or, in the case of YouTube, watch the videos on our YouTube channel. This may allow the relevant social media service to learn what content you have viewed on our website.

The controllers who are exclusively responsible for the social media services we have linked are:

for Facebook and Instagram and their websites: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;

for YouTube and its website: YouTube, LLC, 901 Cherry Ave., St. Bruno, CA 94066, USA.

for LinkedIn and its website: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

For more information about the purpose and scope of data collection, and about the further processing and use of your data by the social media service in question, please refer to the respective service’s privacy policy. The privacy policies can be accessed online.

On the social media services mentioned, you will also find information about potential settings for protecting your privacy and about your further rights regarding the relevant social media service’s collection, processing and use of your data, among other things.

You yourself are responsible for data transfer to the aforementioned social media services, since you become active yourself by logging into your respective social media account and clicking on the respective link, thereby initiating subsequent data processing by the social media service in question.

– We also maintain publicly accessible profiles on social networks

Further information on the purpose and scope of data collection and on the further processing and use of your data by the respective social media service can be found in the data protection provisions of the respective service. These are available on the Internet.
For the social media services mentioned, you will also find information about setting options to protect your privacy and about your further rights regarding the collection, processing and use of your data by the respective social media service.
You yourself are responsible for the transfer of data to the aforementioned social network services, as you become active yourself by logging into your respective social network account and following the respective link, thereby initiating the subsequent data processing by the respective social network service.

 Embedding YouTube Videos

We have embedded YouTube videos in our website. They are stored on www.youtube.com and can be played directly from our website. The provider is Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. In the context of our use of YouTube, personal data may be transmitted to Google LLC servers in the USA. Google LLC has concluded what are known as the European Commission’s ‘standard contractual clauses’ with us for transmission of personal data to Google LLC registered in the USA. They can be accessed here: https://privacy.google.com/businesses/processorterms/.

YouTube videos on our website are all embedded in ‘Privacy-Enhanced Mode’. In other words, no data about you as a user is transmitted to YouTube if you do not play the videos. Data is only transmitted when you play the videos. We do not have any influence over this data transfer. You will be explicitly informed before data transfer that your data will be transmitted to YouTube if you play the video. This happens regardless of whether YouTube provides a user account that you are logged into, or whether such a user account does not exist. If you are logged into Google, your data will be assigned directly to your account.

If you do not want this information to be assigned to your YouTube profile, you must log out of your Google account before playing the video. YouTube stores your data in user profiles and uses it for the purposes of marketing, market research and/or designing its website as needed. You have a right to object to the formation of such user profiles and must contact YouTube to exercise this right.

The legal basis for DINOL GmbH’s data processing operations is Article 6 (1) (a) of the GDPR (your consent). You can revoke your consent at any time. Revoking your consent does not affect the lawfulness of data processing operations carried out up until such time that you revoke your consent.

For more information about YouTube and Google’s privacy policy, visit:

https://www.google.com/intl/de/policies/privacy/ (Allgemeine Google-Datenschutzerklärung)

https://policies.google.com/terms?hl=en#toc-software (Google’s Terms of Service)

https://www.youtube.com/static?gl=DE&template=terms&hl=de (YouTube’s Terms of Service)

  • Contact forms

If you send us requests using the contact form, we will save your information from the request form (including the contact details you specified there) for the purpose of processing the request and in the event of any follow-up questions.

Categories of personal data

If you send requests using the contact form, we will process the following categories of personal data:

• Company

• Name

• Title

• Street and number

• Postcode and town/city

• Email address

• Telephone number

• Your message

Legal basis

The Required fields (marked with “*”) in the contact form are processed based on our legitimate interest in offering our customers an easy way of contacting us, in improving the quality of our consulting service (Article 6 (1) (f) of the GDPR) and for (pre-contractual) contractual purposes. (Article 6 (1) (b) of the GDPR)

You are also welcome to voluntarily provide us with information above and beyond the mandatory information. The legal basis for this freiwilligen information is Article 6 (1) (a) of the GDPR (your consent). Processing of the data contained in the voluntary information serves the purpose of improving the service we offer you and enabling us to offer you more comprehensive support. You can revoke your consent to processing of the data provided voluntarily at any time. To do so, please use the contact options mentioned above.

Storage period

We will store the data you entered in the contact form until you request that we erase the same or the purpose of data storage ceases to apply (e.g. once processing of your request is complete). Legal retention requirements may be an exception to this rule.

Zendesk chat tool

We use the Zendesk tool provided by Zendesk, Inc., 89 Market Street, San Francisco, CA 94103, USA, to provide a customer chat tool in our online shop.

Data processing in the context of our use of Zendesk

When you use the chat function, we process the following data:

  • All the information you provide in the chat
  • Visitor path
  • Browser version
  • IP address
  • Location-based data
  • Platform
  • User agent

Legal basis

Data processing for provision of the chat function is based on Article 6 (1) (f) of the GDPR (our legitimate interest in offering our customers an easy way of communicating with us for the purpose of processing service requests).

Processing for the purpose of analysing how the chat function is used is based on your consent (Article 6 (1) (a) of the GDPR). You can revoke this consent at any time. Revoking your consent does not affect the lawfulness of data processing operations carried out up until such time that you revoke your consent.

Storage period

The data you entered for the purpose of using the chat tool and that we stored will be stored for the duration of the time your request is being processed and will be erased once processing of your request is complete.

Transfer to third countries

Data may be transmitted to the USA in the context of our use of Zendesk. Appropriate safeguards that we concluded with Zendesk exist for this purpose under Article 46 (2) (c) of the GDPR (‘EU standard contractual clauses’).

Online shop

You can register in our online shop to use additional functions on the site. We only use the data entered for this purpose to use the offer or service in question that you have registered for. The mandatory data requested during registration must be provided in full. Otherwise, we will reject your registration request.

Categories of processed data

The following data is processed in the context of use of the online shop:

Company information

• Company*

• Tax number / VAT ID*

• Telephone number*

• Address*

• Town/city*

• Postcode*

• Country*

• Industry*

• Business licence

Personal information

• First name*

• Last name*

• Email address*

Legal basis

Mandatory information (marked with ‘*’) entered when you register in our online shop is processed for contractual purposes in accordance to Article 6 (1) (b) GDPR.

You are also welcome to voluntarily provide us with information above and beyond the mandatory information. The legal basis for this information is Article 6 (1) (a) of the GDPR (your consent). Processing of the data contained in the voluntary information serves the purpose of improving the service we offer you and enabling us to offer you more comprehensive support. You can revoke your consent to processing of the data provided voluntarily at any time. To do so, please use the contact options mentioned above.

Contact by email

If important changes (such as changes to the scope of the offer or technically necessary changes) are made, we will use the email address provided during registration to inform you to this effect.

Storage period

We will store the data collected during registration for as long as you are registered in our online shop as a customer. Once your registration credentials for the online shop have been deleted, access to your DINOL customer account for the online shop will be removed. Your DINOL customer account will not be closed, and your customer data will be retained. Legal retention periods remain unaffected.

Processing of customer data outside of the online shop

We also collect, process and use personal data outside of the online shop environment, insofar as it is necessary for establishing, designing or amending the contract.

Categories of data

We require the following data to register you as one of our customers (Article 6 (1) (b) GDPR):

• Company name with legal form (e.g. GmbH)*

• Company’s registered office (street / building number / postcode / town/city)*

• Contact’s first name and last name*

• Telephone number*

You are welcome to provide us with the following data voluntarily (Article 6 (1) (a) GDPR)

• Email address – However, please note that we require this as part of your access credentials for our online shop.

• A different billing address (if applicable)

Storage period

We will store the collected data for as long as you maintain a business relationship with us. Your data will be erased once the business relationship has ended. Legal retention periods remain unaffected by this.

Shipping providers

We will pass on your address to the service providers mentioned below for the purpose of shipping ordered goods. The legal basis for this is Article 6 (1) (b) of the GDPR (data processing for the fulfilment of contracts).

If you have given us your express consent to do so while or after placing your purchase order, we will pass on your email address and telephone number to the selected shipping provider in accordance with the first sentence of Article 6 (1) (a) of the GDPR, so that this provider can contact you before delivery for the purpose of notifying you of or coordinating delivery.

You can revoke your consent at any time by sending us a message using the contact options provided below or by sending a message directly to the shipping provider on the contact address listed below. Once you have revoked your consent, we will erase your data provided for this purpose, unless you have expressly consented to further use of your data or we have reserved the right to further lawful use of your data beyond this, which we inform you of in this policy.

GO! Express & Logistics Bielefeld GmbH

Gildemeisterstraße 100

33689 Bielefeld

For detailed information about the purpose and scope of data processing by GLS, visit https://www.general-overnight.com/deu_de/datenschutz.html

DACHSER SE, Logistikzentrum Hannover

Kemptener Str. 9

30855 Langenhagen

For detailed information about the purpose and scope of data processing by Schenker, visit https://www.dachser.de/de/datenschutz-277

Payment service providers

For purchase orders placed in our online shop, we offer you the option of paying by instant bank transfer, credit card, direct debit or purchase on account. Payment is processed by the payment service provider Unzer E-Com GmbH, Vangerowstrasse 18, 69115 Heidelberg, Germany. We will transfer the personal data you enter in the order form to Unzer for this purpose. We will transfer the data provided in the context of the ordering process to Unzer exclusively for the purpose of processing payment in accordance with Article 6 (1) (b) of the GDPR. Transfer will only take place insofar as it is actually required for processing payment. As part of payment processing, Unzer processes and stores the personal data we transmitted, and transmits it to the bodies necessary to process the transaction, in particular to the credit institutions, banks and credit card institutions involved. For detailed information about Unzer’s data collection and user data processing activities, please refer to the privacy policy: https://www.unzer.com/en/datenschutz/

Instant bank transfer

If you select the ‘SOFORT’ payment method, the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany, to whom we pass on the information you provided during the ordering process and information about your purchase order in accordance with Article 6 (1) (b) of the GDPR. SOFORT GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data is transferred for the sole purpose of payment processing with the payment service provider SOFORT and only to the extent necessary for this purpose. For detailed information about SOFORT GmbH’s data collection and user data processing activities, please refer to the privacy policy: https://www.sofort.de/datenschutz.html

Credit check for purchase on account

If you select the purchase on account and direct debit payment methods, personal and other data (e.g. shopping basket, invoice amount, order history, payment history) are transmitted to Unzer E-Com GmbH, Vangerowstrasse 18, 69115 Heidelberg, Germany, during the course of the ordering process for the purpose of conducting a credit check to protect our legitimate interest in determining our customers’ solvency and eliminating the possibility of payment defaults. Unzer transmits your personal data to the following credit agencies (this sample list is not exhaustive) in accordance with Article 6 (1) (f) of the GDPR:

  • Schufa Holding AG
  • CRIF Bürgel GmbH
  • Arvato Infoscore GmbH
  • Universum Business GmbH
  • Bisnode D&B Austria GmbH

The credit check may contain probability values (‘score values’). If score values are included in the credit check result, they are based on a scientifically recognised mathematical and statistical method. The likes of address data is also, but not exclusively, used in the calculation of the score values. You can object to this processing of your data at any time by sending a message to the data controller responsible for data processing or to Unzer. However, Unzer may still be entitled to process your personal data if doing so is necessary for the purpose of contractual payment processing.

For detailed information about Unzer’s data collection and user data processing activities, please refer to the privacy policy: https://www.unzer.com/en/datenschutz/

Disclaimer

DINOL GmbH’s privacy policy does not apply to third-party applications, products, services, websites or social media functions that are accessible using links we provided for information purposes. If you click on these links, you will leave DINOL GmbH’s website, so information about you may be collected or transmitted in this respect by third parties. DINOL GmbH has no control over third-party websites and makes no recommendations and gives no guarantees whatsoever about these websites or their privacy practices. We therefore suggest that you carefully read and review the privacy policies of all websites you may interact with before allowing them to collect, process and use your personal data.

Last updated: March 2025

DINOL GmbH

Pyrmonter Straße 76
D-32676 Lügde
 +49 5281 – 982 980
 +49 5281 – 982 9860
 info@dinol.com

Legal notice
Privacy Policy
Contact
Compliance
Reporting System
Supplier Code of Conduct