Information on the handling of your data and your rights in accordance with Art. 13 and 14 of the General Data Protection Regulation (GDPR)
Thank you for visiting the PowerBox Systems GmbH website.
With the following privacy policy, we would like to inform you about the processing of your personal data by us when you use our website:
1. Controller
Responsible for the processing of your personal data in accordance with Art. 4 para. 7 GDPR is the:
PowerBox-Systems GmbH
Ludwig-Auer-Strasse 5
86609 Donauwörth
Germany
e-mail: sales@powerbox-systems.com
Tel.: +49 (0) 906 999 99 200
See also our Imprint.
If you have any questions about data protection, please contact the e-mail address given above.
2. Purposes and legal basis of processing
2.1. Provision of the website
If you only visit our website https://www.powerbox-systems.com and do not contact us, our IT systems automatically store the following data that your rowser transmits to our server:
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
The data is stored in log files to ensure the functionality of the website. The purpose of data collection and processing is to enable the use of our website. We also use the data to optimise the website and to ensure the security and stability of our information technology systems. The legal basis for the storage of data and log files is Art. 6 para. 1 lit. f GDPR.
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. The user therefore has no option to object.
The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
If the data is stored in log files, it is deleted after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymised so that it is no longer possible to identify the accessing client.
2.2. Contact form to order our catalogue
You also have the option of ordering a catalogue using the contact form. The information you provide will only be stored and used to process your order. The data entered in the contact form is processed on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
We delete the data arising in this context after storage is no longer necessary, or restrict processing if there are statutory retention obligations.
2.3 Job applications
If you would like to apply for one of our jobs, you are welcome to submit your application by email at any time. In this case, please note the data protection information applicable to you as an applicant in accordance with Art. 13 GDPR.
2.4 Contracted service providers and advertising purposes
If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. In doing so, we will also state the defined criteria for the storage period.
3. Cookies
Our website uses cookies and similar technologies to offer you an optimal shopping experience, to ensure the functionality of the shop, to analyse the use of our website and to provide personalised advertising. We also use a tag management system to efficiently manage analysis and marketing tags. We explain the individual categories and tools below.
3.1. Necessary cookies
Necessary cookies are required to provide the basic functions of our online shop. Certain functions cannot be performed without these cookies. These include in particular:
Functions to be able to use the customer account or forum securely.
These cookies can either be session cookies, which are only stored for the duration of your current browser session (e.g. login function), or persistent cookies, which remain in place over several sessions. For example, shopping basket contents and watch lists are stored over a longer period of time to provide you with a seamless shopping experience.
Necessary cookies are set on the basis of Art. 6 para. 1 lit. f GDPR (legitimate interest), as they are technically necessary for the provision of our services. Consent is not required for this.
3.2. Analysis and marketing cookies
Analysis and marketing cookies enable us to better understand how our website is used and to compile anonymised statistics. They also help us to collect marketing-relevant information in order to provide personalised offers.
Our shop uses cookies for this purpose:
3.3. Google Tag Manager
We use Google Tag Manager (GTM), a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to centrally manage analysis and marketing tags.
The Google Tag Manager itself does not process any personal data. It merely ensures that other tools (e.g. analysis services or marketing tags) are triggered on our website. Personal data is processed exclusively by the integrated tools, the details of which are described in the relevant sections of our privacy policy.
The Google Tag Manager is used on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, as it enables efficient management of tracking and analysis tools. The processing by the integrated tools is based on your consent (Art. 6 para. 1 lit. a GDPR), insofar as such tools are subject to consent.
It is possible that Google Tag Manager may transfer data to countries outside the European Economic Area (EEA). Google undertakes to ensure an adequate level of data protection, for example by concluding standard contractual clauses in accordance with Art. 46 GDPR.
Further information can be found in Google's privacy policy: https://policies.google.com/privacy.
3.4. Consent banner
We use our own consent management tool. This tool allows you to manage your consent to the use of analytics and marketing cookies and other technologies.
3.5 Storage duration
Regardless of the respective storage period, you can delete or block cookies at any time via your browser settings. Please note that this may limit the functionality of our website.
4. Social Media
On our website, we use linking social media icons that take you directly to our profiles on the Facebook, LinkedIn, Instagram and YouTube platforms. These are only simple hyperlinks (URLs) that open the respective platform when clicked.
No data is transferred from you to the social media platforms through the icons as long as you do not click on them. Only when you click on an icon does the corresponding platform open, and data such as your IP address or information about the previously visited website may be processed by the platform providers. We have no influence on the data processing of the respective platform.
As soon as you click on one of the icons, the data protection information of the respective platform applies. We recommend that you read these carefully before using them. Below you will find the links to the data protection notices of the individual providers to inform yourself about the processing of your personal data by these platforms:
5. Newsletter mailing
If you have expressly consented in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we will use your e-mail address to send you our newsletter on a regular basis. The newsletter is sent via Brevo (formerly Sendinblue), a service of Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin.
We are legally obliged to record your consent as part of the so-called double opt-in procedure. Therefore, your registration for the newsletter, the sending of the confirmation email and your consent by clicking on the link will be logged and saved. The time, location and your IP address are recorded.
The newsletter emails used by Brevo contain a ‘web beacon’ that enables us to analyse your interactions with the newsletter. For example, it is recorded whether the newsletter has been opened or which links have been clicked on. In addition, information about your browser, location and IP address may be transmitted to Brevo. These tracking functions are used to optimise our approach and content for you.
This data is processed on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time (see below).
Brevo may transfer personal data to countries outside the European Economic Area (EEA), in particular to the USA. In such cases, Brevo ensures that suitable protective measures are taken in accordance with Art. 44 et seq. GDPR are taken, for example by concluding standard contractual clauses. Nevertheless, we would like to point out that in the case of a transfer to the USA, there may not be a level of data protection comparable to that in the EU.
The data provided by you for the newsletter subscription will be stored until you unsubscribe from the newsletter. After you unsubscribe, your data will be deleted from both our mailing list and Brevo's mailing list, unless there is another legal basis for storing the data.
After you unsubscribe, your email address may be stored in a blacklist to prevent future mailings. This storage takes place on the basis of our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR in order to comply with legal requirements for sending newsletters. The data in the blacklist will only be used for this purpose and will not be merged with other data. You can object to the storage if your interests outweigh ours.
You can unsubscribe from the newsletter at any time via the corresponding link in each newsletter. Alternatively, you can send us your cancellation request to sales@powerbox-systems.com. The cancellation does not affect the legality of the data processing carried out up to that point.
Details on data processing by Brevo can be found in their privacy policy: https://www.brevo.com/de/legal/termsofuse/.
6. YouTube
On our website, we use content from the YouTube platform, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter ‘YouTube’).
When you access a page that has a YouTube video embedded, a connection to the YouTube servers is established. Personal data such as your IP address and the information that you have visited our site will be transmitted to YouTube. This transmission takes place regardless of whether you are logged in to YouTube or have an account.
If you are logged into your YouTube account at the same time, YouTube can assign your surfing behaviour to your personal profile. You can prevent this by logging out of your YouTube account before visiting our website and deleting cookies set by YouTube.
To protect your data, we use YouTube's extended data protection mode where technically possible. This ensures that YouTube only saves data when you actively play the video. Nevertheless, a connection to the YouTube servers can still be established and data transmitted.
YouTube processes personal data on servers outside the European Union (EU), in particular in the USA. From the EU's point of view, the USA does not have a level of data protection comparable to the GDPR. With your consent to the use of YouTube videos (Art. 6 para. 1 lit. a GDPR), you also consent to a possible transfer of data to a third country with a lower level of data protection in accordance with Art. 49 para. 1 sentence 1 lit. a GDPR.
You can revoke your consent to the use of YouTube videos at any time via our consent management tool. You can also restrict the processing of your data by YouTube by deleting or blocking YouTube cookies in your browser.
Details on data processing by YouTube and Google can be found in Google's privacy policy:
7. OpenStreetMap
We use the OpenStreetMap map service to visualise the location of PowerBox dealers in a user-friendly way. The maps are loaded directly from our own servers so that your data is not transferred to third parties when you use them.
The integration is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to provide a clear and interactive presentation of the locations.
As OpenStreetMap is integrated on our own servers, no personal data such as your IP address or your usage behaviour is forwarded to external providers.
Further information on OpenStreetMap and the map data used there can be found at: https://www.openstreetmap.org.
8. Shopping in the webshop
We offer you the option of creating a customer account in our webshop.
When you create a customer account, the data required for order and payment processing will be requested:
By registering, you can view your order history and manage your master data. In addition, the data you provide will be stored for future ordering processes.
Your personal data is processed on the basis of Art. 6 para. 1 lit. a and b GDPR (consent and fulfilment of contract).
You can cancel your customer account at any time. Your personal data will then be deleted, provided there are no legal retention periods to the contrary.
9. Forum
Our webshop also offers a forum where you can exchange information with other users. Separate registration is required to use the forum. We process the following data as part of the registration process:
The data is processed to enable you to use the forum, create posts or interact with other users. The legal basis for this is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
You can cancel your registration for the forum at any time. Your personal data and all posts published by you can be deleted on request, unless statutory retention periods prevent this or the content is anonymised.
10. Payment systems
You can choose between different payment methods in our online shop. For this purpose, the relevant payment-related data is collected in order to process your order and payment. Your IP address is also processed for technical reasons and for legal protection.
Certain personal data is required to fulfil the contract. We cannot fulfil the contract without this data. The data is transmitted to our payment service providers for payment processing.
The legal basis for the processing of your personal data in the context of the use of the payment systems is Art. 6 para. 1 lit. b and f GDPR.
The payment systems we use utilise SSL encryption to protect the transmission of your data.
10.1. Paypal
We offer the option of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). This serves both our legitimate interest in an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR) and the fulfilment of the contract concluded with you (Art. 6 para. 1 lit. b GDPR).
To process the payment, we transmit the following personal data to PayPal, insofar as this is necessary for the fulfilment of the contract:
Payment via PayPal is not possible without the transmission of your personal data. In this case, you can choose another payment method.
For certain services, such as payment by direct debit, PayPal carries out a credit check to ensure your willingness and ability to pay. This processing is based on the legitimate interest of PayPal (Art. 6 para. 1 lit. f GDPR) and serves the fulfilment of the contract (Art. 6 para. 1 lit. b GDPR). For this purpose, PayPal transmits your data (e.g. name, address, date of birth, bank account details) to credit agencies. We have no influence on this process and only receive the result of whether the payment is carried out, rejected or subjected to a further check.
PayPal processes your personal data as an independent controller. Further information on data processing by PayPal as well as your objection and removal options can be found in PayPal's data protection information at: https://www.paypal.com/us/legalhub/paypal/privacy-full.
PayPal may transfer your personal data to countries outside the European Economic Area (EEA). In this case, PayPal will ensure that an adequate level of data protection is guaranteed, for example by concluding standard contractual clauses in accordance with Art. 46 GDPR.
Your data will be stored until payment processing has been completed. This also includes the period required for refunds, receivables management and fraud prevention.
10.2. Wallee and Nexi
We also offer you payment with the service payment provider Wallee and the acquirer Nexi, which assume different responsibilities for payment processing:
Wallee is the technical platform responsible for the secure and reliable processing of online payments.
As the acquirer, Nexi is responsible for the cash flow, including checking the credit card limits and paying out the money.
The following personal data may be processed to process payments:
The service Wallee (Wallee GmbH, Esplanade 40, 20354 Hamburg, Germany) acts as a platform for the technical processing of your payments. Wallee processes personal data on our behalf to ensure secure payment processing and may act as a processor.
Further information on data processing by Wallee can be found in their privacy policy: https://en.wallee.com/legal/privacy-policy.
The Nexi service (Nexi Germany GmbH, Helfmann Park 7, 65760 Eschborn, Germany) acts as acquirer for the processing of the cash flow. This includes checking the credit card limits, authorising the payment and paying out to us as the merchant. Nexi processes personal data on its own responsibility as an independent controller in accordance with the GDPR.
Further information on data processing by Nexi can be found in their data protection information: https://www.nexi.de/de/legal-footer/datenschutzerklaerung.
The processing of your personal data by Wallee and Nexi is based on Art. 6 para. 1 lit. b GDPR (fulfilment of a contract) and on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to provide you with a secure and efficient payment option.
Please note that Nexi and Wallee may transfer data to countries outside the European Economic Area (EEA). In these cases, the service providers ensure suitable protective measures, for example by concluding standard contractual clauses in accordance with Art. 46 GDPR.
Your personal data will only be stored for as long as is necessary for payment processing, refunds, receivables management or fraud prevention.
11. Technologies of our website
11.1. Captcha
To protect our website and prevent unauthorised access or automated entries (e.g. by bots), we use our own Captcha system. This is used to ensure that the entries on our website are made by a natural person.
The following personal data is processed when the captcha system is used:
This data is processed on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to ensure the security and functionality of our website and to prevent misuse.
The data collected is not stored permanently, but is used exclusively for real-time verification of the entries and is deleted after verification.
The Captcha system is fully integrated into our website and no data is transmitted to external third parties.
11.2 Locally integrated font library
We use a font library on our website to ensure the uniform and appealing presentation of texts. The fonts used are stored locally on our server.
The local integration of the fonts does not establish a connection to external providers such as Google Fonts or other third-party providers. There is therefore no transfer of your personal data to third parties in connection with the display of the fonts.
12. Data transfer to a third country or to an international organisation
A transfer of personal data to countries outside the European Union (EU) or the European Economic Area (EEA), so-called third countries, only takes place under the following conditions:
Data transmission requires in particular that:
13. Storage time
Your personal data will only be stored for as long as is necessary to fulfil our contractual and legal obligations or to achieve the respective processing purpose. Data that is no longer required for these purposes will be deleted, unless there are statutory retention obligations (e.g. commercial or tax regulations).
If the data is no longer required for our services, it will be blocked. This means that this data may only be used for accounting or tax fulfilment purposes. In addition, you have the right to request the deletion of your personal data at any time.
14. Rights of data subjects
As a data subject, you have the following rights under the GDPR:
You can contact us at the following address to exercise your rights:
PowerBox-Systems GmbH
Ludwig-Auer-Strasse 5
86609 Donauwörth
Germany
E mail address: sales@powerbox-systems.com
Phone.: +49 (0) 906 999 99 200
You also have the right to lodge a complaint about data processing with a data protection supervisory authority. To do so, you can contact the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach or a data protection authority responsible for you.
15. Information about your right to object in accordance with Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) of Article 6(1) GDPR (processing in the public interest) or point (f) of Article 6(1) GDPR (legitimate interest).
After an objection, we will no longer process your personal data unless we can:
Your objection can be made informally and should be sent to the following address:
PowerBox-Systems GmbH
Ludwig-Auer-Strasse 5
86609 Donauwörth
Germany
E mail address: sales@powerbox-systems.com
Phone.: +49 (0) 906 999 99 200
Status of and changes to the data protection information
The data protection information in its currently valid version applies.
Status: December 2024
PowerBox-Systems GmbH
Ludwig-Auer-Straße 5
86609 Donauwörth
Germany
Payment methods
Shipping service provider
