Data protection statement of Theben AG
We, Theben AG (hereinafter referred to as “Theben”), are delighted you have chosen to visit our website and are interested in our products and services. Protection of your privacy and any personal data you may make available to us is a matter that we take very seriously. It goes without saying that we comply with the legal regulations relating to data protection. In the following, we will provide you with information on which data we collect from you and for what purposes, how long we store this data, and the rights that you have when we process your data.
Theben AG, Hohenbergstraße 32, 72401 Haigerloch, Germany, is responsible for processing your data on this website. The legal notice on this website provides you with information on how you can get in touch with us.
In our data protection statement, we use terms and definitions from the European General Data Protection Regulations (GDPR), and in particular from Article 4. Under the terms of these regulations, we are the “data controller” and you are the “data subject”. Data that relates either directly or indirectly to you is termed “personal data”. When we make further reference to your “data” in this data protection statement, we are generally referring to data that relates directly or indirectly to you personally.
As a data subject, you have the right to obtain access from us to the data relating to you (Art. 15 GDPR). In accordance with Art. 16 GDPR, you may have your data rectified or, provided certain requirements are met in line with Art. 17 GDPR, you may request that the data is erased. In accordance with Art. 18 GDPR, you have the right to restriction of processing and, if you make a claim in relation to a particular personal situation, you also have the right – in accordance with Art. 21 GDPR – to object to your data being processed either in general or in relation to certain aspects. With respect to data that you have provided to us, you may request that it is issued to you in a commonly used and machine-readable format. You have the right to withdraw consent you have given to us regarding the processing of your data at any time with future effect. This means that your withdrawal of consent can only relate to the future processing of your data; any processing that has already taken place therefore continues to comply with data protection regulations.
You have the right to object to us using your contact and address details to send you advertising and information in the post, if you have not explicitly requested to receive this.
In order to exercise your rights, please contact email@example.com.
You can get in touch with our company data protection officer directly at firstname.lastname@example.org.
You have the right to contact a supervisory authority if you wish to make a complaint regarding how we process your data. In Baden-Württemberg, this is the state commissioner for data protection and freedom of information (Landesbeauftragte für den Datenschutz und Informationsfreiheit), postal address, Postfach 102932, 70025 Stuttgart, Germany, e-mail email@example.com.
Fully automated processing of data when visiting our websites
If, pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO, you consented explicitely, we will use your e-mail address to regularly send you our newsletter. For the receipt of the newsletter the indication of an email address is sufficient. We save your consent and the time that you gave your consent. Your subscription can be cancelled by unsubscribing from the newsletter. If you want to unsubscribe, you can find a link in the footer of each newsletter.
In order to send you appropriate offers and content, we track your click behaviour in the newsletter. This involves recording which newsletter has been opened and how often, or how often users have clicked on links to our products or other information in a newsletter. Analysing this click behaviour enables us to keep optimising the newsletter and adapting it to suit the interests of our customers. For analysis purposes, usage data is summarised when it is collected – a process which anonymises it. This prevents the data from being linked to any particular e-mail address. As a result, we do not know what your personal click behaviour looks like.
However, you may opt out of this monitoring process at any time by unsubscribing from the newsletter. The legal basis for our usage analysis of click behaviour is our legitimate interest in tailoring the content of our newsletters to our customers.
In addition to the A10 environment, an additional proxy for SSL / TLS termination has been in operation since September 2020, which will replace the A10 environment in the future. Here, emails are only encrypted using TLS 1.2 or TLS 1.3.
How we process your personal data as a customer or supplier
On our website pages, we collect data (contact requests, newsletter subscriptions, registrations for training courses, customer surveys) of natural persons who get in touch with us or who belong to or represent a company with which we are in a business relationship. This data includes your name, the name of your company, the address of your company as well as your business contact details, such as your e-mail address, telephone number and your role within the company. Your data is processed on the basis of our legitimate interest to get in touch with you as a representative of our customer, as well as the legitimate interests of the company that you represent to establish communication. Your interests may conflict with these and take precedence if you leave your company, for example.
Naturally, as the data subject, you are granted data protection rights, such as the right to withdraw consent, the right to request access to the data that is stored about you, and further rights. Please refer to the General section of this data protection statement in this regard.
For contractual purposes, we process data relating to your company in our Customer Relationship Management (CRM) system and in the planning, production, logistics and finance modules of our Enterprise Resource Planning (ERP) system. Depending on your role and the responsibilities you have at your company, this data may also include the data detailed above that relates directly to you personally. However, the purpose for processing this data does not relate to you as a person, but rather to your company as our business partner. Data protection law is not applicable to purely business data that does not relate to a natural person.
Use of our contact forms
Our contact forms collect personal data that we require in order to respond to your enquiry. The legal basis for the processing of your name, your e-mail address and the content of your enquiry is “contractual and pre-contractual purposes”. We process any further information that you provide voluntarily, such as your gender, your company, your address and your telephone and fax numbers, on the legal basis of the legitimate interest to improve communication with our customers. Once a contact form has been completed, its content is stored temporarily on the web server and sent from there to our marketing department in an e-mail. The marketing department then passes this e-mail on to whichever one of our specialist departments is responsible for handling the enquiry. The data in your enquiry remains stored in our e-mail system, but nowhere else. Once your enquiry has been resolved, the data is locked to prevent it being used in any other way. Any data that is stored temporarily on the web server is cleaned up on a monthly basis.
A distinction is made between technical cookies (1), which guarantee the correct functioning of our website (these cookies are set automatically) and tracking cookies (2) for marketing and analysis purposes, which require your consent.
(1) Session cookies, document basket functionality, handling of your opt-out opt-out.
Another way in which they differ from one another is the length of time for which they are stored on your PC. Session cookies are cleared automatically when you close your browser. A session cookie may, for example, ensure that the communication between our web server and your PC is secure. Persistent cookies, on the other hand, remain stored on your PC. Your browser may provide information on their storage duration. A persistent cookie can be read again the next time you visit our website. If you want to stop this from happening, you can clear the persistent cookie after visiting our website. Persistent cookies may be used for analysing how you use our website, for example.
Another way in which cookies differ from one another is where they originate from. First-party cookies always originate from the website shown in the address bar of your browser. Third-party cookies, meanwhile, come from websites which you have not accessed directly, but which are instead linked to the first-party website through images or advertisements. Your browser may tell you the sources from which the cookies stored on your PC originate.
Most browsers are configured to accept cookies. If you would like to switch off this function, you will need to change the relevant settings in your browser. If your browser does not accept cookies, you may find that some of the pages on our website do not function to their full extent. In order to complete a contact form, it is essential that your browser is configured to accept session cookies. Session cookies are cleared automatically when you close your browser.
You can use the Cookies for distance measurement and promotional purposes via the deactivation page of the Network Advertising Initiative (https://optout.networkadvertising.org/) and in addition the US website (https://www.aboutads.info/choices) or the European website (https://www.youronlinechoices.com/uk/your-ad-choices/).
If you would like opt-out or change your settings for the tracking cookies used on our website, please click:
For individual offers, there are separate options in the following paragraphs.
Founded on the legal basis of our legitimate interest to improve our web offering, our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how you use the site. The information generated by the cookie about your use of the website (including your IP address) will generally be transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, your IP address is abbreviated beforehand by Google within Member States of the European Union or in other states who are party to the Agreement on the European Economic Area. Your full IP address will only be transmitted to a Google server in the United States and abbreviated there in exceptional cases. On behalf of the website operator, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage vis-à-vis the website operator. The IP address transmitted by your browser as part of Google Analytics will not be associated with any other data held by Google.
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the collection of your data on future visits to this website: .
You may prevent cookies from being stored by making the appropriate setting in your browser software. If you do so, however, please be advised that you may not be able to use all the functions of our webshop to their full extent.
Alternatively, you can prevent Google from collecting cookie-generated data that relates to your use of our website (incl. your IP address) and from processing this data. To do this, download and install the browser plugin by accessing the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
Google Analytics opt-out browser add-on
Social media plug-ins
According to Art. 6 para. 1 sentence 1 lit. f DSGVO, we use social plug-ins of the social networks Facebook, Twitter, Instagram, Xing, linkedin, kununu and youtube to popularise our company. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of GDPR. The responsibility for the privacy-compliant operation is to be guaranteed by the respective providers.
Our website uses social media plugins from Facebook to personalize use. For this we use the “LIKE” or “SHARE” button. This is a facility of Facebook.
If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated by the latter into the website. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are currently not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there.
If you are logged in to Facebook, Facebook can directly assign the search of our website to your Facebook account. If you interact with the plugins, for example, press the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user, interest and relationship profiles, e.g. to evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.
In our website we use YouTube. This is a video portal of YouTube LLC., 901 Cherry Ave., 94066 San Bruno, CA, hereinafter referred to as “YouTube.”
YouTube is a subsidiary of Google LLC., Gordon House, Barrow Street, Dublin 4, Ireland, hereafter referred to as “Google.”
Certified under the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)
Google and thus the subsidiary YouTube guarantees, that the data protection requirements of the EU are also observed when processing data in the USA.
We use YouTube in conjunction with the Advanced Privacy Mode feature to show you videos. Legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the quality improvement of our website. According to YouTube, the Enhanced Privacy Mode feature means that the data below is not transmitted to YouTube’s server unless you actually start a video.
Without this “Advanced Privacy,” you will be connected to the YouTube server in the United States as soon as you visit one of our web pages that embed a YouTube video.
This connection is required to be able to display the respective video on our website via your Internet browser. In the course of this, YouTube will at least collect and process your IP address, the date and time as well as the website you are visiting. It also connects to Google’s DoubleClick ad network.
If you’re logged in to YouTube at the same time, YouTube will provide the connection information to your YouTube account. If you want to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.
For the purpose of functionality as well as for the analysis of the usage behaviour, YouTube permanently stores cookies via your internet browser on your device. If you do not agree with this process, you have the option to prevent the storage of cookies by a setting in your Internet browser. For more information, see “Cookies” above.
For further information about the collection and use of data as well as your related rights and protections please refer to Google‘s privacy notices: https://policies.google.com/privacy.
On our website plugins of the short message network of Twitter Inc. (Twitter) are integrated. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site. An overview of tweet buttons can be found here (https://about.twitter.com/resources/buttons).
When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. In this case, Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet button” while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your user account. We point out that we (as the provider of the pages) are not aware of the content of the transmitted data and their use by Twitter.
If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.
Our website also uses so-called social plugins (“plugins”) operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”.
If you visit a page of our website that contains such a plugin, your browser establishes a direct connection to the Instagram servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram obtains the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram.
This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you’re logged in to Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example, press the “Instagram” button, this information is also transmitted directly to a server of Instagram and stored there.
The information will also be published on your Instagram account and displayed there to your contacts.
If you do not want Instagram to directly map the data collected via our website into your Instagram account, you must log out of Instagram before visiting our website.
Our website uses features of the LinkedIn network. Provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States.
Each time you visit one of our pages that contains LinkedIn features, it connects to LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click LinkedIn’s “Recommend Button” and are logged in to your LinkedIn account, LinkedIn will be able to associate your visit to our website with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn.
For more information, see the LinkedIn privacy statement at:
XING / kununu
Our website uses functions of the network XING. Supplier is XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. KUNUNU GmbH is a subsidiary of XING SE. Responsible body and operator of the website is XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Each time you visit one of our sites that contains XING features, it will connect to XING servers. A storage of personal data is not done to our knowledge. In particular, no IP addresses are stored or the usage behavior is evaluated.