With the following information, we want to inform you in an understandable way about the type, scope, and purpose of personal data according to the Telemedia Act by visiting this website. Furthermore, we would like to inform you about the processing of personal data in countries outside the scope of the General Data Protection Regulation (GDPR).
Who is responsible for data collection on this website?
Date processing on this website is performed by the website operator. See the legal notice on this website for contact information.
On the one hand, your data will be collected when you communicate it to us. This may include data you enter into a contact form.
Other data are collected automatically by our IT systems during your visit to the website. This is primarily technical data such as the browser, operating system, and time of access. These data are collected automatically as soon as you enter our website.
The provider of this website commissioned to operate the web server operates its servers in a data center within Germany. We have entered into a corresponding data processing contract with the provider.
Some of the data are collected to ensure the proper functioning of the website. Other data can be used to analyze your user behavior.
The purposes of data processing on this website include corporate presentation and the presentation of our products and services. In addition, you can contact us or find out the addresses of our locations or cooperation partners at home and abroad.
You always have the right to request information about your stored data, their origins, recipients, and the purpose of collection at no charge. You also have the right to request that data be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also file a complaint with the competent regulatory authorities.
Furthermore, you have the right to request a restriction on the processing of your personal data under certain circumstances. For details, see the data protection notice under “Right to the restriction of processing”.
The operator of this website takes the protection of your personal data very seriously. We treat your personal data as confidential and comply with the applicable data protection regulations as well as this data protection notice.
Various personal data are collected when you use this website. Personal data means data that can be used to identify you personally. This data protection notice explains what data we collect and what the data is used for. It also explains how this is done and for what purposes.
Please note that data transmitted via the Internet (e.g. via email communication) may be subject to security breaches. It is not possible to fully protect data from third-party access.
The controller for data processing on this website in terms of data protection is:
FREY & Co. GmbH
Papyrerstraße 12, 83661 Lenggries-Fleck, Germany
Represented by Dietrich Lauber
Phone: +49 8042 9176-0
E-Mail: [email protected]
The controller is a natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (names, e-mail addresses, etc.).
We have appointed a Data Protection Officer for our company. You may contact Stephan Krischke at [email protected]
In many cases, data processing is only possible with your express consent. You may revoke your previously given consent at any time. An informal e-mail making this request is sufficient. The lawfulness of data processing prior to the withdrawal of consent remains unaffected.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you that is based on point (e) or (f) of Art. 6(1) GDPR, including profiling based on those provisions. See this data protection notice for the respective legal basis on which processing is based. If you object, we shall no longer process your personal data in question, unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or in case of processing for the establishment, exercise or defense of legal claims (objection according to Art. 21(1) GDPR).
If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes (objection according to Art. 21(2) GDPR).
In case of violations of the GDPR, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work, or place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.
You have the right to receive data that we have processed using automated means based on your consent or in the course of contract fulfillment in a commonly used and machine-readable format, delivered to you or to a third party. If you request direct transmission of the data to another controller, this is only done where technically feasible.
This website uses SSL/TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or inquiries, that you send to us as the site operator. An encrypted connection is identified by the change from “http://” to “https://” in your browser’s address bar and by the lock symbol in your browser.
When SSL/TLS encryption is active, data you transmit to us cannot be read by third parties.
Under the applicable legal provisions, you have the right to obtain information free of charge at any time about your stored personal data, their origins and recipients, and the purpose of data processing, as well as the right to correction, blocking, or erasure of these data. Please contact us at any time under the address provided in the legal notice regarding this and other questions on the topic of personal data.
You have the right to request the restriction of personal data concerning you. To exercise this right, you may contact us at any time using the address given in the legal notice. You have the right to obtain the restriction of processing from us where one of the following applies:
• When the accuracy of the personal data stored by us is contested by you; we then generally need time to review this. You have the right to request the restriction of your personal data for the duration of the review.
• When the processing of your data was/is unlawful, you may request the restriction of processing instead of the erasure of the data.
• When we no longer need your personal data, but they are required by you for the establishment, exercise or defense of legal claims, you have the right to request the restriction of processing instead of the erasure of your personal data.
• When you object according to Art. 21(1) GDPR, your interests have to be weighed against our interests. You have the right to request the restriction of processing instead of the erasure your personal data until it is established whose interests shall override those of the other party.
• If you have restricted the processing of your personal data, these data – aside from storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
We hereby object to the use of the contact information provided to meet our obligation to publish a legal notice in order to send promotional and information materials that are not expressly requested. The website operator expressly reserves the right to take legal steps if promotional material is sent without request, for example, in the form of spam e-mails.
Server log files
Information automatically transmitted by your browser is automatically collected and stored in server log files by the website provider. Said information includes: Browser type/browser version, operating system used, referrer URL, host name of the accessing computer, date and time of the server request, IP address
Said data are not combined with any other data sources. The provider automatically erases the data after 7 days.
The basis for data processing is point (b) of Art. 6(1) GDPR, which permits the processing of data for the performance of a contract or in order to take steps prior to entering into a contract.
The website in part uses what are known as cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most cookies used by us are known as “session cookies”. They are automatically deleted after your visit. These cookies allow us to recognize your browser when you next visit the site. Other cookies, called “persistent cookies”, remain stored on your device for 6 or 12 months. We use these cookies for the evaluation of visitors. See “Visitor evaluation with Matomo” for further information.
Cookies required to carry out the electronic communication process or to provide certain functions desired by you (such as the shopping cart function) are stored on the basis of point (f) of Art. 6(1) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically sound and optimized delivery of its services. To the extent other cookies (such as cookies to analyze your surfing behavior) are stored, these are addressed separately in this data protection notice.
When you submit an inquiry to us using a contact form, your information from the contact form including your data provided there, such as your title, first name, last name, company, address, phone number, and e-mail address will be stored by us to process the inquiry and in case of follow-up questions. We do not share these data without your consent.
Thus the data entered in the contact form are processed exclusively based on your consent (point (a) of Art. 6(1) GDPR). You may revoke your consent at any time. An informal e-mail making this request is sufficient. The lawfulness of data processing prior to the withdrawal of consent remains unaffected.
We store the data you enter into the contact form until you request their erasure, revoke your consent to storage, or the purpose of data storage ceases to apply (for example, after processing your inquiry is concluded). Mandatory legal provisions – notably retention periods – remain unaffected.
Contact by e-mail
You can also send us inquiries directly by e-mail to the addresses provided on the website, for example, in order to submit reporting forms to us electronically.
Security notice: Sending unencrypted e-mails via the Internet is not sufficiently protected against unauthorized access by third parties. S/MIME or TLS encryption can be used for confidential communication.
Google Tag Manager
This website uses Google Tag Manager. The operator is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Within the scope of Google AdWords and Google Analytics, we use Google Tag Manager to simplify visitor evaluation in the context of our promotional measures with Google AdWords. We have configured the anonymized transmission of data between the tools.
More information about Google Tag Manager is available in Google’s data protection provisions https://policies.google.com/privacy?hl=de.
You can configure your browser to prevent the use of Google Tag Manager.
The use of Google Tag Manager is based on point (f) of Art. 6(1) GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
Data processing under contract: We have entered into a data processing contract with Google.
Our website uses plugins from YouTube, which is operated by Google. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our pages with the YouTube plugin, a connection is established to YouTube’s servers. The YouTube server is informed about which of our pages you visited.
If you are logged on to your YouTube account, YouTube can assign your surfing behavior directly to your personal profile. You can prevent this by first logging out of your YouTube account.
YouTube is used to help make our website appealing. This is a legitimate interest pursuant to point (f) of Art. 6(1) GDPR.
Further information about the handling of user data is found in YouTube’s data protection notice at: https://www.google.de/intl/de/policies/privacy.
Google Web Fonts
This website uses Google Web Fonts for the uniform depiction of fonts. When a page is called, your browser loads the required Web Fonts into your browser cache to display texts and fonts correctly.
Your browser has to establish a connection to Google’s servers for this purpose. This informs Google that our website was accessed from your IP address. The use of Google Web Fonts is done in the interest of a uniform and appealing presentation of our website. This is a legitimate interest pursuant to point (f) of Art. 6(1) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
Further information about Google Web Fonts is available at https://developers.google.com/fonts/faq and in Google’s data protection notice: https://www.google.com/policies/privacy/.
This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Storing your IP address is necessary to use the functions of Google Maps. This information is generally transmitted to a Google server in the USA and stored there. The operator of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate locating the places we specify on the website. This is a legitimate interest pursuant to point (f) of Art. 6(1) GDPR.
Further information on the handling of user data is found in Google’s data protection notice: https://www.google.de/intl/de/policies/privacy/.
Last update: 13 July 2018
In the following, we provide you with information about the processing of personal data in the context of using “YouTube”.
FREY & Co. GmbH operates this YouTube channel to present the company to YouTube users and other interested parties who visit this YouTube channel, and to communicate with them
FREY & Co. GmbH as the operator of this social media profile is the controller under data protection law. This means that FREY & Co. GmbH is responsible for the lawful processing of your data via this profile and for ensuring that you can exercise your rights regarding your data in the relationship with FREY & Co. GmbH (see Art. 26 GDPR).
Processing the personal data of users is based on the legitimate interest of FREY & Co. GmbH in optimizing the presentation of the company (point (f) of Art. 6(1) GDPR).
Your data can be provided to Google Inc. in the USA via the cookies. The transfer of data outside the EU and therefore data transmission to a third country is regulated with Google based on the EU standard contract clauses. This means that Google has to maintain a data protection standard in accordance with the GDPR for users in Europe.
Regarding your personal data, you can request, from FREY & Co. GmbH,
YouTube users can change the settings for advertising preferences to influence the extent to which their user behavior may be recorded during the visit to our YouTube channel. Further possibilities are offered by the YouTube settings and the form to exercise the right to object.
The processing of information by means of the cookies used by YouTube can also be prevented by not allowing cookies of third-party providers or YouTube in your browser settings.
We have appointed a Data Protection Officer in our company. You may contact Stephan Krischke at [email protected]
If you believe that the processing of personal data by FREY & Co. GmbH does not comply with the applicable legal requirements, you may submit a complaint to the responsible supervisory authority.
We revise this data protection notice as needed in case of data processing changes or on other occasions. The respective current version is always found on this website.
Last update: March 2021
We would like to inform you in the following about the processing of personal data in connection with the use of “Microsoft Teams”.
We use the “Microsoft Teams” tool to conduct conference calls, online meetings, video conferences and/or webinars (hereinafter referred to as “Online Meetings”). “Microsoft Teams” is a service of Microsoft Corporation.
The person responsible for data processing directly related to the execution of “online meetings” is FREY & Co. GmbH.
Note: If you access the website of “Microsoft Teams”, the provider of “Microsoft Teams” is responsible for the data processing. However, calling up the website is only necessary for the use of “Microsoft Teams” in order to download the software for the use of “Microsoft Teams”. If you do not want to or cannot use the “Microsoft Teams” app, you can also use “Microsoft Teams” via your browser. In this case, the service is then also provided via the “Microsoft Teams” website.
Various types of data are processed when using “Microsoft Teams”. The scope of the data also depends on the information you provide before or during participation in an “online meeting”. The following personal data is processed:
We use “Microsoft Teams” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. If necessary, for the purposes of recording the results of an online meeting, we will log the chat content. However, this will usually not be the case. Automated decision-making within the meaning of Art. 22 GDPR is not used.
As far as personal data of employees of FREY & Co. GmbH are processed, § 26 BDSG is the legal basis of the data processing. If, in connection with the use of “Microsoft Teams”, personal data is not required for the establishment, execution or termination of the employment relationship, but is nevertheless an elementary component of the use of “Microsoft Teams”, Art. 6 para. 1 lit. f) GDPR is the legal basis for the data processing. In these cases, we are interested in the effective conduct of “online meetings”.
In addition, the legal basis for data processing in the conduct of “online meetings” is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here too, we are interested in the effective implementation of “online meetings”.
Personal data processed in connection with participation in “online meetings” are generally not passed on to third parties unless they are specifically intended to be passed on. Please note that content from “online meetings”, as well as in personal meetings, often serves precisely to communicate information with customers, interested parties or third parties and is therefore intended for disclosure.
Other recipients: The provider of “Microsoft Teams” necessarily obtains knowledge of the above-mentioned data to the extent that this is provided for in our contract processing agreement with “Microsoft Teams”.
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have limited our storage location to computer centers in the European Union. However, we cannot exclude the possibility that data is routed via Internet servers located outside the EU. This may be the case in particular if participants in “online meetings” are in a third country.
However, the data is encrypted during transport over the Internet and thus protected against unauthorized access by third parties.
We have appointed a data protection officer in our company. You can reach Stephan Krischke at [email protected]
You have the right of access to personal data concerning you. You can contact us for information at any time. In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be. Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so. Finally, you have the right to object to the processing within the scope of the statutory provisions. You also have a right to data transferability within the framework of the data protection regulations.
As a matter of principle, we delete personal data when there is no need for further storage. A requirement can exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory storage obligations, deletion shall only be considered after the expiry of the respective storage obligation.
You have the right to complain about the processing of personal data by us to a data protection supervisory authority.
Status: November 2021