Privacy policy
Data protection information from Boll & Kirch Filterbau GmbH
With this privacy statement, Boll & Kirch Filterbau GmbH (hereinafter: “We”) informs the user (hereinafter: “You”) about the personal data that is collected on our websites and how we use this data. You will also find out which information and control rights you have regarding your personal data.
This data protection information applies to the Filter Sizer Web Application (mybollfilter.com).
1. Responsible entity and data protection officer
The operator of the website is responsible for data protection:
Boll & Kirch Filterbau GmbH
Siemensstr. 10 - 14
D-50170 Kerpen
Tel.: +49 2273/562-0
Fax: +49 2273/562-223
E-Mail: bollsizer@bollfilter.com
Internet: https://bollsizer.com
You can reach our data protection officer at the following email address: datenschutz@bollfilter.com
2. Provision of the website and log files
2.1. Description and scope of the data processing
Each time our website is accessed, our web server automatically collects information from the system of the accessing computer or end device.
The following data is collected:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved data
- Transferred data amount
- Message indicating whether the retrieval was successful
- Identification data of the browser and operating system used
- Website from which the access originated (referrer URL)
- Name of your Internet access provider (ISP)
- Last login date
2.2. Purpose and legal basis of the processing
The temporary storage of the IP address by our system is necessary in order to be able to deliver the website to your end device. Additional data is stored in the log files in order to ensure the operation and functionality of the website.
It is also used to optimise the website and to ensure the security of our information technology systems (e.g. attack detection).
The legal basis for the temporary storage in log files and the use of this data is Art. 6 Para. 1 f GDPR. Our interest here is to guarantee the integrity, confidentiality and availability of the data that is processed via this websites.
2.3. Duration of storage
The above data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. If data is collected for provision of the website, this is the case when the respective session has ended.
Log files are deleted automatically after 14 days.
3. Use of cookies and related technologies
3.1. Description and scope of the data processing
Cookies are used on our websites to enable secure use of the functions. Cookies are data sets or other storage notes that store information on end devices and read information from the end devices. We explain which information is stored and read by the cookies in each case below in connection with the corresponding functions.
3.2. Purpose and legal basis of the processing
Cookies and related technologies perform different functions. Cookies and related technologies are used by us for the following purposes:
| Name | Purpose | Expiration |
|---|---|---|
| _RequestVerificationToken | Used to ensure that no CSRF attacks are performed and the content is forwarded to the correct user. | Session |
| .AspNet.ApplicationCookie | Used for authentication of a logged in user. | Session |
| ASP.NET_SessionId | Used for storing the session information. | Session |
| FilterSizerCulture | Used to control the language settings. | 1 day |
This processing is strictly necessary in accordance with § 25 (2) TTDSG in order to deliver the website or web application or to provide a telemedia service expressly requested by the user. Insofar as personal data is processed, the legal basis is Art. 6 para. 1 b GDPR, if services are provided for registered users. As far as security measures are concerned, the legal basis is Art. 6 para. 1 f GPPR. The interest pursued by us here is the provision of a secure web service and the protection of the IT infrastructure.
3.3. Duration of storage
Cookies are stored on your end device either temporarily for the duration of a session (session cookies) or for a specific period or permanently (persistent cookies). The expiry of a cookie reflects the period in which a cookie stores data and makes it available for retrieval. Session cookies are automatically deleted when the browser is closed. You can also set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in specific cases or in general and activate the automatic deletion of cookies when the browser is closed.
4. Registration and Login
4.1. Description and Scope of Data Processing
The use of the Boll Filter application requires user registration and login. To register for the first time, please contact: bollsizer@bollfilter.com.
For registration, the following personal data of the user (user master data) are stored:
- Username
- Password (encrypted)
- Email address
- First name
- Last name
- Company
- Role assignment
- Audit logs about creation and change of user base data
Additionally, logged-in users can save their user settings ("favorites"), such as the start page, filter types per media type, units, calculation values, and saved calculations.
4.2. Purpose and legal basis of processing
The processing of personal data is necessary to provide customers and employees with the functionality of the Filter Sizer application and to inform them about relevant events related to the application via email. The legal basis for this processing is Art. 6 para. 1 b GDPR.
4.3. Duration of storage
We delete your personal data as soon as it is no longer required for the purposes for which we collected or used it, as described above, and provided that retention periods do not conflict with this. Generally, we store your personal data for the duration of your user relationship. If you wish to unsubscribe from the services of the web application, please send an email to bollsizer@bollfilter.com.
5. Your Rights
You can assert your rights as a data subject with regards to your processed personal data at any time using the contact details given above. As a data subject, you have the right:
- to request information about your data processed by us according to Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the data category, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if it was not collected from us, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information about the details;
- to immediately request the correction of incorrect data or the completion of your data stored by us according to Art. 16 GDPR;
- request the deletion of your data stored by us according to Art. 17 GDPR, unless the processing is required in order to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- to request the restriction of the processing of your data according to Art. 18 GDPR, if you dispute the accuracy of the data or the processing is unlawful;
- to receive the data that you have provided to us in a structured, common and machine-readable format or to request transmission to another person responsible ("data portability"), according to Art. 20 GDPR;
- to object to the processing according to Art. 21 GDPR if the processing is based on Art. 6 Para. 1 Clause 1 e or f GDPR. This is particularly the case when the processing is not required for the fulfilment of a contract with you. Unless it is an objection to direct advertising, we ask that you explain the reasons why we should not process your data as we have done when exercising such an objection. In the event of your justified objection, we will examine the situation and will either stop or adjust the data processing or show you our compelling legitimate reasons for continuing the processing;
- according to Art. 7 Para. 3 GDPR, your consent once given - i.e. your voluntary, informed and unequivocally made clear by a declaration or other clear affirmative action, that you consent to the processing of the personal data concerned for one or more specific purposes - can be revoked at any time, if such consent has been given. As a result, we are no longer allowed to continue the data processing based on this consent in the future and
- in accordance with Art. 77 GDPR, you have the right to complain to a data protection supervisory authority about the processing of your personal data by our company.
6. Changes to the privacy statement
As part of the further development of data protection law and technological or organisational changes, our data protection notice is checked regularly for any need for adjustment or supplementation. You will be informed of changes in particular on this website.
This data protection notice is dated 13.06.2023