Privacy Notice – Hansa Armaturen GmbH
PRIVACY NOTICE
We hereby inform you about the processing of personal data carried out by Hansa Armaturen GmbH (“HANSA”) in accordance with the EU General Data Protection Regulation (GDPR).
In the course of its business activities, HANSA collects and processes personal data of current, former, and potential customers and suppliers, as well as of their employees and representatives. Each individual natural person is considered a “data subject”.
These privacy notices are intended to ensure transparency and explain how the personal data of the respective data subjects is processed.
If you have any questions or comments regarding this privacy information, you may contact us at any time using the email address specified under Section 1.
CONTROLLER FOR THE PROCESSING OF PERSONAL DATA
Controller pursuant to Art. 4(7) GDPR is:
Hansa Armaturen GmbH
Sigmaringer Str. 107
D-70567 Stuttgart
Tel: +49 (0)711 1614-0
E-mail: gdpr@hansa.com
See Legal Notice.
CONTACT DETAILS OF THE DATA PROTECTION OFFICER
HANSA’s Data Protection Officer can be contacted at the above address or via:
DSB-Hansa@intersoft-consulting.de
PROCESSING OF PERSONAL DATA – GENERAL INFORMATION
Personal data is generally collected directly from the data subject or with their consent. Personal data may also be processed if we receive it from the company represented by the data subject, from public authorities, or from our other cooperation partners (e.g., subcontractors), or if we obtain such data from publicly accessible sources (e.g., websites and commercial registers).
Personal data includes, in particular:
- Identification data, such as name, the company represented by the data subject, and their title;
- Contact details, such as business address, telephone number, and email address; and
- Personal data arising in the course of the business relationship, such as communications, information contained in orders, details regarding campaigns, special offers, joint activities or cooperation, and all information necessary for invoicing and payments, handling of deliveries, maintenance of customer and supplier relationships, and our business development.
If the relationship with the relevant customer or supplier ends, we retain personal data to the extent necessary for our business operations, e.g., for maintaining our contract archive and handling potential claims.
Furthermore, we retain personal data where this is required to fulfil statutory obligations to which we are subject, such as accounting obligations.
The specific purposes of processing and the applicable legal bases in each individual case can be found in the subsequent sections of this Privacy Notice.
As soon as the storage of personal data is no longer necessary, the data will be deleted or securely anonymised.
COLLECTION OF PERSONAL DATA WHEN VISITING OUR WEBSITE
When you use our website (www.hansa.com) purely for informational purposes—meaning you do not register or otherwise actively provide information—we only collect the personal data that your browser automatically transmits to our server. This data is technically necessary to correctly display the website to you and to ensure its stability, security, and functionality.
In particular, the following information may be processed:
- Browser type and browser version
- Operating system used
- Referrer URL (the previously visited page)
- Hostname of the accessing device
- Date and time of the server request
- IP address (possibly in truncated form)
- Transferred data volume and access status, if applicable
- Language and version of the browser software
The processing of this data is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper display of the website, as well as in ensuring stability, security, and technical operations (e.g., error analysis, detection of misuse, load distribution).
This data is generally stored temporarily and automatically deleted after a certain period, unless longer retention is required for evidentiary purposes.
You may be asked to provide personal information. Answering such questions is voluntary.
CUSTOMER ACCOUNT / REGISTRATION FUNCTION
If you create a customer account through our website, we will collect and store the data you enter during registration (e.g., your name, address, or email address) exclusively for the provision of pre-contractual services, for fulfilling a contract, or for customer care purposes (e.g., to provide you with an overview of your previous orders or to enable the “wish list” function). At the same time, we store the IP address and the date and time of your registration. Your data will, of course, not be disclosed to third parties.
As part of the further registration process, your consent to this processing will be obtained, and reference will be made to this Privacy Notice. The data collected in this context is used exclusively for providing the customer account.
Where you consent to this processing, the legal basis for the processing is Art. 6(1)(a) GDPR.
Insofar as the creation of the customer account also serves pre-contractual measures or the performance of a contract, the legal basis for this processing is additionally Art. 6(1)(b) GDPR.
You may withdraw the consent you have granted for the creation and maintenance of the customer account at any time with effect for the future in accordance with Art. 7(3) GDPR. To do so, you must simply inform us of your withdrawal.
The data collected in this context will be deleted as soon as processing is no longer necessary. However, we must observe statutory retention periods under tax and commercial law.
CONTACTING US (EMAIL, TELEPHONE)
If you contact us, we process the data you provide (e.g., name, email address, telephone number, content of your message, attachments where applicable, as well as timestamps and any technical metadata) in order to handle and document your enquiry.
Your enquiry is generally processed on the basis of our legitimate interest in efficient customer communication (Art. 6(1)(f) GDPR). Additional information provided voluntarily and the use of specific communication channels (e.g., a telephone callback) are processed on the basis of your consent (Art. 6(1)(a) GDPR), which you may withdraw at any time with effect for the future. Depending on the exact nature of your request and our customer relationship, contacting us may also occur within the context of a (pre-)contractual relationship (Art. 6(1)(b) GDPR).
We delete contact enquiries as soon as the matter has been concluded and no retention obligations (e.g., under the German Commercial Code or Fiscal Code in the case of contract-relevant correspondence) or legitimate interests (e.g., documentation or defence purposes, regularly until expiry of statutory limitation periods) prevent deletion.
USE OF ONLINE APPOINTMENT SCHEDULING VIA TIMIFY
We use the service TIMIFY, operated by TerminApp GmbH, Balanstraße 73, Gebäude Nr. 24, 3rd floor, 81541 Munich, Germany, for online appointment scheduling.
TIMIFY provides an online booking solution that is integrated into our website. When you use TIMIFY to book an appointment with us, the personal data you enter (e.g., name, contact details, preferred appointment time) is processed by TIMIFY and transmitted to us. We have concluded a data processing agreement with TIMIFY pursuant to Art. 28 GDPR to ensure lawful and secure processing of your personal data.
The legal basis for data processing in connection with appointment scheduling is your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future.
You can access TIMIFY’s detailed privacy notices via the following links:
- Privacy Policy of TIMIFY
- EU GDPR Statement of TIMIFY
NEWSLETTER
By registering for a HANSA newsletter, you consent to the use of the personal data you enter for the purpose of sending you personalised newsletters via email.
Our registration system uses a confirmation message that contains a link for final subscription activation (“double opt-in”). This ensures that emails are explicitly desired by you. The legal basis is your consent (Art. 6(1)(a) GDPR in conjunction with § 7(2) no. 3 UWG). You may withdraw your consent at any time with effect for the future and without incurring any additional costs, for example by clicking the “Unsubscribe Newsletter” link contained in every newsletter and following the instructions provided.
Mandatory information for newsletter delivery consists of your email address and your industry/occupational group. For documentation purposes and to demonstrate your consent, we store the time of registration and confirmation, as well as the IP address used at the time of registration.
USE OF COOKIES
Our website uses cookies and comparable technologies (collectively referred to as “cookies”) to ensure technical functionality, analyse usage, and—provided you give your consent—adapt content to your interests.
Cookies are small data files stored on your device that contain certain information, such as language settings, login information, or duration of visits. When you return to the website, this information may be retrieved to enhance your user experience.
Types of cookies:
- Technically necessary cookies: Required for the operation of the website (e.g., navigation or access to secure areas).
- Functional cookies: Enable convenience functions such as saving settings or automatically completing forms.
- Analytics and statistics cookies: Collect information about website usage to improve performance and content.
- Marketing and tracking cookies: Used to tailor content and advertising to your interests.
Additional distinctions:
- Session cookies: Stored only for the duration of your visit and deleted when you close the browser.
- Persistent cookies: Remain stored beyond a single session and are automatically deleted after a set period.
- First-party cookies: Set directly by us.
- Third-party cookies: Set by third parties, such as analytics tools or advertising networks.
The processing of personal data by means of cookies depends on the cookie type:
- Technically necessary cookies: Art. 6(1)(f) GDPR and § 25(2) TDDDG (legitimate interest in operation, security, and optimisation of the website).
- All other cookies: Art. 6(1)(a) GDPR and § 25(1) TDDDG (consent).
You may adjust or withdraw your cookie preferences at any time using our consent management tool. You can also delete or block cookies via your browser settings. Depending on the browser, cookie deactivation works differently. Please refer to your browser’s “Help” function. Please note that disabling cookies may restrict or disable certain functions of the website.
The cookies used on this website are listed in the Cookie Information.
Further details about the cookies we use can be found in our Cookie Policy and via our cookie banner.
The use of cookies also applies to our virtual trade fair tour, which is integrated into the service area of the website.
ONLINE PRESENCE AND WEBSITE OPTIMISATION
RETARGETING / REMARKETING
This website uses retargeting technologies operated by other providers (e.g., remarketing via the Google Display Network). Retargeting enables users who have previously shown interest in our brand and products to be addressed with targeted advertising on partner websites. The display of advertising materials in retargeting is based on a cookie-based analysis of prior user behaviour. No personal data is stored during this process. If you do not want such advertising, you may disable cookies in your browser or withdraw consent.
GOOGLE ANALYTICS
Where you have given your consent, Google Analytics, a web analytics service provided by Google LLC, is used on our website. Google Ireland Limited is the controller for users in the EU/EEA and Switzerland.
Google Analytics uses cookies that analyse your use of the website. The information generated is usually transmitted to a Google server in the USA. IP anonymisation is activated, meaning your IP address is truncated within the EU/EEA. Only in exceptional cases is the full IP address sent to the USA.
Data collected may include:
- Page views
- First visit
- Session start
- Click path and interactions
- Scroll behaviour
- External link clicks
- Internal searches
- Video interactions
- Downloads
- Ads viewed/clicked
- Language settings
- Approximate location (region)
- Date and time
- Browser and device details
- Internet provider
- Referrer URL
Google uses this information to evaluate website usage and compile reports. Transfers to the USA occur under the EU–US Data Privacy Framework (DPF). Data linked to cookies is deleted after 2 or 14 months.
Legal basis: Art. 6(1)(a) GDPR and § 25(1) TDDDG (consent).
GOOGLE MAPS
We use Google Maps via a two-click solution. A preview map is shown first. Only after you actively consent by clicking is data transmitted to Google. Data processed may include:
- Date and time of visit
- Location information
- IP address
- Entered route planning addresses
- URL of the accessed webpage
- Usage data and search terms
The legal basis is Art. 6(1)(a) GDPR (consent). Transfers to the USA occur under the DPF.
GOOGLE reCAPTCHA
We use reCAPTCHA v2 to protect our website from abusive automated access. When used, a connection to Google’s servers is established. reCAPTCHA may collect:
- Browser plugins used
- Cookies set by Google over the last 6 months
- Number of mouse clicks and touches
- CSS information
- JavaScript data
- Date and time
- Browser language
- IP address
Legal basis: Art. 6(1)(a) GDPR (consent).
MOUSEFLOW
This website uses Mouseflow, a web analytics tool that records sessions, heatmaps, interactions, form inputs (excluding excluded fields), visited pages, browser type, device type, anonymised IP, location (city/country), and other metadata. This helps us optimise our website.
Legal basis: Art. 6(1)(a) GDPR (consent).
Opt-out: mouseflow.com/opt-out
GOOGLE FONTS
We use Google Fonts to display external fonts. When accessing our site, a connection to a Google server in the USA is established.
Google is certified under the DPF, legitimising transfers under Art. 45 GDPR.
Data collection occurs only after your explicit consent (Art. 6(1)(a) GDPR).
More information: https://developers.google.com/fonts/faq
Google Privacy Policy: https://www.google.com/policies/privacy/
THIRD-PARTY CONTENT AND SOCIAL MEDIA (FACEBOOK, YOUTUBE, INSTAGRAM, TWITTER, ETC.)
Facebook, Google+ and YouTube
This website integrates social media plugins from Facebook and Google (Google+ and YouTube). When a page containing such a plugin is accessed, a connection to Facebook or Google is established. Your visit may be tracked even without direct interaction. If logged in, actions may be linked to your user accounts. HANSA has no control over the transmitted data.
Facebook Pixel may record that your IP visited our site. This information may be used for advertising. If you do not want Custom Audience tracking, you may disable it.
Further information:
Facebook: https://www.facebook.com/about/privacy
Google: http://www.google.com/intl/de/policies/privacy
Twitter functions may link visited pages with your Twitter account and make them visible to others. Data is transmitted directly to Twitter’s servers. Privacy details: https://twitter.com/privacy
By clicking the Instagram button while logged in, Instagram can associate your visit to our website with your user account. Privacy details: http://instagram.com/about/legal/privacy/
Pinterest plugins may store log data such as browser information, IP address, visited pages, search history, timestamps, cookies, and clickstream data. If logged in, data may be linked to your account and used for advertising.
Pinterest is not DPF-certified. Data transfers rely on Standard Contractual Clauses.
Privacy Policy: https://policy.pinterest.com/de/privacy-policy
LinkedIn functions may transmit your IP and associate activity with your LinkedIn account if logged in. Privacy details: https://www.linkedin.com/legal/privacy-policy
A WhatsApp share button enables you to share content. No data is transferred until used. WhatsApp learns only which content was shared.
Privacy Policy: https://www.whatsapp.com/legal/#privacy
VIMEO
Vimeo is used to display videos. When accessing a page, your IP and other metadata may be processed. Vimeo may use Google Analytics. Vimeo requires prior consent under Art. 6(1)(a) GDPR.
Privacy details: https://vimeo.com/privacy
HYPERLINKS TO FACEBOOK, INSTAGRAM, YOUTUBE, LINKEDIN
Some of our online offerings contain hyperlinks to third-party websites not operated by HANSA. We are not responsible for their content or data processing. Legal basis: Art. 6(1)(f) GDPR.
Logging out of social networks and clearing cookies can prevent data association.
VIRTUAL TRADE FAIR STAND VIA FAIRFLEXX
We use FAIRFLEXX to provide our virtual exhibition stand. Personal data entered in the contact form is processed solely for handling your enquiry.
Legal basis:
- Art. 6(1)(b) GDPR (contractual or pre-contractual steps)
- Art. 6(1)(f) GDPR (legitimate interest in communication)
- Art. 6(1)(a) GDPR (consent, where explicitly given)
Google Analytics tracks usage within the virtual stand. No other tracking tools are used.
JOB POSTINGS / ONLINE APPLICATIONS VIA HR4YOU
Data processed includes master data, application documents, communication data, and public professional profiles. Special categories of data are processed only where required or based on explicit consent.
Internal access: HR, relevant departments, management, employee representation.
External processors operate under Art. 28 GDPR.
Legal basis:
- Art. 6(1)(b) GDPR and § 26 BDSG (application process)
- Art. 6(1)(f) GDPR (defence against legal claims)
Retention: Data is deleted 6 months after completion unless interests or consent justify longer storage.
Talent Pool: Stored based on consent under Art. 6(1)(a) GDPR and § 26(2) BDSG.
Unencrypted email applications are deleted immediately.
DATA TRANSFER AND RECIPIENTS
Data is shared only where legally permitted, consented, required by law, or justified by legitimate interest. Intra-group transfers occur for administrative purposes. Processors operate under Art. 28 GDPR.
RIGHTS OF DATA SUBJECTS
You have the right to:
- Access your personal data
- Rectification or erasure
- Restriction of processing
- Object to processing
- Data portability (where applicable)
If processing is based on consent, you may withdraw it at any time.
Requests may be submitted using the contact details in this notice.
Supervisory authority:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20, 70173 Stuttgart
Email: poststelle@lfdi.bwl.de
DATA SECURITY
We implement extensive technical and organisational measures to protect your data from manipulation, loss, destruction, or unauthorised access.
LAST AMENDMENT: 17 October 2025
This Privacy Notice may be updated at any time due to legal or operational requirements.
Date: 07 October 2025