Privacy Policy

In this declaration you will find information about the processing of personal data when using our website. Personal data are all data that can be related to you personally, e.g. Name, address, e-mail addresses, user behavior.

I. Name and address of the responsible person and contact details of the data protection officer

1. Responsible

Responsible according to EU-General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:  

Headquarter:
AAF Lufttechnik GmbH
Odenwaldstrasse 4
64646 Heppenheim
Germany

Managing director:
Dr. Stefan Berbner

telephone: +49 (0)6252 69977-0
e-mail: sales.dach@aafeurope.com

Fournisseur:
AAF International-Division Filtration France
Ecoparc Louviers Sud
B.P 132
27401 Louviers Cedex
France

Registre du commerce:
775 574 213

TVA:
FR44 775574213

AAF SAS (sales)
9, Avenue de Paris
94300 Vincennes

2. Contact details of the data protection officer

You can contact our data protection officer via e-mail address datenschutz@aafeurope.com or via the postal address with the addition “Attn: data protection officer”.

II. General information on data processing

1. Scope of processing personal data

In principle, we only process personal data of our users insofar as this is necessary for the provision of a functional website and for our content and services. The processing of personal data of our users takes place regularly but only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.

2. Legal basis for the processing of personal data

a) Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR)

Insofar as we obtain the consent of the data subject for the processing of personal data,  Art. 6 Abs. 1 lit. a EU-General Data Protection Regulation (GDPR) serves as the legal basis.

b) Contract fulfillment and pre-contractual inquires (Art. 6 Para. 1 S. 1 lit. b. GDPR)

When processing personal data that is required to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

c) Legal obligation (Art. 6 Para. 1 S. 1 lit. c. GDPR)

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 Para. 1 lit. c GDPR serves as the legal basis.

d) Protection of vital interests (Art. 6 Para. 1 S. 1 lit. d. GDPR)

in the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 Para. 1 lit. d GDPR serves as the legal basis.

e) Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR)

if processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interests, Art. 6 Para. 1 lit. f DSGVO served as the legal basis for the processing.  

In addition to the GDPR, there is national law, such as the Federal Data Protection Act (BDSG), which may contain special regulations.

3. Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage does no longer apply. Storage can also take place if this has been provided by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfill a contract.

III. Safety measures

In order to ensure an appropriate level of protection, technical and organizational measures are taken in accordance with the legal requirements, particularly taking into account the following criteria:

1) state-of-the-art

2) implementation costs

3) type, scope and purpose of processing

4) the probability of occurrence and extent of the threat to the rights and freedoms of natural persons.

In addition, when selecting the measures, particular emphasis is placed on securing confidentiality, integrity and the availability of data.

For example, SSL encryption is used to protect the transmitted data during data exchange. You can recognize this on the one hand by „https://“ in the URL and on the other hand by the lock symbol displayed in the browser in the address bar. 

Procedures are implemented that adequately guarantee the exercise of data subject rights, such as deletion.

In addition, data protection is taken into account through data protections – friendly default settings (privacy by default) and technology design (privacy by design).

IV. Transfer of personal data to third parties

As part of the processing of personal data, it is possible that data may be transmitted to other companies, legally independent organizational units or persons or disclosed to them. This is the case, for example, with IT service providers such as the present Web hosting by qwertiko GmbH (Waldstrasse 41-43, 76133 Karlsruhe; Germany) or the internet agency Navigate AG (Waldstrasse 41-43, 76133 Karlsruhe, Germany).

V. Data processing in third countries

Data processing in third countries- i.e. in countries outside the European Union (EU), the European Economic Area (EEA) – does not take place directly by the person responsible.  

If service providers, such as Google Ireland Limited with the parent company Google LLC in the USA, should process data outside of the European Union, this is done in accordance with the legal requirements, according to the service provider.  

We only process data, subject to express consent or contractually or legally required transmission, in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations.

VI. Provision of the website and creation of log files

1. Description and scope of data processing

This website is operated by the web hosting provider qwertiko GmbH (Waldstraße 41-43, 76133 Karlsruhe) on their servers.

Every time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected: 

(1) information about the browser type and the version used

(2) the user’s operating system

(3) the user’s IP address

(4) date and time of access

(5) websites from which the user’s system reached our website.

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Affected person

The person concerned is the respective website visitor.

3. Legal basis for data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 lit. f GDPR.

4. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. To do this, the user’s IP address must be saved for the duration of the session.  

The storage in log files takes place in order to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.  

This is also the basis for our justified interest in data processing according to Art. 6 para. 1 lit. f DSGVO.

5. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after 14 days at the latest. Any further storage is possible. In this case, the IP addresses of the users will be deleted or alienated so that it is no longer possible to assign the accessing client.

6. Opposition and removal option

The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.

VII. Contact form and email contact

1. Description and scope of data processing

There is a contact form on the website that can be used to contact us electronically, for example to request information about our products and services, to make general contact or to make an appointment. If you take advantage of this option, the data entered in the input mask will be transmitted to us and saved. In addition to possible voluntary information and your message content, we require at least the following information from you:

1. name

2. email address.

This information is required to process your request, to address you correctly and to send you an answer.

At the time the message is sent, the following data is also stored:

(1) date and time of dispatch

(2) sender address and sender name

(3) subject (if specified by you).

Your consent is obtained for the processing of the data during the sending process and reference is made to this data protection declaration.

Alternatively, you can contact us via the email address provided (especially the address in the imprint and when contacting us). In this case, the e-mail with the transmitted personal data of the user will be received and saved. The same applies to sending emails to you.

It should be expressly pointed out that contact on the Internet, especially by email, is generally not fully encrypted. Encryption only takes place on the transport route if no end-to-end encryption method is used. We therefore exclude the assumption of responsibility for incompletely encrypted transmission paths between sender and recipient.  

In this context, the data will not be passed on the third parties. The data will only be used to process the conversation.

2. Affected person

The person concerned is the respective communication partner.

3. Legal basis for data processing

If the user has given his / her consent, the legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR.

The legal basis for processing the data that is transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.

4. Purpose of data processing

The processing of the personal data from the input mask serves only to process the contact. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact from and to ensure the security of our information technology systems. In addition, the data can be processed for the purpose of recognizing SPAM.

5. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those send by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified

The data stored at the time the message was sent will be deleted after 180 days.

6. Possibility of objection and removal

The user has the option at any time to revoke their consent to the processing of personal data. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

In this case, all personal data stored in the course of contacting us will be deleted.

VIII. Use of Cookies

1. Description and scope of data processing

The website uses necessary cookies. Cookies are the text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user calls up a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is accessed again.

The necessary cookies mapsWall, ma-disable, youtubeWall und cb-enabled are used to make the website require that the retrieved browser can also be identified after changing pages. The following data is stored and transmitted in the cookies:

1) mapsWall controls the display of Google Maps

2) ma-disable regulates the use of Matomo

3) youtubeWall regulates the display of YouTube videos

4) cb-enabled regulates the siplay of the cookie banner.

2. Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 Para. 1 lit. f GDPR.

3. Affected person

The person concerned is the respective user, e.g. website visitor.

4. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after changing pages. The cookie is required to take over language settings. For this purpose, our legitimate interest lies in the processing of personal data according to Art. 6 Para. 1 lit. f GDPR.

5. Duration of storage, possibility of objection and removal

Cookies are stored on the user’s computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, if is possible that not all functions of the website can be used to their full extent. The cookies used on our website are deleted after 30 days.

IX. Web analysis by Matomo

1. Scope of processing peronsonal data

We use the open source software tool Matomo on our website to analyze the surfing behavior of our users. The software places a cookie on the user’s computer. If individual pages of our website are called up, the following data in particular is stored:

(1) two bytes of the IP address of the selected system of the user

(2) the accessed website

(3) the website from which the user reached the accessed website (referrer)

(4) the sub-pages that are accessed from the accessed website

(5) the time spent on the website

(6) the frequency with which the website is accessed

(7) your used operating system, your screen resolution, your browser.

The software runs exclusively on the servers of our provider qwertiko GmbH (Waldstrasse 41-43, 76133 Karlsruhe, Germany). The user’s personal data is only stored there. The data will not be passed on to third parties.

The software is set up in the way that the IP addresses are not saved in full, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the called up computer.

2. Affected person

The person concerned is the respective website visitor.

3. Legal basis for data processing

The legal basis for processing user’s personal data is Art. 6 Para. 1 lit. f GDPR.

4. Purpose of data processing

The processing of the personal data of the users enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. Our legitimate interest in the processing of data in accordance with Art. 6 Para. 1 lit. f GDPR lies in these purposes. By anonymizing the IP address, the interests of users in protecting their personal data are adequately taken in to account. 

5. Duration of storage

The data will be deleted as soon as it is no longer required for our tracking purposes.

6. Possibility of objection and removal

Cookies are stored on the user’s computer and transmitted to our site from there. As a user, you therefore have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.

We offer our users the option of opting out of the analysis process on our website. To do this, you must follow the corresponding link. In this way, another cookie is set on your system, which signals our system not to save the user’s data. If the user deletes the corresponding cookie form his own system in the meantime, he must set the opt-out cookie again.

You can find more information about the privacy settings of the Matomo software under the following link: https://matomo.org/docs/privacy/.

X. Integration of YouTube videos

We have integrated YouTube videos into our online offer, which are stored on  www.youtube.com and can be played directly from our website. No videos are displayed or loaded when you visit our site, so no data about you as a user is transmitted to YouTube. Personal data can only be transmitted to YouTube when you want to preview or play the videos. We have no influence on this data transfer. A preview or playback is only possible if you set the “YouTube” cookie settings to “on” for the entire website. The service provider for YouTube videos is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find detailed information in the data protection declaration at

If the „YouTube“ cookie setting is activated, the following applies.

1. Scope of processing personal data

The scope of the processing of personal data depends on the settings made by the service provider. Depending on the setting, usage data (e.g. websites visited, access times or interest in certain content), meta-/communication data (e.g. IP address, device information) or interactions with content and functions can be processed. You can find setting options in particular at https://policies.google.com/privacy?hl=de#infochoices .

The service provider collects data regardless of whether YouTube provides a user account that you are logged in to, or whether there is no user account. If you are logged in to other services of the service provider (e.g. Gmail), your data will be assigned to your account. If you do not wish to be assigned to your profile, you should log out of YouTube before activating the cookie settings.

2. Affected person

The person concerned is the respective website visitor.

3. Legal basis for data processing

If the user has given his/her consent, the legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR; in the case of processing the relates to the fulfillment of a contract or a precontractual request, Art. 6 Para. 1 lit. b GDPR and, in the case of legitimate interests, Art. 6 Para. 1 lit. f GDPR.

1. 1. 1. 1. Purpose of data processing

The processing of personal data serves the provision of our online offer and user-friendliness. This is also the legitimate interest according to Art. 6 Para. 1 lit. f GDPR.

The service provider stores your data as a usage profile and uses it, for example, for advertising, market research and / or needs-based design of its website. Such an evaluation takes place in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website.

5. Duration of storage

The storage period for personal data depends on the specifications and the settings made by the server provider.

6. Possibility of objection and removal

Cookies are stored on the user’s computer and transmitted to our site from there. As a user, you therefore have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for your website, it is possible that not all functions of the website can be used in full. You have the right to object to the creation of user profiles. To exercise your objection, you can contact the service provider directly. A possibility of objection (opt-out) is granted with the opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=de. The data protection settings can be adjusted at https://policies.google.com/privacy.

XI. Integration of Google Maps

On this website we use the Google Maps service to display (geographical) maps. This enables us to show you interactive maps directly on the website and enables you to conveniently use the map function. No maps are displayed or loaded when you visit our site, so no data about you as a user is transmitted to Google Maps. Personal data can only be transmitted to Google Maps when you display the maps. We have no influence on this data transfer. The maps can only be displayed if you set the “Google Maps” cookie settings to “on” for the entire website. The service provider of Google Maps is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find detailed information in the data protection declaration at https://policies.google.com/privacy.

If the cookie setting „Google Maps“ is switched on, the following applies.  

1. Scope of processing personal data

The scope of the processing of personal data depends on the settings made by the service provider. Depending on the setting, usage data (e.g. websites visited, access times or interest in certain content), meta / communication data (e.g. IP address, device information) or interactions with content and functions can be processed. You can find setting options in particular at https://policies.google.com/privacy?hl=de#infochoices .

The data collection by the service provider takes place regardless of whether the service provider provides a user account that you are logged in to or whether there is no user account. If you are logged in to other services or the service provider (e.g. Gmail), your data will be assigned to your account. If you do not want to assignment to your profile, you should log out of Google Maps before activating the cookie settings.

2. Affected person

The person concerned is the respective website visitor.

3. Legal basis for data processing

If the user has given his / her consent, the legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR; in the case of processing that relates to the fulfillment of a contract or a pre-contractual request, Art. 6 Para. 1 lit. b GDPR and, in the case of legitimate interest, Art. 6 Para. 1 lit. f GDPR.

4. Purpose of data processing

The processing of personal data serves the provision of our online offer and user-friendliness. This is also the legitimate interest according to Art. 6 Para. 1 lit. f GDPR.

The service provider stores your data as usage profiles and uses them, for example, for advertising, market research and / or needs-based design of its website. Such an evaluation takes place in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website.

5. Duration of storage

The storage period for personal data depends on the specifications and the settings made by the service provider.

6. Possibility of objection and removal

Cookies are stored on the users’ computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transfer of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full. You have the right to object the creation of user profiles. To exercise your objection, you can contact the service provider directly. A possibility of objection (opt-out) is granted with the opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=de. The data protection settings can be adjusted at  https://policies.google.com/privacy.

XII. Your rights

(1) If your personal data is processed as a user, you are the data subject and you have the following rights towards the person responsible, in particular from Art. 15 to 21 GDPR:

–   rights to object to processing,

You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

–   Right of withdrawal for consent,

You have the right to revoke your consent at any time.

–   Right to information,

You have the right to request confirmation as to whether personal data relating to you is being processed. If such processing takes place, you have the right to information about this data as well as further information and copy of the data in accordance with the legal requirements.

–   Right to rectification,

In accordance with the legal requirements, you have the right to request the completion of the data concerning you or the correction of incorrect data concerning you.

–   Right to deletion and restriction of processing,

In accordance with the legal requirements, you have the right to demand that the data relating to you be deleted immediately or, alternatively, to request a restriction on the processing of the data in accordance with the legal requirements..

–   Right to data portability,

You have the right to receive the personal data relating to you that you have provided to the person responsible in a structured, common and machine-readable format or to request that it be transmitted to another person responsible.

(2) If you are of the opinion that the processing of your personal data violates data protection regulations, you have the right to complain to a supervisory authority. You can find the contact details of the responsible supervisory authorities, in particular in the member state of your habitual residence, your place of work or the place of the alleged violation, by searching the internet.