General Data Privacy Statement for the Website www.windowgard-security.com

1.   Collection of your personal data
We very much appreciate your interest in Window Gard B.V.
Protecting your personal data is important to us. We will treat your personal data confidentially and in accordance with the data protection laws and regulations, this data protection statement and our statement on the use of cookies.

This page explains what personal data we will collect from you when you use our website. Personal data are data that concern you personally and by which you can be identified, e.g. your name, your address, your email address and your user behaviour.

We offer, in addition to purely informational use of our website, various services that you can elect to use if you are just interested or provided you have given your consent to data processing (legal basis: Article 6 (1) (a) or Article 6 (1) (f) of the General Data Protection Regulation (GDPR)), for example applications via our e-mail address, contacting us via our contact form for enquiries about products and services of Window Gard B.V. or consent to the setting of cookies.

For this purpose, you must provide further personal data that we will use to provide the relevant service or to contact you and to which the data processing principles set out in this data protection statement will apply. If you do not provide the required information, we may not be able to perform our service.

Our website uses SSL or TLS encryption for the transmission of confidential information. We would like to point out that data transmission using the Internet (e.g. when communicating by email) might not be secure and that it is impossible to ensure complete protection of data against access by third parties.

2.   Controller

The controller, as defined in Article 4 (7) GDPR, for the processing of personal data is:

Window Gard B.V.

8239 DB Lelystad | Netherlands

phone: +31 – 852 460 182

email: info@windowgard.nl

Contact details for our data protection officer:

Data Protection Officer Window Gard B.V.

8239 DB Lelystad | Netherlands

phone: +31 – 852 460 182

email: info@windowgard.nl

3.   Log-Files

Each time you visit our website, we automatically collect data and information from your device’s system and store them in server log files. The data are automatically transmitted by your browser when you visit our website. This includes the following data:

• the time of your visit to our website (request to the host provider’s server),
• URL of the website from which you are visiting our website,
• the operating system that you are using,
• the type and version of browser that you are using,
• your computer’s IP address (masked)

Due to the anonymization of IP addresses carried out by our telecommunications provider, it is no longer possible to trace this data back to a natural person.

4.   Your rights

You have the following rights regarding your personal data:

a) right to information

b) right to rectification

c) right to erasure (right to be forgotten)

d) right to restriction of processing

e) right to data portability

f) right to object

If we cite our own legitimate interest or the legitimate interest of a third party as the lawful basis for us to process your personal data (Article 6 (1) (f) GDPR), you can object under Article 21 GDPR.

Under Article 21 GDPR, you have the right to object to the processing of your personal data at any time. We will then cease to process your personal data for direct marketing or related profiling purposes. We will also cease to process your personal data for other purposes after an objection, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims (see Article 21 (1) GDPR, the so-called “limited right of objection”). In this case, you must support your objection with grounds that arise out of your particular situation.

In other parts of our website, you also have the option to consent to receiving further promotions from us (by email, telephone or post). If you wish to receive these promotions, the data (e.g. email address, telephone number, or postal address) that we require for the selected form of contact is mandatory. If you register, we will use the double opt-in procedure described above.

Many data processing operations are only possible with your express consent. Of course, you can at any time (even after consenting to promotions) object to our processing of your personal data for promotional purposes. Such revocation will not affect the legality of any data processing that has already taken place. You can inform us of your objection to promotions by sending an email to info@windowgard.nl

You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

5.   Retention period and restriction of processing of personal data

Unless a more specific retention period is specified in our statements concerning data protection, your personal data will be deleted as soon as they are no longer required to fulfil the purpose for which they were collected. If you only use our website for information purposes, your IP address will be erased from all systems used in connection with operation of our website after seven days at the latest. We will then be unable to identify you from the remaining data.

If you use other services on our website, your data will generally be retained in our systems for user administration purposes. We review these regularly to determine whether data can be erased. If any data are no longer required for the purposes of a customer or interested party relationship, or a conflicting interest outweighs retention, we will erase such data, provided that there are no statutory retention obligations to the contrary.

Your data must also be erased if it is unlawful to process them (e.g. if they are inaccurate and their rectification is impossible). Data will be restricted rather than erased if there are legal or factual obstacles to their erasure (e.g. specific retention requirements).

If you assert a justified request for erasure or revoke your consent to data processing, your data will be erased unless we have other legally permissible reasons for retaining your personal data (e.g. retention periods under tax or commercial law); and, in the latter case, deletion will take place after the reasons for retention cease to apply.

6.   Data transfer to third parties, use of cookies

Data that you provide to us will not be transferred to third parties without your express consent.

Our website uses cookies. Cookies are small text files used by websites to improve the user experience.

We may store cookies on your end device without your consent if we absolutely need them in order to operate our website. We need your consent for any other types of cookies:

When you first visit our website (or if you delete your browser cache), you can select which cookies you wish to accept or whether to only allow those cookies that are required to operate the website. Within the “Cookiebot”service that we use, you can also find out about the categories of cookies, the services associated with the cookies and the resulting processing. You can find further information about the “Cookiebot” service used on this website as well as about the use of cookies in this data privacy statement under Section 8 and the following.

You can at any time, with effect for the future, revoke consent that you have already given. Such an objection will not affect the legality of any data processing that has already taken place before you revoked your consent. To revoke your consent to the setting of cookies beyond the cookies required to operate the website, please delete all cookies in your browser under settings in the corresponding menu (e.g. “Privacy and security” or “Cookies and website permissions” depending on the browser), then close your browser and when you visit our website again, please click on the “Deny” button for the “Cookiebot” service.

7.   Right to object to the collection of data in special cases, and to direct advertising (Article 21 GDPR)

If we cite our own legitimate interest or the legitimate interest of a third party as the lawful basis for us to process your personal data (Article 6 (1) (f) GDPR), you can object under Article 21 GDPR.

Under Article 21 GDPR, you have the right to object to the processing of your personal data at any time. We will then cease to process your personal data for direct marketing or related profiling purposes.

We will also cease to process your personal data for other purposes after an objection, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims (see Article 21 (1) GDPR, the so-called “limited right of objection”). In this case, you must support your objection with grounds that arise out of your particular situation.

You may also object, on grounds that arise out of your particular situation, to your personal data being processed pursuant to Article 89 (1) GDPR for scientific or historical research purposes or statistical purposes, unless the processing is necessary for the performance of a task carried out for reasons of public interest (Article 21 (6) GDPR).

8.   Cookiebot

We use the “Cookiebot” service from UserCentrics. This enables us to manage the consent of visitors to our website for data processing. This processing is necessary for compliance with a legal obligation to which we are subject in accordance with Article 6 (1) (1) (c) GDPR. The following data is processed for this:

• Your anonymised IP address (the last three digits are set to ‘0’)
• Date and time of consent
• Browser information of the URL from which the consent was given
• An anonymous, random and encoded key with the consent status of the end user as proof of consent

The key and consent status are saved for 12 months in the browser using the “CookieConsent” cookie. This means that your cookie preference is retained for subsequent visits to the site. The key can be used to trace and prove your consent.

If you activate the “Collective consent” service function to give your consent for multiple services, the service also saves a separate, random and unique ID with your consent. Provided that the option “No tracking” is deactivated via the browser settings, this key will be saved in another cookie “CookieConsentBulkTicket” in your browser in an encoded form. Alternatively, you can also give your consent for processing only to individual, selected services. By doing this, the services and cookies from your selected provider are permitted.

The processing of your data by “Cookiebot” takes place within the European Union. You can find more information at: https://www.cookiebot.com/de/privacy-policy/

Please also pay attention to our general statements about delecting and deactivating cookies in Section 6 above.

9.   Analytics

9.1 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”).1, 2 Google Analytics uses “cookies”, text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP pseudonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full.

You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) being sent to Google and the processing of this data by Google by using the browser plug-in available under the following link. Download and install in: https://tools.google.com/dlpage/gaoptout?hl=de

This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are further processed in abbreviated form, so that direct personal reference can be foreclosed.

Third party information: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland Fax: +353 (1) 436 1001 Terms of Use Privacy Policy Overview and Privacy Policy.

The legal basis for this processing is consent within the meaning of Article 6 (1) (a) GDPR.

10. Collection of access data

On the basis of the legitimate interest within the meaning of Art. 6 para. 1 lit. f. GDPR, data is collected about every access to the server on which the services are located, so-called server log files. It is in the legitimate interest of the provider and also of Window Gard B.V. to ensure the stability and security of the websites used for application management. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.

11.  Legal bases for our data processing

Article 6 (1) (a) GDPR serves as Window Gard’s legal basis for processing operations where we obtain your consent to our processing for a specific purpose (such as the use of cookies). If our processing of your personal data is necessary for the performance of a contract to which you are a party in personal (as with processing operations that are necessary for the delivery of goods or the provision of some other performance or counter-performance), it will be based on Article 6 (1) (b) GDPR. The same applies to processing operations which are necessary in order to take steps at your request prior to entering into a contract.

If our processing of your data is needed in order to comply with a legal obligation to which we are subject (for example, for the performance of our tax obligations), it will be based on Article 6 (1) (c) GDPR. Our processing of your personal data might in rare cases become necessary in order to protect the vital interests of yourself or another natural person. This would be the case, for example, if a visitor were injured and we then had to give his or her name, age, health insurance details and other vital information to a doctor, hospital or other third party. In such a case, our processing would be based on Article 6 (1) (d) GDPR.

Finally, our processing operations could be based on Article 6 (1) (f) GDPR. Processing operations not covered by any of the aforementioned legal bases are carried out on this basis if the processing is necessary for the purposes of our legitimate interests or the legitimate interests of third parties, provided that the interests or the fundamental rights and freedoms of the data subject are not overriding. We are clearly permitted to carry out such processing operations because they were specifically mentioned by the European legislature. It took the view that a legitimate interest could exist where the data subject is a client of the controller (second sentence of recital 47 GDPR).

Version: January 2025