(as of: 01 Aug 2025) Date of entry into force: 20 Aug 2025 1. Data protection in our company
We take the protection of your personal data very seriously. Your privacy is important to us. We process your personal data in accordance with the applicable legal data protection requirements for the purposes listed below. Personal data within the meaning of this declaration is all information that relates to you as a person.
Relevant personal data includes, in particular, your personal details (e.g., name, address, contact details, date of birth), your billing information, advertising and sales data (i.e., insights from customer data analysis).
You can visit and browse our website >>www.hott-scan.com<< at any time without providing us with any personal information. However, the IP address you transmit to us is stored.
2. Contact details
2a. Responsible body
The following body is responsible for processing your personal data:
| |
| Herr Karl Heinz Hottgenroth |
| HottScan GmbH |
| Zertifiziert nach ISO 9001 : 2000 |
| Von Hünefeld-Strasse 3 |
| 50829 Köln |
| Phone: | | +49 221 70993300 |
| Fax: | | +49 221 70993301 |
| Internet: | | www.hott-scan.com |
2b. Data Protection Officer:
| |
| Herr Karl Heinz Hottgenroth |
| HottScan GmbH |
| Zertifiziert nach ISO 9001 : 2000 |
| Von Hünefeld-Strasse 3 |
| 50829 Köln |
| Phone: | | +49 221 70993300 |
| Fax: | | +49 221 70993301 |
| Internet: | | www.hott-scan.com |
3. Purposes for which your data is collected and processed, and their legal basis
3a. Contract processing
HottScan processes your personal data for the purpose of fulfilling the contract with you. The specific processing depends on the respective products and services you purchase from HottScan. In particular, this includes billing for contractual services, sending invoices and, if necessary, reminders, as well as communicating with you. The legal basis for the data processing described above is the processing for the fulfilment and execution of the contract. Without this data processing, we cannot conclude and fulfil the contract. For the purpose of fulfilling the contract, e.g. for billing, processing payments and sending letters and goods, we also transfer your personal data and billing data to third-party processors (e.g. shipping service providers and collection service providers).
We use an external service provider to store ticket data, which is used to speed up the processing of queries between customers and HottScan. We have a corresponding data processing agreement in accordance with the GDPR for this purpose.
We use an external service provider to store email data. We have a corresponding data processing agreement in accordance with the GDPR for this purpose.
HottScanprovides input options for storing information.
The respective content is recorded independently by the user or their representative, therefore the responsibility for rights, copyright protection and permission for use and publication lies solely with the user. Furthermore, any persons who are visible in the data are not made unrecognisable.
3b. Advertising
HottScan uses your name and address to send you product information about portfolio products. In order to send you product information about goods or services from HottScan that are similar to those you have already purchased or used as an existing customer of HottScan, HottScan also uses the email address you have provided for this purpose, unless you have objected to this. In order to send you advertising, we may pass on your name and address to third parties and processors (e.g. shipping service providers).
The processing of your aforementioned data is necessary to safeguard the legitimate interests of HottScan and is justified by a balancing of interests in favour of HottScan. Without the use of this data, HottScan cannot send you direct marketing. HottScan also has a legitimate interest in processing your aforementioned data for the purpose of direct marketing for offers from HottScan tailored to you, namely the promotion of sales of its own products. Your legitimate interest in not having your aforementioned data used for this purpose does not outweigh this legitimate interest of HottScan, as HottScan uses this data appropriately in accordance with the described processing purpose and does not use any sensitive data from your customer relationship with HottScan for this purpose. The use of your data for advertising purposes also constitutes processing with which you can expect in existing contractual relationships or after expressing interest in products or services from HottScan in the form of, for example, offers or services or even uncontested receipt of direct advertising over a longer period of time, so that harassment through direct advertising is not to be assumed.
In addition, HottScan will only use your aforementioned data for direct advertising of HottScan products if you have not objected to this.
HottScan also ensures that the communication channels selected for advertising (post and email) cause you as little disruption as possible. HottScan will only use your data for advertising purposes other than by post on the basis of the consent you have given us by agreeing to this privacy policy.
3c. Advertising for third parties and by third parties
HottScan also uses your name and address to send you product information about third-party products and services (e.g. companies in the HottScan group of companies, business partners offering similar products) as part of HottScan's advertising activities.
This processing is justified by a balancing of interests in favour of HottScan. As already explained, HottScan has a legitimate interest in sending you direct marketing. This also includes direct marketing for products and services from third parties. On the one hand, sending you advertising from third parties in connection with HottScan's own advertising may also increase your interest in these products, which leads to an increase in sales for HottScan and the third party.
On the other hand, HottScan has a financial interest in granting third parties this opportunity to participate in advertising. As with HottScan's own direct advertising for its products, your interest in ensuring that your data is not used for these third-party advertising purposes takes a back seat, primarily due to the low level of nuisance caused by postal and email advertising and your right to object to this use of your data.
By agreeing to this privacy policy, third parties (companies in the HottScan group) will also offer you their own products and services directly. In this case, HottScan will pass on your data covered by this consent (e.g. contact details) to third parties so that they can send you offers for complementary products.
3d. Other purposes
If, in addition to the existing purposes, other purposes for data use arise, we will check whether these additional purposes are compatible with the original collection purposes. If this is not the case, HottScan will inform you of such a change of purpose. If there is no other legal basis for further data use, HottScan will not use your personal data without your consent.
3e. What information does the website collect?
On some pages of >>www.hott-scan.com<< , e.g. in the contact form, you are asked to provide us with personal information on a voluntary basis. As a rule, this information is requested if you are interested in information relating to our company.
You can contact us via our contact form and the email address provided. In this case, the data transmitted with the inquiry, i.e., the sender's data, will be stored. The legal basis for the processing of this data, which is transmitted in the course of sending an inquiry, is Art. 6 (1) lit. f) GDPR (legitimate interest). If the inquiry is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR (performance of a contract). The processing of this personal data serves us solely for the purpose of processing the contact request.
The collected data will generally be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data sent by email or via the contact form, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The user has the option of objecting to data processing. The objection must be sent to the following email address: . In this case, all personal data stored in the course of establishing contact will be deleted.
“Cookies” are small pieces of information that are stored on your computer's hard drive. Our cookies enable us to offer you a more personalized service. Most Internet browsers automatically accept cookies, but you can usually change your browser settings if you do not want the information to be stored for later use. We only store cookies on our pages with your prior consent.
Use of Facebook plugins Some of our web pages integrate plugins from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. You can recognise the Facebook plugins by the Facebook logo or the ‘Like’ button on our page.
An overview of Facebook plugins can be found here:
http://developers.facebook.com/docs/plugins When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our site with your IP address. If you click the Facebook ‘like’ button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Facebook. For more information, please see Facebook's privacy policy at:
https://www.facebook.com/privacy/policy/ If you do not want Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
Use of LinkedIn plugins Some of our web pages integrate plugins from the social job network LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) for maintaining business contacts. You can recognise the LinkedIn plugins by the LinkedIn logo or the ‘like’ button. An overview of LinkedIn plugins can be found here:
https://developer.linkedin.com/product-catalog/plugins If you visit our pages and want to like, comment on, share or send our posts on LinkedIn, the plugin establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited our site with your IP address. If you click the LinkedIn ‘like button’ while you are logged into your LinkedIn account, you can link the content of our pages to your LinkedIn profile. This allows LinkedIn to associate your visit to our pages with your user account.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by LinkedIn. For more information, please see LinkedIn's privacy policy at:
https://www.linkedin.com/legal/privacy-policy If you do not want LinkedIn to associate your visit to our pages with your LinkedIn user account, please log out of your LinkedIn user account.
Use of Microsoft Advertising plugins Some of our websites integrate plugins and tools from Microsoft Corporation (headquarters: One Microsoft Way, Redmond, WA 98052, United States). You can recognise the Microsoft plugins and tools by the Microsoft/Bing logo on our website. An overview of the tools can be found here: https://about.ads.microsoft.com/de-de/loesungen/tools
When you visit our website, the plugin establishes a direct connection between your browser and the Microsoft Advertising server. Microsoft Advertising receives the information that you have visited our website with your IP address.
If you click on the Microsoft Advertising button while you are logged into your account, you can link the content of our pages to your Microsoft profile. This allows Microsoft Advertising to associate your visit to our pages with your user account.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Microsoft Advertising. Further information on this can be found in Microsoft's privacy policy at:
https://www.microsoft.com/en-us/privacy/privacystatement -If you do not want Microsoft to associate your visit to our pages with your Microsoft user account, please withdraw your consent to data collection or log out of your user account.
Use of Google plugins Some of our web pages integrate plugins from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. You can recognise the Google plugins by the Google logo or the Google+1 button on our site. An overview of Google plugins can be found here:
https://policies.google.com/privacy?hl=en&fg=1#intro When you visit our website, the plugin establishes a direct connection between your browser and the Google server. This tells Google that you have visited our site with your IP address. If you click on the Google button while you are logged into your Google account, you can link the content of our pages to your Google profile. This allows Google to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or how it is used by Google.
Further information on this can be found in Google's privacy policy at:
https://policies.google.com/privacy?hl=en&fg=1#intro If you do not want Google to associate your visit to our website with your Google user account, please log out of your Google user account.
Use of Google Maps We integrate maps from the Google Maps service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to provide the map material, technically necessary data is processed by Google for this purpose.
We also use Google Fonts to ensure a uniform display of fonts. When a page is accessed, the user's browser loads the required web fonts into its own browser cache in order to display texts and fonts correctly. For this purpose, the user's browser must connect to Google's servers. This allows Google to know that our website has been accessed from the user's IP address.
The integration of Google Maps and Google Fonts services is necessary for the needs-based design of our website. This is also our interest in data processing in accordance with Art. 6 para. 1 lit. f) GDPR. Google LLC is responsible for further data processing. For more information about how Google handles your data, please visit:
https://www.policies.google.com/privacy and
https://developers.google.com/fonts/faq Use of Google Calendar We use the calendar service of ‘Google Calendar’ from the provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, via an API. To use the functions of Google Calendar, it is necessary to store your IP address. This information is usually transferred to a Google server and stored there. The provider of this site or software has no influence on this data transfer. For this purpose, the user's browser must connect to Google's servers. This allows Google to obtain knowledge of the transferred data. The use of Google Calendar is in the interest of an appealing presentation of our offers and to make it easy to find dates and events. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Google LLC is responsible for further data processing. For more information about how Google handles your data, please visit:
https://policies.google.com/privacy?hl=en&fg=1 Use of Google-Analytics This website uses Google Analytics, a web analytics service provided by Google Inc. (‘Google’). Google Analytics uses ‘cookies’, which are text files placed on your computer, to help the website analyse how users use the site. These cookies are also used to personalise advertisements and newsletters. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. However, if IP anonymisation is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent cookies from being stored by adjusting your browser software settings accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptout?hl=en 3f. Login area
We offer users the option of registering on our website by providing personal data. The data is entered into an input mask, transmitted to us, and stored. This data will only be passed on to third parties with your consent. The following data is collected during the registration process:
- User name
- Password
- Email address
- Name
- Address
- Phone number
The following data is collected during the login process:
The following additional data is stored at the time of login:
- User's IP address
- Date and time of login
The legal basis for the processing of the data is Art. 6 (1) lit. b) GDPR (performance of a contract).
The above data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. This is the case for data collected during the registration process for the performance of a contract or for the implementation of pre-contractual measures if the data is no longer necessary for the performance of the contract. Even after conclusion of the contract, it may still be necessary to store the personal data of the contractual partner in order to comply with contractual or legal obligations (e.g., tax retention obligations).
The login log files are stored for security reasons and for support requests for the duration of the legal requirements and then deleted.
The user has the option to object to data processing. The objection must be sent to the following email address: . In this case, all personal data stored for registration purposes will be deleted.
4. Recipients of your personal data
Your personal data is also used by other companies acting on behalf of HottScan (“processors”) or within the scope of business partnerships with HottScan (“third parties”). These may be companies belonging to the HottScan group of companies or external companies and partners of HottScan. Possible recipients of your data include billing service providers, address service providers, collection agencies, shipping service providers, social media companies, IT service providers, consultants or consulting firms, and other service and cooperation partners. For details, please refer to the descriptions of data processing in sections 3a. – 3f.
5. Data storage and data deletion
Apart from the exceptions listed below, we will delete your sensitive personal data once the contractual relationship with you has ended, all mutual claims have been fulfilled and there are no other legal storage obligations or legal grounds for storage. We will continue to use your name and postal address after the contractual relationship has ended. The legal basis for processing is a balancing of interests in our favour. Our legitimate interest lies in convincing you once again of our products and services as part of our advertising acquisition efforts. In accordance with the balancing of interests, our interests also prevail in the use of your data for this post-contractual advertising purpose in order to send you direct advertising during our business relationship with you. You have the option of objecting to this processing at any time. HottScan uses this data appropriately in accordance with the described processing purpose and does not use any sensitive data from your customer relationship with HottScan for this purpose.
By accepting this privacy policy and declaration of consent, you give your consent to receive advertising by email or telephone. We use your personal data for advertising purposes for a maximum period of 12 months after you have given your consent, regardless of the duration of the contractual relationship. Your data will continue to be used beyond this period if you do not object to receiving advertising.
6. Your rights
6a. Information, correction, deletion, etc.
We will be happy to provide you with information about whether and which of your personal data we have stored and to whom we may have passed it on. In accordance with the statutory provisions, you can assert the following additional rights: correction, deletion, restriction of processing (blocking for certain purposes).
6b. Right to object
You have the right to object to the processing of your data for advertising purposes at any time. If we process data on the basis of a balancing of interests, as set out individually in this privacy policy (see sections 3b to 3f and section 5), you have the right to object to this processing at any time for reasons arising from your particular situation. Such reasons exist in particular if they give your interests particular weight and thereby outweigh the interests of HottScan; this applies above all if these reasons are not known to HottScan and therefore could not be taken into account when exercising its interests.
6c. Revocation right
If you have given us your consent to process your personal data, you can revoke this consent at any time. The legality of the processing of your data until revocation remains unaffected by a withdrawal.
6d. Questions or complaints
If you have any questions or complaints, you have the right to contact the State Commissioner for >>Datenschutz und Informationsfreiheit Nordrhein-Westfalen Postfach 20 04 44 40102 Düsseldorf<<
6e. Right to data portability
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. You are entitled to transmit this data to another controller. If technically feasible, you have the right to have us transmit the data directly to another controller. To exercise the rights mentioned in sections 6a. to 6e., you can contact HottScan using one of the contact details listed in section 2.
