0641 97 24 41 49Free consultation
 Request a quote
Heating › Installation › Modernisation › Maintenance › Repair Heat pump Plumbing & Bath › Plumbing systems › Bathroom renovation Services Calculators About us
Home / Privacy policy

Privacy policy

1. Controller

Aurora Engineering GmbH
Lahnstraße 15
35398 Gießen, Germany

Phone: +49 641 97244141
Email: info@aurora-eng.de

2. Overview of processing

The following overview summarises the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

  • Master data (e.g. names, addresses)
  • Contact data (e.g. email, phone numbers)
  • Content data (e.g. entries in online forms)
  • Usage data (e.g. visited websites, interest in content, access times)
  • Meta / communication data (e.g. device information, IP addresses)

Categories of data subjects

  • Communication partners
  • Users (e.g. website visitors, users of online services)

3. Relevant legal bases

The following provides an overview of the GDPR legal bases on which we process personal data. Please note that in addition to the GDPR provisions, national data-protection requirements in your or our country of residence may apply.

  • Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual enquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is party, or to take pre-contractual measures.
  • Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights of the data subject prevail.

4. Security measures

In accordance with statutory requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

The measures include in particular safeguarding the confidentiality, integrity and availability of data through control of physical and electronic access to the data, as well as access to, input, transfer, security and separation of the data. We have also established procedures to ensure the exercise of data-subject rights, deletion of data and response to data threats.

5. Rights of data subjects

As a data subject under the GDPR you have various rights, in particular under Articles 15 to 21 GDPR:

  • Right to object (Art. 21 GDPR): You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(e) or (f) GDPR. If personal data is processed for direct marketing, you have the right to object at any time.
  • Right to withdraw consent: You have the right to withdraw consent at any time.
  • Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether your data is being processed and to information about that data plus further information and a copy of the data, in line with statutory requirements.
  • Right to rectification (Art. 16 GDPR): You have the right, in line with statutory requirements, to demand the completion of data concerning you or the correction of inaccurate data concerning you.
  • Right to erasure and restriction of processing (Arts. 17, 18 GDPR): You have the right, in line with statutory requirements, to demand that data concerning you is erased without delay, or alternatively to demand a restriction on processing.
  • Right to data portability (Art. 20 GDPR): You have the right to receive the data concerning you that you have provided to us in a structured, commonly used and machine-readable format, or to demand its transfer to another controller.
  • Right to lodge a complaint with a supervisory authority: You have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

6. Provision of the online offer and web hosting

To provide our online offer securely and efficiently we use the services of one or more web hosting providers, from whose servers (or servers managed by them) the online offer can be retrieved. For these purposes we may use infrastructure and platform services, computing capacity, storage and database services as well as security and technical maintenance services.

The data processed in the context of the hosting offer may include all information relating to users of our online offer that arises from use and communication. This regularly includes the IP address required to deliver the content of online offers to browsers and all entries made within our online offer or websites.

  • Types of data processed: content data, usage data, meta / communication data
  • Data subjects: users
  • Legal bases: legitimate interests (Art. 6(1)(f) GDPR)

7. Contact

When contacting us (e.g. via contact form, email, phone or social media) the data of the enquirer is processed insofar as this is necessary to answer the contact request and any requested measures.

Answering contact requests and managing contact and request data in the context of contractual or pre-contractual relationships takes place to fulfil our contractual duties or to answer (pre-)contractual requests, and otherwise based on legitimate interests in answering requests and maintaining user / business relationships.

  • Types of data processed: master data, contact data, content data
  • Data subjects: communication partners
  • Purposes of processing: contact requests and communication
  • Legal bases: performance of contract and pre-contractual enquiries (Art. 6(1)(b) GDPR), legitimate interests (Art. 6(1)(f) GDPR)

8. Cookies

Cookies are small text files or other storage markers that store information on devices and read information from devices. For example to store login status in a user account, the contents of a shopping basket in an e-shop, content viewed or features used. Cookies can also be used for various purposes such as functionality, security and convenience of online offers and the creation of analyses of visitor flows.

We use cookies in line with statutory requirements. We therefore obtain prior consent from users unless this is not legally required. Consent is in particular not required if storing and reading the information, including cookies, is strictly necessary to provide the user with a telemedia service expressly requested.

  • Legal bases: consent (Art. 6(1)(a) GDPR), legitimate interests (Art. 6(1)(f) GDPR)

9. Google Maps

We embed the maps of the "Google Maps" service from Google. The data processed may include IP addresses and location data of users, which however are not collected without their consent (usually performed in their mobile-device settings).

10. Font Awesome CDN

For consistent display of fonts and icons we use Font Awesome CDN, provided by Fonticons, Inc. When a page is loaded, your browser loads the required web fonts into your browser cache to display text, fonts and icons correctly. To do this, the browser you use must connect to the servers of Fonticons, Inc. As a result, Fonticons, Inc. learns that our website was accessed via your IP address.