Warehouse Management EXPRESS
I. Name and address of the responsible
The responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
PureLoX SOLUTIONS GmbH
An der Eisernen Hand 2a
(Industrial park Wolken near Koblenz)
Phone: +49 2607 97396-100
Fax: +49 2607 97396-101
II. General information on data processing
1. Scope of the processing of personal data
We process personal data of our users only insofar as this is necessary for the provision of a functional website and our content and services. The processing of personal data of our users only takes place if this is permitted by legal regulations.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 (1) lit. d GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer.
The following data is collected:
The data is stored anonymously by our host provider beyond the duration of the website visit and deleted after seven days at the latest.
2. Purpose of data collection and legitimate interest
The data collection takes place for the delivery of the content of the website to the user’s computer. Our legitimate interest in data processing also lies in the provision of content and maintaining the usability of our website.
Our host provider requires the storage of log files for error analysis as well as for the defense against and prosecution of attacks on our website. The storage also serves to maintain the usability of our website.
3. Legal basis
The legal basis for the collection of data is Art. 6 (1) lit. f GDRP (General Data Protection Regulation), insofar as personal data is processed; the query of the information stored in the user’s device is based on Section 25 (2) TTDSG.
4. Possibility of objection and removal
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
IV. External Hosting
Our website is hosted by an external service provider (hereinafter: hoster). All interactions of the user with our website, including all storage and deletion processes consciously brought about by the user, therefore take place in a dialogue between the user and the hoster.
INSOFAR AS IT IS STATED WITHIN THE FRAMEWORK OF THIS DATA PROTECTION INFORMATION THAT A DATA TRANSFER TO A THIRD PARTY DOES NOT TAKE PLACE, THIS THEREFORE MEANS THAT A DATA TRANSFER TO THIRD PARTIES OTHER THAN THE HOSTER DOES NOT TAKE PLACE. AS FAR AS WE REFER TO “OUR SERVER”, THE SERVER PROVIDED BY THE HOSTER IS MEANT.
The hoster acts for us on the basis of a contract processing agreement and may only use the personal data processed for us to provide its hosting services. He is bound to strict confidentiality and may not use the personal data for his own purposes or the purposes of third parties. Data processing is carried out exclusively within the territory of the European Union.
Currently, the hosting is provided by Mittwald CM Service GmbH & Co. KG, Königsberger Str. 4 – 6, 32339 Espelkamp, Germany
2. Legal basis
The legal basis for the use of an external hoster is Art. 6 para. 1 lit. f GDRP (General Data Protection Regulation).
3. Purpose of data collection and legitimate interest
The purpose of using an external hoster is to provide access to a highly available Internet connection at economic conditions. This is also our legitimate interest.
4. Possibility of objection and elimination
The data collection and data processing by the hoster is absolutely necessary for the operation of the website and the portal operated on it; there is no possibility for the user to object.
1. The following technically necessary cookies are set:
Function: The cookie assigns a unique session ID to each page visitor, by which they are identified on the page, so that content from previous page views can be loaded.
Purpose: This cookie stores your current session related to PHP applications, ensuring that all features of the site based on the PHP programming language can be fully displayed.
Duration of storage: end of session.
Function: this cookie recognizes the language setting of the web browser used.
Purpose: The cookie enables the delivery of the website content in the default language used by the user.
Duration of storage: end of session.
Function: the cookie recognizes and stores the cookie selection made by the user.
Purpose: The cookie allows us to display the website with the cookie selection made without having to ask for consent again on each sub-page. It also enables us, in the event of a repeat visit to our website, to adopt the old cookie settings without the user having to make a new choice.
Duration of storage: 6 months.
The legal basis for storing cookies and reading out data collected via cookies is Section 25 TTDSG. As far as personal data is processed, Art. 6 para. 1 lit. f GDRP (General Data Protection Regulation) is also the legal basis.
3. Possibility of objection, prevention and elimination
Since the cookies are technically necessary for the proper operation of our website, there is no right to object.
4. Cookie selection
Technically unnecessary cookies are only stored if you have consented to their storage. You can change the cookie selection at any time via the cookie consent tool.
VI. Contact form
A contact form is available on the website, which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask is transmitted to the operator and stored. These data are:
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
2. Legal basis for data processing
The legal basis for the processing of the data, including the data processing required for the technical provision, is Art. 6 (1) lit. f GDRP (General Data Protection Regulation). If the contact serves the initiation, conclusion or implementation of a contractual relationship, Art. 6 para. 1 lit. b GDRP occurs as a further legal basis.
3. Purpose of the data processing
The processing of the personal data from the input mask serves us solely to process the contact. This is also the necessary legitimate interest in processing the data.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
If, as a result of the contact, a contract is concluded or a relationship similar to a contract arises from which mutual rights and obligations can arise, we delete the data when it is clear that there are no longer any rights and obligations arising from this relationship. This is regularly the case after expiry of the relevant limitation periods. If there are legal obligations to retain data (for example, under tax law or commercial law), we delete the data after this retention period has expired.
5. Possibility of objection and removal
The user has the option to object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
In this case, we will delete all personal data stored in the course of the contact, including the objection, unless we are required by law to store the conversation or need the data for legal prosecution or legal defense.
The right to object does not exist insofar as the processing is based on Art. 6 (1) lit. b GDRP (General Data Protection Regulation) and the contact serves the initiation, conclusion or execution of a contract.
VII. E-mail contact
If contact is made via the e-mail address provided, the user’s personal data transmitted with the e-mail will be stored.
The legal basis for the processing of the data is Art. 6 para. 1 lit. f GDRP (General Data Protection Regulation). If the contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDRP.
The processing of personal data from the e-mail serves us solely to process the contact. This is also the necessary legitimate interest in processing the data.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
5. Possibility of objection and removal
The objection can be made, for example, by sending an e-mail or via our contact form. In this case, we will delete all personal data stored in the course of contacting you, including the objection, unless we are required by law to store the conversation or need the data for legal prosecution or legal defense.
VIII. Google (Universal) Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google. We have concluded an order data processing contract with Google for the purpose of using Google Analytics.
As part of the use of Google (Universal) Analytics, two cookies are stored on your browser. They are stored only after you have given your consent to this.
The cookie _ga registers a unique ID to generate statistical data on how the visitor uses the website. It has a storage period of two years.
The _gid cookie registers a unique ID to generate statistical data on how the visitor uses the website. It has a storage period of one day.
The _gat_gtag cookie is used to throttle the request rate and limit the collection of data on our website. It is deleted at the end of the browser session.
Google Analytics cookies are stored on the basis of Art. 6 (1) lit. a GDRP (General Data Protection Regulation).
3. Processing purpose
The purpose of the data processing is to optimize our advertising and improve our website, in particular to expand the user-friendliness in order to make it easier for visitors to find their way around. This is also our legitimate interest.
4. Transmission to third countries
If, in exceptional cases, the user’s IP address is not shortened before transmission to the USA, it cannot be ruled out that Google or other bodies that gain access to the IP address in the USA may identify the user on the basis of the information transmitted and, if applicable, by combining it with further information and/or obtain information about the user’s usage behavior on our website. Such further information may result, for example, from user accounts that the user maintains with Google. It cannot be ruled out that U.S. intelligence services will access the user’s personal data stored on Google servers in the United States. Such accesses take place without judicial or regulatory approval on a case-by-case basis due to a general certification of the monitoring program. The monitoring programs and U.S. laws do not offer persons who are not U.S. citizens any legal protection against such interventions. Likewise, the persons concerned are not informed, so that they regularly do not learn of such access.
To compensate for the deviation in the level of data protection in the USA from the EU standard, Google uses standard contractual clauses as the basis for data transfer. Standard Contractual Clauses are model templates provided by the EU Commission to ensure that data processing in third countries also complies with European data protection standards. Through this clause, Google undertakes to comply with the European level of data protection when processing your personal data, even if the processing takes place in a third country such as the USA. The standard contractual clauses are based on an implementing decision of the EU Commission. The implementing decision and the corresponding standard contractual clauses can be found at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de. The standard contractual clauses provided by Google can be found at https://business.safety.google/adsprocessorterms/?sjid=17467822435612280098-EU.
In addition to the use of standard contractual clauses, we base the transfer of data on the user’s consent. By clicking the “Accept all” box in the privacy settings on our website or activating the “Statistics” section, the user consents to the transmission of the IP address to Google. Only from this point on, the cookies required for the use of Google Analytics are also set.
VIII. Google Tag Manager
We use “Google Tag Manager” on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as “Google”). Google Tag Manager allows us as marketers to manage website tags through one interface. The Google Tag Manager tool that implements the tags is a cookie-less domain and does not itself collect any personal data. Google Tag Manager takes care of triggering other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
Information of the third-party provider: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
Further information on data protection can be found on the following Google web pages:
FAQ Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
IX. Google Maps
On the website we link Google Maps, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google). When you click on the “Route planner” button, a new browser tab is opened with the Google search function; your IP address is transmitted to Google for this purpose. The linking is a simplification of the call of the Google Maps page by you; we are not involved in any data processing initiated via this function.
2. Use by Google
3. Prevention / termination of data collection
You can prevent the transmission of the IP address to Google by not clicking the “Route planner” button.
A. YouTube channel
We operate a channel on the social network YouTube. The YouTube channel is operated and managed by us.
1. Processing of personal data by YouTube/Google
The video platform YouTube is part of Google LLC. We use the technical platform and services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the video function offered. Responsible for the data processing of persons living outside the United States is the
Google Ireland Limited
Gordon House, Barrow Street
Phone: +353 1 543 1000
Fax: +353 1 686 5660
We would like to point out that the user uses the Google service offered on the platform and its functions on his own responsibility. This applies in particular to the use of interactive functions (for example, like, comment).
We have no influence on the type and scope of the data processed by Google, the type of processing and use or the transfer of this data to third parties. We also have no effective control options in this respect.
With the use of Google, the user’s personal data is collected, transferred, stored, disclosed and used by Google LLC and, in the process, may be transferred to other countries in which the Google companies do business and stored and used there, regardless of the user’s place of residence.
Google processes the data voluntarily entered by the user, such as name and username, email address, phone number or the contacts of his address book when he uploads or synchronizes it.
On the other hand, Google also evaluates the content shared by the user to determine which topics he or she is interested in, stores and processes confidential messages that he or she sends directly to other users, and can determine the user’s location using geolocation data such as GPS or Galileo, information on wireless networks or via the IP address in order to send the user advertising or other content. We have no influence on the use of personal data by Google.
For more information, please refer to the websites provided by Google and accessible via the following links:
Google: Privacy settings
Google Security Center
Google: How to download the data stored in your Google Account
Google: View and customize activities in your Google Account
Google: Manage activity settings
2. Processing of personal data by us
The data entered by the user on our YouTube channel, in particular the user name and the content published under the user’s Google account, may be processed by us insofar as we respond to the user’s posts.
We otherwise process visitors’ personal data only to the extent necessary to process an inquiry or comment.
We delete users’ comments at their request. Users are free to post their comment again.
3. Purpose of use legal basis
We use our YouTube channel to provide information about our products. The legal basis is Art. 6 para. 1 lit. f) GDRP (General Data Protection Regulation).
B. YouTube – Plugins
1. Description and content of data processing
We insert videos of the YouTube platform on our website via a plugin. In doing so, the IP address of the user must be transmitted to Google so that the video can be displayed. This data transmission is only initialized by the activation of the so-called toggle button in the YouTube video frame by the user. Playing the video requires a second click by the user.
2. Legal basis for the data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDRP (General Data Protection Regulation) in conjunction with the consent of the user.
3. Purpose of data processing
The purpose of the data processing is to provide video content from a specialized and highly available third-party provider without using storage space on the server of our website to expand the offer on our website. This is also our legitimate interest.
Insofar as the IP address of the user is transmitted to the USA, it cannot be ruled out that Google or other bodies that receive access to the IP address in the USA may identify the user on the basis of the information transmitted and, if applicable, by combining it with further information, and/or obtain information on the user’s usage behavior on our website, namely whether the user views the video content integrated into our website. Such further information may result, for example, from user accounts that the user maintains with Google. It cannot be ruled out that U.S. intelligence services will access the user’s personal data stored on Google servers in the United States. Such accesses take place without judicial or regulatory approval on a case-by-case basis due to a general certification of the monitoring program. The monitoring programs and U.S. laws do not offer persons who are not U.S. citizens any legal protection against such interventions. Likewise, the persons concerned are not informed, so that they regularly do not learn of such access.
Wir stützen die Übermittlung der IP-Adresse auf die Einwilligung des Nutzers. Indem der Nutzer bei den Datenschutzeinstellungen auf unserer Website das Feld „Alle akzeptieren“ anklickt oder in einem Videofenster „Video laden“ aktiviert, willigt er in die Übermittlung der IP-Adresse an Google ein. Erst ab diesem Zeitpunkt erfolgt die Übermittlung der IP-Adresse des Nutzers an Google.
Die Datenschutzerklärung von Google finden Sie hier:
XI. LinkedIn Plugin
1. Content and scope of data processing
If you call up a single page of our website in which the LinkedIn button has been integrated, the internet browser you use automatically loads a representation of the LinkedIn button from a LinkedIn server. In this context, your IP address is transmitted to LinkedIn and LinkedIn learns which subpage of our website you are visiting. Details are available under https://developer.linkedin.com/plugins.
If you are logged into your LinkedIn account – possibly via another browser window or another browser – LinkedIn recognizes you and assigns the information to the LinkedIn user account. The processes described above are independent of whether you click the button. If you click the LinkedIn button, LinkedIn also assigns this information to your personal LinkedIn user account and stores this information. The information is subsequently stored together with your other personal data stored in your LinkedIn profile.
Even if you are not logged into your LinkedIn account or do not have such an account, LinkedIn receives your IP address.
The legal basis for the data processing associated with the integration of the LinkedIn button is Art. 6 (1) lit. f GDRP (General Data Protection Regulation).
The purpose of the processing is the integration of the LinkedIn – button on our website to increase the attractiveness of our web offer and to facilitate recommendation by LinkedIn – users, also as a service for the user. This is also our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDRP (General Data Protection Regulation).
4. Duration of storage / avoidance
We do not store any personal data in connection with the operation of the LinkedIn – Button. You can unsubscribe from email messages, SMS messages and targeted ads from LinkedIn as well as manage ad settings at https://www.linkedin.com/psettings/guest-controls.
If a user has a LinkedIn account and does not want LinkedIn to collect information about him that is linked to the data stored in the LinkedIn account, he must log out of his LinkedIn account before visiting our website.
XII. Rights of the data subject
If personal data is processed by you, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
1. Right to information
You may request confirmation from the controller as to whether personal data concerning you are being processed by us.
If such processing exists, you may request information from the controller about the following:
You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDRP in connection with the transfer.
2. Right to rectification
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must carry out the rectification without undue delay.
3. Right to restriction of processing
You may request the restriction of the processing of your personal data under the following conditions:
If the processing of personal data concerning you has been restricted, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. Right to erasure
a) Obligation to erase
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDRP (General Data Protection Regulation), it shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
The right to erasure does not exist if the processing is necessary
5. Right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right vis-à-vis the controller to be informed about these recipients.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where
In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDRP (General Data Protection Regulation), including profiling based on those provisions.
The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the option of exercising your right to object in connection with the use of information society services – notwithstanding Directive 2002/58/EC – by means of automated procedures using technical specifications.
8. Right to revoke the declaration of consent under data protection law
If you have submitted a declaration of consent under data protection law, you have the right to withdraw this at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
9. Automated decision-making in individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
The competent supervisory authority for data protection issues for our company is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:
"*" indicates required fields