Data Privacy Statement

The protection of personal data is an important concern for us, the company Gold Engineering GmbH. In principle, it is possible to use our website without providing personal data. If a natural person contacts us, it is however possible that his/her personal data will be processed. By means of the following information, we wish to provide comprehensive information on the type, scope and purpose of the data processing carried out by us and further inform the data subjects of the rights to which they are entitled. 

The controller responsible for the data processing is: 

Gold Engineering GmbH
Kaiser-Wilhelm-Strasse 115
20355 Hamburg  

Our internal data protection officer can be contacted as follows:  

Mr. Wilhelm Bahlburg
Kaiser-Wilhelm-Strasse 115
20355 Hamburg
Tel: 040 / 41 34 96 0
Email: contact@gold-engine.com 

1. Type and source of personal data

(A) Collection of general data and information (log files) 

A range of general data and information concerning the respective user is automatically collected during use of our website. For example, the system used, the operating system used, the date and time of access, the IP address or other data and information serving the security and safeguarding of the website may be stored in so-called log files. 

(B) Contacting by email 

When we are contacted by email, the data communicated by the data subject are stored by us in order to answer the data subject’s questions. The data arising in this connection are immediately erased by us once storage is no longer necessary. 

(C) Data protection in the case of applications and application procedures 

Personal data arising from application documents sent to us are processed exclusively for the purpose of handling the application procedure. In this respect, it is irrelevant in what form the documents are sent. Processing may also take place electronically. This is particularly the case if the corresponding application documents are sent by email.  

2. Purpose of the processing of personal data

In principle, we process personal data only if this is permitted under the GDPR (General Data Protection Regulation). In this respect, the purposes of the processing ensue from Article 6 GDPR. 

(A) For the fulfilment of contractual duties or precontractual measures 

Personal data are processed in order to render services within the scope of our contractual obligations in relation to our customers and suppliers. This also includes precontractual measures taken after an enquiry has been received. 

(B) In the context of a balancing of interests 

In order to safeguard legitimate interests, we process personal data even beyond the actual performance of the contract, insofar as this is necessary. This may occur in the form of, for example, measures for analysing customer behaviour and may also include advertising, unless use of your data has been objected to. 

(C) Consent to data processing for certain purposes 

Where a natural person has granted us his/her consent to the use of his/her data for a certain purpose (e.g. sending of newsletters, sending of promotional articles), the lawfulness of the processing of this person’s data is based on this consent. Such consent may be revoked at any time.

3. Recipients of personal data

Within our company, only persons who need access to personal data in order to fulfil our contractual and statutory duties are given access to personal data. Furthermore, personal data may also be passed on to external service providers and authorised agents. In detail, these encompass IT service providers, logistics companies, banks, telecommunication companies, government agencies and tax consultants. Such service providers are so-called processors that operate only at our instruction and are contractually obliged to comply with the applicable requirements under data protection law or are additionally bound to a professional obligation to maintain a high level of security. It is explicitly pointed out that any transfer of data to countries outside of the EU (referred to in the GDPR as so-called third countries) shall take place only insofar as this is necessary for the performance of the contract, this is prescribed by law, or the data subjects have consented thereto. If service providers are used in third countries, an appropriate level of protection for the personal data shall be ensured.

4. Duration of storage of personal data

We process and store personal data only as long as necessary for the fulfilment of our contractual and statutory duties. If the personal data are no longer necessary for the fulfilment of contractual or statutory duties, we shall erase these data, unless:  

  • The personal data fall under the requirement to fulfil retention duties ensuing under commercial and fiscal law, for example under the Handelsgesetzbuch (HGB) [German Commercial Code] or the Abgabenordnung (AO) [Tax Code]. The retention periods prescribed therein may be up to 10 years. 
  • The personal data are preserved as evidence within the scope of statutory provisions concerning the statute of limitation. According to the Bürgerliches Gesetzbuch (BGB) [German Civil Code], the limitation periods may be up to 30 years. 

5. Rights of data subjects

The GDPR confers extensive rights upon data subjects. In detail, these are the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to data portability under Article 20 GDPR and the right to object under Article 21 GDPR. Moreover, the data subject has the right to lodge a complaint with the relevant data protection supervisory authority in the event of a breach of the provisions concerning data protection.
Any data subject who has granted us consent to the processing of his/her personal data may revoke this consent at any time. This also relates to consent given before the GDPR entered into effect, if applicable. Data processing that took place prior to revocation shall not be affected by this right of revocation.

6. Data collection on our website

Cookies
Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
 Browser type and browser version
 Operating system used
 Referrer URL
 Host name of the accessing computer
 Time of the server request
 IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.


Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.