Privacy information

Data Processing at Hortiful GmbH & Co. KG

You have accessed this page because you would like to learn more about how we process and secure the personal data you have transmitted to us via your communication with us. The following will lay out our data processing and data protection policies which pertain to your case, as also required by Art. 12-15 of Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR)

What data do we process and for which purposes?

In general, we will only ever process your personal data for those purposes for which it was transmitted to us. You have sent us an e-mail which contains such personal data (i. e. name, e-mail address, content of your inquiry). We will process the data which we have received thereby only for the purpose of answering to your inquiry. The processing of your data may therefore be due to the following legal bases:

  • Art. 6 Abs .1 lit. a DSGVO (Consent)
  • Art. 6 Abs. 1 lit. b DSGVO (contract execution/ contract initiation)
  • Art. 6 Abs. 1 lit. c DSGVO (legal obligations)
  • Art. 6 Abs. 1 lit. f DSGVO (legitimate interest)

In case of such a withdrawal of consent we will delete your data if we are not required by statute to retain it. We will be happy to give you information on whether and which such retention requirements pertain to your data. 

In some circumstances it is possible that we will process your personal data for other purposes than the ones for which it was transmitted. These circumstances include our obligation to cooperate with official authorities or fall under the conditions listed in art. 6 (4) GDPR. We will inform you of such processing and circumstances in accordance with our obligations under art. 13(3) and art. 14(4) GDPR. 

Will your data be transferred to further recipients?

Your data will only be transferred to further recipients if this is necessary to answer your inquiry or to fulfil any subsequent contractual obligations. Such recipients may include sub-contractors for services such as accounting. These contractors will only use your data on our instructions and not for their own purposes.

Where will your data be processed?

Your personal data will only be processed on servers located within the Federal Republic of Germany/ the European Union or the European Economic Area.

Online-based Audio and Video Conferences(Conference tools)
Data processing

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us. The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.

Purpose and legal bases

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the meaning of Art. 6(1)(f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.

Duration of storage

Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.

Conference tools used

We employ the following conference tools:

Microsoft Teams

We use Microsoft Teams. The provider is the Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For details on data processing, please refer to the Microsoft Teams privacy policy:

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Your rights as a data subject

You have the right to information about how we process your data.

You have the right to have your data corrected or deleted or to have its processing restricted, although there might be prevailing contrary statutory requirements which prevent us from correcting, deleting or restricting data upon your request. 

You have the right to retract your agreement to our processing of your data and to have your data transmitted to you.  

In particular, you have the right to object to our use of your data in accordance with art. 21(1) and (2) GDPR regarding the use of direct marketing, if this use is based on legitimate interests as a legal basis. 

You can direct such inquiries or requests through the channels you have also initiated contact with us, or other channels available to you. However, if your inquiry is not transmitted in written form, we might ask you for proof of your identity, to prevent fraud and impermissible transmission of personal data.

Who controls your data and is responsible for its processing?

Controller in accordance with the GDPR is:

Hortiful GmbH & Co. KG
Josef-Reiert-Straße 4
69190 Walldorf
Telefon: 0221-9346500

You can find more information about our undertaking, as well as information about legal representatives and further avenues to contact us also in the imprint of our web page under:

Our Data Protection Officer

We have appointed a data protection officer who oversees our processing of personal data. You can reach this officer at:

Thomas Stegemann
dacuro GmbH
Otto-Hahn-Straße 3
69190 Walldorf

Your Right to lodge an official Complaint

You have the right to lodge an official complaint against our use of your data with the data protection authorities. 

You will find our complete data protection declaration under:  

Last changed: 01.03.2023

Consent Management Platform by Real Cookie Banner