Privacy Policy
Last updated: Feb, 2025

This privacy statement applies to citizens and legal permanent residents of the European Economic Area and Switzerland. It explains how we collect, process, and retain your personal data when you visit https://alldsp-oem.com. Our data processing practices are aligned with our Cookie Policy, which you can review separately. In particular, no non‑essential tracking or cookie-based processing occurs until you provide explicit consent via our cookie consent widget.

2. Purpose, Data, and Retention Period

We may collect or receive personal information for various purposes related to our business operations. The following lists the data categories we collect for specific purposes. (Details regarding the legal bases and retention periods are provided in other sections of this Privacy Policy.)

2.1 Contact, Payments, Registration, Newsletters, Support, and Deliveries

For these operational purposes, we collect the following data:

• Contact (via phone, mail, email, or webforms):
  • First and last name
  • Account name or alias
  • Physical address (street name and city/town)
  • Email address
  • Telephone number
  • Financial details (bank account or credit card number)

• Payments:
  • First and last name
  • Account name or alias
  • Physical address (street name and city/town)
  • Email address
  • Telephone number
  • Financial details (bank account or credit card number)
  • Geolocation data

• Registering an Account:
  • First and last name
  • Account name or alias
  • Physical address (street name and city/town)
  • Email address
  • Telephone number

• Newsletters:
  • First and last name
  • Account name or alias
  • Email address

• Supporting Services or Product Purchases:
  • First and last name
  • Account name or alias
  • Physical address (street name and city/town)
  • Email address
  • Telephone number

• Deliveries:
  • First and last name
  • Account name or alias
  • Physical address (street name and city/town)
  • Email address
  • Telephone number
  • Geolocation data

(The legal basis for processing and retention periods are defined in other sections – typically processing is necessary for contract execution or based on your consent, and data is retained until the service is terminated.)

3. Third-Party Data Processors

To improve our services and secure our website, we use third-party providers. The key processors include:

3.1 Google Analytics 4 (GA4)

• Data Collected:
  GA4 gathers pseudonymous data such as device identifiers, approximate geolocation, page interaction metrics, and technical usage details.
• Purpose:
  To analyze website traffic, understand user behavior, and generate aggregated reports for optimizing our website.
• Legal Basis:
  • Consent: Analytics cookies are activated only after you explicitly consent via our cookie consent widget.
  • Legitimate Interests: Aggregated and anonymized data helps improve our services.
• Data Transfer & Retention:
  Data is processed globally by Google Ireland Limited. In cases where data is transferred to the United States, protections are provided by Standard Contractual Clauses or other approved mechanisms. User-level data is retained for up to 14 months, while aggregated reports may be kept longer.
• Privacy Note:
  Our GA4 configuration always anonymizes IP addresses to ensure your full IP is never stored or used for identification.

3.2 Cloudflare

• Data Collected:
  Cloudflare collects technical connection data including full IP addresses (which may be subsequently anonymized), DNS query data, and security fingerprints.

• Purpose:
  Cloudflare is used solely for mitigating DDoS attacks, optimizing content delivery via its CDN service, and securing our communications.

• Legal Basis:
  The processing of data by Cloudflare is based on our legitimate interest in maintaining a secure, efficiently operating website.

• Enhanced GDPR Compliance for Germany:
  Cloudflare is designed to be GDPR compliant for Germany-based businesses and websites. It adheres to GDPR requirements by employing advanced privacy measures—such as encryption and the Data Localization Suite, which enables customers to specify geographic rules for data processing. This is especially beneficial for meeting compliance needs in Germany. Additionally, as an “Operator of Essential Services” in Germany, Cloudflare is regulated by the Federal Office for Information Security (BSI) and complies with national legislation under the NIS Directive. Cloudflare is also certified under the European Cloud Code of Conduct, ensuring independent monitoring and validation of its GDPR compliance.

• Data Transfer & Retention:
  Cloudflare acts as our data processor under a dedicated Data Processing Agreement. Data may be transferred internationally—including to the United States—using mechanisms such as Standard Contractual Clauses (SCCs) or the EU-U.S. Data Privacy Framework. Standard log data is typically retained for 24 hours (and up to 7 days for enterprise configurations).

• Usage Note:
  Our domain is managed by Cloudflare exclusively for CDN and DDoS protection; it is not used for tracking or analytics. However, while Cloudflare incorporates robust privacy and security standards, full GDPR compliance also depends on how we configure and use its services.

For further details on Cloudflare’s adherence to GDPR and its certification under the European Cloud Code of Conduct, please visit this page

4. Cookies

Our website uses cookies for several purposes, as further described in our Cookie Policy:

• Necessary Cookies:
  Essential for the secure operation and navigation of our website (e.g. PHPSESSID). These may be placed without your consent.
• Analytics Cookies:
  Used by GA4 to track user interactions. These cookies remain inactive until you provide explicit consent via our cookie consent widget.
• Security Cookies:
  Utilized by Cloudflare to identify individual sessions and apply security settings.

When you first visit our website, you will see a pop-up with an explanation about cookies. By clicking “Save Preferences,” you consent to the use of the selected categories. You can manage or disable non‑essential cookies through your browser settings or our consent management tool.

 For more information about cookies, please refer to our Cookie Policy

5. Disclosure Practices

We disclose personal data only when:

• Required by law or a court order,
• Necessary for public safety investigations, or
• Transferred to our advisors or in the event of a merger, sale, or acquisition of our organization.

If our organization is taken over, sold, or merged, your data will be transferred under equivalent safeguards.

6. Security

We are committed to protecting your personal data. Our security measures include:

• Appropriate technical and organizational measures to prevent unauthorized access, loss, or alteration of data,
• Regular reviews and updates of our security practices,
• Encryption and secure data transfer protocols.

7. Third-Party Websites

This Privacy Policy applies only to data collected on our website. Third-party websites linked from our site have their own privacy policies, and we are not responsible for their practices. We recommend reviewing those policies before providing any personal data.

8. Amendments to This Privacy Policy

We reserve the right to update this Privacy Policy as necessary to comply with legal requirements or to improve our data processing practices. We encourage you to review this policy regularly. When significant changes occur, we will notify you accordingly.

9. Accessing and Modifying Your Data

You have the right to request access to, correction, or deletion of your personal data at any time. To exercise these rights, please contact us using the details provided below. We will verify your identity before processing your request.

ALLDSP GmbH & Co. KG
Küferstrasse 18, 59067 Hamm
NRW, Germany
Eingetragen im Amtsgericht Hamm, HRA3481​

Germany
Website: https://alldsp-oem.com
Email: [email protected]
Phone number: +49 (0) 23 81 – 3 73 06 29