Privacy Policy

caligri GmbH prioritizes data protection. The company collects personal information only when necessary and processes it according to applicable regulations. Users can browse the website without providing personal data, though special services may require information collection.

1. Definitions

The policy defines key GDPR terms including:

Personal data: any information relating to an identified or identifiable natural person
Data subject: individuals whose personal data are processed
Processing: operations performed on personal data including collection, storage, retrieval, and use
Restriction of processing: marking stored data to limit future processing
Profiling: automated processing evaluating personal aspects
Pseudonymization: processing that prevents attribution without additional information
Controller: entity determining processing purposes and means
Processor: entity processing data on behalf of the controller
Recipient: entity receiving disclosed personal data
Third party: entities other than data subjects, controllers, or processors
Consent: freely given indication of the data subject's wishes for the specific case

2. Name and Address of the Controller

caligri GmbH
Ettighofferstr. 70
53123 Bonn
Germany

Phone: +49 221 98652725
Email: info@caligri.com
Website: www.caligri.com

3. Cookies

The website uses cookies, which are text files stored on computers via browsers. Cookies contain unique identifiers enabling website recognition of specific browsers.

Cookies improve user experience by optimizing content and eliminating repeated login requirements. Users can prevent cookie setting through browser settings and delete existing cookies at any time. Disabling cookies may limit website functionality.

4. Collection of General Data and Information

The website collects general data automatically, including:

Browser types and versions
Operating systems
Referrer information
Accessed sub-websites
Access date and time
IP addresses
Internet service provider information
Similar security-related data

This information serves to deliver content correctly, optimize website performance, ensure system functionality, and assist law enforcement with cyber attacks. The company analyzes anonymous data separately from personal information.

5. Registration on Our Website

Data subjects may register by providing personal information. The controller collects data exclusively for internal use and may transfer it to processors like shipping providers.

Registration data includes IP addresses, registration dates, and times to prevent service misuse and clarify crimes. This data generally remains confidential unless legal obligations or criminal investigations require disclosure.

Registered users may modify or delete personal data anytime. The controller provides information about stored data upon request and corrects or deletes data as requested, respecting statutory retention obligations.

6. Contact Possibility via the Website

The website provides electronic contact methods. Data transmitted via email or contact forms is stored automatically for processing and contact purposes. Personal data from voluntary submissions is not disclosed to third parties.

7. Routine Erasure and Blocking of Personal Data

The company stores personal data only as long as necessary for achieving storage purposes or as required by law. After purposes cease or statutory periods expire, data is routinely blocked or deleted according to legal provisions.

8. Rights of the Data Subject

Right to Confirmation

Data subjects may obtain confirmation whether their personal data is being processed.

Right of Access

Individuals have rights to receive stored information free of charge, including:

Processing purposes
Categories of personal data
Recipient information
Storage duration criteria
Rights to rectification, erasure, or processing restriction
Appeal rights to supervisory authorities
Data origin information
Information about automated decision-making and profiling

Data subjects may exercise these rights by contacting company employees anytime.

Right of Rectification

Data subjects may request immediate correction of inaccurate personal data or completion of incomplete information.

Right to Erasure (Right to Be Forgotten)

Individuals may request data deletion without delay if:

Data is no longer necessary for collection purposes
Consent is withdrawn and no other processing basis exists
The individual objects and no overriding legitimate grounds apply
Data was processed unlawfully
Deletion is required for legal compliance
Data was collected regarding services to minors under Article 8(1) GDPR

If published data requires deletion, the company implements reasonable measures including technical means to inform other controllers about deletion requests.

Right to Restriction of Processing

Data subjects may request processing restrictions when:

Data accuracy is contested
Processing is unlawful but deletion is opposed
The controller no longer needs data but the individual requires it for legal claims
The individual has objected and it remains unclear whether the controller's interests override theirs

Right to Data Portability

Individuals may receive provided personal data in structured, commonly used and machine-readable format and transmit it to another controller without hindrance when processing is based on consent or contract and uses automated means.

Right to Object

Data subjects may object at any time to processing based on Article 6(1)(e) or (f) GDPR, including profiling. The company ceases processing unless compelling legitimate grounds exist.

Regarding direct marketing, individuals may object anytime, and the company will stop processing for marketing purposes.

Individuals may also object to scientific research, historical research, or statistical processing under Article 89(1) GDPR unless processing serves public interest tasks.

Automated Decisions and Profiling

Data subjects have rights against decisions based solely on automated processing producing legal effects or similarly significantly affecting them, unless:

The decision is necessary for contract entry or performance
Union or Member State law permits it with suitable safeguards
Explicit consent exists

When decisions are contract-necessary or consent-based, the company implements measures safeguarding rights, including intervention rights and decision contestation.

Right to Withdraw Consent

Data subjects may withdraw consent to processing at any time by contacting employees.

9. Legal Basis of Processing

Processing operates under various GDPR articles:

Article 6(1)(a): Consent for specific processing purposes
Article 6(1)(b): Contract performance, including pre-contractual measures
Article 6(1)(c): Legal obligations like tax fulfillment
Article 6(1)(d): Vital interests protection
Article 6(1)(f): Legitimate interests of the company or third parties

Processing under Article 6(1)(f) applies when not covered elsewhere, provided fundamental rights are not overridden.

10. Legitimate Interests Pursued by the Controller or Third Party

Processing based on Article 6(1)(f) GDPR serves the company's business conduct for employees' and shareholders' well-being.

11. Duration for Which Personal Data Are Stored

Personal data storage duration follows statutory retention periods. After periods expire, data is routinely deleted unless contract fulfillment or initiation requires continuation.

12. Legal or Contractual Provisions for Personal Data Provision; Necessity for Contract Conclusion; Obligation of Data Subject; Consequences of Non-Provision

Personal data provision may be required by law (tax regulations) or contract. Some data is necessary for contract conclusion. Failure to provide required data prevents contract establishment.

Data subjects should contact employees before providing information. Employees explain on case-by-case bases whether provision is legally required, contractually required, or necessary for contract conclusion, plus non-provision consequences.

13. Existence of Automated Decision-Making

The company does not use automated decision-making or profiling.