Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously and we process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the General Data ProtectionRegulation (EU-GDPR) and the country-specific implementation laws applicable to us. This data protection declaration will enable us to provide you with comprehensive information about the processing of your personal data by BOSSE Design Gesellschaft für innovative Office Interiors mbH & Co. KG based in Höxter.
Personal data is information which makes it possible to identify a natural person. In particular, this includes your name, date of birth, address, telephone number, e-mail address and also your IP address.
Anonymous data exists if no personal reference to the user can be established.
Responsible office and data protection officer
BOSSE Design Gesellschaft für innovative Office Interiors mbH & Co. KG
Stahler Ufer 7
Website www.bosse.de, Phone +49 5531 1297-0, Fax +49 5531 1297-61
Contact data protection: datenschutz(at)dauphin.de
Your rights as a data subject
First of all, we would like to inform you hereby about your rights as a data subject. These rights are standardized in Art. 15 - 22 EU-GDPR. This includes:
- The right for information (Art. 15 EU-GDPR),
- The right for deletion (Art. 17 EU-GDPR),
- The right of rectification (Art. 16 EU-GDPR),
- The right for data transferability (Art. 20 EU-GDPR),
- The right to restrict data processing (Art. 18 EU-GDPR),
- The right to object to data processing (Art. 21 EU-GDPR).
To exercise these rights, please contact: datenschutz(at)dauphin.de. The same applies if you have questions about data processing in our company or wish to revoke any consent you have given. You also have a right of complaint to a data protection supervisory authority.
Right of objection
Please note the following in connection with rights of objection:
If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling, insofar as it is related to direct marketing.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made in any form, if possible to: datenschutz(at)dauphin.de.
If we process your data to protect legitimate interests, you may object to this processing at any time for reasons arising from your particular situation, including profiling based on these provisions.
We will then no longer process your personal data, unless we can prove compelling reasons for processing worthy of protection outweighing your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
Purposes and legal bases of data processing
When processing your personal data, the provisions of the EU DS-GVO and all other applicable data protection regulations are observed. The legal basis for data processing is derived in particular from Art. 6 EU-GDPR.
We use your data for business initiation, to fulfil contractual and legal obligations, to implement the contractual relationship, to offer products and services and to strengthen customer relations, which may also include analyses for marketing purposes and direct advertising.
Your consent to data processing may also constitute a data protection permission. Before giving your consent, we will inform you about the purpose of data processing and your right of withdrawal.
Should the consent also relate to the processing of special categories of personal data, we will expressly point this out to you in the consent. Processing of special categories of personal data in accordance with Art. 9 EU-GDPR will only be carried out if this is required by legal regulations and if there is no reason to assume that your legitimate interest in excluding the processing outweighs the processing.
Transfer to third parties
We will only pass on your data to third parties within the framework of the legal provisions or with the appropriate consent. Otherwise, your data will not be passed on to third parties unless we are obliged to do so by mandatory legal provisions (passing on to external bodies such as supervisory authorities or law enforcement authorities).
Recipients of the data / categories of recipients
Within our company, we ensure that only those persons receive your data who need them to fulfil their contractual and legal obligations, e.g. for production and/or dispatch.
In certain cases, other companies in the Dauphin Group of companies or other service providers support the specialist departments in fulfilling their tasks. These may be e. g. logistics, IT or sales service providers. The necessary data protection agreements have been concluded with all service providers.
Third country transfer / intention to transfer to a third country
Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for the accomplishment of the contractual relationship, is required by law or if you have given us your consent.
We do not currently transfer your personal data to any service provider or group company outside the European Economic Area.
Storage period of data
We store your data as long as they are needed for the respective processing purpose. Please note that numerous retention periods cause that data storage must be continued.
This applies in particular to storage obligations under commercial or tax law (e.g. German Commercial Code, German Fiscal Code, etc.). If there are no further storage obligations, the data will be routinely deleted once the purpose has been achieved.
In addition, we may retain data if you have given us your permission to do so or if legal disputes arise and we use evidence within the scope of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years.
For reasons of technical security (in particular to ward off attempts to attack our web server) the data are stored for 14 days in accordance with Art. 6 Paragraph 1 lit. f EU-GDPR.
Secure transmission of your data
In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
The data exchange from and to our website is always encrypted. We offer HTTPS as a transmission protocol for our website, always using the latest encryption protocols. In addition, there is the possibility of using alternative communication channels (e.g. by post).
Obligation to provide the data
Various personal data are necessary for the establishment, execution and termination of the contractual relationship and the fulfilment of the contractual and legal obligations associated therewith. The same applies to the use of our website and the various functions it provides.
In certain cases, data must also be collected or made available due to legal regulations. Please note that it is not possible to process your enquiry or carry out the underlying contractual relationship without providing this data.
Categories, sources and origin of data
Which data we process depends on the respective context: This depends on e. g. whether you enter an inquiry with our contact form, send us an application or submit a complaint.
When you visit our website, we collect and process the following data:
- Name of the Internet service provider
- Information about the website from which you visit us
- Web browser and operating system used
- The IP address assigned by your Internet Service Provider
- Requested files, transferred data volume, downloads/file export
- Information about the web pages that you call up on our website including date and time
Contact form (Art. 6 para. 1 (a), (b) of the EU GDPR)
Our website provides a contact form which can be used to contact us electronically. If you write to us using the contact form, we will process the data you provide in the contact form for the purpose of contacting you and responding to your questions and wishes.
In doing so, we observe the principles of data economy and data reduction in that you are only required to provide those data that are essential for us to contact you. These are your first and last names, your e-mail address and your postal address for sending out the catalogues. In addition, for reasons of technical necessity and legal security, your IP address is also processed. All other fields are optional, so any further data you provide (e.g. for a more personalised response to your questions) is voluntary.
We implement appropriate security measures to protect the security and confidentiality of your data in the best way possible. Your request is transmitted to us in encrypted form.
Making contact via the configurator (Art. 6 para. 1 (a), (b) of the EU GDPR)
If you contact us via the configurator form, we will use the personal data you provide in the e-mail solely for the purpose of processing your request and also possibly pass it on to an authorised distributor in your region.
We implement appropriate security measures to protect the security and confidentiality of your data in the best way possible.
The following data are collected here:
All other fields are optional, so any further data you provide (e.g. for a more personalised response to your questions) is voluntary.
Contact by e-mail (Art. 6 (1) lit. a, b EU-GDPR)
If you contact us by e-mail, we will process the personal data provided in the e-mail solely for the purpose of processing your request.
In order to protect the security and confidentiality of your data in the best possible way we implement appropriate security measures.
Which data we process in the course of contacting you depends on the content of the respective inquiry.
Social media (Art. 6 para. 1 lit. f EU-GDPR)
On our website you will find links to our social media appearances on YouTube, Pinterest, Instagram, LinkedIn and Facebook. Links to the social media websites can be recognized by the respective company logo. By following these links you can reach our company presence at the respective social media network. By clicking on a link to a social media network a connection to the servers of the respective social media network is established. This will transmit to the servers of the social media network the information that you have visited our website. In addition, further data is transmitted to the provider of the social media network.
These are for example:
- Address of the website on which the activated link is located
- Date and time of the website call or activation of the link
- Information about the browser and operating system used
- IP address
Responsible for the company presence within the meaning of the EU General Data Protection Regulation (EU-GDPR) as well as other data protection regulations is in addition to us
(Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
(Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
(LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
(Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland)
(Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA)
If you are already logged in to the corresponding social media network at the time the link is activated, the social media network provider may be able to determine your user name and possibly even your real name from the transmitted data and assign this information to your personal user account on the social media network. You can exclude this possibility of assignment to your personal user account if you log out of your user account first.
The servers of the social media networks are located in the USA and other countries outside the European Union. The data may therefore also be processed by the provider of the social media network in countries outside the European Union. Please note that companies in these countries are subject to data protection laws which may not protect personal data in general to the same extent as in the member states of the European Union.
Opt-out: tools.google.com/dlpage/gaoptout and http://www.youronlinechoices.com;
Cookies (Art. 6 para. 1 lit. f EU-GDPR / Art. 6 para. 1 lit. a EU-GDPR with consent)
Our website uses so-called cookies which are small text files that are stored and saved on your computer. Cookies serve as making our offer more user-friendly, effective and secure.
They enable us to analyse how users use our websites and thus we are enabled to design the contents of our website according to the needs of our visitors.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your computer until you delete them. These cookies enable us to recognize your browser the next time you visit us.
Most web browsers automatically accept cookies. However, you can usually change the settings of your web browser if you prefer this information not to be sent.
Please note: If you deactivate the setting of cookies, not all functions of our website may be fully usable.
Google Analytics (web tracking procedure, Art. 6 para. 1 lit. a EU-GDPR)
This website uses Google Analytics, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses "cookies" which are text files placed on your computer in order to enable analyzing how users use the website. The information generated by the cookie about your website use usually is transferred to and stored at a Google server in the USA. However, by activating IP anonymisation on this website, your IP address will in advance be shortened by Google within member states of the European Union or in other contracting states of the European Economic Area (EEA) Agreement. Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data. With the provider the required contract under the data protection law has been concluded.
The legal basis for this is your informed consent Art. 6 para. 1 lit. a DSGVO.
The personal data of users will be deleted or anonymised after 14 months.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link
As an alternative to the browser add-on or within browsers on mobile devices please click this link to prevent Google Analytics from collecting data within this website in the future:
Withdraw consent to cookies
All cookies that are not necessary for the operation of the website are deleted.
On this website Google Analytics has been extended by the code "gat._anonymizeIp()" in order to guarantee an anonymised recording of IP addresses (so-called IP-Masking).
Google Fonts (Art. 6 (1)(f) EU-GDPR)
In our Internet presence we use Google Fonts to display external fonts. This is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. With the provider the required contract under the data protection law has been concluded.
In order to enable the display of certain fonts on our website a connection to the Google server in the USA is established when our website is accessed. The legal basis is Art. 6 para. 1 lit. f DSGVO. Our legitimate interest lies in the optimization and economic operation of our Internet presence.
When you call up our website a connection is made and thus Google can determine from which website your enquiry has been sent and to which IP address the font depiction is to be transmitted.
Google offers under
further information - in particular on the possibilities of preventing the use of the data.
Videos on our website (Consent, Art. 6 para. 1 lit. a EU-GDPR)
On our website various videos of YouTube are embedded. The YouTube site is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube's enhanced privacy mode for the embedded videos. This means that unless you are logged into your YouTube account no cookies are set by YouTube.
We have at least one YouTube plugin embedded on our website. When visiting our website your browser establishes a direct connection with the YouTube servers. Thus the information is transmitted to YouTube that your browser has visited the corresponding page on our website, even if you do not have a YouTube account or are not logged in to your account. This information is directly sent by your browser to a YouTube server in the USA and stored there.
When you visit our website with the embedded YouTube video from your browser a direct connection to the Google Marketing Platform (formerly DoubleClick) is established. At least the information is transmitted to Google that your browser has visited the corresponding website. This information is directly transmitted by your browser to a Google server and stored there. As soon as you click on the video further data is transmitted to the Google servers which is beyound our control.
If you are simultaneously logged into your YouTube account it is also possible to assign the page view to your YouTube account and you would allow YouTube to directly assign your Internet surfing behavior to your personal profile.
If you wish to prevent YouTube from transmitting and storing this information and your behaviour on our website you must log out of YouTube before visiting our website and delete any cookies placed by YouTube.
When collecting data we rely on your consent in accordance with Art. 6 para. 1 letter a EU-GDPR for the corresponding data processing.
We do not use purely automated processing to make a decision.
Online offers for children and young people
Persons under 16 years of age may not transmit any personal data to us or submit a declaration of consent without the consent of a parent or legal guardian. We would like to encourage parents and legal guardians to actively participate in the online activities and interests of their children.
Links to other providers
Our website contains - clearly visible - links to the Internet presentations of other companies. As far as links to websites of other providers are available, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of these sites is at all times responsible for the contents of these sites.
The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents had not been recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements of the law, such links will be removed immediately.