Data protection notice

Version: GDPR of 06.05.2021

Information on data processing for this website in accordance with Article 13 of the EU General Data Protection Regulation (GDPR) when collecting personal data from the person concerned.
Berger Holding GmbH & Co. KG is responsible for this website, and in its capacity as a provider of a telecommunications service informed you at the beginning of your visit about the type, scope and purpose of the collection and use of personal data in a precise, transparent, and comprehensible form in clear and simple language. It must be possible to call up those contents at any time.
We place great value on the security of your data and compliance with the relevant regulations concerning data privacy and protection. The processing of personal data is subject to the stipulations of the relevant currently applicable European and German legislation.
We would like to explain to you with this data protection notice how we handle your personal data and how you can get in contact with us:
Berger Holding GmbH & Co. KG
In der Neuen Welt 14
87700 Memmingen
CEOs: Karin Berger-Haggenmiller and Oswald Berger
Commercial Register No.: HRA 10146
Our data protection officer
Sven Lenz
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
If you have any questions concerning data privacy or protection matters you can send an e-mail to the following e-mail address:


A. General

We will dispense with gender-specific terminology to make the following text clearer. The same terms will be used for both sexes in the sense of equality. The exact meaning of terms used such as, for example, "personal data" or its "processing" can be found in Article 4 of the GDPR.
The personal data that is processed in connection with this Website includes
  • master data (e.g. name and address of customers),
  • contract data (e.g. services that have been made use of, name of processing person, payment information),
  • usage data (e.g. pages of our Website that were visited) and
  • content data (e.g. entries in the online contact form).

B. Specific

Data protection notice

We guarantee that the data provided by you is only processed in connection with the handling of your inquiries and for internal purposes so as to be able to provide the services or the content that you requested.
Basic principles of data processing
We only process your personal data in strict compliance with the relevant data privacy and protection regulations. The legal basis for this is:
  • the provision of our contractual services
  • processing is legal requirement
  • the existence of your electronic consent (e.g. registration for a newsletter)
  • the assertion of our justified interests
We would be glad to show you at what point the above legal basis is regulated:
  • Processing for the fulfillment of our services and the implementation of contractual measures
    Article 6 para. 1 lit. b) GDPR
  • Processing for the fulfillment of a legal requirement
    Article 6 para. 1 lit. c) GDPR
  • Consent
    Article 6 para. 1 lit. a) and Article 7 GDPR
  • Processing to preserve our justified interests
    Article 6 para. 1 lit. f) GDPR
Data transfer to third parties
There is currently no data transfer to third parties.
Data transfer to a third party country or an international organization
A third party country is to be understood as any country in which the GDPR is not directly legally valid and applicable. This fundamentally comprises all countries outside the EU and the European Economic Area.

There is no data transfer to a third country or an international organization without a legal basis.
Duration of storage of your personal data
We comply with the basic principles of data economy and data avoidance. This means that we only store your data for as long as is necessary to fulfill the above-mentioned purposes or else in accordance with the wide variety of data storage periods specified by the legislator. If the relevant purpose ceases to apply any longer or if the corresponding storage periods have ended, then as a matter of routine and in accordance with the relevant regulations your data will be blocked or deleted.
To this end we have developed a corporate concept to ensure that these stipulations are carried out.
If you have made contact with us by e-mail or the contact form, then you have agreed to electronic communication. Personal data is processed as part of the making of electronic contact with us. The data that will be collected in the case of a contact form can be seen on the relevant contact form. Your data is transferred using SSL encryption. The details that you have given will be stored solely for the purposes of the processing of the inquiry and for any possible associated questions.
We would be glad to state to you the legal basis for this:
Processing for fulfillment of our services and implementation of contractual measures
Article 6 para. 1 lit. b) GDPR
We wish to point out here that e-mails can be read or amended without authorization or being noticed along the transmission route. In addition, we wish to draw your attention to the fact that we use a program to filter out unwanted e-mails (spam filter). E-mails can be rejected by the spam filter if they are incorrectly identified as spam due to specific characteristics..
What rights do you have?
a) Right to information
You have the right to be given information about the data on you that has been stored, at no charge. On request, we will inform you in writing which personal data from you we have stored. This likewise includes the origin and the recipient of your data and the purpose of the data processing.
b) Right to correction
You have the right to have corrected any inaccuracies in your data. In such a case you can request a restriction of the processing, e.g. If disputing the correctness of your personal data.
c) Right to blocking
In addition, you can have your data blocked. This data must be held in a blocking file for monitoring purposes so that a blocking of your data can be taken into consideration at any time.
d) Right to deletion
You can request the deletion of your personal data insofar as no legally-required obligations to archive data apply. If such an obligation exists, then we will block your data on request. If the corresponding legal preconditions apply, we will also delete your personal data even if you have not requested this to be done.
e) Right to data portability
You are entitled to request us to provide your personal data that had been given to us in a form that permits transmission to another location.
f) Right to complaint to supervisory authorities
You have the option to apply to relevant data privacy and protection authorities to make a complaint.
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach
Phone: +49 (981) 53-1300
Fax: +49 (981) 53-981300
You can open the complaint form via the following link:

Note: A complaint can also be made to any data protection supervisory authority within the EU.

g) Right of objection

You have the option at any time, for reasons that arise from your particular situation, to object to the processing of your data in accordance with article 6 para. 1 lit. e) and f); this also applies to profiling based on these provisions.

Berger Holding GmbH & Co. KG will then no longer process your personal data unless it can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If personal data is processed for direct mailing, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is connected to direct mailing. In the event of such an objection, we will no longer process your personal data for the purposes of direct mailing. All you have to do is send us a corresponding e-mail.

h) Right of withdrawal

You have the option at any time to revoke the consent you have given to the processing of your data with effect for the future without giving reasons. There are no disadvantages to you through the revocation. All you have to do is send us a corresponding e-mail.

However, such a revocation does not affect the legitimacy of the processing carried out up to the point in time of the revocation on the legal basis of article 6 para. 1 lit. a) GDPR.

To assert your rights as a person affected, send us an email to the following address:

Protection of your personal data
We take contractual, technical and organizational safety measures that are the state of the art to ensure that the data privacy and protection regulations are complied with and so to protect the processed data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

The security measures include in particular the encrypted transmission of data between your browser and our Server. For this we make use of 256-bit SSL encryption technology.
Your personal data is protected as detailed in the following points (excerpt):
a) Preservation of the confidentiality of your personal data

We have taken various measures concerning control over entry, admission and access to preserve the confidentiality of the data that we store.

b) Preservation of the integrity of your personal data

We have taken various measures concerning control over passing on and input to assure the integrity of the data we have stored.
c) Preservation of the availability of your personal data

We have taken various measures concerning control over orders and availability to assure the availability of the data we have stored.
The safety measures that are in use are constantly improved to be to the current state of the technical art. Despite all these precautions that we have taken, we cannot guarantee the security of your data transmission to our Website due to the insecure nature of the Internet. For that reasons all data transfers that you make are at your own risk..
Protection of legally underage persons

Persons who have not yet reached the end of their sixteenth year of life may only make personal information available to us if they provide us with the explicit approval of a parent or legal guardian. This data will be processed in accordance with the relevant data privacy and protection regulations.
Server log files
The provider of these pages automatically collect and store information in so-called Server log files that your browser automatically sends to us. This is:
  • Browser type and version
  • Operating system used
  • Referrer URL
  • Time of the server query
  • IP address

This data is not combined with any other sources of data. The basis for the data processing is in accordance with article 6 para. 1 lit. f) of the GDPR our justified interest.

pmCMS Log data - Non-personal data that is collected automatically

In the course of the use of our webpages the following data is collected for organizational and technical reasons without you doing anything at all and saved (for a maximum of 24 hours) until it is deleted automatically: pages called up, browser / operating system / device / model used, date and time of the access, search machine used or the link by which you arrived at this website, anonymized IP address (cannot be tracked), anonymized session ID, language set in the browser and country from which the access was made.

We evaluate this technical data anonymously and solely for statistical purposes and for security reasons so that we can further optimize our Internet presence and be able to make our Internet offering even more attractive. This anonymous data is stored on secure systems separately from personal information and no conclusions can be drawn from it regarding an individual person. Your personal data and your privacy are protected at all times.

Online applications by means of a form
We offer applicants a corresponding form on our website so that they can make their application online. Acceptance in the application procedure presupposes that the applicant will provide through this form all the required personal data to allow us to make a soundly based and informed assessment.
The required details include general information on the person (name, address, telephone number or electronic contact details) and information to prove that the applicant has the qualifications required for the position in question. In addition, health-related details may be required as well which must be especially taken into consideration regarding labor law and social security issues in the interests of the social protection of the applicant
When the form is sent your data will encrypted to the current state of the technical art and sent to us and exclusively processed for the purpose of the application procedure.
The legal basis for this processing is article 6 para. 1 lit. b) of the GDPR within the meaning of article 26 para. 1 of the German BDSG [Federal Data Protection Act] in the sense of processing the application procedure as the initiation of an employment contract. If in the course of the application procedure special categories of personal data as defined within the meaning of article 9 para. 1 of the GDPR are requested from the applicant (for example, health data such as details of a severe handicap), processing will be done in accordance with article 9 para. 2 lit. b) of the GDPR so that we can comply with labor law and legislation concerning social security and protection and meet our relevant obligations.
Based or this, or taken as an alternative, the processing of special data categories can also be based on article 9, para. 1 lit. b) of the GDPR if it is done for purposes related to health care, or occupational medicine, for an assessment of the ability to work of the applicant, for medical diagnosis purposes, the provision of care or treatment in the health or social sector or the administration of systems and services in the health or social sector.
If in the course of the evaluation described above it does not lead to the selection of the applicant or if an applicant withdraws his application, then the data that had been provided by him or her will be deleted after a corresponding notification, but in any case after no more than six months. This period of time is based on our justified interest of being able to answer any associated questions concerning the application and, if applicable, to provide the burden of proof required by the regulations concerning the equal treatment of applicants.
In the event of a successful application the data that had been provided on the basis of article 6 para. 1 lit. b) of the GDPR within the meaning of Article 26 para. 1 of the German BDSG [Federal Data Protection Act] i shall be further processed to implement the employment relationship.
Cookies are small text files that are stored locally in the cache of your Internet browser. Cookies make it possible to recognize the Internet browser, for example. The files are used to help the browser to navigate through the Website and to use all the functions to the full.

We use a first-party cookie PHPSESSID (session cookie). Cookie purpose description: Maintains the states of the user for all page requests. Data is processed within Germany.
Changes in our data protection notice
We reserve the right to amend our data protection notice at short notice so that it always corresponds to the current legal requirements and to make changes to the services that we offer. For example, this can involve the introduction of new services. The new data privacy and protection information shall apply for your next visit.