Privacy Policy

Thank you for your interest in our company. We take data protection seriously.

You can generally use our website without providing any personal data. However, if a data subject wishes to make use of our company’s services via our website, the processing of personal data may become necessary. If the processing of personal data is required and there is no statutory basis for such processing, we will always obtain the consent of the data subject.

The processing of personal data (e.g., name, address, email address, or telephone number of a data subject) is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to us. By means of this privacy policy, we would like to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.

As the controller responsible for processing, we have implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed through our website. However, data transmissions over the Internet may generally contain security gaps. Therefore, absolute protection cannot be guaranteed. For this reason, any data subject may of course alternatively transmit personal data to us, for example by telephone.

1. Definitions

This privacy policy is based on the terminology used by the European legislator when adopting the GDPR (Article 4 GDPR). This privacy policy is intended to be easily readable and understandable for everyone. To ensure this, we would first like to explain the terminology used. In this privacy policy, the following terms are used, among others:

2. Name and Contact Details of the Controller

These data protection notices apply to data processing carried out by:
Controller: Machine26 GmbH, represented by the Managing Directors Mr. Christian Schweiger and Mr. Steffen Schweiger

Email: info@machine26.com,
Phone: +49 (0) 30 166 378 72
Link to the Legal Notice: https://www.machine26.com/imprint

3. Collection and Storage of Personal Data as well as the Nature and Purpose of Their Use

a) When visiting the website

You can generally use our website without disclosing your identity. When you access our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:

The aforementioned data are processed by us for the following purposes:

The legal basis for data processing is Article 6(1) sentence 1 lit. f GDPR. Our legitimate interest arises from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

In addition, we use cookies and analytics services when you visit our website. Further details can be found in sections 5 and 7 of this privacy policy.

b) When using our contact form

For questions of any kind, we offer you the opportunity to contact us via a form provided on our website. Providing a valid email address is required so that we know from whom the inquiry originates and in order to respond to it. Additional information may be provided voluntarily. It is your free decision whether you wish to enter this data in the contact form.

Data processing for the purpose of contacting us is carried out in accordance with Article 6(1) sentence 1 lit. a GDPR on the basis of your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been resolved.

c) Upon registration

To use the services of Machine26, you must register. Providing your company details, name, address, contact information, and bank details is required in order to conclude a contract via Machine26. Your data will be used to provide our products and services, to process orders, and to handle business transactions such as invoicing.

Machine26 reserves the right to transmit your personal data to commissioned service providers, such as SCHUFA or Creditreform, for the purpose of conducting a credit check.

d) When submitting a bid via our website

You can submit bids and make purchases via our website if you register on our platform as a customer for future bids and, where applicable, purchases.

In this process, your personal data are entered into an input form, transmitted to us, and stored. If you place bids via our website, we initially collect the following data in the event of registration on the platform:

The collection of these data is carried out,

As part of the bidding process, your consent to the processing of these data will be obtained.

Data processing is carried out in response to your submission of a bid and/or your registration and is necessary pursuant to Article 6(1) sentence 1 lit. b GDPR for the stated purposes, in particular for the proper handling of your bids and for the fulfillment of obligations arising from the purchase contract.

The personal data collected by us for the processing of the purchase procedure will be stored until the expiry of the statutory retention period and then deleted, unless we are obliged to store them for a longer period pursuant to Article 6(1) sentence 1 lit. c GDPR due to retention and documentation obligations under tax and commercial law (arising from the German Commercial Code (HGB), Criminal Code (StGB), or Fiscal Code (AO)), or you have consented to further storage pursuant to Article 6(1) sentence 1 lit. a GDPR.

e) When listing construction machinery for brokerage by Machine26

The listing of brokerage offers is carried out in anonymized form. Bidders are not granted access to any personal data of the party listing the item. After the bidding period has expired, the seller may be informed in writing of the company name and address of the bidders. For the purpose of processing, the contact details of the responsible Machine26 Service (telephone, email, link to the sale via the Machine26 sales portal) will be provided as contact information.

You can list brokerage offers via our website or have them listed by Machine26. Registration is required for this purpose.

Your personal data are entered into an input form, transmitted to us, and stored. If you place bids via our website, we initially collect the following data in the event of registration on the platform:
- Salutation, first name, last name,
- a valid email address,
- the name of the company,
- address,
- telephone number (landline and/or mobile).

The collection of these data is carried out:
- in order to identify you as our customer;
- in order to process, fulfill, and handle your bids and any potential purchase;
- for correspondence with you;for invoicing;
- for the handling of any potential liability claims, as well as for the assertion of any claims against you;
- to ensure the technical administration of our website;
- to manage our customer data.

As part of the bidding process, your consent to the processing of these data will be obtained.

Data processing is carried out in response to your submission of a bid and/or your registration and is necessary pursuant to Article 6(1) sentence 1 lit. b GDPR for the stated purposes, in particular for the proper handling of your bids and for the fulfillment of obligations arising from the purchase contract.

The personal data collected by us for the processing of the purchase procedure will be stored until the expiry of the statutory retention period and then deleted, unless we are obliged to store them for a longer period pursuant to Article 6(1) sentence 1 lit. c GDPR due to retention and documentation obligations under tax and commercial law (arising from the German Commercial Code (HGB), Criminal Code (StGB), or Fiscal Code (AO)), or you have consented to further storage pursuant to Article 6(1) sentence 1 lit. a GDPR.

4. Disclosure of Data

Your personal data will only be disclosed by us to third parties involved in the performance of the contract, such as the logistics company commissioned with delivery and the credit institution responsible for payment processing. In cases where your personal data are disclosed to third parties, the scope of the transmitted data is limited to the necessary minimum.

In the case of payment via PayPal, credit card via PayPal, direct debit via PayPal, or “purchase on account” via PayPal, we transmit your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”) as part of the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal, or “purchase on account” via PayPal. PayPal uses the result of the credit check with regard to the statistical probability of payment default for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Address data are included in the calculation of the score values, among other factors. Further data protection information can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Your personal data will not be transmitted to third parties for purposes other than those stated above.

We will also only disclose your personal data to third parties if:
- you have given your express consent pursuant to Article 6(1) sentence 1 lit. a GDPR,
- the disclosure is necessary pursuant to Article 6(1) sentence 1 lit. f GDPR for the establishment, exercise, or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
- there is a legal obligation for the disclosure pursuant to Article 6(1) sentence 1 lit. c GDPR, or
- the disclosure is legally permissible and necessary pursuant to Article 6(1) sentence 1 lit. b GDPR for the performance of contractual relationships with you.

As part of the ordering process, your consent to the disclosure of your data to third parties will be obtained.

5. Use of Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain viruses, trojans, or other malware.Information is stored in the cookie that arises in connection with the specific device used. However, this does not mean that we obtain direct knowledge of your identity.

The use of cookies serves, on the one hand, to make the use of our services more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our website.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a defined period of time. If you visit our website again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made, so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our services for you (see section 7). These cookies enable us to automatically recognize that you have previously visited our website when you return. These cookies are automatically deleted after a defined period of time.

The data processed by cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties pursuant to Article 6(1) sentence 1 lit. f GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a notification always appears before a new cookie is created. However, completely disabling cookies may result in you not being able to use all functions of our website.

6. Links to Third-Party Websites

The links published on our website are researched and compiled with the greatest possible care. However, we have no influence on the current and future design or content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt such content as our own. The provider of the website to which reference is made is solely liable for any illegal, incorrect, or incomplete content and for any damage resulting from the use or non-use of the information provided. Liability of the party that merely refers to the publication via a link is excluded. We are only responsible for third-party content if we have positive knowledge of it, i.e., including any potentially unlawful or criminal content, and if it is technically possible and reasonable for us to prevent its use.

7. Analytics and Tracking Tools

The tracking measures listed below and used by us are carried out on the basis of Article 6(1) sentence 1 lit. f GDPR. With the tracking measures employed, we aim to ensure a needs-based design and the continuous optimization of our website. Furthermore, we use tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our services for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective purposes of data processing and the categories of data can be found in the corresponding tracking tools.

a) Google Analytics

For the purpose of ensuring a needs-based design and the continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized user profiles are created and cookies (see section 5) are used.

The information generated by the cookie about your use of this website, such as:
- browser type/version,
- operating system used,
- referrer URL (the previously visited page),
- hostname of the accessing computer (IP address),
- time of the server request,
is transmitted to a Google server in the USA and stored there.

The information is used to evaluate the use of the website, to compile reports on website activity, and to provide other services related to website and internet usage for the purposes of market research and needs-based design of these internet pages. This information may also be transferred to third parties where required by law or where third parties process these data on Google’s behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).

You can prevent the installation of cookies by adjusting your browser software accordingly; however, please note that in this case you may not be able to use all functions of our website to their full extent.

You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) as well as the processing of these data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, particularly for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on the aforementioned link. An opt-out cookie will be set that prevents the future collection of your data when visiting our website. The opt-out cookie applies only to this browser and only to our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.

Further information on data protection in connection with Google Analytics can be found at the following link in the Google Analytics Help Center: https://support.google.com/analytics/answer/6004245?hl=de

b) Google Tag Manager

https://www.google.com/intl/de/tagmanager/use-policy.html

When accessing our website, the Google Tag Manager service is used for the statistical evaluation of website usage. This service is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Tag Manager is a solution that allows website tags to be managed via an interface. This enables us, for example, to integrate Google Analytics and other Google marketing services into our online offering. The Tag Manager itself (which implements the tags) does not collect or process any personal data of users.

In this context, reference is made to the following information regarding Google services.
Usage policies:

b) Hotjar

We use the web analytics service Hotjar provided by Hotjar Ltd., Level 2, St Julian’s Business Centre, 3 Elia Zammit Street, St Julian’s STJ 1000, Malta (“Hotjar”) in order to better understand user behavior and needs and to optimize our services and user experience.

Hotjar enables us to track movements on the websites on which it is used (so-called heatmaps). For example, it is possible to analyze the duration of visits to individual pages, scrolling behavior, or which buttons are clicked and how often. Hotjar also enables us to obtain direct feedback from users. With this information, we can align our websites with user feedback and make them faster and more user-friendly.The analysis associated with Hotjar is carried out on the basis of our legitimate interests in the user-oriented design of our services pursuant to Article 6(1) lit. f GDPR.

Hotjar uses cookies and other technologies to collect information about user behavior and user devices (e.g., the IP address of a device (which is collected and stored in anonymized form), screen size, device type (unique device identifiers), browser information, geographic information (country only), and the preferred language for displaying our website). This information is stored by Hotjar in a pseudonymized user profile. Neither Hotjar nor we use these data to identify individual users, nor are the data combined with other data relating to individual users.

When using Hotjar, we pay attention to the protection of your personal data. Hotjar automatically suppresses areas of the websites in which personal data of you or third parties are displayed. These areas are therefore not traceable at any time.

Hotjar enables each user to prevent the use of the Hotjar tool by means of a “Do Not Track” header, so that no data about visits to the respective website are recorded. This setting is supported by all common browsers in their current versions. Your browser sends a request to Hotjar indicating that tracking of the respective user is to be deactivated. If you use our website with different browsers or devices, you must set up the “Do Not Track” header separately for each of these browsers/devices.Detailed instructions with information about your browser can be found at:
https://www.hotjar.com/opt-out

Further information about Hotjar Ltd. and the Hotjar tool can be found at:
https://www.hotjar.com

Additional details can be found in Hotjar’s privacy policy at the following link:
https://www.hotjar.com/privacy

8. Amazon Cloud Front

Our website uses Amazon CloudFront, a content delivery network provided by Amazon Web Services, Inc. (hereinafter “Amazon”).

A content delivery network reduces the loading time of a website. Amazon operates numerous servers in Europe (including in Frankfurt/Main and Milan) in order to transmit our data to you as quickly as possible. However, it cannot be technically excluded that your browser (e.g., because you access this website from outside the EU or for any other reason) may access a server located outside the EU. In such a case, data from your browser are transmitted directly to the respective country or region (North and South America, Asia, Australia).

Amazon is certified under the Privacy Shield framework and thereby provides a guarantee of compliance with European data protection law. Detailed information can be found at the following link:
https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4

Further information on Amazon CloudFront can be found at:
https://aws.amazon.com/de/cloudfront/

Amazon’s privacy policy is available at:
https://aws.amazon.com/de/privacy/?nc1=f_pr

9. Google Web Fonts

This website uses so-called web fonts provided by Google to ensure a consistent display of fonts. The Google Fonts are installed locally. No connection to Google servers is established in this process.(Source: https://www.e-recht24.de/muster-datenschutzerklaerung.html)

10. Rights of the Data Subject

You have the right:
- pursuant to Article 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data if not collected by us, as well as the existence of automated decision-making including profiling and, where applicable, meaningful information about its details;
- pursuant to Article 16 GDPR, to request without undue delay the rectification of inaccurate personal data stored by us or the completion of your personal data;
- pursuant to Article 17 GDPR, to request the erasure of your personal data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- pursuant to Article 18 GDPR, to request the restriction of processing of your personal data where the accuracy of the data is contested by you, the processing is unlawful but you oppose the erasure of the data and we no longer need the data, but you require them for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request transmission to another controller;
- pursuant to Article 7(3) GDPR, to withdraw your consent once given at any time vis-à-vis us. This means that we may no longer continue the data processing based on this consent in the future; and
- pursuant to Article 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you may contact the supervisory authority of your habitual residence, place of work, or our company’s registered office.

11. Right to Object

If your personal data are processed on the basis of legitimate interests pursuant to Article 6(1) sentence 1 lit. f GDPR, you have the right, pursuant to Article 21 GDPR, to object to the processing of your personal data insofar as there are grounds for doing so arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without the need to specify a particular situation.

If you wish to exercise your right of withdrawal or objection, it is sufficient to send an email to: info@machine26.com.

12. Data Security

During your visit to our website, we use the widely adopted SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. As a rule, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we instead use 128-bit v3 technology. You can recognize whether an individual page of our website is transmitted in encrypted form by the closed key or padlock symbol displayed in the lower status bar of your browser.

Furthermore, we implement appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

13. Up-to-Date Status and Amendments to this Privacy Policy

This privacy policy is currently valid and was last updated in March 2018.

Due to the further development of our website and the services offered via it, or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The current version of the privacy policy can be accessed and printed at any time on our website at the following link:
https://www.machine26.com/privacy-policy