Goldsaat - Agricultural Technology » Privacy Policy

Privacy policy

1. Introduction

With the following information, we would like to provide you, as a "data subject," with an overview of how we process your personal data and your rights under data protection laws. In principle, you can use our website without providing any personal data. However, if you wish to use special services offered by our company via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain your consent.

The processing of personal data, such as your name, address, or email address, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to Goldsaat Agrartechnik GmbH & Co. KG. This privacy policy is intended to inform you about the scope and purpose of the personal data we collect, use, and process.

As the person responsible for processing, we have implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, you are free to transmit personal data to us in alternative ways, for example by telephone or post.

You too can take simple and easy-to-implement measures to protect yourself against unauthorized access to your data by third parties. Therefore, we would like to give you some tips on how to handle your data securely: 

  • Protect your account (login, user or customer account) and your IT system (computer, laptop, tablet or mobile device) with secure passwords.
  • Only you should have access to the passwords.
  • Make sure you only ever use your passwords for one account (login, user or customer account).
  • Do not use the same password for different websites, applications, or online services.
  • Especially when using publicly accessible IT systems or systems shared with other people, it is essential that you log out after every login to a website, application or online service.

Passwords should consist of at least 12 characters and be chosen so that they cannot be easily guessed. Therefore, they should not contain common everyday words, your own name, or the names of relatives, but rather uppercase and lowercase letters, numbers, and special characters.

2. Responsible

The person responsible within the meaning of the GDPR is:

Goldsaat Agrartechnik GmbH & Co. KG
Prümtalstraße 20, 54595 Prüm, Germany
Telephone: 06551 / 9507-0
Fax: 06551 / 9507-34
Email: Info@goldsaat.de

Representative of the responsible party: Manfred Faasen

3. Data Protection Officer

You can reach the data protection officer as follows:

VINDEX DATA PROTECTION Owner: Konrad Becker
Phone: 06571 / 17406-0
Email: info@vindex-datenschutz.de

You can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

4. Definitions

The data protection declaration is based on the terminology used by the European directors and regulators when the General Data Protection Regulation (GDPR) was adopted. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms in this privacy policy, including but not limited to:

1. Personal data

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. Data Subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller (our company).

3. processing

Processing means any process or series of operations related to personal data, such as collecting, recording, organizing, arranging, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.

4. Restriction of processing

Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.

5. Profiling

Profiling is any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects regarding analysing or predicting job performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or relocation of that natural person.

6. Pseudonymization

Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person.

7. Processors

The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the responsible party.

8. Recipient

Recipient is a natural or legal person, agency, institution or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries.

9. Third

A third party is a natural or legal person, public authority, agency or institution other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data.

10. Consent

Consent means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

5. Legal basis for processing

Article 6 paragraph 1 letter a) GDPR (in conjunction with Section 25 paragraph 1 TDDDG (formerly TTDSG)) serves as the legal basis for our company for processing operations where we obtain consent for a specific processing purpose.

If the processing of personal data is necessary for the performance of a contract to which you are a party, as is the case, for example, with processing operations necessary for the delivery of goods or the provision of other services or consideration, then the processing is based on Article 6(1)(b) GDPR. The same applies to such processing operations that are necessary for carrying out pre-contractual measures, such as in cases of inquiries about our products or services.

If our company is subject to a legal obligation which necessitates the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 para. 1 lit. c) GDPR.

In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured on our premises and their name, age, health insurance details, or other vital information had to be disclosed to a doctor, hospital, or other third party. In such a case, the processing would be based on Article 6(1)(d) GDPR.

Ultimately, processing operations could be based on Article 6(1)(f) GDPR. This legal basis applies to processing operations not covered by any of the aforementioned legal bases if the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Such processing operations are permitted in particular because they have been specifically mentioned by the European legislator. The legislator took the view that a legitimate interest could be assumed if you are a customer of our company (Recital 47, second sentence, GDPR).

6. Transmission of data to third parties

Your personal data will not be transmitted to third parties for purposes other than those listed below.

We only share your personal data with third parties if:

  1. You have given us your explicit consent in accordance with Art. 6 para. 1 lit. a) GDPR,
  2. The transfer of your data is permitted under Article 6(1)(f) GDPR for the purposes of our legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not having your data transferred.
  3. in the event that there is a legal obligation to disclose the data pursuant to Article 6(1)(c) GDPR, as well as
  4. This is legally permissible and necessary for the performance of a contract with you in accordance with Article 6(1)(b) GDPR.

To protect your data and, where necessary, to allow us to transfer data to third countries (outside the EU/EEA), we have concluded data processing agreements based on the European Commission's Standard Contractual Clauses. If the Standard Contractual Clauses are insufficient to ensure an adequate level of security, your consent pursuant to Art. 49 para. 1 lit. a) GDPR can serve as the legal basis for the transfer to third countries. This may not apply to data transfers to third countries for which the European Commission has issued an adequacy decision pursuant to Art. 45 GDPR.

Your personal data will not be transmitted to third parties for purposes other than those listed below.

We only share your personal data with third parties if:

  1. You have given us your explicit consent in accordance with Art. 6 para. 1 lit. a) GDPR,
  2. The transfer of your data is permitted under Article 6(1)(f) GDPR for the purposes of our legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not having your data transferred.
  3. in the event that there is a legal obligation to disclose the data pursuant to Article 6(1)(c) GDPR, as well as
  4. This is legally permissible and necessary for the performance of a contract with you in accordance with Article 6(1)(b) GDPR.

As part of the processing operations described in this privacy policy, personal data may be transferred to the USA. Companies in the USA only have an adequate level of data protection if they have certified themselves under the EU-US Data Privacy Framework and thus the adequacy decision of the EU Commission pursuant to Art. 45 GDPR applies. We have explicitly stated this for the service providers concerned in the privacy policy. To protect your data in all other cases, we have concluded data processing agreements based on the standard contractual clauses of the European Commission. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent pursuant to Art. 49 para. 1 lit. a) GDPR can serve as the legal basis for the transfer to third countries. This does not apply, however, to data transfers to third countries for which the European Commission has issued an adequacy decision pursuant to Art. 45 GDPR.

7. Technique

7.1 SSL/TLS encryption

This page uses for warranty For the security of data processing and to protect the transmission of confidential content, such as orders, login data, or contact requests that you send to us as the operator, we use SSL or TLS encryption. You can recognize an encrypted connection by the fact that "https://" appears in the browser's address bar instead of "http://" and by the padlock symbol in your browser's address bar.

We use this technology to protect your transmitted data.

7.2 Hosting by IONOS

We host our website with IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter referred to as IONOS).

When you visit our website, your personal data (e.g. IP addresses in log files) will be processed on the servers of IONOS.

The use of IONOS is based on Article 6(1)(f) GDPR. We have a legitimate interest in the most reliable possible presentation, provision, and security of our website.

We have concluded a data processing agreement (DPA) with IONOS in accordance with Article 28 of the GDPR. This is a legally required contract under data protection law, which ensures that IONOS processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Further information on IONOS' data protection regulations can be found at: https://www.ionos.de/terms-gtc/terms-privacy

8. Cookies

8.1 General information about cookies

Cookies are small files that your browser automatically creates and stores on your IT system (laptop, tablet, smartphone, etc.) when you visit our site.

The cookie stores information related to the specific device being used. However, this does not mean that we thereby gain direct knowledge of your identity.

We use cookies to make your experience on our website more enjoyable. For example, we use session cookies to recognize that you have already visited certain pages of our website. These are automatically deleted when you leave our site.

Furthermore, we also use temporary cookies to optimize user-friendliness. These cookies are stored on your device for a specific, predetermined period. When you revisit our site to use our services, it is automatically recognized that you have already been here and what entries and settings you have made, so you don't have to enter them again.

Secondly, we use cookies to statistically record the use of our website and to evaluate our services for optimization purposes. These cookies allow us to automatically recognize that you have already visited our website when you return. These cookies are automatically deleted after a defined period. The specific storage duration of the cookies can be found in the settings of the consent tool used.

8.2 Legal basis for the use of cookies

The data processed by the cookies, which are required for the proper functioning of the website, are therefore necessary to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 lit. f) GDPR.

For all other cookies, you have given your consent via our opt-in cookie banner in accordance with Art. 6 para. 1 lit. a) GDPR.

8.3 Usercentrics (Consent Management Tool)

We use the consent management tool "Usercentrics" from Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany. This service allows us to obtain and manage the consent of website users for data processing.

Usercentrics collects data generated by end users who use our website. When an end user gives their consent, the following data is automatically logged by Usercentrics:

  • Browser information.
  • Date and time of access.
  • Device information.
  • The URL of the visited page.
  • Geographic location.
  • Website page path.
  • The consent status of the end user, which serves as proof of consent.

The consent status is also stored in the end user's browser, allowing the website to automatically read and respect the end user's consent for all subsequent page requests and future user sessions for up to 12 months. The consent data (consent and withdrawal of consent) is stored for three years. This retention period corresponds to the regular limitation period according to § 195 of the German Civil Code (BGB). The data is then deleted immediately or, upon request, provided to the responsible party in the form of a data export.

The functionality of the website cannot be guaranteed without the described processing. Users have no right to object as long as there is a legal obligation to obtain their consent for certain data processing operations (Art. 7 para. 1, 6 para. 1 sentence 1 lit. c) GDPR).

Usercentrics is the recipient of your personal data and acts as a data processor for us.

Detailed information on the use of Usercentrics can be found at: https://usercentrics.com/privacy-policy/.

9. Newsletter distribution

9.1 Newsletter distribution to existing customers

If you provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our product range via email. According to Section 7 Paragraph 3 of the German Unfair Competition Act (UWG), we do not need to obtain your separate consent for this. The data processing is based solely on our legitimate interest in personalized direct marketing pursuant to Article 6 Paragraph 1 Letter f) of the GDPR. If you initially objected to the use of your email address for this purpose, we will not send you any emails. You have the right to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by sending a message to the data controller named at the beginning of this document. You will only incur transmission costs at the basic rates for this. Upon receipt of your objection, the use of your email address for advertising purposes will be discontinued immediately.

10. Web Analysis

10.1 eTracker

Our website uses the etracker analytics service. The provider is etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. Usage profiles can be created from the data under a pseudonym. Cookies may be used for this purpose. The data collected using etracker technologies will not be used to personally identify visitors to our website without your explicit consent and will not be merged with personal data about the bearer of the pseudonym.

etracker cookies remain on your device until you delete them.

These processing operations are carried out exclusively with the express consent given in accordance with Art. 6 para. 1 lit. a) GDPR.

You can object to the collection and storage of your data at any time with effect for the future.

You can view eTracker's privacy policy at: https://www.etracker.com/de/datenschutz.html.

We have concluded a data processing agreement with etracker and fully implement the strict requirements of the German data protection authorities when using etracker.

10.2 WordPress Stats – Jetpack

This website uses the WordPress tool "WordPress Stats" provided by Jetpack to statistically analyze visitor traffic. The provider is Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA. The website operator uses the tracking technology of Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA.

Jetpack uses cookies that are stored on your computer and allow WordPress Stats to analyze website usage. The information generated by the cookies about your use of our website is stored on servers in the USA. Your IP address is anonymized after processing and before storage.

The cookies will remain on your device until you delete them.

These processing operations are carried out exclusively with the express consent given in accordance with Art. 6 para. 1 lit. a) GDPR.

This US company is certified under the EU-US Data Privacy Framework. This constitutes an adequacy decision pursuant to Article 45 GDPR, meaning that personal data may be transferred without further safeguards or additional measures.

You can view Jetpack's privacy policy at: https://jetpack.com/support/privacy/.

11. Plugins and other services

11.1 Adobe Fonts

Our website uses Adobe Fonts, provided by Adobe Inc., 345 Park Avenue, San Jose, CA 95110-2704, USA. We use Adobe Fonts to ensure consistent font display.

The following data, among others, may be processed:

  • IP address,
  • the time the web browser needs to download the fonts,
  • the time from downloading the fonts with the web browser until the fonts are used,
  • to determine if an ad blocker is installed, in order to ascertain whether the ad blocker is interfering with the correct tracking of page views,
  • Operating system and browser version.

If you were asked for your consent to the processing of your data by Adobe, the legal basis for this processing is Article 6(1)(a) GDPR. Furthermore, we have a legitimate interest in using Adobe Fonts to ensure the website is displayed clearly and can be managed effectively. The corresponding legal basis for this is Article 6(1)(f) GDPR.

Adobe Inc., as a US company, is certified under the EU-US Data Privacy Framework. This constitutes an adequacy decision pursuant to Article 45 of the GDPR, meaning that the transfer of personal data may take place without further safeguards or additional measures.

You can view Adobe Fonts' privacy policy at: https://www.adobe.com/de/privacy.html.

11.2 CleanTalk

This website uses anti-spam plugins from CleanTalk. The provider is CleanTalk Inc., 711 S Carson Street, suite 4, Carson City, NV, 89701, USA (hereinafter referred to as "CleanTalk").

CleanTalk is used to protect our website from spam activity (e.g., preventing unwanted advertising, unsolicited messages, or comments). For this purpose, CleanTalk collects various personal data such as IP address, email address, the sender's nickname, information about the JavaScript technology used in the sender's browser, and the text entered.

This information is transferred to a CleanTalk server in the EU and stored there.

For security reasons and to protect against spam, your data is processed in the CleanTalk Cloud Service and stored in log files for a maximum of 31 days. After this period, this data is completely deleted.

CleanTalk is used on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its website from spam activities as effectively as possible. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 (1) (a) GDPR and Section 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device within the meaning of the TDDDG. Consent can be revoked at any time.

We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. XNUMX(XNUMX)(f) GDPR. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. XNUMX(XNUMX)(a) GDPR and § XNUMX (XNUMX) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:

https://cleantalk.org/publicoffer#privacy

11.3 WP Statistics

This website uses the analytics tool WP Statistics to statistically evaluate visitor access. The provider is Veronalabs, Tatari 64, 10134, Tallinn, Estonia (https://veronalabs.com).

WP Statistics can be used to analyze the use of our website. In doing so, WP Statistics records, among other things, log files (IP address, referrer, browser used, origin of the user, search engine used) and actions that the website visitors have taken on the site (e.g. clicks and views).

The data collected with WP Statistics is stored exclusively on our own server.

The use of this analysis tool is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the anonymized analysis of user behavior in order to optimize both our websites and our advertising. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

IP anonymization: We use WP Statistics with anonymized IP addresses. Your IP address is shortened so that it can no longer be directly associated with you.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

12. Your rights as a data subject

12.1 Right to confirmation

You have the right to request confirmation from us as to whether personal data relating to you are being processed.

12.2 Right of access Art. 15 GDPR

You have the right to obtain from us, at any time and free of charge, information about the personal data stored about you and a copy of this data in accordance with the legal provisions.

12.3 Right to rectification Art. 16 GDPR

You have the right to request the correction of inaccurate personal data concerning you. Furthermore, taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.

12.4 Deletion Art. 17 GDPR

You have the right to request that we delete your personal data without undue delay, provided that one of the legally stipulated grounds applies and insofar as the processing or storage is not necessary.

12.5 Restriction of processing Art. 18 GDPR

You have the right to request that we restrict the processing of your data if one of the legal requirements is met.

12.6 Data portability Art. 20 GDPR

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, the controller to whom the personal data was provided, provided that the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Furthermore, when exercising your right to data portability pursuant to Article 20(1) GDPR, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.

12.7 Right to object pursuant to Article 21 GDPR

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on point (e) of Article 6(1) (processing in the public interest) or point (f) of Article 6(1) (processing based on legitimate interests) of the GDPR.

This also applies to profiling based on these provisions within the meaning of Article 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.

In certain cases, we process personal data for direct marketing purposes. You can object to the processing of your personal data for such marketing at any time. This also applies to profiling insofar as it is related to such direct marketing. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

Furthermore, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out by us for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

You are free, in connection with the use of information society services and notwithstanding Directive 2002/58/EC, to exercise your right to object by automated means using technical specifications.

12.8 Revocation of consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.

12.9 Complaint to a supervisory authority

You have the right to lodge a complaint with a supervisory authority responsible for data protection regarding our processing of personal data.

13. Routine storage, deletion and blocking of personal data

We process and store your personal data only for the period necessary to achieve the purpose of storage or as provided for by the legal regulations to which our company is subject.

If the purpose for which the data was stored ceases to exist or a prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.

14. Duration of storage of personal data

The criterion for the duration of the storage of personal data is the respective statutory retention period. After the deadline, the corresponding data will be routinely deleted, if they are no longer required to fulfill the contract or to initiate a contract.

15. Updates and changes to the privacy policy

This privacy policy is currently valid and was last updated in November 2025.

Due to the ongoing development of our website and services, or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed at any time on our website at "https://www.goldsaat.com/de/datenschutz.html".

This privacy policy was created with the support of the data protection software: audatis MANAGER.