Privacy Policy | DEKALIN

Privacy Notice

General Information and Mandatory Disclosures
Data Protection
The goal of data protection—and also our goal at DINOL GmbH—is to ensure that the handling of personal data respects the individual’s right to privacy.

To achieve this goal, entities responsible for processing personal data are obligated to comply with the provisions of EU legislation (General Data Protection Regulation – GDPR) as well as national data protection laws.

Personal data may only be processed if the GDPR or another law permits it. Key principles of the GDPR include:

Lawfulness, fairness, and transparency of processing (Art. 5(1)(a) GDPR)
Purpose limitation (Art. 5(1)(b) GDPR)
Data minimization (Art. 5(1)(c) GDPR)
Accuracy of data processing (Art. 5(1)(d) GDPR)
Storage limitation and deletion concepts (Art. 5(1)(e) GDPR)
Integrity and confidentiality (Art. 5(1)(f) GDPR)

Controller’s Information Obligations and Data Subject Rights

Name and Contact Details of the Controller and, if applicable, its Representative
The controller responsible for data processing on this website is:

DINOL GmbH
Pyrmonter Straße 76
D-32676 Lügde
+49 5281 – 982 980
info@dinol.com

The controller, as defined in Art. 4(7) GDPR, is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Contact Details of the Data Protection Officer
You can reach our Data Protection Officer at: datenschutz@wuerth-it.com.

Purpose of Data Processing

DINOL GmbH specializes in the trade of corrosion protection materials, adhesives and sealants, fillers, sprayable soundproofing materials, and related application systems.

The processing of personal data is carried out to fulfill this business purpose or supporting ancillary purposes, such as customer consulting.

Categories of Data Subjects and Related Data

The categories of data subjects include:

Current employees
Former employees
Applicants
Prospective customers
Customers
Suppliers
Service providers
Other business partners

The related data includes all personal data necessary to fulfill the respective purpose. Specific details on which data is processed will be explained below.

Legal Bases

Processing of personal data is lawful only if permitted by law or if the individual has given consent.

In our company, personal data is processed exclusively in accordance with legal requirements. Lawfulness exists if one of the following conditions applies:

Consent to the processing of personal data (Art. 6(1)(a) GDPR)
Necessity of processing for the performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
Necessity of processing to comply with a legal obligation (Art. 6(1)(c) GDPR)
Necessity of processing based on the legitimate interests of the controller or a third party (Art. 6(1)(f) GDPR)

Special Note on Legal Basis for Contractual Purposes

DINOL GmbH exclusively targets business customers. Therefore, when processing personal data for contractual purposes, the legal basis—unless otherwise specified in individual cases—is:

If you are a registered merchant or freelancer: processing for the performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR); or
If you act as an employee of a company (e.g., in purchasing): Art. 6(1)(f) GDPR, the legitimate interest of DINOL GmbH. This legitimate interest lies in the sale of our goods and services, which is particularly justified by entrepreneurial freedom and professional freedom.

For simplicity, we will refer to this as “data processing for contractual purposes.”

Potential Recipients of Data Transfers

Potential recipients of transmitted personal data include:

Public authorities, if a legal obligation exists
Service providers and other business partners, insofar as necessary to fulfill the respective purpose and permitted or required by law, or if the data subject has consented

Planned Data Transfers to Third Countries or International Organizations

If data transfers to third countries (i.e., non-EU member states, excluding EFTA states Norway, Liechtenstein, and Iceland) or international organizations become necessary, this will occur exclusively for the conclusion or performance of contracts—provided the data subject’s legitimate interests do not conflict—while complying with the data protection requirements of Art. 44 et seq. GDPR.

If we transfer your data to a third country or international organization in individual cases, we will provide you with the necessary information for that specific case.

Standard Deadlines for Data Deletion

Personal data is deleted in accordance with applicable legal or contractual provisions on data deletion, taking into account statutory or contractual retention obligations. Such obligations arise, among others, from the German Commercial Code (HGB) and the Fiscal Code (AO). The prescribed retention or documentation periods are up to ten years beyond the end of the business relationship or pre-contractual legal relationship.

Other legal provisions may require longer retention periods, such as preserving evidence under statutory limitation rules. The regular limitation period is three years; in certain cases, limitation periods of up to 30 years or even longer may apply.

Personal data not subject to statutory or contractual retention or deletion obligations will be deleted once it is no longer necessary for the respective purpose (Art. 17(1)(a) GDPR).

Your Data Protection Rights (Art. 12 et seq. GDPR)

Data subjects have various rights regarding data protection. These rights are explained below. To exercise these rights, you can use the contact details provided above.

Right of Access (Art. 15 GDPR), Rectification (Art. 16 GDPR), Restriction of Processing (Art. 18 GDPR), and Erasure (Art. 17 GDPR)
You have the right, within the scope of applicable legal provisions, to obtain free information at any time about the personal data stored by the controller concerning you, its origin and recipients, and the purpose of data processing, and, if applicable, a right to rectification, restriction, or erasure of this data.

Right to Object (Art. 21 GDPR)

Every data subject has the right to object to the processing of their data if the processing is based on Art. 6(1)(f) GDPR. If you object to the processing of your personal data, we will review your objection on a case-by-case basis. If we are legally required to delete your personal data as a result of your objection, we will delete your data in compliance with statutory retention obligations. The lawfulness of processing carried out prior to the objection remains unaffected by the objection.

Obligation to Provide Data (Art. 13(2)(e) GDPR)

Every data subject has the right to know whether the provision of personal data is required by law or contract, or necessary for the conclusion of a contract, whether the data subject is obliged to provide the personal data, and the possible consequences of failing to provide such data.

Right to Lodge a Complaint with the Supervisory Authority (Art. 13(2)(d) GDPR)

Data subjects have the right to lodge a complaint with the competent supervisory authority if they believe that their rights have been violated. The competent supervisory authority for data protection matters is the Data Protection Commissioner of the federal state where our company is based. In principle, however, the data subject may also contact the supervisory authority of their place of residence or the place of the alleged infringement.
A list of data protection commissioners and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Right to Data Portability (Art. 20 GDPR)

You have the right to receive data that we process automatically based on your consent or in performance of a contract in a commonly used, machine-readable format, or to have it transmitted to a third party. If you request the direct transfer of data to another controller, this will only be done where technically feasible.

Withdrawal of Your Consent to Data Processing (Art. 7(3) GDPR)

Some data processing operations are only possible with your consent. You may withdraw consent already given at any time without providing reasons. A simple email to one of the addresses listed above is sufficient. The lawfulness of processing carried out prior to the withdrawal remains unaffected by the withdrawal.

Email Advertising Without Newsletter Subscription and Your Right to Object under Art. 21 GDPR

If we receive your email address in connection with the sale of a product or service and you have not objected, we reserve the right to regularly send you offers for similar products from our range by email based on § 7(3) UWG. This serves to protect our overriding legitimate interests under Art. 6(1)(f) GDPR in promoting our products to our customers. You may object to the use of your email address at any time by sending a message to the contact option described below or via a link provided in the promotional email, without incurring any costs other than the transmission costs according to basic rates.

Email Advertising with Newsletter Subscription

If you subscribe to our newsletter, we use the data required for this purpose or separately provided by you to regularly send you our email newsletter based on your consent pursuant to Art. 6(1)(a) GDPR. You may unsubscribe from the newsletter at any time without providing reasons, either by sending a message to the contact option described below or via a link in the newsletter. After unsubscribing, we will delete your email address unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this, as permitted by law and as explained in this statement.

Forwarding Customer Inquiries

If you contact us via our info mailbox, by email, or through a contact form, we process your personal data (e.g., name, contact details, content of your inquiry) to handle your request.
If necessary to fulfill your request, we may forward your inquiry to the relevant internal departments or external sales partners/distributors.

Legal Basis:
Forwarding is based on Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures) or—if necessary—on our legitimate interest under Art. 6(1)(f) GDPR to process your inquiry efficiently.

Recipients:
Possible recipients include internal departments and external sales partners responsible for handling your request.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the browser’s address bar changing from “http://” to “https://” and by the lock symbol in your browser bar.
When SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

Automatic Data Processing When Visiting Our Website – Purposes and Legal Bases

You can visit and use our website for informational purposes without having to provide personal data yourself (e.g., through registration or submission in online forms). However, to enable you to view our website and use it in a user-friendly, efficient, stable, and secure manner, we automatically collect and process the necessary pseudonymized technical data in interaction with your device and browser.

Automatic Data Collection and Processing by Web Servers

To display the individual pages of our website, our web servers automatically collect and process the following personal data transmitted by your browser:

Requested address on the web server (URL)
“User-Agent” identifier, which may include additional information depending on the browser
Operating system used
Browser type and version
Referrer URL (last visited page, if transmitted)
Date and time of the server request
IP address

These data are temporarily stored in so-called server log files. No personal evaluation of these data takes place, and they are not combined with other data sources.

The pseudonymized technical communication data collected and processed to enable the use of the website (connection setup) are temporarily stored by our web servers in log files (server log files). We use these server log files for internal system-related purposes, particularly for technical administration and to ensure the stability and security of our web servers and website—for example, to identify and track unauthorized or abusive access attempts to our web servers via the stored IP address.

The legal basis for processing server log files is Art. 6(1)(f) GDPR, which permits the processing of personal data within the scope of our legitimate interests, provided that your fundamental rights, freedoms, or interests do not override them. Our legitimate interests lie in the easy administration and secure operation of our website.

Use of Cookies and Other Technologies

To make your visit to our website user-friendly and attractive and to enable the use of certain functions, we use so-called “cookies” on our website. These are small text files stored on your device and associated with the browser you use, through which certain information flows to the entity that sets the cookie (in this case, us).

Cookies cannot execute programs, transmit viruses to your device, or cause any other harm to your device.

Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Session cookies allow various requests from your browser to be assigned to a common session. This enables us to recognize your browser when you use multiple pages of our website or return to our website without closing your browser. We use session cookies to provide certain functions you have requested.

Another type of cookie (so-called persistent cookies) remains on your device for a specified period and allows us to recognize your browser on your next visit. Persistent cookies have an expiration date and are automatically deleted after a certain time. You can also delete them manually at any time in your browser’s security settings.

You can configure your browser to inform you about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or generally, and activate the automatic deletion of cookies when closing the browser. Disabling cookies entirely may limit the functionality of this website, as some cookies are necessary for its proper functioning.

The legal basis for data processing using cookies is, in the case of technically necessary cookies and (partly) functional cookies, Art. 6(1)(f) GDPR / § 25(2) TDDDG, which permits the processing of personal data within the scope of our legitimate interests, provided that your fundamental rights, freedoms, or interests do not override them. Our legitimate interests lie in the technically error-free and optimized provision of our website and certain functions and offers you request.

The legal basis for data processing using cookies in the case of non-essential cookies—such as analytics and statistics cookies, marketing cookies, and partly functional cookies—is your consent pursuant to Art. 6(1)(a) GDPR / § 25(1) TDDDG. You can withdraw your consent at any time with effect for the future.

Details about cookies and an overview of the cookies used can be accessed at any time on all pages of our website via the gear icon located at the bottom left of every page. There you can also withdraw your consent.

Google Maps

We use Google Maps on this website to display interactive maps directly on the site and enable convenient use of the map function. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. When using Google Maps, personal data may also be transmitted to the servers of Google LLC in the USA. For the transfer of personal data to Google LLC in the USA, Google LLC has concluded so-called Standard Contractual Clauses of the European Commission with us.

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not want this association with your Google profile, you must log out of your Google account before accessing a map.

Google stores your data as usage profiles and uses them for advertising, market research, and/or the design of its website to meet user needs. Such evaluation occurs in particular (even for users not logged in) to provide tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, which you must exercise by contacting Google.

The legal basis for data processing by Würth IT GmbH is Art. 6(1)(a) GDPR and § 25(1) TDDDG, your consent. You can withdraw your consent at any time. The lawfulness of processing carried out prior to withdrawal remains unaffected.

Further information about Google Maps and Google’s privacy policy can be found at:
https://policies.google.com/privacy (General Google Privacy Policy)
https://policies.google.com/terms?hl=de#toc-software (Google Services Terms of Use)
References to Facebook, YouTube, Instagram, and LinkedIn

Our websites contain links to the social media platforms Facebook, YouTube, Instagram, and LinkedIn. These links are provided via corresponding icons on our websites, marked with the respective social media platform’s logo, and behind which a link to our respective social media page is embedded. Social plugins (such as the Facebook “Like” button) are not integrated.

By using these links to social media services, no data is transmitted from you to these services. These are standard hyperlinks, which generally do not involve data transmission. When you click the link, you are redirected directly to our social media presence on the respective platform. Data transmission only occurs if you are logged into your user account on the respective social media service. You can then link or share content from our websites directly with the social media service or, in the case of YouTube, watch videos from our YouTube channel. The respective social media service may then learn which content you viewed on our websites.

The entities responsible for the linked social media services are exclusively:

For Facebook and Instagram: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
For YouTube: YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
For LinkedIn: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA

Further information about the purpose and scope of data collection and the further processing and use of your data by the respective social media service can be found in the privacy policies of the respective service, available online. These also include information about settings to protect your privacy and your additional rights regarding the collection, processing, and use of your data by the respective social media service.

You are solely responsible for transmitting data to the aforementioned social network services, as you actively initiate the subsequent data processing by logging into your respective social network account and following the respective link.

Embedding YouTube Videos

We have embedded YouTube videos into our online offering, which are stored on www.youtube.com and can be played directly from our website. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. When using YouTube, personal data may also be transmitted to the servers of Google LLC in the USA. For the transfer of personal data to Google LLC in the USA, Google LLC has concluded so-called Standard Contractual Clauses of the European Commission with us. These can be viewed here:
https://privacy.google.com/businesses/processorterms/

YouTube videos on our website are embedded in “enhanced privacy mode,” meaning that no data about you as a user is transmitted to YouTube if you do not play the videos. Data is only transmitted when you play the videos. We have no influence on this data transmission. Before transmission, you will be explicitly informed that playing the video will result in data being transmitted to YouTube. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly associated with your account.

If you do not want this association with your YouTube profile, you must log out of your Google account before playing the video. YouTube stores your data as usage profiles and uses them for advertising, market research, and/or the design of its website to meet user needs. You have the right to object to the creation of these user profiles, which you must exercise by contacting YouTube.

The legal basis for data processing by DINOL GmbH is Art. 6(1)(a) GDPR, your consent. You can withdraw your consent at any time. The lawfulness of processing carried out prior to withdrawal remains unaffected.

Further information about YouTube and Google’s privacy policy can be found at:

https://www.google.com/intl/de/policies/privacy/ (General Google Privacy Policy)
https://policies.google.com/terms?hl=de#toc-software (Google Services Terms of Use)
https://www.youtube.com/static?gl=DE&template=terms&hl=de (YouTube Terms of Use)

Contact Forms

If you send us an inquiry via a contact form, the information you provide in the inquiry form, including the contact details you enter, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

Categories of Personal Data

For an inquiry via the contact form, the following categories of personal data are processed:

Company
Name
Salutation
Street and number
Postal code & city
Email address
Telephone number
Your message

Legal Basis

The processing of mandatory fields in the contact form (marked with “*”) is based on our legitimate interest in providing customers with an easy way to contact us and improving our consulting quality (Art. 6(1)(f) GDPR), as well as for (pre-contractual) contractual purposes (Art. 6(1)(b) GDPR).

Information beyond the mandatory fields can be provided voluntarily. The legal basis for these voluntary details is Art. 6(1)(a) GDPR, your consent. The processing of voluntary information serves to improve our service and provide you with more comprehensive support. You can withdraw your consent to the processing of voluntarily provided data at any time by contacting us using the contact details provided above.

Storage Period

The data you enter in the contact form will remain with us until you request deletion or the purpose for storing the data no longer applies (e.g., after your inquiry has been fully processed). Exceptions may apply due to statutory retention obligations.

Distribution – Company Location

Shipping Service Providers
We forward your address to the shipping service provider listed below for the purpose of delivering ordered goods. The legal basis for this is Art. 6(1)(b) GDPR, data processing for contract fulfillment.

If you have expressly given your consent during or after your order, we will also forward your email address and telephone number to the selected shipping service provider based on this consent pursuant to Art. 6(1)(a) GDPR, so that they can contact you prior to delivery for the purpose of delivery notification or coordination.

You can withdraw your consent at any time by sending a message to the contact option described below or directly to the shipping service provider at the contact address listed below. After withdrawal, we will delete your data provided for this purpose unless you have expressly consented to further use of your data or we reserve the right to use your data beyond this, as permitted by law and explained in this statement.

DAUCZECH s.r.o.
Smetanova 206
CZ-41723 Kostany

FedEx Express Deutschland GmbH
Haberstr. 2
53842 Troisdorf

FedEx Express Deutschland GmbH
Langer Kornweg 34k
65451 Keisterbach

GO! Express & Logistics Bielefeld GmbH
Gildemeisterstraße 100
33689 Bielefeld

Int. Transportbedrijf Van der Heijden B.V.
Diamantweg 64
5527 LC Hapert
Postbus 204
5530 AE Bladel, Netherlands

Schenker Deutschland AG
Lyoner Straße 15
60528 Frankfurt am Main

Skyline Express International GmbH
Im Seelenkamp 23-25
32791 Lage

Strohbecke GmbH
Normannstr. 6
32051 Herford

vbe Speditions GmbH
Am Bahnhof 1
32699 Extertal-Bösingfeld

Payment Processing

For orders in our online shop, we offer payment by invoice and prepayment. Payment processing is carried out by DINOL GmbH, Pyrmonter Straße 76, 32676 Lügde.

The payment process is handled by us, DINOL GmbH, Pyrmonter Straße 76, 32676 Lügde. For this purpose, the personal data you enter in the order form will be transmitted to us. We use the data you provide during the ordering process exclusively for payment processing in accordance with Art. 6(1)(b) GDPR. Data will only be shared to the extent necessary for payment processing. In the course of payment processing, we process and store the personal data transmitted by us and forward it to the entities necessary for the transaction, particularly the involved credit institutions, banks, and credit card companies.

Credit Check for Purchase on Account

When selecting the payment method “purchase on account,” personal data and other information (such as shopping cart, invoice amount, order history, payment experience) are transmitted during the ordering process for the purpose of a credit check to safeguard our legitimate interest in determining our customers’ creditworthiness and preventing payment defaults.

We transmit your personal user data for this purpose in accordance with Art. 6(1)(f) GDPR to the following—non-exhaustive—credit agencies:

Compagnie Française d’Assurance pour le Commerce Extérieur SA (Coface)
Branch in Germany
Isaac-Fulda-Allee 1
55124 Mainz

Creditreform Heilbronn Zimmermann GmbH & Co. KG
Ferdinand-Braun-Str. 3
74074 Heilbronn

A credit check is only carried out in certain cases via Creditreform. In individual cases, an additional check may be performed by Coface.

The credit report may contain probability values (so-called score values). If score values are included in the credit report result, they are based on a scientifically recognized mathematical-statistical procedure. Address data, among other factors, is included in the calculation of score values. You can object to this processing of your data at any time by sending us a message.

Compliance Screening

As part of our legal obligations for export control and anti-terrorism measures, we regularly conduct sanctions list checks. These checks are carried out automatically using the “Compliance Screening” software solution from AEB SE, Sigmaringer Straße 109, 70567 Stuttgart.

In this process, personal data (e.g., name, address) of business partners, employees, and applicants are compared with official sanctions lists.

Data processing is based on legal obligations pursuant to Art. 6(1)(c) GDPR and to safeguard legitimate interests pursuant to Art. 6(1)(f) GDPR, particularly to ensure legally compliant business relationships and to avoid violations of international sanctions.

AEB SE
Sigmaringer Straße 109
70567 Stuttgart
Tel.: +49 711 72842 0
Email: info.de@aeb.com

Disclaimer

The privacy notice of DINOL GmbH does not apply to applications, products, services, websites, or social media functions of third parties that can be accessed via links we provide for informational purposes. When you use these links, you leave the DINOL GmbH website, and third parties may collect or share information about you.

DINOL GmbH has no influence over third-party websites and makes no recommendations or assurances regarding these websites or their privacy practices. We therefore strongly advise you to carefully read and review the privacy policies of all websites you may interact with before allowing them to collect, process, and use your personal data.

Last updated: December 2025