Data privacy

Information on data processing for use of the website for the processing of customer and prospect data:

1. Controller
Responsible for the above-mentioned data processing is in the sense of article 4 sect. 7 GDPR
BRICK HOLDING GmbH & Cie. KG (hereinafter „Brick Holding“)
Alsterufer 26
20354 Hamburg
Tel.: +49 (40) 808 172 300

2. Subject of data protection
The subject of data protection is personal data. According to Art. 4 No. 1 GDPR, this is all information relating to an identified or identifiable person. This includes, for example, information such as name, postal address, e-mail address or telephone number, and possibly also usage data such as the IP address.

3. Scope and purpose of data collection and storage
In the following we will explain the scope of data collection, storage and use (hereinafter „data processing“, used in accordance with Art. 4 No. 2 GDPR) and the purpose of the respective data processing within the scope of the website (Section 4), customer and prospective customer data processing (Section 5) at BRICK HOLDING.

4. Data processing within the scope of website use
In principle, the use of the website is possible without providing personal data. An exception is the IP address. We require this at short notice.

Without Internet Protocol addresses, or „IP addresses“ for short, the Internet will not function. In computer networks, an IP address represents an address so that web servers and/or individual end devices can be addressed and reached. Without an IP address, the web server and the end devices cannot communicate – and therefore cannot display anything. The web server on which the website is hosted is therefore pinged with a data request – from you, you want to use the website. To deliver the data, the web server must know the IP address. Consequently, the web server must process your IP address at this moment of the data request.

The legal basis for this data processing is regularly Art. 6 para. 1 b) GDPR, as we need your IP address in order to be able to send you the website and the information it contains.

In addition, the web server records the following data with each call following data and information from the computer system of the calling computer:
– Date and time of the request
– Time zone difference to Greenwich Mean Time (GMT)
– Content of the request (exact site)
– Access status/HTTP status code
– Amount of data transmitted in each case
– Website from which the request comes
– Browser

5. Data processing for customer and prospective customer enquiries via the website
5.1 Inquiries by e-mail
If you contact us by e-mail as a customer or interested party, you must at least leave or send us the following personal data:
– e-mail address –
first name and surname –
telephone number (if applicable) –
your request

These data are used exclusively to process your request and to be able to get back to you afterwards. The legal basis for this data processing is Art. 6 Para. 1 b) GDPR, since we could not come back to you and your described request if we did not receive any personal contact data from you.

5.2 Google Maps
To make it easier for you to find us, we have integrated maps from the Google Maps service of Google LLC into our website via an API. To be able to display the content in your browser, Google must receive your IP address, otherwise Google could not provide you with this integrated content.

The legal basis for this data processing is art. 6 para. 1 b) GDPR, as the IP address is required to provide you with the contents. In this processing, our cooperation with Google is based on a contract on joint responsibility in accordance with Art. 26 GDPR, which can be accessed here.

For more information about Google’s data processing practices, please refer to Google’s privacy policy at

6. Earmarked use of data, recipient of data, transfer of data
We observe the principle of the purpose-related use of data. We collect, store and use all the above-mentioned data only for the purposes already mentioned.

In addition to the persons responsible (cf. item 1), our IT service provider and our hosting provider Mittwald CM Service GmbH & Co KG is the recipient of your data. We have concluded an order processing contract with these service providers so that the service providers process data solely according to our instructions and under our control. In addition, they hold Google LLC data, as we have integrated Google Maps.

7. Duration of processing, deletion of data
7.1 Deletion periods within the scope of website use in accordance with Section 4
In the event of incorrect page views, the data is stored in error files and deleted after seven days. In all other cases the logs store the IP address alienated. For this purpose the last three digits are removed, i.e. becomes 127.0.0.*. IPv6 addresses are also alienated. It is therefore no longer possible to assign the calling client. The alienated IP addresses are deleted after 60 days.

7.2 Deletion periods for customer and prospective customer data in accordance with section 5
Customer data are stored for up to 10 years in accordance with the statutory retention periods from § 257 para. 4 HGB (German Commercial Code), § 147 para. 3 AO (German Fiscal Code) and then deleted. The period begins at the end of the calendar year in which the respective data was collected.

Data of prospective customer will be deleted four years after a last contact point, as long as no retention periods under commercial law have to be observed according to § 257 HGB. In this case, the data will be limited in use in accordance with Art. 18 GDPR to the fulfilment of the obligation to retain data and will be deleted after expiry of the above-mentioned periods. The period begins at the end of the calendar year in which the respective data was collected.

8. Rights of the persons concerned (including rights of information, revocation, objection and deletion)
As a data subject, you have the following rights against BRICK HOLDING as the person responsible:

You have the right to request information regarding the data we process about you.

You may at any time object to the processing of your data, provided that the requirements of Art. 21 GDPR are met, and you may at any time revoke any consent you may have given to the processing of the data. If consent to data processing is revoked or the use of the data is objected to, this shall not affect the lawfulness of data processing up to the time of revocation or objection.

Furthermore, you can have the data processed by us corrected, restricted or deleted at any time. We expressly point out that there may be legal obligations – such as storage obligations – to continue to store data. In this case the data can only be restricted. This means that the data is processed exclusively for the purpose of fulfilling the legal obligations and is not used otherwise.

In addition, you also have the right to data transferability in accordance with Art. 20 GDPR and the right to complain to a supervisory authority in accordance with Art. 77 GDPR.

If you have any questions, please contact us at any time under

April 2020