Data protection - Cadolto Flohr & Söhne

Data protection

We take data protection seriously

The protection of your privacy when processing personal data is important to us. When you visit our website, our web server automatically records the IP address of your Internet service provider, the website from which you accessed our website, the web pages you actually visit as well as the date and length of your visit. This information is absolutely necessary for correct technical transmission of the web pages and reliable server operation. Personalised evaluation of this data does not take place.

If you send us data via the contact form, the data is stored on our servers in the course of data backup. Your data will only be used by us to process your request. Your data will be treated strictly confidential. There will be no transfer of your data to third parties.

Data controller:

Cadolto Flohr & Söhne GmbH & Co. KG
Nördliche Münchner Straße 27A
82031 Grünwald
Tel.: 089 21 538 488-0

Personal data

Personal data is data about your person. This includes your name, address and email address. However, you do not have to disclose any personal information when visiting our website. In some cases, we might need your name and address as well as further information in order to offer you the desired service.

The same applies if we supply you with requested information material or answer your enquiries. In these cases, we will always point this out to you. Further, we only store data that you have transmitted to us automatically or voluntarily.

If you use one of our services, we usually only collect the data necessary to provide you with the respective service. We may ask you for further information, which is always voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial goals.

Automatically stored non-personal data
Server log files

The provider of this website automatically collects and stores data in server log files which your browser provides us with. Namely:

  •   Access date and time
  •   Name of the file retrieved
  •   Website from which the file was retrieved
  •   Access status (file transferred, file not found, etc.) 
  •   Web browser and operating system used
  •   Full IP address of the requesting computer
  •   Amount of data transferred

A combination of this data with other data sources will not be made. The processing occurs according to Article 6(1f) GDPR, based on our legitimate interest in improving the stability and functionality of our website.   

For reasons of technical security, in particular to prevent attacks on our web server, we store this data for a short period of time. This data does not allow any conclusions to be drawn about an individual. After seven days at the latest, the data is anonymised by shortening the IP address at the domain level to ensure it is no longer possible to establish any reference to the individual user. In anonymised form, the data is also processed for statistical purposes; a comparison with other databases or a transfer to third parties, even in excerpts, shall not take place. A representation of the number of times a webpage is accessed is only used in the context of our server statistics, which we publish every two years in our activity report.

Use of Google services

We use the technologies of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) as described below. The information that is automatically collected by Google technologies about your usage of our website is, as a rule, transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. The European Commission has not issued an adequacy decision for the USA. Our cooperation is based on standard data protection clauses of the European Commission. 

If your IP address is collected via Google technologies, it is abbreviated before being stored on Google’s servers by activating IP anonymisation. Full IP addresses are only forwarded to a Google server and abbreviated there in exceptional cases. Unless otherwise specified for the individual technologies, the data processing is based on an agreement concluded for the respective technology between jointly responsible parties in accordance with Article 26 GDPR. For further information on data processing by Google, please refer to the Google privacy policy

Google Tag Manager

This website uses Google Tag Manager. The Tag Manager does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in effect for all tracking tags that are implemented with Google Tag Manager. You can find the Google privacy policy for this tool here:

Google Analytics

For the purpose of website analysis, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information as well as information on your use of our website), from which usage profiles are created with the use of pseudonyms. Cookies can be used for this purpose. The IP address is, as a rule, not combined with other Google data.  In order to optimise the marketing of our website, we have activated the data sharing settings for “Google products and services”. This allows Google to access the data collected and processed by Google Analytics and then use it to improve Google services. Sharing data with Google within the scope of these data sharing settings is based on an additional agreement between the data controllers. We have no influence on the subsequent data processing by Google. We also use the extension function of Google Analytics Google Optimize to create and run tests.

For web analytics purposes, the extension function of Google Analytics Google Signals enables so-called “cross-device tracking”. If your internet-enabled devices are linked to your Google Account and you have activated the “personalised advertising” setting in your Google Account, Google can generate reports on your usage behaviour (in particular cross-device user numbers), even if you change your device. We do not process personal data in this respect; we only receive statistics based on Google Signals.

For web analytics and advertising purposes, the extension function of Google Analytics enables the so-called DoubleClick cookie to recognise your browser when visiting other websites. Google will use this information to compile reports about your website activities and to provide other services related to the use of the website.


We use the lead generation service provided by Leadinfo B.V., Rotterdam, Netherlands. It recognises visits by companies to our website based on IP addresses and shows us related publicly available information, such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing transparency on how our visitors use our website and the tool processes domains from provided form inputs (e.g. “”) to correlate IP addresses with companies and to enhance its services. For additional information, please visit On this webpage you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.


We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All of our employees as well as the service providers who work on our behalf are obliged to comply with the applicable data protection laws.

Whenever we collect and process personal data, it will be encrypted prior to transmission. This means your data cannot be misused by a third party. Our security precautions are constantly improved and our data privacy policies are continuously revised. Please make sure the latest version is available to you.

Rights of data subjects

You have a right to information, rectification, erasure or limited processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we rectify or complete it at any time.

Right to erasure:

You can demand that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of legally regulated retention obligations.

Irrespective of the exercise of your right to erasure, we will immediately and completely erase your data, insofar as there is no legal or statutory obligation to retain data in this respect.

Right to limited processing:

You may request us to limit the processing of your data if

  •   you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
  •   the processing of the data is unlawful, but you refuse erasure and instead request limitation of the use of the data,
  •   we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  •   you have objected to the processing of the data.

Right to data portability:

You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transfer this data to another data controller without hindrance from us, provided that

  •   we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
  •   this processing is carried out with the aid of automated procedures.

If technically feasible, you may request us to transfer your data directly to another data controller.

Right to object:

If we process your data for legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons. 

Right to lodge a complaint:

If you are of the opinion that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

Amendments to this data privacy policy

We reserve the right to change our data privacy policies if this should become necessary due to new technologies. Please make sure the latest version is available to you. All important changes to this data privacy policy will be disclosed on our website.

All interested parties and visitors to our website can contact our data protection officer regarding data protection issues.

Projekt 29 GmbH & Co. KG

Jürgen Beer

Ostengasse 14

D-93047 Regensburg.

Should our data protection officer not be able to address your concern satisfactorily, you have the right to appeal to the regulatory authority responsible in your federal state.


When you visit our web pages, we might save information on your computer in the form of cookies. Cookies are small files that are transmitted from an Internet server to your browser and saved on the respective hard drive. The use of cookies is based on Art. 6 (1f) GDPR.

Only the Internet protocol address is saved in this case – no other personal data. The information saved in the cookies allow us to automatically recognise your computer during your next visit, making it easier for you to use our website.

Of course, you can also visit our web pages without cookies. If you do not want your computer to be recognised during your next visit, you can simply refuse the use of cookies by changing the appropriate settings on your browser to “Refuse cookies”. Refer to the operating instructions of your respective browser to learn how to do this. If you refuse to accept cookies, some parts of the website will not work.