Data Protection

Privacy Policy

Date of Review: Monday 14 April 2025

This privacy policy describes how Axon Data collects, uses and shares your personal data. We reserve the right to publish locally deviating provisions in addition to this privacy policy; the former shall take precedence in the event of a conflict.


Who is Responsible?

The board of directors are responsible for reviewing this privacy policy and ensuring that all practices in the company adhere to this policy. Information regarding how the company processes and safeguards your data can be found at the bottom of this website under the Data Protection link. Contact for the responsible officer can be made using the details provided in the company Imprint.


What is Personal Data?

Personal data is information that relates to an identified or identifiable living person. Different pieces of information, which collectively can lead to the identification of a particular person, is also considered personal data. Examples of personal data include names, addresses, email addresses, identification card numbers and IP addresses.


Your Rights for Personal Data

Axon Data respects your ability to know, access, correct, transfer, restrict the processing of, and delete your personal data. If the processing of your personal data is covered by the GDPR, you have the following rights, otherwise the legal provisions applicable to the processing apply. If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights.

Rights (Art. 15 ff. GDPR): You as a data subject have the right to obtain confirmation from the controller as to whether personal data concerning you are being processed; if this is the case, you have a right of access to such personal data and to the information specified in Article 15 of the GDPR. Under certain legal conditions, you have the right to rectification under Article 16 GDPR, the right to restriction of processing under Article 18 GDPR and the right to erasure ("right to be forgotten") under Article 17 GDPR.

In addition, you have the right to receive the data you have provided in a structured, common and machine-readable format (right to data portability) in accordance with Article 20 of the GDPR, insofar as the processing is carried out with the help of automated procedures and is based on consent in accordance with Article 6 (1a) or Article 9 (2a) or on a contract in accordance with Article 6 (1b) of the GDPR.

Withdrawal of Consent (Art. 7 (3) GDPR): If the processing is based on consent, you can revoke your consent to the processing of personal data at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.

Right of Appeal (Article 77 GDPR): You have the option of contacting us or a data protection supervisory authority with a complaint (Article 77 GDPR). Information regarding the company responsible for processing your data and, if applicable, the data protection officer as well as the competent supervisory authority can be found on this website.

Right to object (Article 21 GDPR): The right to object on a case-by-case basis. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 (1e) GDPR (data processing in the public interest) and Article 6 (1f) GDPR (data processing on the basis of a balancing of interests); this also applies to a profiling based on this provision within the meaning of Article 4 no. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.


Types of Personal Data

We do not collect any personal data via our websites without your consent. You alone decide whether you want to disclose this data to us or not, for example in the context of a registration or a download. We need your personal data to process your enquiry or to provide you with access to services e.g. logging into an account. If you choose not to provide personal data when it is required, in many cases we will not be able to provide you with our products or services.

The types of collected data are, among others:

  • Account Information – mySites Account related details e.g. email address, registered devices and authentication information.
  • Inventory and CRM Information – e.g. name, address, customer history and customer statistics.
  • Contact Information – e.g. name, email address, physical address, phone number.
  • Contract Information - e.g. offers, order list and subject matter of the contract.
  • Payment Information - e.g. bank details and payment history.
  • Content Information - e.g. text input, photographs and videos.
  • Usage Information - e.g. websites visited, interest in content and access times.
  • Location Information – e.g. device location for mySites if configured.
  • Meta/communication Information - e.g. device information and IP addresses.

How Do We Use Personal Data?

1. General Information

We use your personal data for the following purposes:

  • For the provision of the website and the online offer, its functions and contents.
  • For the creation and management of your personal customer account.
  • To identify you as a contracting party.
  • For processing your online purchases with us. This includes your orders and returns of purchases made through our website, processing of payment, notifications of delivery status and any problems with delivery. Your personal data may also be processed for the handling of complaints or in the event of warranty rights.
  • For responding to contact requests and communicating with users.
  • For the processing of service cases.
  • For the assertion, enforcement, exercise or defense of and against legal claim(s) and legal dispute(s), and for the detection, investigation and prevention of crime.
  • For security measures.

2. Registration for mySites

Registration on our website is required in order to use the mySites technology package. In the course of registration, we process the following personal data: Email address as well as a password generated by you.

The deletion of your customer account is possible at any time and can be initiated, for example, by sending a message to the contact option described above or by email. The legal basis for the processing of this personal data is the fulfilment of contractual obligations (for the EU Art. 6 para. 1 lit. b) GDPR).

As a registered customer, you can access your profile and view your sites/systems as well as use other services and functionalities described below.


3. E-Commerce

a) Ordering goods - When ordering goods via our website, we collect and process your personal data required for the processing of the order. Mandatory data required for the processing of contracts (name and address) are marked separately, other data are voluntary. The legal basis for the processing of this personal data is the fulfilment of contractual obligations (for the EU Art. 6 para. 1 lit. b) GDPR).

b) Electronic Ordering and Payment Processes - After you have decided to make a purchase as a customer or guest, we collect the following data to carry out the order: first name and surname, company name, communication data, address, delivery address if applicable. Payments are made by bank transfer after receipt of our invoice. In exceptional cases, an advance payment may be requested. The legal basis for processing your order and payment data is the fulfilment of contractual obligations (for the EU Art. 6 para. 1 lit. b) GDPR).

Your address, payment and order data will be stored for the duration of the tax and commercial law retention obligations of ten years after completion of the contract and then deleted, unless you have consented to storage beyond this or the further processing of the data is necessary for the assertion, exercise or defense of legal claims. The legal basis for processing personal data for the purpose of fulfilling legal archiving and retention obligations is the fulfilment of legal obligations (for the EU Art. 6 para. 1 lit. c) GDPR).

c) Data Transfer within the Framework of the Order - We process the data you provide for the purpose of processing your order. For the fulfilment of the contract, we pass on your data to the transport company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. The legal basis for the transfer of this personal data is the fulfilment of contractual obligations (for the EU Art. 6 para. 1 lit. b) GDPR). Our service providers may only process or use your data for the purpose for which they were transmitted to them. Insofar as data is passed on to external service providers, we have taken technical and organizational measures to ensure that the data protection regulations are observed.


4. Contact Forms

At various points on our website, you have the opportunity to enter your personal data in order to contact us. We have marked the respective mandatory information as such. Without these, we cannot provide you with the requested service. At the time of entry, we store this information as well as your IP address and the time (date and time) of submission. It is also possible to contact us via the email addresses provided. In this case, the user's personal data transmitted with the email will be stored. The data will be used exclusively for processing the enquiry. The legal basis for the processing of data transmitted in the context of the use of the contact form or in the course of sending an email is our legitimate interest (for the EU Art. 6 para. 1 lit. f) GDPR) or the fulfilment of contractual obligations (for the EU Art. 6 para. 1 lit. b) GDPR) if the email contact is aimed at the conclusion of a contract.

The processing of the personal data from the contact form serves us solely to process the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems. The data shall be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.


5. Provision of the Website

In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser automatically transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis in the EU is Art. 6 para. 1 lit. f) GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access Status/HTTP Status Code
  • Data volume transferred in each case
  • Website from which the request comes
  • Browser as well as language and version of the browser software
  • Operating system and its interface

6. Cookies

Axon Data’s website, online services and devices may also use ‘cookies’ to help us deliver services.

a) Cookies Required for Technical Reasons – Technically necessary cookies enable the use of our website by enabling basic functions such as page navigation and access to secure areas of the website. Our website cannot function properly without these cookies.

b) Performance and Preferences – Cookies are set when you use our website (e.g. to recognize the browser) in order to improve performance (e.g. quicker loading of content). When you visit our website, the country and language choice detected, or selected by you, is stored in cookies so that you do not need to select them again during subsequent visits. Checks are made in advance as to whether your browser supports cookies, and this information is held in an additional cookie.


How Do We Protect Personal Data?

We have taken technical and organizational security measures (for the EU according to Art. 24, 32 GDPR) to protect your personal data from loss, destruction, manipulation and unauthorized access. All our employees and all third parties involved in data processing are obliged to comply with the applicable data protection laws and to handle personal data confidentially.

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.


Sharing Personal Data

Apart from the cases described in this privacy policy and unless otherwise regulated in additional privacy policies, your personal data will not be passed on to third parties or otherwise disseminated without your express consent.

Within the responsible company, Axon Data, access to your data is granted to those offices that need it to fulfil our contractual and legal obligations or to protect legitimate interests. Furthermore, affiliated companies of Axon Data as well as service providers and vicarious agents employed by us and authorities or third parties may receive data for these purposes. Service providers, vicarious agents, etc. commissioned by us will be contractually obliged to comply with the applicable data protection laws.

As part of the hosting of our website, your data processed by us is processed by the provider SimplyCloud acting on our behalf and on the basis of a processing agreement.


Transfer to Third Countries

Data is only transferred abroad within the scope of the applicable data protection regulations. In particular, as far as this is necessary for the execution of your orders, is required by law (e.g. reporting obligations under tax law), in case you have given us your consent or within the scope of a processing agreement.

Within the scope of the EU General Data Protection Regulation (GDPR), the following shall apply additionally: Data transfer to countries outside the EU or the EEA (so-called third countries) only takes place within the framework of the applicable data protection regulations.

In the event of the transfer of personal data to third countries, we ensure an appropriate level of data protection, e.g. through special guarantees, such as the adequacy decision by the EU commission that the levels of data protection are essentially equivalent to the EU (e.g. UK GDPR for the United Kingdom) or compliance with recognized special contractual obligations (so-called "EU standard contractual clauses").


Scope of this Privacy Policy

Our websites may contain links to websites of other providers; these websites are not subject to this privacy policy. We carefully check the content of other websites before linking to them. In doing so, we ensure that we only link to websites that adhere to the same high standards of data protection as Axon Data.

We are not responsible for the privacy practices or the content of such other websites. If we become aware of any infringements by third party content, we will remove the link immediately.


Changes to Our Privacy Policy

We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments or legal changes. In these cases, we will also adapt our privacy policy accordingly. Please therefore note the current version of our privacy policy.