Skip to Content
Legal

Privacy Policy

How we handle personal data on bimpex.de, in line with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Controller

Bimpex GmbH, Karl-Ferdinand-Braun-Str. 5, 28359 Bremen, Germany. Email: info@bimpex.de. Further company details are available on our imprint page.

2. Data we process

When you visit bimpex.de we process the following categories of personal data:

  • Server log data — IP address (stored in hashed form), user agent, referrer, requested URL and timestamp. Purpose: operating the site securely and diagnosing errors. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).
  • Inquiry form submissions — name, company, email, phone, country, subject and message, plus a consent flag. Purpose: responding to your inquiry. Legal basis: Art. 6(1)(a) GDPR (consent) and Art. 6(1)(b) GDPR (pre-contractual measures).
  • Email correspondence — whatever you choose to send us. Legal basis: Art. 6(1)(b) and (f) GDPR.

3. Cookies

bimpex.de uses only technically necessary cookies (session handling, CSRF protection, language preference). We do not set advertising or tracking cookies without your explicit consent. Legal basis: §25(2) TTDSG and Art. 6(1)(f) GDPR.

4. Recipients of data

Personal data is processed on servers of our hosting provider inside the European Union under a Data Processing Agreement (DPA) in line with Art. 28 GDPR. We do not sell or rent personal data to third parties. Disclosure to authorities only occurs where we are legally obliged.

5. Retention periods

  • Server logs: typically deleted or anonymised within 14 days.
  • Inquiry submissions: retained while the inquiry is active and afterwards only as long as tax or commercial law requires (typically 6 to 10 years under German HGB / AO).

6. Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you (Art. 15);
  • request correction of inaccurate data (Art. 16);
  • request erasure (Art. 17) or restriction of processing (Art. 18);
  • data portability (Art. 20);
  • object to processing based on legitimate interests (Art. 21);
  • withdraw consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal (Art. 7(3));
  • complain to a supervisory authority — for us this is Die Landesbeauftragte für Datenschutz und Informationsfreiheit der Freien Hansestadt Bremen.

To exercise any of these rights, email info@bimpex.de.

7. Security

bimpex.de is served over TLS. Access to personal data inside Bimpex GmbH is limited to employees who need it in order to process your inquiry. Our website stores a one-way hash of visitor IPs so that repeated abusive submissions can be blocked without retaining the raw address.

8. Changes

We may update this policy to reflect changes in the service or in applicable law. The current version is always published at /privacy.