Name of provider:
DEFCOM Holding GmbH
Tölzer Straße 1
83021 Grünwald
DEFCOM Holding GmbH is a limited liability company under the German Limited Liability Companies Act (GmbH-Gesetz) with its registered office in Grünwald, entered in the commercial register of the Munich Local Court under number HRB 303058.
VAT identification number: DE 143/128/21762
Authorised representatives:
Franziska P. Bäurle / Matthias Spott
Tölzer Straße 1
83021 Grünwald
Email: info@defcom-holding.com
Website: defcom-holding.com
We are responsible for the content of our website in accordance with general laws. All content is created with due care and to the best of our knowledge and is for informational purposes only. Insofar as we refer to third-party websites via hyperlinks on our website, we cannot guarantee that the linked content is always up to date, accurate and complete, as this content is outside our area of responsibility and we have no influence on its future design. If, in your opinion, any content violates applicable law or is inappropriate, please let us know. The legal information on this page and all questions and disputes relating to the design of this website are subject to the law of the Federal Republic of Germany.
The texts, images, photos, videos and graphics on our website are generally protected by copyright. Any unauthorised use (in particular reproduction, editing or distribution) of this copyright-protected content is therefore prohibited. If you intend to use this content or parts thereof, please contact us in advance using the details above. If we do not ourselves hold the necessary copyright usage rights, we will endeavour to put you in touch with the rights holder.
This legal notice also applies to the following social media profiles:
– LinkedIn: defcom-holding (https://www.linkedin.com/company/defcom-holding)
In order to improve the readability of the texts presented on our website, only the generic masculine form is generally used. Unless otherwise stated, however, all formulations are to be understood as gender-neutral and comprehensive.
1.1 The following data protection declaration applies to the use of our websites and the services offered on them. This data protection declaration informs you in accordance with Art. 12 ff. of the General Data Protection Regulation (GDPR) about how your personal data is handled when you use our websites. In particular, it explains what data we collect and what we use it for. It also informs you about how and for what purpose this is done.
1.2 When you visit our websites, various personal data is processed depending on the type and scope of use. Personal data (hereinafter also referred to as ‘data’) is information that relates to an identified or identifiable natural person (hereinafter referred to as ‘data subject’); a natural person is considered identifiable if they can be identified directly or indirectly (e.g. by assigning them an online identifier). This includes information such as name, address, telephone number and date of birth.
1.3 The processing of your data may include any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution or other forms of provision, comparison or linking, restriction, erasure or destruction.
2.1 Data Controller
Unless otherwise specified, DEFCOM Holding GmbH is the data controller within the meaning of Art. 4 No. 7 GDPR.
Our contact details:
DEFCOM Holding GmbH,
Tölzer Straße 1,
83021 Grünwald,
Germany
Telephone: +49 151 29623581
Email: info@defcom-holding.com
2.3 Legal basis for processing
We only process personal data in cases where we are permitted to do so under data protection law, where we are legally obliged to do so, or where we have your express consent. Specifically, the following legal bases apply: Data is processed on the basis of Art. 6 (1) (a) GDPR if we obtain your consent for a specific processing purpose.
In situations where the processing of personal data is necessary to fulfil a contract to which you are a party, such as for the delivery of goods or services, we rely on Art. 6 (1) (b) GDPR. This also applies if such processing is necessary for the implementation of pre-contractual measures, e.g. for product enquiries.
If we have to comply with a legal obligation that requires the processing of personal data, such as for tax purposes, this is done in accordance with Art. 6 (1) (c) GDPR.
In some exceptional cases, it may be necessary to process personal data in order to protect the vital interests of the data subject or another natural person. For example, this may be necessary in an emergency where medical information must be disclosed to doctors. In such cases, Article 6 (1) (d) GDPR applies.
Finally, processing may also be based on Art. 6 (1) (f) GDPR. This legal basis applies to cases not covered by the previous provisions and if we or a third party has a legitimate interest in data processing, provided that the interests of the data subject do not outweigh these interests when weighed up.
2.4 Duration of data storage
Unless otherwise specified, we initially process and store your personal data for the duration required for the respective processing purpose. This may also include the periods during which a contract is being initiated (pre-contractual legal relationship) and a contract is being processed. On this basis, personal data is regularly deleted in the course of fulfilling our contractual and/or legal obligations, unless its temporary further processing is necessary for the following purposes:
• Compliance with statutory retention obligations arising, for example, from the German Commercial Code (Sections 238, 257 (4) HGB) and the German Fiscal Code (Section 147 (3), (4) AO). The retention and documentation periods specified therein are up to ten years.
• Preservation of evidence in accordance with the statute of limitations. According to §§ 194 ff. of the Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.
2.5 Disclosure of data to third parties
If you have provided us with personal data, this will not be disclosed to third parties. Disclosure will only take place
• within the scope of your consent. When the data is collected, you will be informed of the recipients or categories of recipients.
• to external service providers (e.g. hosting providers) within the scope of order processing in accordance with Art. 28 GDPR. These have been carefully selected and commissioned by us, are bound by our instructions and the provisions of the GDPR, and are regularly monitored.
• to external service providers (e.g. hosting providers) within the scope of order processing in accordance with Art. 28 GDPR. These have been carefully selected and commissioned by us, are bound by our instructions and the provisions of the GDPR, and are regularly monitored.
• to authorities entitled to receive information within the scope of fulfilling legal obligations. If we transfer data to recipients in a so-called third country (based outside the European Economic Area), you can find this information in the description of the respective data processing in this privacy policy, including details of the recipients and the underlying legal basis in accordance with Art. 46 (2) GDPR. The European Commission certifies some third countries as having a data protection standard comparable to that in the European Economic Area through so-called adequacy decisions. If a country does not have a comparable data protection standard, we and our sub-processors ensure that data protection is adequately guaranteed by other measures. This is possible, for example, through the European Commission's standard contractual clauses for the protection of personal data (‘SCC’), certificates or recognised codes of conduct.
2.6 Your rights
Under the legal requirements, you are entitled to the following rights as a data subject:
Right to information
Under the conditions of Art. 15 GDPR, you can request information from us as to whether we process your data. If this is the case, you have the right to obtain information about this data.
Right to rectification
If the data we have stored about you is incorrect or incomplete, you can request that it be rectified and, if necessary, completed (Article 16 GDPR).
Right to erasure and restriction of processing
If the legal requirements are met, you may request the erasure (Art. 17 GDPR) or ‘blocking’ (Art. 18 GDPR) of your data.
Right to data portability
In the case of automatically processed data that we have received from you on the basis of your consent or a contract, you can assert your right to data portability (Art. 20 GDPR). We will then send you your data in a machine-readable format. If you wish and if this is technically possible, we will transfer this data to a third party. All of the above rights may be restricted or excluded by law in certain cases.
2.7 Revocation of consent
If you have given us your consent to process personal data for specific purposes, the lawfulness of the processing is based on your consent. Consent that has been given can be revoked. You can send your revocation to: info@defcom-holding.com. Please note that your revocation only applies to the future. Processing that took place before the revocation is not affected.
2.8 Objection to processing based on legitimate interest
We also collect and process your personal data to protect our legitimate interests or the legitimate interests of third parties, insofar as data processing is necessary to protect these legitimate interests. In these cases, you have the right to object to the processing for the future. You can send your objection to info@defcom-holding.com.
2.9 Right to lodge a complaint with a supervisory authority
Under the conditions set out in Art. 77 GDPR, you have the right to lodge a complaint with a competent supervisory authority. In particular, you can lodge a complaint with the supervisory authority responsible for us or any other competent supervisory authority. The supervisory authority responsible for us can be contacted at the following address:
The Bavarian State Commissioner for Data Protection
State Office for Data Protection Supervision
Promenade 18
91522 Ansbach
or
P.O. Box 1349
91504 Ansbach
Tel.: 0981/180093-0
Fax: 0981/180093-800
poststelle@lda.bayern.de,
https://www.lda.bayern.de
2.10 Other concerns
Our data protection officer is available to answer any further questions or concerns you may have regarding data protection. Where possible, please send any such enquiries or requests to exercise your rights above in writing to our address above or by email to info@defcom-holding.com.
All data collected on our website is transmitted using SSL encryption to protect it from misuse by third parties. We work with carefully selected service providers to ensure the protection of your data. These service providers are, of course, contractually obliged to comply with regulatory requirements, in particular data protection laws.
4.1 Log files
As with any website, our server automatically and temporarily collects data in the server log files that are transmitted by the browser, unless you have deactivated this function. This data is technically necessary to display our website to you and to ensure its stability and security.
Specifically, the following server log files are collected on our website:
• Browser type and browser version
• Operating system used
• Referrer URL
• Time of server request
• IP address
The appropriate data collection also includes the storage of your IP address, which is necessary for technical reasons and could theoretically enable your personal identification, but is not assigned to specific individuals at any time.
In addition to ensuring a functional website and system security, the data collected is also used for aggregated statistical analysis for the purpose of designing and optimising our website in line with requirements on the basis of Art. 6 (1) (f) GDPR. No personal analysis is carried out and this data is not merged with other data sources.
Your log data is stored on our web server for a maximum of 7 days for IT security purposes.
4.2 Cookies and other web analysis technologies
4.2.1 Cookies
This website uses cookies and other technologies (e.g. pixel tags). Cookies are small text files that contain an identification number (ID) and are stored on your computer, tablet or smartphone (hereinafter referred to as ‘device’) when you visit our website. When you visit our website again, your device can be identified by this identification number. You can use the consent banner to configure the cookies and similar technologies and obtain further information about the specific data processed.
4.2.2 Categories of cookies and other technologies
Depending on the function and purpose of the data processing that takes place, we divide the technologies used on our website into the following three categories:
Necessary cookies (‘function’)
These technologies are necessary to provide you with the functions of the website and to fulfil our legal obligations. The legal basis for the processing of your personal data is our legitimate interest (Art. 6 (1) (f) GDPR) in making our website safe for you to use and in fulfilling our legal obligations (Art. 6 (1) (c) GDPR). With regard to access to your end device, the legal basis is Section 25 (2) sentence 2 TDDDG.
Cookies for reach measurement (‘measurement’)
We use these technologies for statistical analysis purposes to statistically record the use of our website. Statistics cookies help us to improve our website and offer you content that is particularly relevant to you. The legal basis for the processing of your personal data is your consent given via the cookie banner in accordance with Art. 6 (1) (a) GDPR, with regard to access to your end device § 25 (1) TDDDG. Your consent is always voluntary and is not required for the use of the website itself.
Marketing cookies (‘Marketing’)
We use these technologies for marketing purposes, e.g. to provide you with personalised advertising. The legal basis for the processing of your personal data is your consent given via the cookie banner in accordance with Art. 6 (1) (a) GDPR, with regard to access to your end device § 25 (1) TDDDG. Your consent is always voluntary and is not required for the use of the website itself.
4.2.3 Storage period
Session cookies (hereinafter referred to as ‘session cookies’) are deleted when you close your browser. We also use persistent (‘permanent’) cookies. Details on the storage period can be found in the following sections and on our consent banner.
4.3 Integrated services
The services we use are listed and described in more detail below.
4.3.1 Session cookies
It is possible that we use ‘session cookies’ on our websites that are necessary for the operation of the websites. For example, we use session cookies that store a session ID and the language/country you have selected on your device when you visit our online shops. If you log into the online shop, session cookies also collect the associated SAP LogID and SAP ShopID and store the products already in your shopping basket.
These session cookies are stored exclusively for the duration of your use of our websites and serve solely to facilitate your use of the websites and to technically ensure the connection of the online shop to our merchandise management system. We automatically delete the session cookies at the end of each session.
The legal basis for the processing of your personal data is our legitimate interest in ensuring the operation and functionality of our websites, in particular the online shop (Art. 6 (1) (f) GDPR).
4.3.2 Google Fonts
To ensure uniform font display, we use Google Fonts, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’). When you visit our website, your browser downloads the required fonts directly from Google's servers to display text and fonts correctly. Data such as your IP address and the URL of the page you are visiting may be transmitted to Google.
The use of Google Fonts is based on our legitimate interest in a uniform and appealing presentation of our website in accordance with Art. 6 (1) lit. f GDPR.
Privacy policy: policies.google.com/privacy
Basis for third country transfers: Data Privacy Framework (DPF)
4.3.3 Social media, plugins & embedded content
4.3.3.1 LinkedIn
Our website incorporates features and content from the LinkedIn social network, provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (‘LinkedIn’). When loading the corresponding plugins, a direct connection to LinkedIn's servers is established. Data such as your IP address, browser information, pages visited and, if you are logged in, interactions and profile data may be transmitted to LinkedIn and processed there.
Use is based exclusively on your consent in accordance with Art. 6 (1) (a) GDPR, which you can revoke at any time via the consent banner.
Privacy policy: linkedin.com/legal/privacy-policy
4.4 Communication with us
4.4.1 General contact
If you provide us with personal data by e-mail, telephone or via our website (surname, first name, e-mail address, postal address), this is generally done on a voluntary basis. This data is used to process the contractual relationship and to handle your enquiries or orders. No further use, in particular the transfer of data to third parties for advertising, market or opinion research purposes, takes place. We delete the data collected in this context once storage is no longer necessary or restrict processing if there are legal retention obligations. The legal basis is Art. 6 (1) lit. b GDPR or Art. 6 (1) lit. f GDPR.
We regularly review our privacy policy and amend it as necessary to ensure that the information it contains is up to date and accurate. This privacy policy is currently valid and was last updated in September 2025.