Data Privacy

Privacy policy

Table of content

1. Objectives, responsible body and reference to the minimum age and group of persons concerned

2. Notes on the content of the website

3. Data security

4. Your rights regarding data protection according to GDPR

5. Basics for data processing

6. Log files: terminology, legal bases and legitimate interests

7. Cookies. Conceptual, right of objection and legal bases as well as legitimate interests

8. Hosting

9. Integration of services and contents of  third-parties

10. Contacting

11. Changes to the Privacy Policy

12. Consent for Statistics Tool

1. Objectives, responsible body and reference to the minimum age and group of persons concerned     

1.1. This Privacy Policy clarifies the nature, scope and purpose of the processing (including collection, processing and use and obtaining consent) of personal data within our online offer and its associated websites, functions and contents (hereinafter collectively referred to as "Online Offer" or "Website"). The privacy policy applies independently of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the online offer is executed.       

With regard to the terms used, such as "processing" or "responsible", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

1.2. The provider of the online offer and the body responsible for data protection law is:            

Heidemann Wasserkraftanlagen

Tilman Heidemann (owner)

Sigmaringerstraße 12

72393 Burladingen

Phone: + 49 7475 7035

Fax: + 49 7475 91386



(hereinafter referred to as "Provider", "we" or "us"). For the contact see tab “Impressum"


1.3. Please note that the minimum age of users for the consent of this data protection declaration is 16 years, unless individual countries of the European Union lower the age limit to 13 years.                                                                                                                      

1.4. The term "user" includes all visitors, users and customers of our online offer. The terms used, e.g. "users", are gender-neutral.

2. Notes on the contents of the website

2.1. The free and freely accessible contents of this website have been created with the greatest possible care. However, the provider of this website does not guarantee the accuracy and up-to-dateness of the free and freely accessible journalistic guides and news provided.

Where authors are named such contributions reflect the opinion of the respective author and not necessarily the opinion of the operator.

2.2. This website contains links to third-party websites ("external links"). These websites are subject to the liability of the respective operators. When linking the external links for the first time, the provider checked the external content for any legal violations. At the time, there were no apparent violations of the law. The provider has no influence on the current and future design and content of the linked pages. Setting external links does not mean that the provider adopts the content behind the reference or link.

For the provider a constant control of the external links is not feasible by reasonable means without concrete indications of legal violations. However, in case of knowledge of legal violations, such external links will be deleted immediately.

2.3. The contents published on this website are subject to German copyright and ancillary copyright law. Any use of these contents not permitted by German copyright and ancillary copyright law requires the prior written consent of the provider or the respective holder of such rights. This applies in particular to the duplication, editing, translation, storage, processing or reproduction of content in databases or other electronic media and systems. Contents and rights of third parties are marked as such. The unauthorized duplication or distribution of individual contents or complete pages is not permitted and will be prosecuted. Copying  and downloads is permitted solely for personal, private and non-commercial use.

The presentation of this website in external frames is only permitted with written permission.

The use of the contact details in the tab “Impressum” for commercial advertising is expressly not desired, unless the provider had previously given his written consent or there has been a business relationship in existence prior to such advertising. The provider and all persons named on this website hereby object to any commercial use and disclosure of their data.

3. Data Security

3.1. We also use appropriate technical and organisational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. We are committed to continuously improve our security measures in line with technological developments.              

3.2. All our data processing employees are obliged to maintain confidentiality. When accessing our server, your IP address (Internet protocol address), type of request, protocol type and access status are stored for data security purposes will be stored. Furthermore we collect and store the date and time of the requested data, the size and name of the file(s), as well as information about the website from which you found us, and the description of the type of web browser version used, including the operating system. We will not evaluate the data collected except for statistical purposes in an anonymized form.. 

4.Your rights regarding data protection in accordance with the GDPR      

If personal data is processed by you, you have the following rights:

4.1. Right to revoke consent:     

4.1.1. You have the right to revoke the consent given at any time in accordance with Article 7(3) GDPR.

4.1.2. The revoking of consent does not render void the data processing effected on the basis of consent prior and up to the time of revocation.

4.2. Right to information:            

4.2.1. In accordance with Article 20 GDPR, you have the right to request from us all information of data concerning you as well as to receiving a copy thereof via transmission in electronic form of current technical standard.

4.2.2. A written and signed request to our postal address is required for information about personal data.

4.3. Right to correction:

4.3.1. In accordance with Article 16 GDPR, you have the right to request from us the correction of incorrect or incomplete data concerning you, including if necessary a supplementary declaration.

4.3.2. The correction of personal data requires only an audial communication.

4.4. Right to erasure:     

4.4.1. In accordance with Articles 17 and 18 GDPR, you have the right to request the deletion of your personal data if: the storage of such data is no longer necessary the users have revoked their consent to data processing the data were processed unlawfully there is a legal obligation to delete such data under EU or national law 

4.4.2. However, the right of users to deletion of their personal data does not apply if: Freedom of expression and information prevail the storage of data serves the fulfilment of a legal obligation the public interest in the field of public health prevails Archive purposes, scientific and historical research purposes withstand the deletion the storage is necessary for the assertion, exercise or defense of legal claims

4.4.3. A written and signed request to our postal address is required for the deletion of personal data.

4.5. Right to object        

4.5.1. Under the conditions of Art. 21 sec. 1 GDPR, the processing of your data may be objected to for reasons arising from your particular situation.       

4.5.2. If you exercise your right of objection, we will terminate the processing of the data concerned. However, further processing is reserved provided there is proof of compelling legitimate grounds for processing outweighing your interests, furthermore if there are fundamental rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

4.5.3. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising. If you exercise your right of objection, we will stop processing the data concerned for direct advertising purposes. 

4.6. Right to complain to a supervisory authority             

4.6.1. Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of alleged infringement, if you believe that the processing of personal data concerning you is in breach of the GDPR.       

4.6.2. The supervisory authority the which the complaint was lodged with shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

5. Basics for data processing      

5.1. We process personal data of the users only in compliance with the relevant data protection regulations in accordance with the requirements of data economy and data avoidance. This means that the data of the users are processed only in the presence of a legal permission, in particular if the data is necessary for the provision of our contractual services as well as online services, or is required by law, or if consent is given. In doing so, we expressly refrain from collecting customer data showing racial and ethnic origin, political opinions, religious or ideological beliefs, or trade union affiliation or sexual orientation. 

5.2. Types of data processed are:             

5.2.1. Inventory data such as but not limited to names and addresses    

5.2.2. Contact details such as but not limited to e-mail and telephone numbers

5.2.3. Content data such as but not limited to text input, photographs and videos            

5.2.4. Usage data such as but not limited to websites visited, interest in content, access times   

5.2.5. Meta/communication data such as but not limited to device information, IP addresses

In addition, we process contractual data such as but not limited to subject matter of the contract, term, customer category, and payment data, such as but not limited to bank details, payment history, from our customers, interested parties and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.

5.3. The duration of the storage of personal data is determined by the respective statutory retention period (e.g. commercial and tax retention periods). After the expiry of the period, the corresponding data will be routinely deleted, provided that they are no longer necessary for the performance of the contract or initiation of the contract and/or if there is no legitimate interest in further storage on our part.

6. Log-Files: Terminology, Legal Bases and Legitimate Interests

6.1. Terminology:            

Every time you access websites/applications, information is sent to the server of our website/application by the respective internet browser of your respective device and is temporarily stored in so-called log files. The data records stored contain the following data, which are stored until automatic deletion:

a. Date and time of call,

b. Name  of the page being accessed,

c. IP address of the requesting device,

d. Referrer URL (origin URL from which you came to our websites),

e. Amount of data transferred and loading time, product as well as         

f. Information to the Version of the browser used and the name of your Access provider.

6.2. Legal Basis:

The legal basis for processing the IP address is Article 6 (1) (f) GDPR.

6.3. Eligible interests:    

Our legitimate interest derives from:

a. Ensuring a smooth connection,           

b. Ensuring comfortable use of our website/application,

c. Evaluation of system security and stability.     

An immediate inference about your identity is not possible on the basis of the information and will not be drawn by us.

The data will be stored and automatically deleted after the aforementioned purposes have been achieved. The time limits for deletion depend on the criterion of necessity.

7. Cookies, terminology, right of objection and legal bases as well as legitimate interests

7.1. Terminology             

"Cookies" means small files that are stored on your device, such as computers, laptops, tablets, etc., when you visit a website. Different information can be stored within the cookies. A cookie is primarily used to store the information about a user (or the device on which the cookie is stored) during or after his visit within an online offer. Cookies do not cause any damage to your device, do not contain viruses, trojans or other malware.

7.1.1. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. Example: The contents of a shopping cart in an online shop or a login status can be stored in such a cookie.

7.1.2. "Permanent" or "persistent" means cookies that remain stored even after the browser is closed. For example, the login status can be saved if you revisit an online offer after several days. Likewise, such a cookie may store your interests, which are used for range measurement or marketing purposes.

7.1.3. As a "third-party cookie" cookies will be offered by providers other than the one responsible who operates the online offer (otherwise, if it is only his cookies, it is called "first-party cookies").        

7.2 Right of Objection: 

You can set up your browser so that it does not place our cookies on your device. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to let your browser know when you receive a new cookie, or how to delete all cookies you have already received and how to set your browser to block any new cookies.

However, we would like to point out that in this case you may not be able to use all functions of this website to the full extent.

7.3. Legal Bases:              

On various pages, we use cookies to make your visit to our website attractive and to enable the use of certain functions and to statistically record the use of our website. If these cookies and/or information contained therein are personal data, the legal basis for data processing is Art. 6 paragraph 1 (f) GDPR.

7.4. Eligible interests:    

Optimizing our website is to be regarded as justified within the meaning of the aforementioned provision.

8. Hosting

8.1. The hosting services we use are intended to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services we use for the purpose of operating this online offer.

8.2. To achieve this goal, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6  sec. 1 (f) GDPR combined with art. 28  GDPR (conclusion of order processing contract).

9. Integration of third-party services and content            

9.1. It may happen that content or services from third-party providers, such as city maps or fonts from other websites, are integrated within our online offer. The integration of third-party content always presupposes that the third-party providers recognize the IP address of the users, since they could not send the content to the user's browser without the IP address. The IP address is therefore required for the presentation of this content. Furthermore, the providers of the third-party content can set their own cookies and process the data of the users for their own purposes. User profiles of the users can be created from the processed data. We will use this content in an as data economically and data avoiding manner as possible. Also with regard to data security we will only select reliable third-party providers.

9.2. The following presentation provides an overview of third-party providers and their contents, along with links to their data protection declarations, which contain further information on the processing of data and, in some case, already mentioned here, possible objections (so-called opt-out):

                – Google, Inc., external fonts ("Google Fonts"). The integration of the Google fonts takes place by a server call to Google (usually in the USA). Privacy Policy:, Opt-Out:

10. Contacting Us           

10.1. If you contact us, e.g. by contact form, e-mail, telephone, fax or post, we will process the personal data you have voluntarily provided to us in this context solely for the purpose of contacting you and answering your request.        

10.2. The legal basis for this data processing is Art. 6 (1) (a), Art. 6 (1) (b), Article 6 (1) (c) GDPR and Article 6 (1) (f) GDPR.            

10.3. The above-mentioned personal data may be stored in a customer relationship management system ("CRM System") or similar request organisation.

11. Changes to the Privacy Policy             

11.1. We reserve the right to change the Privacy Policy in order to adapt it to changes in legal situations, changes to the Service and data processing. However, this only applies with regard to declarations of data processing. If user consents are required or if components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only take place with the consent of the users.   

11.2. Users are requested to inform themselves regularly about the content of the data protection declaration.

12. Statistics Analysis: Statistics Tool Matomo

12.1. We use the open source software tool Matomo on our website to analyse the browsing behaviour of our users. The software sets a cookie on the user's computer (see above for cookies). If individual pages of our website are accessed, the following data will be stored:  

a. Two bytes of the IP address of the user's calling system

b. The website accessed

c. The website from which the user has accessed the website accessed (referrer)

d. The subpages accessed from the website accessed

e. The length of stay on the website

f. The frequency of the web page is accessed

12.2. The software runs exclusively on the servers of our website. The personal data of the users are stored only there. The data will not be passed on to third parties.