Legno da imballaggio & blocchetti per pallet
Legno da imballaggio
Blocchetti per pallet
Segati
Segati
Piallati
Cassaforma
Pannelli per edilizia
Pannello per casseforme in legno massiccio
Travi per armatura
Biocarburanti
Pellet
Brichetti
Edilizia in Legno
Pannelli di legno massiccio
Pannelli in legno naturale

PFEIFER HOLDING GMBH

Data privacy statement and cookies

EFFECTIVE DATE: JUNE 2025

Regardless of whether you are a customer, a prospective customer, an applicant or a visitor to our website: We, Pfeifer Holding GmbH (hereinafter: "Pfeifergroup", "we") attach great importance to the protection of your personal data. But what does this mean specifically?

In the following, we provide you with an overview of what personal data of yours we collect and in what form we process it. Furthermore, you gain an overview of the rights to which you are entitled according to the applicable data privacy law. We also provide details of your points of contact in case you have any further questions.

Table of contents

  1. 1. Who are we?
    1. 1.1 Our companies in Germany
    2. 1.2 Our companies in Austria and the Czech Republic
    3. 1.3 Our companies in Finland
  2. 2. Scope of applicability of the data privacy statement
  3. 3. What personal data do we process?
    1. 3.1 E-mail communication
    2. 3.2 Sensitive data
    3. 3.3 Personal data of minors
  4. 4. Cookies settings and plugins
    1. 4.1 What are cookies?
    2. 4.2 List of cookies of the website pfeifergroup.com
    3. 4.3 Plugins
  5. 5. For what purpose do we process your personal data – and on what legal basis?
    1. 5.1 Accessing the website – server logfiles
    2. 5.2 Registration and ordering at the online shop
      1. 5.2.1 Registration at the online shop
      2. 5.2.2 Ordering from the online shop
    3. 5.3 Data processing and analysis for marketing purposes
  6. 6. Where we transmit data to and why
    1. 6.1 Data usage within the Pfeifergroup
    2. 6.2 Data usage outside of the Pfeifergroup
  7. 7. Erasure deadlines
  8. 8. Your rights
    1. 8.1 Right to information and rectification
    2. 8.2 Right to erasure
    3. 8.3 Right to restriction of processing (“right to block”)
    4. 8.4 Right of objection
      1. 8.4.1 Right of objection in an individual case
      2. 8.4.2 Objection to advertising
    5. 8.5 Right to data portability
    6. 8.6 Right of complaint to the supervisory authority

1 Who are we?

The Pfeifergroup is among the leading companies in the European timber industry. We practice our philosophy at 13 locations in Austria, Germany, the Czech Republic and Finland: Passion for timber - a passion for working with conifer wood.

As the controller as defined by the applicable data protection laws, we –

Pfeifer Holding GmbH
Fabrikstraße 54
A-6460 Imst
E-mail: datenschutz@pfeifergroup.com
Telephone: +43 5412 6960 - 0

take all the measures required by these applicable data protection laws to ensure the protection of your personal data. In case of any questions regarding this data privacy statement, please contact our Data Privacy Coordinator at datenschutz@pfeifergroup.com.

1.1 OUR COMPANIES IN GERMANY

The following companies of the Pfeifergroup in Germany have a data privacy officer who can be contacted in case of any questions about the data processing of these companies, at the following details.

Contact details of data privacy officer
2B Advice GmbH
Joseph-Schumpeter-Allee 25
D-53227 Bonn
E-mail: pfeifergroup@2b-advice.com
Telephone: +49 228 926165 - 120

Pfeifer Holz GmbH
Mühlenstraße 7
D-86556 Unterbernbach

Pfeifer Holz Lauterbach GmbH
Am Hällstein 1
D-36341 Lauterbach

Pfeifer Holz Schlitz GmbH & Co KG
Bahnhofstraße 63
D-36110 Schlitz

Pfeifer Timber GmbH
Mühlenstraße 7
D-86556 Unterbernbach

Euroblock Verpackungsholz GmbH
Mühlenstraße 7
D-86556 Unterbernbach

1.2 OUR COMPANIES IN AUSTRIA AND THE CZECH REPUBLIC

It is possible to contact the Data Privacy Coordinator for the companies below based in Austria and the Czech Republic at the e-mail address datenschutz@pfeifergroup.com.

Pfeifer Holding GmbH (parent company)
Fabrikstraße 54
A-6460 Imst

Pfeifer Holz GmbH & Co KG
Fabrikstraße 54
A-6460 Imst

Pfeifer Holz s.r.o.
Chanovice 102
CZ-34101 Horažďovice

1.3 OUR COMPANIES IN FINLAND

You can contact the Data Privacy Coordinator for the company below based in Finland at the e-mail address dataprivacy@polkky.fi.

Pölkky Oy
Kemijärventie 73
93600 Kuusamo

2 Scope of applicability of the data privacy statement

Processing of personal data is understood by the law as activities such as the collecting, compiling, organisation, ordering, storing, modification or change, reading, accessing, use, disclosure through transmission, spreading or other form of provision, comparison or association, restricting, erasure or destruction of personal data.

Personal data is all information that relates to an identified or identified natural person.

This data privacy statement is about the personal data of customers, prospective customers or visitors.

This data privacy statement applies to the following online shop: shop.pfeifergroup.com. Some links on the online shop website lead to other websites. Several links direct visitors in particular to the website https://pfeifergroup.com. In this case, the data privacy statement of the respective website is applicable.

3 What personal data do we process?

We collect your personal data if you contact us e.g. as a prospective customer or as a customer. This can be the case, for example, if you show an interest in our products or order on our online shop.

We process the following types of personal data:

  • Details for personal identification
    e.g. first name and surname, address details, e-mail address, telephone number, fax number
  • Order details
    e.g. customer number, order number, invoice details
  • Company-related details
    e.g. corporate name, department, position
  • Details about your online behaviour
    e.g. IP addresses, username, details about your visits to our website, actions carried out on our websites and the access location
  • Information about your interests and wishes that you inform us of
    e.g. through our contact form or through other communication channels
  • Information about your professional career
    e.g. job training, previous employer, other qualifications

as well as other information comparable with these data categories.

3.1 E-mail communication

When you send us e-mails, these are processed on IT systems that are made available by a service provider on servers in the cloud.

There are order processing contracts with this service provider and further subcontractors according to Art. 28 GDPR. This ensures a suitable data protection level. This comprises appropriate technical and organisational measures to safeguard your data.

Service providers such as Microsoft in the USA may be forced on the basis of national legislation to transmit data from the cloud to US security authorities. It is possible that we will not be informed of these circumstances and so no legal measures may be instigated.

We kindly request that you observe this and do not send us sensitive information by e-mail.

3.2 SENSITIVE DATA

Sensitive data, especially categories of personal data as defined by Art. 9 par. 1 GDPR such as information about religious or trade union affiliation, is not collected in this manner.

3.3 PERSONAL DATA OF MINORS

Personal data regarding children or minors is only collected if they use our communication channels.

4 Cookies settings and plugins

AMENDING COOKIES SETTINGS

You can carry out individual settings for the use of cookies directly in your browser.

4.1 WHAT ARE COOKIES?

Cookies are files that are deposited by our website or by the customer portals on your computer while you are accessing the site. These files store information that make the use of this page more efficient. The following cookies are used on the homepages of the Pfeifergroup.

4.2 LIST OF COOKIES OF THE WEBSITE PFEIFERGROUP.COM

ESSENTIAL COOKIES

Essential cookies are necessary for the optimal functioning of our website. We do not store data in essential cookies that could directly identify you. Your browser is assigned a randomly generated ID which enables us to offer you certain functions and to save your settings.

shop-pfeifergroup-com

  • Session ID / Validity: 30 Minutes
    Saves the user session to be able to display the website correctly.

last-visit

  • Spryker / Validity: 30 hours
    Is set automatically by the Spryker E-Commerce Shop as soon as the page is accessed, to establish the validity of the session.

UCDATA

  • Usercentrics / validity: permanent
    This is set by the consent manager in the local memory and can save users' decisions regarding cookies.

UCSTRING

  • Usercentrics / validity: permanent
    This is set by the consent manager in the local memory and can save users' decisions regarding cookies.

4.3 Plugins

Plugins are incorporated on our website via the so-called "double-click solution". They only become active through your consent (click) and a data connection to the respective social networks or to Amazon is established. After activating the plugin, we no longer have any influence on the processing of personal data by the social networks.

During data processing, data can be transmitted to the USA. The EU-US Data Privacy Framework ensures an appropriate data protection level in line with the adequacy decision of the EU Commission, if a company in the USA is certified accordingly. You can find further information on the EU-US Data Privacy Framework under https://www.dataprivacyframework.gov/.

In the following you will find a presentation of the plugins that are incorporated on our website.

Facebook plugin

Facebook content is incorporated on some pages of this website, which is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

If you activate the Facebook plugin, you can establish a link with the Facebook servers so that pictures and videos from the Facebook stream of our company can be displayed to you. The content of the plugin is transmitted directly to your browser after you activate it and is incorporated into the website. We have no influence on the scope of the data that Facebook collects with the help of this plugin and we can therefore only inform you to the best of our knowledge: By activating the plugin, Facebook receives the information that you have accessed the respective page of our Internet presence.

If you are logged into Facebook then Facebook can attribute the visit to your Facebook account. When you interact with the plugin, the respective information is transmitted from your browser directly to Facebook and is stored there. If you are a Facebook member and do not want Facebook to collect data about you through our Internet presence and to link it to your Facebook membership data, you must log out of Facebook before activating the plugin on our webpage. If you are not a member of Facebook, it is still possible for Facebook to gain knowledge of your IP address and to store it. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your associated rights and setting options to protect your privacy, are set out in the Facebook data privacy guidelines: https://de-de.facebook.com/about/privacy.

The data is transmitted to the USA (to Meta Platforms Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA). Meta Platforms Inc. is certified under the EU-US Data Privacy Framework. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum

LinkedIn plugin

On our website you can find plugins for the social network LinkedIn, which is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The plugins can be identified by the LinkedIn logo or the "Recommend" button. When visiting our website, a direct connection is established between your browser and the LinkedIn server, so that LinkedIn receives the information that you have visited our webpage with your IP address. If you click on the "Recommend" button while you are logged into your LinkedIn account, you can link content from our website on your LinkedIn profile. This allows LinkedIn to attribute the visit to our website to your user account. Please note that we as the provider of the webpages do not receive information about the content of the transmitted data or its use by LinkedIn.

Further information about data collection, your rights and the setting options can be found in the LinkedIn data privacy statement under this link.

Instagram plugin

Instagram content is incorporated on some pages of this website, which is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

This is always based on Instagram knowing the IP address of users. Because without the IP address, they could not send the content to the browser of the respective user. The IP address is therefore a requirement for displaying this content. We make every effort to only use content whose providers use the IP address exclusively to deliver content. However, we have no influence on whether the third-party providers store the IP address e.g. for statistical purposes. If we have knowledge of this, we will inform the users.

If you are logged into Instagram with your own account, it is possible that Instagram will attribute information about your user behaviour to your personal user account. You can prevent this if you log out of your user account before Instagram content is displayed that was published on our website. The purpose and scope of the data collection and further processing and use of the data by Instagram, as well as your associated rights and settings options for protecting your privacy, are set out in the Instagram data privacy guidelines: Data Guideline| Instagram help section (facebook.com)

The data is transmitted to the USA (to Meta Platforms Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA). Meta Platforms Inc. is certified under the EU-US Data Privacy Framework. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum

5 For what purpose do we process your personal data - and on what legal basis?

5.1 ACCESSING THE WEBSITE - SERVER LOGFILES

If you access our website, your browser technically transmits certain information to our web server in order to provide you with the information you requested. To enable you to visit the website, the following information is collected, temporarily stored and used:

  • IP address
  • Date and time of enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of enquiry (concrete page)
  • Operating system and its interface
  • Access status / HTTP status code
  • Transmitted data volume
  • Website the enquiry is coming from
  • Browser, language and version of browser software

To protect our legitimate interests, we will store the details above for a limited period so that in the event of unauthorised access or an access attempt to our server it is possible to derive the personal data (art. 6 (1) (f) GDPR).

5.2 REGISTRATION AND ORDERING AT THE ONLINE SHOP

5.2.1 REGISTRATION AT THE ONLINE SHOP

You can have a customer account set up and register on this website to be able to order from this website. We only use the entered data for the purpose of using the respective offer or service for which you have registered. The processing is on the basis of Art. 6 par. 1 lit. a GDPR with your consent. You can withdraw your consent at any time by notifying us, without this affecting the legitimacy of the processing undertaken on the basis of your consent up until the time of withdrawal. Your customer account is then deleted and you can no longer order from our website. We store the data we collect upon registration for as long as you are registered on this website and thereafter it is deleted. Legal retention periods remain unaffected.

5.2.2 ORDERING FROM THE ONLINE SHOP

We only collect, process and use personal data insofar as it is necessary for the establishment, definition or amendment of the legal relationship (inventory data). This is on the basis of Art. 6 par. 1 lit. b GDPR, which allows the processing of data to fulfil a contract or precontractual measures. We only collect, process and use personal data pertaining to usage of this website (usage data) insofar as is necessary to enable the use of this service to the user.

The collected customer data is erased after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

5.3 DATA PROCESSING AND ANALYSIS FOR MARKETING PURPOSES

Your requirements are important to us and we try to provide you with information about products and services that are precisely tailored to you. To do so, we use the knowledge gained from our joint business relationship as well as from our market research and process your personal data for this purpose on the basis of our legitimate interest (Art. 6 par. 1 line f GDPR). The key aim of this is to adapt our product suggestions to your requirements. With regard to this, we guarantee that we always process the data in accordance with the applicable data privacy law. Important: You can object at any time to the use of your personal data for this purpose (Art. 21 GDPR).

What do we analyse and process concretely?
  • Results of our marketing campaigns to assess their efficiency and relevance;
  • we analyse the potential demand for our products and services.

6 Where we transmit data to and why

6.1 DATA USAGE WITHIN THE PFEIFERGROUP

Within the Pfeifergroup, access to your personal data is only granted to staff who need it to fulfil our contractual or legal obligations or to uphold our legitimate interests. For this reason, we have taken corresponding measures to ensure compliance with data privacy within the Pfeifergroup:

We have concluded appropriate contracts with the individual companies of the group that ensure that personal data that is exchanged within the corporation remains protected at all times.

In line with these contracts and with applicable data protection regulations, we only transmit personal data to the production and sales companies of the group for the purposes stated in this data privacy statement. If companies of the group are outside of the EEA, we ensure through appropriate measures that the personal data processed there has the same protection level as within the EEA.

6.2 DATA USAGE OUTSIDE OF THE PFEIFERGROUP

We pay attention to protecting your personal data and only pass on information about you if legal regulations make it mandatory, you have consented or it is necessary to fulfil contractual obligations.

There may be a legal obligation to pass on your personal data for example to the following recipients:

  • public offices or supervisory authorities, e.g. tax authorities, customs authorities;
  • legal and law enforcement authorities, e.g. police, courts, public prosecution department;
  • solicitors or notaries, e.g. in legal disputes;
  • auditors.

We cooperate with other companies to be able to meet our contractual obligations. These include:

  • transport service providers and forwarding companies;
  • event organisers and training providers if you have registered for certain trade fairs or events through us;
  • banks and financial service providers for the handling of all financial matters.

our own service providers
To be able to operate efficiently, we use the services of the following external service providers who may receive your personal data for the fulfilment of the stated purposes:


Categories of recipient Main object of the assignment Type of data received
IT service providers Communication and support, website improvements Usage data, communication data, technical data
Advertising agency Development and implementation of marketing strategies Contact details, demographic data, usage data
Printer Printing and mailing marketing materials, invoices or contract documents Contact details, order details, contract details
Forwarder Logistics and dispatch of goods or documents Contact details, order details, delivery addresses
Consultancy Advice for optimising business processes, sales support Contact details, contract details, company data


To ensure that the same data privacy standards as we apply are complied with by the service providers, we have concluded appropriate order processing contracts.

For service providers with their head office outside of the European Economic Area (EEA), we take special security measures (e.g. through the use of special contract clauses) to ensure that the data is handled with the same degree of care as in the EEA. We check all our service providers regularly with regard to compliance with our instructions.

7 Erasure deadlines

In accordance with the applicable data privacy regulations, we do not store your personal data for longer than we need it for the purposes of the processing in question. If the data is no longer needed to fulfil contractual or legal obligations, we erase it regularly unless a further term of storage remains necessary. The following reasons may necessitate further retention:

  • We must comply with retention obligations imposed by trade or tax laws: The retention periods according to the regulations of the Commercial Code and Tax Code are up to 10 years.
  • For receiving proof in the case of legal disputes regarding legal regulations for statutes of limitation: Statutes of limitations can be up to 30 years in civil law, whereby the regular statute of limitations expires after three years.

8 Your rights

You have certain rights regarding the processing of your personal data. Further details are stated in the respective regulations of the GDPR (in Articles 15 to 21).

8.1 RIGHT TO INFORMATION AND RECTIFICATION

You have the right to receive information from us about which of your personal data we are processing. If this information is not or no longer correct, you can request rectification of the data or additions in case of incompleteness. If we have passed your data on to third parties, we inform the respective third parties of the applicable legal situation.

8.2 RIGHT TO ERASURE

Under the following circumstances, you can demand the immediate erasure of your personal data:

  • if your personal data is no longer needed for the purposes for which it was collected;
  • if you have withdrawn your consent and there is no other legal basis for processing the data;
  • if you object to the processing and there are no overriding legitimate grounds for processing the data;
  • if your data is processed unlawfully;
  • if your personal data must be erased to fulfil legal obligations.

Please note that before erasing your data we must check that there is no legitimate reason for processing your personal data.

8.3 RIGHT TO RESTRICTION OF PROCESSING (“RIGHT TO BLOCK”)

For one of the following reasons, you can demand from us the restriction of the processing of your personal data::

  • If you dispute the correctness of the data, until we have had the opportunity to verify the correctness of the data;
  • If the data is unlawfully processed, but you only request the restriction of the use of the personal data instead of erasure;
  • If we no longer need the personal data for the purposes of the processing but you still need it for the assertion, enforcement or defence of legal claims;
  • If you have objected to the processing and it has still not been established whether your legitimate interests take precedence over ours.

8.4 RIGHT OF OBJECTION

8.4.1 RIGHT OF OBJECTION IN AN INDIVIDUAL CASE

If the processing is in the public interest or on the basis of a balancing of interests, you have the right to object to the processing for reasons pertaining to your particular situation. Following an objection, we will no longer process your data unless we can prove mandatory grounds for processing your data that outweigh your interests, rights and freedoms, or because your personal data serves to make, exert or defend legal claims. The objection does not nullify the legitimacy of the processing already carried out up until the objection.

8.4.2 OBJECTION TO ADVERTISING

In cases in which your personal data is used for advertising campaigns, you can object at any time to this form of processing. We will then no longer process your personal data for these purposes.

The complaint does not require a form and should be addressed to the e-mail address datenschutz@pfeifergroup.com

8.5 RIGHT TO DATA PORTABILITY

You have the right on request to receive personal data that you have given to us for processing in a transferable and machine-readable format.

8.6 RIGHT OF COMPLAINT TO THE SUPERVISORY AUTHORITY

We always try to process your enquiries and claims as quickly as possible to ensure your rights accordingly. However, depending on the volume of enquiries, it may take up to 30 days before we can provide further information in your case. If it should take longer, we will inform you duly about the reasons for the delay and discuss the further procedure with you.

In some cases we may not or cannot provide you with any information. Insofar as legally permissible, we will notify you of the reason for declining information.

If you are still not satisfied with our replies and responses, or are of the opinion that we are infringing applicable data protection laws, you are entitled to submit a complaint to our Data Protection Coordinator (datenschutz@pfeifergroup.com) or (if available) the Data Protection Officer (pfeifergroup@2b-advice.com), as well as to a supervisory authority.

The supervisory authority responsible for us is:

RESPONSIBLE AUTHORITY for the companies

  • Pfeifer Holz GmbH
  • Pfeifer Timber GmbH
  • Euroblock Verpackungsholz GmbH

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) (Bavarian Regional Authority for Data Privacy Supervision)
Postfach 606, D-91511 Ansbach
Promenade 27 (Schloss), D-91522 Ansbach

RESPONSIBLE AUTHORITY for the companies

  • Pfeifer Holz Lauterbach GmbH
  • Pfeifer Holz Schlitz GmbH & Co KG

The Hessian Data Protection Officer
Gustav-Stresemann-Ring 1, D-65189 Wiesbaden
Postfach 31 63, 65021 D-Wiesbaden

RESPONSIBLE AUTHORITY for the companies

  • Pfeifer Holding GmbH (Konzernmutter)
  • Pfeifer Holz GmbH & Co KG

Austrian Data Protection Authority
Wickenburggasse 8
A-1080 Wien

RESPONSIBLE AUTHORITY for Pfeifer Holz s.r.o.

The Office for Personal Data Protection
Pplk. Sochora 27
170 00 Praha 7
Czech Republic

RESPONSIBLE AUTHORITY for Pölkky Oy

Ombudsman Office of the Data Protection
PL 800
00531 Helsinki
Finland

https://tietosuoja.fi/yhteystiedot

chevron-leftAlertBrowse fileDownload file file icons FileImagePdfWordTextExcelPowerpointArchiveCsvAudioVideoSpinner