Go to homepage
€0.00
In case of local collection, the stated price is a non-binding indicator and the dealer will confirm the order, including price and delivery time.

Reflex Winkelmann GmbH B2B E-commerce Platform 

1. Who We Are and What This Policy Covers 

Data Controller: 
Reflex Winkelmann GmbH 
[Company Address] 
Germany 
Email: privacy@reflex-winkelmann.de 

What this covers: How we handle personal data on our B2B platform for HVAC installers in Estonia, in compliance with GDPR and Estonian data protection laws. 

2. What Personal Data We Process 

Business Contact Information 

  • Name, job title, company name 

  • Business email and phone number 

  • Company registration details 

Account Information 

  • Login credentials (encrypted passwords) 

  • Account preferences and settings 

  • Login history for security purposes 

Order and Transaction Data 

  • Order details and delivery addresses 

  • Payment information (we don't store full card details) 

  • Order history and preferences 

Platform Usage Data 

  • IP addresses and basic device information 

  • How you use the platform (for improvements) 

  • Customer service communications 

3. Why We Process Your Data (Legal Basis) 

Contract Performance: Processing your orders, managing your account, customer service, payments and deliveries. 

Legitimate Business Interest: Platform security, fraud prevention, improving our services, and business communications about our products/services. 

Legal Obligations: Tax records, accounting requirements, trade documentation. 

Consent: Marketing emails (only if you opt-in) and optional cookies. 

4. Who We Share Data With 

Local Reflex Partners in Estonia 

When you order from a partner, we share only the necessary order information: 

  • Your business contact details 

  • Delivery address and order specifics 

  • Special instructions 

Service Providers 

  • Payment processors (Klarna, PayPal, credit card companies) 

  • Delivery companies 

  • IT support and hosting providers 

  • Security services 

Important: All service providers have contracts requiring them to protect your data and use it only for specified purposes. 

Legal Requirements 

We may share data when required by law or to protect our legal rights. 

5. How Long We Keep Your Data 

Data Type 

Retention Period 

Why 

Account data 

While account is active + 3 months 

Business relationship 

Order records 

10 years 

German commercial law 

Payment data 

10 years 

Tax requirements 

Customer service records 

3 years 

Service quality 

System logs 

12 months 

Security and troubleshooting 

After these periods, data is securely deleted unless we have a legal obligation to keep it longer. 

6. Your Rights Under GDPR 

Access: Ask for a copy of your personal data 

Correction: Fix any wrong information 

Deletion: Ask us to delete your data (with some legal exceptions) 

Restrict Processing: Limit how we use your data 

Data Portability: Get your data in a portable format 

Object: Object to processing based on legitimate interest 

Marketing Opt-out: Unsubscribe from marketing at any time 

How to exercise your rights: Email privacy@reflex-winkelmann.de 
Response time: Within 1 month (free of charge for reasonable requests) 

7. Data Security 

Technical Protection 

  • Encrypted data transmission and storage 

  • Secure access controls and authentication 

  • Regular security monitoring and updates 

  • Secure data centers with physical protection 

Organizational Protection 

  • Employee training on data protection 

  • Limited access on need-to-know basis 

  • Confidentiality agreements 

  • Regular security reviews 

Data Breaches 

If a serious data breach occurs that could affect you, we'll notify the relevant authorities within 72 hours and inform you without undue delay. 

8. International Data Transfers 

Within EU/EEA: Most data processing happens within the EU/EEA. 

Outside EU/EEA: When necessary (some payment processors), we use: 

  • EU adequacy decisions for safe countries 

  • Standard contractual clauses approved by the EU 

  • Additional security measures 

9. Cookies and Website Technology 

Essential Cookies (always active) 

  • Platform functionality and security 

  • Your login session and preferences 

Analytics Cookies (with your consent) 

  • Understanding how the platform is used 

  • Improving performance and user experience 

Marketing Cookies (with your consent) 

  • Personalizing business communications 

  • Measuring marketing effectiveness 

Managing cookies: You can control cookies through your browser settings or our cookie preferences center. 

10. Business-to-Business Context 

Important: This is a B2B platform. We don't process data of consumers or children. All users must be authorized business representatives acting in their professional capacity. 

11. Automated Decision-Making 

We don't make automated decisions that significantly affect you. Any automated processing (like fraud detection) includes human oversight. 

12. Updates to This Policy 

We'll notify you of significant changes by email and platform announcement. Continued use after changes means you accept the updated policy. 

Last updated: August 22, 2025 
Next review: August 22, 2026 

13. Contact Us 

General questions: privacy@reflex-winkelmann.de 
Data rights requests: privacy@reflex-winkelmann.de 
Complaints: You can also contact your local data protection authority 

Estonian Data Protection Authority: info@aki.ee 
German Data Protection Authorities: [Relevant state authority based on your location]

This website uses cookies to ensure the best experience possible. More information...