Data Protection Declaration

You are on one of the websites of Häfele GmbH & Co KG, or The protection of your data is important to us.  We would therefore like to inform you in the following about which data from your visit we will be using for which purpose.

1. Responsible

Controller within the definition of the General Data Protection Regulation (the “GDPR”) and other data protection provisions: applicable within the Member States of the European Union is:


Hafele UK Ltd

Brownsover Road

Swift Valley Industrial Estate



CV21 1RD

2. Contact Information

Hafele UK Data Protection Coordinator can be contacted as follows:


Data Protection Coordinator

Hafele UK Ltd

Brownsover Road

Swift Valley Industrial Estate



CV21 1RD

3. Data processing

3.1 General information

Personal data is all data that can identify you personally, such as your name, address, email address and online user names. The personal data of our users is used as follows:

1. performing our services

2. ensuring the delivery of technical support.

Unless otherwise described in the following sections, in general no personal data will be collected, processed or used in connection with the use of this website.


3.2 Storage of access data, creation of log files

Whenever a user accesses a page on this website, and whenever a file is accessed, access data about this procedure is recorded in a log file and saved. The recorded information is standard logging. Each data record consists of the following:

  • Date/time of request
  • Page from which the file was requested
  • Pages retrieved via our website by the user's system
  • Called up file name
  • Transmitted volume of data
  • Access status (file transferred, file not found)
  • Description of operating system and web browser used, client IP address and user name (login data) of authenticated users

This data is used to deliver the content of our website, ensure the functionality of our information technology systems, and to optimise our online presence. The data may be used in an anonymised form for statistical purposes (see below), as well as for the purposes of data security, especially for error analysis and preventing hacking attempts (Art. 6 (1f) GDPR). Access rate will not be used for the creation of individual user profiles, nor be passed onto third parties, and will be erased after 90 days at the latest.


3.3 Use of IP addresses

Each time our homepage is accessed, Häfele uses the client IP address to determine the country from where the access is made, in order to route the requesting party to the specific Häfele homepage of the relevant country. This data is not used further, with the exception of the storage of access data, and creation of log files described under No. 3.2.


3.4 Contact form

If there is an option for entering personal or business information on this website, the information is always entered voluntarily. Information required to perform the desired operation is designated with an asterisk ‘*’. If you provide us with personal or business information via the contact forms, we will only use it for the respective intended purpose. Your consent constitutes the legal basis for this (Art. 6 (1a) GDPR). Data transfers are encrypted using SSL or TLS technology in order to prevent the unauthorised access of your personal data by third parties.


3.5 Supplier portal

You enter your surname, first name and other business data in order to register for the supplier portal. This will enable you to access our services for suppliers. The data will be stored for the duration of the registration, for the purpose of performing the contract and in order to fulfil statutory obligations. The legal basis for this is Art. 6 (1 a and b) GDPR. You may cancel your registration at any time. In that case, your access will be blocked immediately and erased upon the expiry of the statutory retention obligations.


3.6 Chat function

If you use the website’s chat function to contact the customer service, various information will be communicated to the customer service when initialising the chat (Art. 6 (1 a) GDPR). This information includes the website Help function invoked by you, and your browser and operating system versions. In addition, the chat platform will regularly relay information concerning the accessibility of the chat service at regular intervals. Based on this information, the website's button for starting the chat will either be activated or deactivated. We store information concerning the start and end of the communication for 7 days only. Chat content is not stored. Data transfers are encrypted using SSL or TLS technology in order to prevent the unauthorised access of your personal data by third parties for marketing purposes.


3.7 Electronic Marketing
We send marketing communications to our customers via email, phone or SMS. If you are an existing customer, subject to your marketing preferences, or where you have otherwise expressly consented, we’ll send you relevant offers and promotions, as well as information about our products and services that we think you’d benefit from.
Opting Out
Email - You can opt-out of our email marketing any time by clicking the unsubscribe button at the bottom of any of our emails.


3.8 Ecommerce

If you would like to place an order on our website, the conclusion of the contract requires you to provide your personal data that we need in order to execute your purchase order. An “*” indicates the mandatory information required to execute contracts; other data is voluntary. To place an order with us, you are required to enter your company-specific customer number. We will process the data provided by you, in order to execute your purchase order. To this end, we may forward your payment data to our house bank. The legal basis for this is Art. 6 (1 1st sentence b) GDPR.

We may also process the data you provide, in order to inform you about other interest products in our portfolio, or to send your emails containing technical information. The legal basis for this is Art. 6 (1 1st sentence f) GDPR.​​​​​​​

Commercial and tax law stipulations oblige us to store your address, payment and order details for a period of ten years. However, we will implement a limitation on processing after three years, meaning that your data will only be used in order to fulfil the statutory obligations.

The order procedure is encrypted using SSL or TLS technology in order to prevent the unauthorised access of your personal data - particularly your financial data - by third parties.


3.9 Use of apps

When you use the app, our servers will temporarily save the IP address of your device and other technical characteristics, such as the requested content (Art. 6 (1 b) GDPR). Häfele will not use the data over and beyond this. Our app enables you to use various functions provided by a third party (such as Apple or Google), and used by the "controller" of the data processing operation. Please consult the relevant operating system vendor for details on the functionality, and how you can turn the use on and off.


​​​​​​​​​​​​​​3.10 Integration of third-party services

We have integrated YouTube videos into our online site. This are stored on and can be viewed directly via our website. These are all integrated into the “enhanced data protection mode”, meaning that YouTube will not receive any data about you as a user, if you do not play the videos. The data described in No. 3.3 will only be transferred if you view the videos. We have no control over this transfer of data.

We have integrated Google Maps - a service provided by Google LLC - into our website. (“Google”), Amphitheatre Parkway, Mountain View, CA 94043, USA, as the third-party provider. When you visit the website, the third-party provider receives the information that you have retrieved the relevant sub-pages of our website. Furthermore, the data described in No. 3.3 of his notice will be transferred. This takes place regardless of whether this third-party provider provides a user account which you have logged into, or if no user account exists. If you are logged into the plug-in provider, this data will be directly correlated with your user account. If you do not wish the plug-in provider to make the correlation with your profile, you need to log out before activating the button.

Google stores this data for user profiles where relevant, and it uses the data for the purposes of advertising, market research and/or for the appropriate design of its website. This kind of analysis is particularly performed (not only for logged-in users) for the purpose of delivering appropriate advertising, and to inform other users of the social network about your activities on our website. You have a right to object to the formation of these user profiles. You have to contact Google in order to exercise this right. The legal basis for this processing is Art. 6 (1f) GDPR.

Further information regarding the purpose of scope of the collection and the processing of this data by the plug-in provider can be found in Google’s Privacy Police: It also contains further information on your rights in this connection, and the configuration options to enable you to protect your privacy.


View our Cookies Policy here