NAME AND ADDRESS OF THE DATA PROTECTION OFFICER
Since less than 10 employees are involved in the automated processing of data, there is no data protection officer. For all questions on this subject, please contact the above-mentioned data of the company responsible.
COLLECTION OF GENERAL INFORMATION
When you access the website, general information is collected automatically (not through registration). For technical reasons, your Internet browser automatically transmits data to the web server when you access the site. The web servers used store data by default:
YOUR IP ADDRESS
the website you last visited
the names of the retrieved files
the date and time of retrieval/access
and, if applicable, the operating system and browser version of your PC
This information is evaluated anonymously and is not used for personal purposes. It is used exclusively to improve the attractiveness, content and functionality of the website. Personal user profiles are not created. No further use or disclosure of this data will be made. This data is deleted after statistical evaluation.
To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.
USE OF GOOGLE ANALYTICS
This website uses Google Analytics, a web analysis service of Google Inc. (following: Google). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, due to the activation of IP anonymisation on these websites, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data from Google.
USE OF GOOGLE MAPS
USE OF ADOBE TYPEKIT
CONTACT FORM & REQUEST BY E-MAIL
Due to legal regulations, the website contains information that enables rapid electronic contact with our company as well as direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted by a data subject to the controller on a voluntary basis are stored for the purposes of processing or for contacting the data subject. Such personal data shall not be disclosed to third parties.
DESCRIPTION AND SCOPE OF DATA PROCESSING
There is a contact form on our website which can be used for electronic contact. If a user takes advantage of this possibility, the data entered in the input mask is transmitted to us and stored. These data are:
date and time
IP address of the user
DATA PROTECTION FOR CUSTOMERS
For the purposes of the pre-contractual offer phase or for order fulfilment or service provision, we process personal data such as address and contact data, information on discussions held, your requirements, offers and other information we receive from you. For corporate customers, we also process information, especially contact data, about our contact persons. For the purpose of payment processing, we may store and process data concerning your bank account or credit card information. If external partners are involved in the provision of services or fulfilment of orders, information necessary for the provision of their services may be passed on to them. Auxiliary systems (IT environment, CRM/ERP systems, financial accounting) to which service providers have access in the course of maintenance may be used for processing the information. In these cases, we will agree the necessary contracts for order processing. Within the scope of the reporting obligations, we also pass on data to reporting authorities – if required by law.
DATA PROTECTION FOR APPLICATIONS AND THE APPLICATION PROCESS
The controller collects and processes the personal data of applicants for the purpose of processing the application procedure. The processing may also be carried out by electronic means. This is particularly the case if an applicant submits relevant application documents to the controller electronically, for example by e-mail or via a web form on the website. If the data controller concludes an employment contract with an applicant, the transmitted data is stored for the purpose of processing the employment relationship in accordance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted four months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with deletion. Other legitimate interests in this sense include, for example, an obligation to provide evidence in proceedings under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz, AGG).
DATA PROTECTION FOR SUPPLIERS
In the context of the selection of suppliers or service providers, we will store and process information about you. Within the framework of the supplier check/evaluation, we can obtain and store further information on this from e.g. credit agencies. For order processing purposes, we will also process order-specific information in addition to your master data. In the case of company contacts, we will also process information, in particular contact data, on our contact persons. When processing the information, auxiliary systems (IT environment, CRM/ERP systems, financial accounting) may be used to access the service providers in the context of maintenance. In these cases we will agree the necessary contracts for order processing.
A. LEGAL BASIS OF THE PROCESSING
Art. 6 I lit. a DS-GVO serves as the legal basis for our company for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations necessary for the supply of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b DS-GVO. This also applies to such processing operations which are necessary to carry out pre-contractual measures, for example in connection with enquiries about our products or services. If our company is subject to a legal obligation which makes it necessary to process personal data, for example to fulfil tax obligations, processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our company were to be injured and his or her name, age, health insurance details or other vital information had to be disclosed to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d DS-GVO. Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or of a third party, unless the interests, fundamental rights and freedoms of the data subject prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 sentence 2 DS-GVO).
B. LEGITIMATE INTERESTS IN PROCESSING PURSUED BY THE CONTROLLER OR A THIRD PARTY
If the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and our shareholders.
C. PURPOSES OF DATA PROCESSING BY THE CONTROLLER AND THIRD PARTIES
D. TRANSFER OF DATA TO THIRD COUNTRIES
In individual cases, e.g. use of the web service in connection with Google services or newsletter services, personal data may be transferred to third countries. We always ensure that appropriate guarantees are in place to protect your data. In individual cases, you can obtain the corresponding proof from our data protection officer.
E. DELETION OR BLOCKING OF DATA
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as required by the various storage periods provided for by law. After the respective purpose has ceased to apply or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.
F. LEGAL OR CONTRACTUAL PROVISIONS REGARDING THE PROVISION OF PERSONAL DATA; NECESSITY FOR THE CONCLUSION OF THE CONTRACT; OBLIGATION OF THE DATA SUBJECT TO PROVIDE THE PERSONAL DATA; POSSIBLE CONSEQUENCES OF NOT PROVIDING THE DATA
We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded that a data subject provides us with personal data, which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him/her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the person concerned makes personal data available, the person concerned must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.
G. YOUR RIGHTS OF ACCESS
You can exercise the following rights at any time by contacting our data protection officer:
Information about your data stored with us and their processing, correction of incorrect personal data, deletion of your data stored with us, restriction of data processing, provided that we are not yet allowed to delete your data due to legal Pﬂichten, objection to the processing of your data with us and data transferability, provided that you have consented to the data processing or have concluded a contract with us If you have given us your consent, you can revoke it at any time with effect for the future.
You may at any time submit a complaint to the supervisory authority responsible for you. Your competent supervisory authority depends on the state of your residence, your work or the suspected infringement. A list of the supervisory authorities (for the non-public sector) with the address ﬁnden can be found at: https://
H. YOUR RIGHTS OF DATA SUBJECTS
You can exercise the following rights at any time by contacting our data protection officer:
Information about your data stored with us and their processing, correction of incorrect personal data, deletion of your data stored with us, restriction of data processing, provided that we are not yet allowed to delete your data due to legal obligations, objection to the processing of your data with us and data transferability, provided that you have consented to the data processing or have concluded a contract with us If you have given us your consent, you can revoke it at any time with effect for the future.
You may at any time submit a complaint to the supervisory authority responsible for you. Your competent supervisory authority depends on the state of your residence, your work or the suspected infringement. A list of the supervisory authorities (for the non-public sector) with their addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
CHANGE OF OUR DATA PROTECTION REGULATIONS
We reserve the right to amend this data protection declaration from time to time so that it always meets current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration then applies for your next visit.