1. DATA PROTECTION AT A GLANCE
Data capture on this website
Who is responsible for data capture on this website?
Data processing on this website is performed by the website operator, whose contact data are listed in the legal notice of this website.
How do we capture your data?
Your data are captured when you communicate them to us. These can be, for example, data that you enter in a contact form.
In addition, data are automatically captured by our IT systems whenever you visit our website. These are primarily technical data (e.g. on your Internet browser, operating system, or the date and time at which you call a page). These data are automatically captured starting when you enter this website.
What do we use your data for?
Some data are captured in order to make your visit to this website as pleasant and error-free as possible. Other data may be used to analyze your behavior as a website user.
Which rights do you have with regard to your data?
You have the right to obtain, at any time and free of charge, information on the source, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of these data. For these purposes, as well as in connection with other questions and issues connected with data protection, you may contact us at any time at the address given in the legal notice. You also have the right to complain to the responsible supervisory authority
In addition, under certain circumstances you have the right to demand that the processing of your personal data be limited. For more detailed information on this, please refer to the section “right to restriction of data processing”.
Analysis tools and third-party tools
Your actions while visiting this website may be statistically evaluated. This is mainly done with the aid of cookies and so-called analysis programs. This is typically done anonymously, i.e. the results cannot be traced back to you.
You may object to this analysis or prevent it by refraining from using certain tools. Detailed information on these tools and on your possibilities for objecting to analysis is available below.
2. HOSTING AND CONTENT DELIVERY NETWORKS (CDNs)
This website is hosted by an external service provider (hoster). Personal data captured on this website are stored on the hoster’s servers. These mainly consist of IP addresses, contact requests, metadata, communication data, contract data, contact data, names, website access operations, and other data that can be generated via a website.
We use a hoster to fulfill contracts with potential and existing customers (Article 6, Paragraph 1 (b) of the GDPR) and in the interest of securely, quickly and efficiently making available our online offering via a professional provider (Article 6, Paragraph 1 (f) of the GDPR).
Our hoster only processes your data to the extent required to comply with its contractual obligations and follow our instructions with regard to these data.
3. GENERAL AND COMPULSORY INFORMATION
We also call attention to the fact that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. It is not possible to completely protect data from being accessed by third parties.
Responsible for data processing on this website is:
Telefon: +49 (0)7455-93943-0
Responsibility rests with the natural or legal person who is responsible, either solely or jointly with others, for making decisions on the purposes and means of processing personal data (e.g. names, email addresses etc.).
Legally required data protection officer
We have appointed a data protection officer for our company:
Herr Daniel Schuster
Telefon: +49 (6261) 8469260
Revoking your consent to data processing
Many data processing operations are only possible with your explicit consent. You may retract previously provided consent at any time. In order to do so, it is sufficient to send us a formless notification by email. The legality of any data processing carried out earlier is unaffected by your revocation.
Right to object to data capture in special cases and to direct advertising (Article 21 GDPR)
If data is processed on the basis of Article 6, Paragraph 1 (e) of GDPR, you have the right to object to this processing of your personal data at any time for reasons arising from your unique situation; this also applies to profiling based on these provisions. This data policy indicates the legal basis for such processing in each case. If you object, we will no longer process your affected personal data unless we can prove that compelling legitimate reasons for this processing exist that outweigh your interests, rights and liberties or the processing serves the purpose of asserting, exercising or defending legal claims (objection as per Article 21, Paragraph 21 GDPR).
If your personal data are processed for direct marketing purposes, you have the right to object at any time this processing; this also applies to any profiling performed in connection with this direct marketing. If you lodge an objection, your personal data will no longer be used for direct marketing purposes (objection as per Article 21, Paragraph 21 GDPR).
Right to complain to the responsible supervisory authority
In the event of infringements of the GDPR, you have the right to complain to a supervisory authority, in particular in the EU member state in which you habitually reside or work or in which the alleged infringement has taken place. This right to complain applies despite any other administrative or judicial legal recourse.
Right to data portability
You have the right to receive, in a commonly used machine-readable format, data that we process on the basis of your consent or in fulfillment of a contract. If you request that the data be directly transmitted to another data controller, this will only be done to the extent that it is technically feasible.
SSL and TLS encryption
For security reasons and to safeguard the transmission of confidential content, such as orders or requests that you send to us as the website’s operator, this website utilizes SSL or TLS encryption. You can tell an encrypted connection from the fact that the first part of the address line in the browser changes from “http://” to “https://” and a castle icon appears in the browser window.
If SSL or TLS encryption is enabled, data that you send to us cannot be read by third parties.
Information, deletion and correction
Within the scope of the applicable legal provisions, you have the right to receive, at any time and free of charge, information on stored personal data of yours, their source and recipients, and the purpose of data processing as well as, if relevant, the right to have these data corrected or deleted. In order to exercise this right or ask other questions related to the topic of personal data, you may contact us at any time at the address given in the legal notice of this website.
Right to restrict processing
You have the right to request that the processing of your personal data be restricted. For this purpose, you may contact us at any time at the address given in the legal notice of this website. You have the right to request the restriction of processing in the following cases:
- If you dispute the correctness of personal data that we have stored, we typically need time to perform a check. While this check is ongoing, you have the right to request that processing of your personal data be restricted.
- f your personal data have been or are being unlawfully processed, you may request that the processing of your personal data be restricted instead of deleted.
- If we no longer require your personal data but you need them in order to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of deleted.
- If you have lodged a complaint under Article 21, Paragraph 1 GDPR, our interests must be weighed against yours. Until it is clarified whose interests take precedence, you have the right to request that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, these data may only―apart from their storage―be processed either with your consent or in order to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or if the European Union or a member state has an important public interest in such processing.
4. DATA CAPTURE ON THIS WEBSITE
Our website uses “cookies”. Cookies are small text files that do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.
Some cookies may also be stored on your device by other companies when you visit our website (third-party cookies). They enable us or you to take advantage of certain services of the other company (e.g. payment services).
Cookies serve various purposes. Many cookies are required for technical reasons, since some website functionality would not work without them (e.g. the shopping basket and videos). Other cookies are used to evaluate user behavior or display advertising.
Cookies that are required for electronic communications or to provide other functions wished by you (e.g. the shopping basket) are stored on the basis of Article 6, Paragraph 1 (f) GDPR. The website operator has a legitimate interest in storing cookies in order to provide its services in a technically flawless and optimized manner. When corresponding consent has been requested and given (such as consent to store cookies), processing takes place exclusively on the basis of Article 6, Paragraph 1 (a) GDPR and the relevant consent may be revoked at any time.
You can set your browser so that you are informed whenever cookies are set and can decide on a case-to-case basis whether or not to allow certain cookies, accept cookies in certain cases or generally exclude them, and also enable automatic deletion of cookies when the browser is closed. Please note, however, that if all cookies are disabled the functionality of this website may be reduced.
Server log files
The provider of this website captures and stores automatically information in so-called server log files that your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Refer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data are not combined with data from other sources
These data are captured on the basis of Article 6, Paragraph 1 (f) GDPR. The website operator has a legitimate interest in presenting the website in a technically flawless manner and optimizing it, and the server log files must be captured for this purpose.
When you use the contact form to send us requests or questions, the information you provide, including contact data, are stored by us for responding to your request and in case there are any additional questions. We will not divulge these data to any third parties without your consent.
These data are processed on the basis of Article 6, Paragraph 1 (b) GDPR to the extent that your inquiry is related to the fulfillment of a contract or in order to carry out precontractual measures. In all other cases, processing is based on our legitimate interest in effectively handling requests submitted to us (Article 6, Paragraph 1 (f) GDPR) or your consent (Article 6, Paragraph 1 (a) GDPR) if this has been requested.
We keep data that you have entered in the contact form until you request us to delete them, retract your consent to store them, or the purpose for which the data were stored lapses (e.g. after completing processing of your request). Mandatory legal provisions―and particularly time limits on data storage―are unaffected.
Requests submitted by email, phone or fax
If you contact us by email, phone or fax, your request, including all provided personal data (name, request), will be stored and processed by us for the purpose of dealing with your request. We do not provide these data to any third parties without your consent.
These data are processed on the basis of Article 6, Paragraph 1 (b) GDPR to the extent that your inquiry is related to the fulfillment of a contract or in order to carry out precontractual measures. In all other cases, processing is based on your consent (Article 6, Para. 1 (a) GDPR) and/or our legitimate interest in effectively handling requests submitted to us (Article 6, Paragraph 1 (f) of the GDPR) since we have a legitimate interest in effectively dealing with requests directed to us.
We keep data received from you in contact requests until you request us to delete them, revoke your consent for us to store them, or the purpose of data storage lapses (e.g. after processing of your request has been completed). Mandatory legal provisions―and particularly time limits on data storage―are unaffected.
5. Plugins and Tools
This website uses the Google Maps map service via an API. It is provided by Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
In order to use the functions of Google Maps, it is necessary to store your IP address. As a rule, this information is sent to a server of Google in the United States and stored there. The provider of this website has no influence on this data transmission.
Google Maps is used for the purposes of more attractively presenting our online offering and making it easier for you to find us at the locations indicated on our website. This constitutes a legitimate interest in the sense of Article 6, Paragraph 1 (f) GDPR.
Google Maps services are only integrated in the Contact section of this website.
6. SERVICES OF OURS
Handling of applicant data
We offer you the possibility of submitting employment applications to us (e.g. by email or regular mail or using our online application form). In the following, we inform you about the scope, purpose, and use of personal data of yours that are captured in connection with the application process. We assure you that your data are captured, processed and used in accordance with valid data protection laws and all other relevant legal provisions and that your data will be handled with the strictest confidentiality.
Scope and purpose of data capture
When you submit an application to us, we process the personal data contained in it (e.g. contact and communication data, application documents, notes made within the scope of application interviews etc.) to the extent that these are required for deciding whether or not to employ you. The legal basis for this is Section 26 of the German Federal Data Protection Act (new version) in accordance with German law (initiation of an employment relationship), Article 6, Paragraph 1 (b) GDPR (contract initiation) and―provided you have given your consent―Article 6, Paragraph 1 (a) GDPR. You may revoke your consent at any time. Within our company, your personal data will be relayed exclusively to persons who are involved in processing your application.
If your application is successful, the data you have submitted are stored in our data processing systems on the basis of Section 26 of the German Federal Data Protection Act (new version) and Article 6, Paragraph 1 (b) GDPR for purposes related to your employment.
Duration of data storage
If we are unable to offer you a position, you reject a position offered to you, or you retract your application, we reserve the right to store the data you have provided to us on the basis of our legitimate interests (Article 6, Paragraph 1 (f) GDPR) for up to six months following the end of the application process (rejection or retraction of the application). The data are then deleted and any physical application documents destroyed. They are primarily stored for evidential purposes in the event of a legal dispute. If it is apparent that the data will be required beyond the elapse of the six-month period (e.g. due to a possible or imminent lawsuit), they are not deleted until the reason for their extended storage has lapsed.
Data may also be stored for a longer period if you have given us a corresponding consent (article 6, paragraph 1 (a) of the GDPR) or if legal storage requirements forbid their deletion.