1. CONTROLLER AND CONTACT DETAILS OF THE DATA PROTECTION OFFICER
The controller in terms of data processing on this online offering is
peiker Holding GmbH
Gartenstrasse 25
DE-61325 Bad Homburg
(hereinafter also referred to as "Company" or "we")
You can reach our external Data Protection Officer under
Firma GENA
Datenschutzbeauftragter
Böttgerstraße 6
65439 Flörsheim
2. PROCESSING OF PERSONAL DATA IN CONNECTION WITH YOUR USE OF OUR WEBSITES, APPLICATIONS AND ONLINE PLATFORMS
a. Data categories, purpose of processing and legal basis
In the context of the use of our websites, applications or online tools (in the following summarised as “online offering"), we process the following personal data:
- Personal data that you yourself enter voluntarily in the context of an online offering (such as during registration, requests to contact you or in the context of participation in surveys, etc.), such as first and last name, E-mail address, telephone number, information provided in the context of a support request, comments or forum posts and
- HTTP data: Information that is automatically sent to us by your web browser or end device, such as your IP address, device type, browser type, previously visited websites, subpages visited or the date and time of each visitor request.
We will process your personal data for the following purposes:
- Technical administration of the website (defense against and detection of fraudulent or similar acts, including attacks on our IT infrastructure, enabling user authentication) The legal basis for the processing of personal data for these purposes is our legitimate interest in ensuring the security of the website in accordance with Art. 6 para. 1 lit. f GDPR, regardless of whether a contractual relationship exists with you. The transmission of personal data (e.g. the IP address) is necessary to establish the connection and to display the content of the website.
- Online and other services (enabling the use of the services and functions of our online offers, processing inquiries, sending marketing information upon request) The legal basis for the processing of personal data for the above-mentioned purpose is Art. 6 para. 1 lit. b and our legitimate interest in marketing pursuant to Art. 6 para. 1 lit. f GDPR. Visiting our online offer establishes a legal relationship similar to a contract within the meaning of Art. 6 para. 1 lit. b GDPR. Without the processing of personal data, we cannot offer our online services as intended. In particular, the transmission of personal data such as the IP address is required to establish a connection.
In some cases we will ask you expressly for your consent to the processing of your personal data. In such a case, the legal basis for processing your personal data is the consent you have given in accordance with Article 6 paragraph 1 lit. a) GDPR in conjunction with Article 7 GDPR.
b. Cookies
We also use cookies as part of our online offering. Cookies are small text files that are stored on your device by your browser when you visit our website. Cookies contain information that results in each case in connection with the context of use and your end device.
(1) Technically necessary cookies
The use of technically necessary cookies relates in particular to cookies that are required to make our online offering available. The legal basis for the storage and retrieval of such cookies on your end device is Section 25 (2) No. 2 TTDSG. The legal basis for further data processing in these cases is Art. 6 para. 1 lit. f GDPR (legitimate interests in the provision of the online offer or IT security).
(a) Consent management with Usercentrics
We use the Consent Management Platform (CMP) of Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany. The tool allows you to conveniently manage your consent to the setting of technically unnecessary cookies and to make changes in this regard, such as revoking consent. For this purpose, Usercentrics also has access to the collected data as a processor.
The tool enables us to inform you about your consent and to obtain, manage and document it. For this purpose, we process http data and the consent, insofar as this has been granted.
The purpose of the processing is to obtain consent, to enable you to revoke or adjust your consent, to provide evidence (accountability) with regard to the consent given and to ensure the security of the application. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests in the purposes mentioned).
Information on consent given and on the withdrawal of consent is stored for one year for accounting purposes.
(2) Marketing cookies
With the help of so-called marketing cookies, we process information regarding the websites visited by users in order to improve our marketing and customize the use of our offer to your individual preferences. We also use marketing cookies to statistically record, optimize and evaluate the use of our online services. These cookies are only activated if you have given your consent in accordance with § 25 para. 1 TTDSG and Art. 6 para. 1 lit a DS-GVO i.V.m. Art. 7 GDPR have given. You give your consent in this regard when you call up our online offer by displaying our "cookie banner". Here you can declare your consent to the use of cookies on this website by clicking a button.
"You can change your decision on the use of cookies on our website at any time with effect for the future by clicking on the cogwheel on the left-hand side of the screen. You can also withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal."
(a) Google Analytics
This website uses functions of the web analysis service "Google Analytics". The recipients of the data are Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) and analysis and support service providers based in the EU as part of order processing. Google Ireland Limited uses Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a service provider. The data will only be transmitted if you have given us your consent to do so in accordance with Art. 6 para. 1 lit a, 49 para. 1 sentence 1 lit a GDPR. Corresponding information on the risks of such data transmissions and revocation options can be found under section 8. Details on transmission by Google can be found in Google's data protection information at www.google.com/policies/privacy/.
Google Analytics enables us to analyze the usage behavior of our online offering. The data obtained from this (hereinafter referred to as "usage data") is used to optimize our website and advertising measures and to increase the efficiency of the resources we use.
During your visit to our website, the following usage data is recorded, among others:
- Websites visited
- Your behavior on the websites
- Your approximate location (country and city)
- Your IP address (in anonymized form, see under (i) )
- Technical information such as browser, internet provider, end device and screen resolution
- Source of origin of your visit (i.e. via which website or advertising medium you came to us)
Google Analytics stores cookies in your web browser for its services. These cookies contain a randomly generated user ID with which you can be recognized on future website visits. The aforementioned data is stored together with the randomly generated user ID, which enables the creation and analysis of pseudonymous user profiles.
The storage of Google Analytics cookies and the processing of data in connection with Google Analytics is based on your consent within the meaning of Art. 6 para. 1 lit. a GDPR in conjunction with Art. 7 GDPR and § 25 para. 1 TTDSG. Art. 7 GDPR and § 25 para. 1 TTDSG. We obtain the necessary consent from our users immediately after accessing our website for the use of Google Analytics or the use of statistics cookies through our cookie banner. The consent obtained from you in this respect also relates to the transfer of your data to the USA (Art. 49 para. 1 lit. a GDPR).
You can revoke your consent at any time without giving reasons. To do so, please use the cogwheel at the bottom left of the page. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Alternatively, you can prevent Google from collecting data by downloading and installing the browser plug-in available at the following link or by prohibiting the storage of cookies in your browser settings.
We have activated IP anonymization for the use of Google Analytics. This means that the IP address transmitted by the browser for technical reasons is anonymized by shortening it (deleting the last octet of the IPv4 address or the last 80 bits of the IPv6 address) before it is stored. The remaining user and event data is stored for 14 months. User and event data is data that is linked to cookies, user identifiers (e.g. user ID) and advertising IDs (e.g. DoubleClick cookies, Android advertising ID, IDFA [Apple identifier for advertisers]). The cookie itself is deleted 2 years after the last visit to our website or if consent is withdrawn.
(b) Google Tag Manager
If you have given your consent, we use the "Google Tag Manager" service of Google Inc. based in the USA (hereinafter referred to as "Google") on our website. The recipients of the data are Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) and analysis and support service providers based in the EU as part of order processing. Google Ireland Limited uses Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a service provider. The data will only be transmitted if you have given us your consent to do so in accordance with Art. 6 para. 1 lit. a, 49 para. 1 sentence 1 lit. a GDPR. Corresponding information on the risks of such data transmissions and revocation options can be found under section 8. Details on transmission by Google can be found in Google's data protection information at www.google.com/policies/privacy/.
The Tag Manager is an organizational tool with which we can integrate and manage website tags. Tags can perform various tasks, e.g. collect browser data, control marketing tools, set cookies or track users across multiple websites. The Tag Manager thus helps us to control our cookies and optimize our website as a whole.
The legal basis for the integration of the Tag Manager is your consent in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. Art. 7 GDPR. With regard to access to the end device, the legal basis is Section 25 (1) sentence 1 TTDSG. We obtain the required consent immediately after accessing our website via our cookie banner.
You can revoke your decision to use the Tag Manager on our website at any time with effect for the future. To do so, please use the "Cookie settings" link, which you will find at the bottom of our website. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
(3) Functional cookies
We also use so-called functional cookies to make the use of our online services more appealing and user-friendly.
The legal basis for the data processing for the use of such functional cookies, the associated data processing or the processing of the data obtained from them is our legitimate interest in the design of the website in accordance with Art. 6 para. 1 lit. f GDPR or your consent in accordance with § 25 para. 1 TTDSG and Art. 6 para. 1 lit. a GDPR in conjunction with Art. 7 GDPR. Art. 7 GDPR. You give your consent in this regard when you access our online offer by displaying our "cookie banner". Here you can give your consent to the use of cookies on this website by clicking a button.
"You can change your decision on the use of cookies on our website at any time by clicking on the cogwheel on the left-hand side of the screen. You can also withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal."
(a) Google Maps
If you have given your consent, this website uses Google Maps to display interactive maps and to provide directions. Google Maps is a map service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, ("Google") (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). By using Google Maps services, information about the use of this website, including your IP address and the (start) address entered as part of the route planner function, may be transmitted to Google. When you visit our website, your browser establishes a direct connection with Google's servers. The map content is then transmitted directly to your browser, which integrates it into our website.
The integration of Google Maps is based on your consent (Art. 6 para. 1 lit. a GDPR in conjunction with Art. 7 GDPR). We obtain the necessary consent from our users immediately after accessing our website for the use of functional cookies through our cookie banner. If consent is not given in this way, you will be asked again for consent on pages where Google Maps is integrated, which you can give there. The consent obtained from you in this respect also relates to the transfer of your data to the USA (Art. 49 para. 1 lit. a GDPR). Google may transfer personal data to countries outside the EU and the EEA, in particular to Google's parent company, on the basis of adequacy decisions or the EU standard contractual clauses.
We have no influence on the further processing and use of the data by Google. If you do not want Google to process data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display.
Further information on the scope of data processing by Google Inc. can be found in Google's privacy policy.
b) Google Fonts
Our online offer uses so-called fonts from Google Fonts of (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, ("Google") (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)). These fonts are integrated locally by us so that no connection to Google's servers is established. The processing of your personal data (e.g. IP address) takes place solely on our servers, so that the legal basis for the use of these fonts is our legitimate interest in a user-friendly presentation.
c) Contacting us
Contact forms which can be used for electronic contact are available on our website. If a user takes advantage of these options, the data entered in the input mask is transmitted to us and part of the data is stored.
In this context, no data will be passed on to third parties outside the Company. The data will be used exclusively for processing the correspondence.
The legal basis for processing the data transmitted in the course of sending an email is our legitimate interest in communicating with you in accordance with Art. 6 (1) (f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, Art. 6 para. 1 lit. b GDPR is a further legal basis for the processing.
Processing the personal data from the input mask serves us to make contact and to prevent improper use of the contact form.
The data will be erased as soon as it is no longer necessary for achieving the purpose of collection. For the personal data from the input mask of the contact form and that sent by E-mail, this will be the case when the respective correspondence ends.
Users have the possibility to object to the processing of their personal data at any time. In such a case, the correspondence cannot be continued. Please send us your deletion request via E-mail to datenschutz@peiker-holding.de. In this case, all personal data stored in the course of the contact will be deleted.
3. PROCESSING OF PERSONAL DATA FOR CUSTOMER SATISFACTION SURVEYS AND DIRECT MAREKTING
If you have given us your consent or if we are authorized to do so within the framework of existing customer relationships, your contact data will also be used for direct marketing purposes (such as trade fair invitations, newsletters) or to conduct customer satisfaction surveys. You have the right to object to the use of your contact data for these purposes at any time. If you wish to exercise your right to object in this regard, please send us an email to datenschutz@peiker-holding.de or follow the corresponding instructions that you have received from us in any advertising email. The legal basis for processing your data for advertising purposes is our legitimate interest in marketing in accordance with Art. 6 para. 1 lit. f GDPR in the case of existing customer relationships or Art. 6 para. 1 lit. a GDPR if you have given us your consent.
4. PROCESSING OF PERSONAL DATA OF BUSINESS PARTNERS
a) Data categories, purpose of processing and legal basis
Within the scope of cooperation with Business Partners, the Company processes personal data of contact persons at customers, suppliers, interested parties, sales partners and cooperation partners (hereinafter referred to as “Business Partners"):
- contact details such as first and last name, business address, business telephone number, business mobile number, business fax number and business E-mail address,
- payment information such as details required for processing payment transactions or preventing fraud, including credit card details and card verification numbers,
- other information, the processing of which is necessary within the framework of a contractual relationship and which is voluntarily provided by Business Partners, such as orders, inquiries or details of projects,
- we will also store your IP address and the date of your registration when you register for a customer account,
- personal data collected from publicly available sources, information databases or credit agencies, and
- as far as legally required in the context of compliance screenings: date of birth, identity card and ID numbers, information on relevant legal proceedings or other legal disputes involving Business Partners.
The aforementioned personal data is processed for the following purposes:
- Communication with Business Partners on products, services and projects, for example to process inquiries from the Business Partner or to provide technical information on products,
- Performance of contracts,
- Planning, execution and management of the contractual business relationship, for example to process orders for products and services, collect payments, for accounting and billing purposes and to carry out deliveries, maintenance activities or repairs,
- Processing of registration for a customer account,
- Management of a customer account for pre-contractual services, for the fulfilment of the contract or for the purpose of customer cultivation (e.g. in order to provide you with an overview of your previous orders with us or in order to be able to offer you the so-called memo function),
- Conducting customer surveys, marketing campaigns, market analyses, competitions, etc.,
- Maintenance and protection of the safety of our products and our websites, prevention and discovery of safety risks, fraudulent activities or other criminal offences or acts carried out with the intent to cause damages;
- Comparison of personal data with US sanctions lists based on the European regulations 2580/2001 and 881/2002,
- Compliance with (i) legal requirements (e.g. tax and commercial retention requirements), (ii) existing obligations to conduct compliance screenings (to prevent white-collar crime or money laundering), and (iii) policies and industry standards; and
- Settling legal disputes, enforcing existing agreements as well as asserting, exercising and defence against legal claims.
Processing personal data is necessary to achieve the aforementioned purposes. Unless expressly stated otherwise at the time of collection of personal data, the legal basis for data processing is
- the execution and performance of a contract with you or for carrying out pre-contractual measures under Article 6 paragraph 1 lit. b) GDPR,
- the fulfilment of legal obligations to which the undertaking is subject under Article 6 paragraph 1 lit. c) of the GDPR, or
- safeguarding legitimate interests under Article 6 paragraph 1 lit. f) GDPR. The legitimate interest lies in the initiation, implementation and handling of the business relationship in commercial transactions.
If you have expressly given your consent to processing your personal data in individual cases, this consent is the legal basis for processing in accordance with Article 6 paragraph 1 lit. a) GDPR.
5. PROCESSING OF PERSONAL DATA OF APPLICANTS
a) Categories of data and purpose of data processing
Within the framework of the application procedure, we process the following categories of personal data:
- personal data (first and last name, date of birth, address, school-leaving certificate)
- communication data (telephone number, mobile number, fax number, E-mail address)
- data on assessment and evaluation in the application procedure
- data on education (school, vocational training, civilian / military service, university education, doctorate)
- data on the previous professional career, training and work certificates
- information on other qualifications (e.g. language skills, PC skills, voluntary work)
- application photo
- details of the desired salary
- application history
- Social media links (link to Xing or LinkedIn profile, if data transfer from these profiles was selected)
Personal data that you provide us with in the context of your application will be stored and used exclusively for the purpose of processing your application and, if applicable, for the purpose of the subsequent employment.
b) Legal basis of data processing
The processing of your personal data as part of the application process is based on Art. 6 para. 1 lit. b GDPR (establishment and performance of a contract) and Art. 6 para. 1 lit. f GDPR (legitimate interest in communication and processing of the application).
Any further processing of applicant data will take place only on the basis of an explicit declaration of consent. This is particularly the case if we are unable to offer you a current vacancy in the Company, but consider your application suitable for future positions. The storage and processing of your data in this respect will then be based on your consent in accordance with Article 6 paragraph 1 lit. a) GDPR).
The storage and processing of your data for forwarding to other companies of the group is also based on your consent in accordance Article 6 paragraph 1 lit. a) GDPR.
c) Information on Shared Responsibility
If you apply to peiker Holding GmbH and in doing so give your consent to be included in the applicant pool, we will also check, in accordance with your consent, whether you are a match for another position held by us or other of the above-mentioned companies of the Peiker family and, if necessary, contact you accordingly. Only in this case and if the application also relates to other companies of the Peiker family or is kept open for this purpose, will the processing be carried out as joint controllers. To this extent, the HRworks applicant portal is operated by us together with the Peiker family companies [peiker Holding GmbH, peiker Immobilien GmbH, peiker CEE GmbH, FTI Engineering Network GmbH, peicom GmbH, Hofgut Liederbach Service GmbH...] operated as joint controllers within the meaning of Art. 26 DS-GVO.
As joint controllers pursuant to Art. 26 DSGVO, the companies have recorded the joint use of the application portal in an agreement and agreed which of them fulfills which obligation under data protection law. In the following, we would like to inform you about the main contents of the agreement between the joint controllers:
(i) Cooperation of the jointly responsible parties
The companies decide independently of each other on the content of the application procedures and the specific processing of the applicant data. If you apply to peiker Holding GmbH and give your consent to this, we will include you in an applicant pool and, in accordance with your consent, we will also check whether you are a match for another position held by us or other of the above-mentioned companies of the Peiker family and, if necessary, contact you accordingly. Only in this case and if the application also refers to other companies of the Peiker family or is kept open for this purpose, the processing will be carried out as joint responsible persons. The matching is always done by us, but also to fill the open vacancies of the other companies of the Peiker family mentioned above.
If you only apply for a vacancy at peiker Holding GmbH and do not give your consent for us to include your data in an applicant pool and to check whether you match a vacancy of the other companies of the Peiker family mentioned above, the processing is not carried out as joint controller. In this case, only peiker Holding GmbH is the responsible party.
The companies have jointly determined the means and purposes of the technical operation and organizational use of the Applicant Portal.
The Applicant Portal itself is provided by an external service provider as part of a commissioned processing pursuant to Art. 28 DSGVO. The order processor pursuant to Art. 28 DSGVO is HRworks GmbH, based in Freiburg.
(ii). Responsibility of the companies
The company to whose job advertisement you apply in each case is individually responsible for informing you about the use of your applicant data pursuant to Art. 13 and 14 DS-GVO and your rights to which you are entitled in this context. You will find the information on this in this data protection declaration.
You can request information about the processing of your personal data at any time. In addition, you can of course exercise all other rights to rectification, erasure, restriction of processing and data portability in accordance with Art. 15-21 DSGVO at any time. In addition, you have the right to object to the processing of your personal data in accordance with Art. 21(1) DSGVO at any time on grounds relating to your particular situation. According to the joint responsibility agreement, the company whose job advertisement you have applied for is exclusively responsible for your inquiries. If you address your inquiry to a company other than this company, the inquiry will be forwarded without delay to the responsible company, which will then process your inquiry.
peiker Holding GmbH performs the administrator function of the applicant portal for all companies of the Peiker family. For this purpose, peiker Holding GmbH, in coordination with the other companies of the Peiker family, exercises the rights of instruction and control vis-à-vis the Processor pursuant to Art. 28 of the GDPR.
d) Passing on of data
Your data will be made available to the relevant employees in the HR department and the relevant employees or supervisors in the specialist department(s) for the position for which you have applied.
In the case of a speculative application, your documents will be made available to the relevant employees in the HR department and the relevant employees or supervisors in the relevant specialist departments for which your application may be of interest.
We do not forward your applicant data to affiliated subsidiaries or parent companies unless your application also relates to these companies or is kept open for this purpose, or you have given your consent when applying that we may include you in an applicant pool and use your data to check whether you are a suitable candidate for another position in the other Peiker family companies mentioned above and contact you accordingly if necessary. The legal basis for the transfer of your data to the other companies of the Peiker family mentioned above is Art. 6 para. 1 lit. a DS-GVO. Furthermore, we use order processors (e.g. IT service providers). The transfer of your data to them is carried out in strict compliance with the obligation of confidentiality and the requirements of the DS-GVO. The processors commissioned by us may only process the data for us and not for their own purposes. In these cases, the responsibility for data processing remains with us.
A data transfer also takes place if we are obliged to do so due to legal provisions and/or official or judicial orders.
e) Transfer of personal data to third countries
Our company is part of a group of companies in which personnel responsibilities may exist across national borders. For this reason, responsible superiors in other countries may also have access to your applicant data. This data processing is necessary for the decision on the establishment of an employment relationship. In addition, data is also transferred to third countries when your data is included in the talent pool. This means that our affiliated foreign units also have access to your applicant data.
In the event of data transfer to an entity in a third country, appropriate guarantees for the protection of your personal data ensure that the level of data protection in the European Union is complied with.
f) Deletion periods for applicant data
If no employment relationship is established, the application documents will be deleted six months after rejection. The legal basis for the storage in this regard is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Our legal interest in this regard is the defense against any claims arising from the General Equal Treatment Act ("AGG"). In all other respects, the general deletion periods and information under Section 9 apply.
If you give your consent to be included in the applicant pool, we will delete your data after 12 months unless you give your consent again.
6. SOCIAL MEDIA
We set references ("links") on our website to the social networks LinkedIn and xing in order to draw attention to our services and products and to contact you as a visitor and user of these social media sites as well as our website.
You can recognize the links by the logo of the respective social network. When you click on the logo, a direct connection is established between your browser and the server of the respective service and you are redirected to the website from the service provider.
In the following, you will learn how your data is processed on the respective social media presences.
We operate the following presences:
|
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland |
https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_join-form-privacy-policy |
|
|
New Work SE, Am Strandkai 1, 20457 Hamburg, Deutschland |
a) Data processing by us
We operate the social media presences to draw attention to our products, services and career opportunities and to communicate with users for this purpose and to achieve improvements.
The processing of personal data in this regard is generally based on Art. 6 (1) lit. f DS-GVO due to our legitimate interests in public relations, communication and product improvement unless otherwise stated.
It is possible for us to view your posts and similar interactions on our social media presences as well as - depending on your privacy settings - your public profile. We may use this data to improve our information and products, especially on our social media presences.
In the event that you contact us via our social media presences, we process the personal data you provide in this context in order to process your request, in particular to respond to inquiries. We may then answer your inquiry via the respective social media presence. The legal basis for the processing of personal data is in many cases Art. 6 (1) lit. b DS-GVO (contract performance or pre-contractual measures) or if this legal basis is not relevant Art. 6 (1) lit. f DS-GVO due to the legitimate interests resulting from the purposes mentioned.
In addition, we may also process personal data in connection with the social media presences in accordance with the information in the other sections of the privacy notices.
As a precaution, we would like to point out that communication via the social media platforms may be insecure. You can always contact us via other communication channels and will receive a response via these other channels as well.
Furthermore, we receive aggregated usage statistics from the platforms, which we use to evaluate usage behavior and to improve our information offering. The usage statistics may also be created by the platforms on the basis of personal usage data. Further information on this can be found in the privacy notices of the respective providers linked above. Specific information on Facebook and Instagram can be found below.
b) Processing by the platform operators
We have no influence on the processing of your personal data by the respective providers. Rather, the platform operators have control over data processing in the context of the use of the respective service. This includes, for example, the storage and use of cookies on user terminals and the analysis of your behavior on the social network.
c) Notes on the deletion of posts
If you publish personal data on our social media presences in the form of posts, such as images, texts, video, or interact in other ways, e.g. by clicking on a "thumbs up" button, your data will be processed and in many cases published. If this is inappropriate content, we may delete it in accordance with the usual procedures and policies of the respective platforms.
7. RECIPIENTS AND CATEGORIES OF RECIPIENTS
Within our Company, access to your data is granted to those bodies that need it to fulfil their contractual and legal obligations. Service providers and agents appointed by us may also receive the data for these purposes if they commit to protecting confidentiality and integrity. These are companies in the IT services, telecommunications and sales and marketing categories.
As far as passing on data to recipients outside our company is concerned, it must first be kept in mind that we will pass on only necessary personal data, observing all regulations on data protection. As a matter of principle, we may pass on information about you only if this is required by law, you have given your consent or we have otherwise been granted authority. Under these circumstances, recipients of personal data may, for example, be:
- public authorities and institutions (such as authorities prosecuting criminal acts) if based on a statutory or regulatory obligation,
- other affiliated companies for risk management due to legal or regulatory obligations,
- service providers that we use in the context of order processing relationships and
- service providers that are explicitly named as recipients in this data protection notice.
In all other respects, the data transfers listed in the other sections apply.
8. TRANSFER TO THIRD COUNTRIES
Data transfer to bodies in states outside the European Union (so-called third countries) will take place to the extent
- this is required for performance of the contractual relationship (such as shipment orders),
- it is required by law (such as obligatory reporting under tax law), or
- you have given us your consent.
Furthermore, the transmission of data to third countries for the purpose of maintaining and ensuring the IT operation and IT security of the Company cannot be ruled out.
The use of our range of social media and map services may result in data transmissions and subsequent processing of usage data by the respective services in the U.S.
Possible data transmissions exclusively take place in automated form in connection with the use of our social media offerings and Google's map services and with the help of cookies.
When transferring data to so-called third countries, we ensure that this is done in accordance with the law. As a rule, data transfers are permitted on the basis of an adequacy decision, particularly in the case of transfers to the USA. If this does not apply in individual cases, we will conclude the standard data protection clauses or obtain your explicit consent.
You can reject the use of cookies and other technologies altogether or choose individual settings. You can also revoke your consent at any time with effect for the future. Any processing carried out previously remains unaffected by a revocation.
In addition, in accordance with the statements in the other sections, personal data may be transferred to third countries by the companies to which we transfer personal data.
9. RETENTION PERIOD
We process and store your personal data as long as is necessary for the fulfilment of our contractual obligations and the exercise of our rights.
The revocation of any consent given previously will be stored for three years (accountability). The administrative cookie will be deleted 6 months after the last visit. Server log data is deleted or anonymised after seven days at the latest, unless further storage is required for evidentiary purposes. Data on newsletters and invitations will be deleted as soon as you unsubscribe.
In individual cases, longer storage of data for the purpose of providing evidence may be justified in legitimate individual cases. According to Secs. 195 et seqq. German Civil Code (BGB), this statute of limitations may be up to 30 years, the regular statute of limitations being 3 years.
10. DATA SECURITY
For reasons of security and to protect the transmission of confidential contents such as orders or inquiries that you send to us as the site operator, this website with our online offering has implemented SSL or TLS encryption. You will recognise an encoded connection by the change in the address line of the browser from “http://” to “https://” and the lock symbol in your browser line.
Our staff and the providers we have hired are committed to confidentiality and compliance with the provisions of the applicable data protection laws. The Company takes adequate technical and organisational security measures to protect your personal data against loss, modification, destruction, access by unauthorised persons or unlawful transfer. Our security measures are being improved on an ongoing basis in accordance with technological development.
11. RIGHTS OF DATA SUBJECTS
Every data subject has the right to information pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to limitation of processing pursuant to Article 18 GDPR, and the right to data portability pursuant to Article 20 GDPR.
As far as the right to obtain information and the right to erasure are concerned, the restrictions pursuant to Secs. 34 and 35 BDSG are applicable. Moreover, there is a right to appeal to a competent data protection supervisory authority (Article 77 GDPR in conjunction with Sec. 19 BDSG).
You can revoke your consent to the processing of personal data at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You also have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, in particular on the basis of Article 6 paragraph 1 lit. f) of the GDPR. If you do object, we will no longer process your personal data unless we have compelling justified reasons for such processing which override your interests, rights and freedoms. This will especially be the case where processing is required for asserting, exercising or defending legal rights.
In accordance with Article 22 GDPR, you also have the right not to be subject to fully automated decision-making. As a matter of principle, we do not use fully automated decision-making processes to establish, perform or terminate a business relationship. In the event that we should use such processes in individual cases (for example to improve our products and services), we will inform you of this and of your rights in this respect separately if prescribed by law.
For more information and explanations regarding the above rights, please visit the website "Rights for citizens“ of the European Commission.
12. OBLIGATION TO PROVIDE DATA
Within the scope of our online service, we rely on the processing of such usage data that is necessary for the implementation and termination of the service and for the fulfilment of the associated obligations. Without the collection of usage data, we and our service providers are not able to provide you with our online offering. However, the provision of personal data is neither legally nor contractually required.
13. PROFILING
We do not process your personal data automatically in such a way that this has a legal effect on you or significantly impairs you in a similar way.
14. UP-TO-DATENESS OF AND CHANGES TO THIS PRIVACY POLICY
This privacy policy is currently valid and was last updated in July 2024.