Data protection information
1. An overview of data protection
General information
Breuckmann GmbH & Co. KG is the parent company of the family-run companies of the Breuckmann Group (hereinafter referred to as “Breuckmann Group” or “we”). The Breuckmann Group is particularly concerned about protecting your privacy and personal data. With this data protection information we would like to inform you comprehensively about how we handle your personal data.
Who is the responsible party for the recording of data on this website (i.e., the “controller”)?
The processing of your personal data described below is the responsibility of Breuckmann GmbH & Co. KG. You can contact the following office regarding all data protection inquiries:
Breuckmann GmbH Co. KG
Dieselstr. 26-28
D-42579 Heiligenhaus
Phone: +49 (2056) 58 01 – 0
e-Mail: info (at) breuckmann.de
The responsible entity is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).
Data Protection Officer
We have appointed a data protection officer.
Boris Nicolaj Willm
Resilien[i]T GmbH
Monschauer Str. 12
40549 Düsseldorf
Phone: +49 (0) 211 695289 92
e-Mail: dsb.breuckmann (at) resilienit.de
What data do we process from you?
We collect and process various personal data from you depending on the specific processing situations.
For what purposes do we process your data and on what legal basis?
We process your personal data exclusively in accordance with the requirements of the General Data Protection Regulation (“GDPR”) and the Federal Data Protection Act (“BDSG”). In the context of certain situations, we also process your personal data to fulfill other legal obligations or based on your explicit consent.
For the fulfillment of contractual obligations
We process your personal data to fulfill contractual or quasi-contractual obligations or to establish a contract, for example for existing customer support or to answer questions.
If you apply to us by post or electronically and provide us with personal data, we process your personal data exclusively for the purpose of initiating a future employment relationship.
Due to legitimate interests
We also process your personal data to protect our Legitimate Interests, unless your interests or fundamental rights and freedoms requiring the protection of your personal data override these.
Subject to a weighing decision to be made in each individual case, we regularly assume that our legitimate interests are outweighed within the scope of the following processing situations, which are not listed exhaustively:
- Existing customer care;
- Information about offers for services and products if we have received your name, e-mail address or postal address in connection with the provision of our services and the sale of our products from you;
- Optimization of our offers and services;
- Ensuring the confidentiality and integrity of our IT systems;
On the basis of your consent
Insofar as you have separately granted us consent for the processing of your personal data, we will process your personal data within the scope of and on the basis of this consent. Consent may relate, for example, to the transfer of data to partner companies, the evaluation of your data for targeted advertising measures or the sending of newsletters.
Consent is always voluntary. Refusal of consent or revocation of the same will not have any negative consequences for you.
Who do we share your data with?
Companies, agencies and partners of the Breuckmann Group
If necessary for the establishment, execution or termination of a contract or a relationship similar to a contract, we will only pass on your personal data to companies or partners and representatives associated with us. Partners and agencies are in particular independent commercial agents for the distribution of our goods and services in Germany and abroad. For example, when you contact us, we share the information you provide to us with the appropriate regional company so that they can offer you our products and services, depending on your needs and the region of your inquiry.
The companies of the Breuckmann Group include:
- Breuckmann GmbH & Co. KG (Germany)
- PIAD GmbH (Germany)
- Breuckmann Frästechnik GmbH (Germany)
- Odlewy Precyzyjne Sp. z o o. Sp.k. (Poland)
processor
In order to process your data, we also use external service providers to whom we forward your personal data and who process the data only on our behalf under contract. Processors are also contractually obligated, for example, to either delete or return the data upon termination of the assignment.
2. data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section “Notice about the responsible party” in this privacy information.
How do we collect your data?
One of the ways in which your data is collected is by you providing it to us. This may be, for example, data that you enter in a contact form.
Other data is collected automatically or after your consent when you visit the Website by our IT systems. This is mainly technical data (e.g. internet browser, operating system or time of page view). The collection of this data takes place automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure error-free provision of the Website. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time with regard to this and other questions on the subject of data protection.
Hosting
We are hosting the content of our website at the following provider:
Strato
The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin (hereinafter referred to as “Strato”). When you visit our website, Strato records various logfiles, including your IP addresses.
For more information, please consult the Strato Data Privacy Policy: https://www.strato.de/datenschutz/
Strato is used on the basis of Art. 6(1)(f) GDPR. We have a legitimate interest in a depiction of our website that is as reliable as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.
Job processing
We have concluded a contract on order processing (OPC) for the use of the above service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
3. General information and mandatory information
Data protection
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration.
Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.
Storage period
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.
General information on the legal basis for the data processing on this website
If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if special categories of data are processed according to Art. 9 (1) GDPR. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49 (1)(a) GDPR. If you have consented to the storage of cookies or access to information in your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25 (1) TDDDG. This consent can be revoked at any time. If your data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, if your data is required for the fulfillment of a legal obligation, we process it on the basis of Art. 6(1)(c) GDPR. Furthermore, the data processing may be carried out on the basis of our legitimate interest according to Art. 6(1)(f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this data protection information.
Note on data transfer to third countries that are not secure under data protection law and transfer to US companies that are not DPF-certified
Among other things, we use tools from companies based in third countries that are not secure under data protection law, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. We would like to point out that in third countries with insecure data protection laws, no level of data protection comparable to that in the EU can be guaranteed.
We would like to point out that the USA, as a safe third country, generally has a level of data protection comparable to that of the EU. Accordingly, a data transfer to the USA is permitted if the recipient is certified under the “EU-US Data Privacy Framework” (DPF) or has suitable additional guarantees. Information on transfers to third countries, including data recipients, can be found in this privacy information.
Recipients of personal data
As part of our business activities, we cooperate with various external entities. In some cases, this also requires the transfer of personal data to these external entities. We only pass on personal data to external entities if this is necessary as part of the performance of a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in passing on the data in accordance with Art. 6 (1) lit. f GDPR or if another legal basis permits the passing on of the data. When using third-party processors, we disclose personal data of our customers only on the basis of a valid contract on commissioned processing. In case of joint processing, a contract on joint processing shall be concluded.
Revoking your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke an already given consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)
IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR)
IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. . IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).
Right to log a complaint with the competent supervisory agency
In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.
Information about, rectification and eradication of data
Within the scope of the applicable statutory provisions, you have the right to demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data at any time. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time.
Right to demand processing restrictions
You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:
- In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
- If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data instead of demanding the eradication of this data.
- If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
- If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
4. Data collection on this website
Cookies
Our websites and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
Cookies can be issued by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling payment services)
Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of these cookies (e.g., the shopping cart function or the display of videos). Other cookies may be used to analyze user behavior or for promotional purposes
Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The operator of the website has a legitimate interest in the storage of required cookies to ensure the technically error-free and optimized provision of the operator’s services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time.
You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete-function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.
Which cookies and services are used on this website can be found in this privacy policy.
Consent with Borlabs Cookie
Our website uses the Borlabs consent technology to obtain your consent to the storage of certain cookies in your browser or for the use of certain technologies and for their data privacy protection compliant documentation. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).
Whenever you visit our website, a Borlabs cookie will be stored in your browser, which archives any declarations or revocations of consent you have entered. These data are not shared with the provider of the Borlabs technology.
The recorded data shall remain archived until you ask us to eradicate them, delete the Borlabs cookie on your own or the purpose of storing the data no longer exists. Mandatory statutory retention periods remain unaffected. To review the details of Borlabs’ data processing policies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie
We use the Borlabs cookie consent technology to obtain the declarations of consent mandated by law for the use of cookies. The legal basis for the use of such cookies is Art. 6(1)(c) GDPR. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
Server log files
The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. These are:
- Browsertype und Browserversion
- Operating system in use
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP-Address
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website.
Contact form
If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agreement (Art. 6(1)(a) GDPR) if this has been requested; the consent can be revoked at any time.
The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data or if the purpose for which the information is being archived no longer exists (e.g., after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions, in particular retention periods.
Request by e-mail, telephone, or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not share this information without your consent.
These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agreement (Art. 6(1)(a) GDPR) if this has been requested; the consent can be revoked at any time.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
5. Plugins und Tools
YouTube with expanded data protection integration
Our website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland
We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google Marketing Network.
As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.
Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.
Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control
The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.
For more information about privacy at YouTube, please see their privacy information at: https://policies.google.com/privacy?hl=de.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the U.S. that is intended to ensure compliance with European data protection standards for data processing in the U.S.. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
Google Fonts (local hosting)
This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place to load the fonts.
For more information about Google Fonts, see https://developers.google.com/fonts/faq and Google’s privacy information: https://policies.google.com/privacy?hl=de.
Google Maps
This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. In case Google Maps has been activated, Google has the option to use Google Fonts for the purpose of the uniform depiction of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places indicated by us on the website. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
More information on the handling of user data can be found in Google’s privacy information: https://policies.google.com/privacy?hl=de.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the U.S. that is intended to ensure compliance with European data protection standards for data processing in the U.S.. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
360 Tour (skytour.net)
On our website we have integrated the service “360° Tour” of cityguide.TV GmbH, Bachstr. 22-24, 45468 Mülheim an der Ruhr.
We would like to point out that cityguide.TV GmbH is in the sense of Art. 4 point. 7 GDPR is its own “responsible party”.
If you call up the link: “360° Tour (External Link)” on our website, you will be redirected to the server of cityguide.TV GmbH. The cityguide.TV GmbH collects and stores information in so-called server log files, which your browser automatically transmits. These are:
- Browsertype und Browserversion
- Operating system in use
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP-Address
Furthermore, cityguide.TV GmbH may store various cookies on your terminal device when you use the website. With the help of these cookies, cityguide.TV GmbH can obtain information about visitors to this website over which we have no control.
The use of the 360° tour is in the interest of an appealing presentation of our company. This is based on a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.
For more information on how cityguide.TV GmbH implements the DSGVO and handles user data, please see the cityguide.TV GmbH privacy policy at: https://www.42motion.de/datenschutz
SalesViewer®
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.
The data stored by SalesViewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
6. Audio and video conferencing
Data processing
Among other things, we use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. When you communicate with us via video or audio conferencing over the Internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.
In doing so, the conference tools collect any data that you provide/enter to use the tools (email address and/or your phone number). Furthermore, the conferencing tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).
Furthermore, the provider of the tool processes all technical data required for the handling of online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.
If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content specifically includes cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards, and other information shared while using the Service.
Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. For further information on data processing by the conference tools, please refer to the data protection information of the respective tools used, which we have listed below this text.
Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Insofar as consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.
Storage period
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
Conference tools used
We use the following conferencing tools:
TeamViewer
We are using TeamViewer. The provider is TeamViewer Germany GmbH, Jahnstr. 30, 73037 Göppingen. For details on data processing, please refer to TeamViewer’s privacy information: https://www.teamviewer.com/de/datenschutzerklaerung/.
Job processing
We have concluded a contract on order processing (OPC) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our Website visitors only according to our instructions and in compliance with the GPDR.
Microsoft Teams
We are using Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For details on data processing, see the Microsoft Teams privacy information: https://privacy.microsoft.com/de-de/privacystatement.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the U.S. that is intended to ensure compliance with European data protection standards for data processing in the U.S.. Every company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active
Job processing
We have concluded a contract on order processing (OPC) for the use of the above service. This is a contract required by data protection law, which ensures that this processes the personal data of our Website visitors only according to our instructions and in compliance with the GPDR.
Handling of applicant data
We offer you the opportunity to apply to us (e.g. by e-mail, post or via online application form). In the following, we inform you about the scope, purpose and use of your personal data collected during the application process. We assure that the collection, processing and use of your data will be in accordance with applicable data protection law and all other legal provisions and that your data will be treated in strict confidence.
Scope and purpose of the data collection
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Art. 6 (1) lit. b GDPR for the purpose of implementing the employment relationship.
Job interviews
As part of the application process, we offer interested parties the opportunity to conduct job interviews via a video conferencing tool. This serves the possibility of contactless interaction as well as the overcoming of geographical distances. The video or audio is not recorded or stored at any time. Applicants are free to turn off the camera function in advance or during the interview. The applicant can refuse the video application interview without giving any reason. In this case, a mutually acceptable alternative is sought.
In the case of the use of a video conferencing tool, the transmission of data to a third country (in particular the USA) cannot be ruled out. The legal basis for the processing is the consent according to. Art. 6 Abs. 1 lit. a GDPR. This consent can be revoked at any time.
Data retention period
If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 para. 1 lit. f GPDR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). Subsequently, the data is deleted and the physical application documents are destroyed. The storage serves in particular evidence purposes in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for continued storage no longer applies.
A longer storage can also take place if you have given a corresponding consent (Art. 6 para. 1 lit. a GDPR) or if legal storage obligations oppose the deletion.
Inclusion in the applicant pool
If we do not make you a job offer, we may be able to include you in our applicant pool. In case of inclusion, all documents and information from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.
Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 para. 1 lit. a GDPR). The submission of the consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.
The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.
As of 01.07.2024