Data protection Data protection
declaration of Contecon Software GmbH

General

The following provisions are intended to provide you with information about the processing of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR). In particular, taking into account the information obligations under Art. 12 to 14 GDPR, as well as to clarify the rights of data subjects under the GDPR under Art. 15 to 22 and Art. 34 GDPR.

Note on the responsible body

Responsible for the processing of your personal data is the

  • Contecon Software GmbH
  • Brückenstr. 2
  • 67551 Worms

Information about us as the responsible body and our contact details can be found in the imprint .

We process your personal data in accordance with the applicable legal data protection requirements for the purposes listed below for each group of data subjects:

Use of service providers

Some of the aforementioned processes or services are carried out by carefully selected and commissioned service providers. We transmit or receive personal data from these service providers solely on the basis of a processing contract. If the seat of a service provider is outside the European Union or the European Economic Area, a transfer to a third country takes place. Data protection agreements that meet the legal requirements are contractually agreed with these service providers to create an appropriate level of data protection and corresponding guarantees are agreed.

Notices of Your Rights

You have the right,

  • to request confirmation from us as to whether personal data relating to you are being processed by us; if this is the case, you have a right to information about this personal data and to the information listed in Art. 15 DSGVO.
  • to demand the release of the data concerning you in the restrictions of Art. 20 GDPR in a common electronic, machine-readable data format. This also includes the release (as far as possible) to another person directly named by you responsible.
  • to request us to correct your data if it is inaccurate, inaccurate and/or incomplete. Correction also includes completion by declarations or notification.
  • to demand from us that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 DSGVO applies. Unfortunately, we are not allowed to delete data that is subject to a statutory retention period. If you no longer want us to contact you by newsletter or in any other way, we will save your relevant contact details on a blocking list.
  • revoke any consent you have given with effect for the future, without you suffering any disadvantages as a result.
  • to require us to restrict processing if one of the conditions listed in Art. 18 GDPR is met.
  • for reasons that arise from your very particular situation, to object at any time to the processing of your personal data. We will then no longer process the personal data unless we can demonstrate compelling reasons worthy of protection that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims (Article 21 GDPR).
  • without prejudice to any other administrative or judicial remedy and to complain if you believe that the processing of your personal data violates the GDPR
    • our data protection officer: datenschutz@contecon.de or by post (see imprint )
    • a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement.

Deletion of your data

Unless otherwise regulated in the more detailed data protection declarations, we delete your personal data when the contractual relationship with you has ended, you have exercised your right to deletion, all mutual claims have been fulfilled and there are no other statutory storage obligations or legal justifications for storage . Commercial law retention periods for financially relevant data are usually up to 10 years. We may also retain data for as long as necessary to protect against claims that may be made against us. These periods can be up to 30 years.

Definition

For the purposes of this general information for employees, the term means:

  1. Personal data - any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more special features that express the physical , physiological, genetic, psychological, economic, cultural or social identity of that natural person. Examples are contact data, communication data, billing data.
  2. Controller - the natural or legal person, public authority, agency or other body that alone or jointly with others decides on the purposes and means of processing personal data; if the purposes and means of this processing are specified by Union law or the law of the Member States, the person responsible or the specific criteria for his naming can be provided for by Union law or the law of the Member States.
  3. Processor - a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
  4. Recipient - a natural or legal person, public authority, agency or other body to which personal data are disclosed, whether a third party or not.
  5. Employees - Employees, including temporary workers in relation to the borrower, employees involved in their vocational training, participants in services for participation in working life and in clarifications of professional suitability or work trials (rehabilitants), in recognized workshops for disabled people Employees, volunteers who perform a service under the Youth Voluntary Service Act or the Federal Volunteer Service Act, persons who are to be regarded as employee-like persons due to their economic independence. These also include those who work from home and those of equal status, federal civil servants, federal judges, soldiers and people doing community service.
  6. Third party - a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct responsibility of the controller or processor, are authorized to process the personal data.
  7. Profiling - any type of automated processing of personal data, which consists in using this personal data to evaluate certain personal aspects relating to a natural person. In particular, to analyze or predict aspects related to work performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or relocation of this natural person.
  8. Restriction of processing - marking stored personal data with the aim of restricting their future processing.

Change to the privacy policy

We reserve the right to change our data protection declaration if necessary and to publish it here. Please check this page regularly. The updated statement will become effective upon publication, subject to applicable law. If we have already collected data about you that is affected by the change and/or is subject to a legal information obligation, we will also inform you about significant changes to our data protection declaration.

Privacy Policy for Website Visitors

Scope of application

This data protection declaration applies to all pages of our online network that link to this declaration. The general information can be found on our data protection main page.

Purpose of Data Collection

The purpose of data collection is to optimize the website, analyze errors, tailor it to your needs, offer contact and, if necessary, sell goods and services.

General information on data processing

In principle, we only collect and use personal data from our users to the extent that this is necessary to provide a functioning website and our content and services or to the extent that you as a user make this available to us through voluntary input. The collection and use of personal data by you as a user takes place regularly only with your consent or to justify and carry out a legal transaction. An exception applies in such cases in which obtaining prior consent is not possible or disproportionate for actual reasons and the processing of the data is permitted by another statutory provision.

Legal bases for the processing of your data:

  • Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
  • Article 6 (1) (b) GDPR serves as the legal basis for the processing of personal data required to fulfill a contract to which the data subject is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures.
  • If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, Article 6 Paragraph 1 Letter f GDPR serves as the legal basis for the processing.

Legitimate interests can be in particular:

  • responding to inquiries;
  • the implementation of direct marketing measures;
  • the provision of services and/or information intended for you;
  • the processing and transfer of personal data for internal or administrative purposes;
  • the operation and administration of our website;
  • technical support for users;
  • the prevention and detection of fraud and crime;
  • protection against payment defaults when obtaining creditworthiness information for inquiries about deliveries and services; and or
  • ensuring network and data security, insofar as these interests are in line with applicable law and with the rights and freedom of the user;
  • the achievement of efficiency gains by bundling services in individual group companies (in particular marketing, IT, procurement)

Categories of Recipients

  • Service providers for website optimization, online marketing service providers and tools, service companies for information and communication technology, companies for software and device maintenance, some of which are described in more detail below
  • social networks and communities
  • internal recipients according to the "need to know" principle

Usage data/server log files

Each time our website is accessed, our systems automatically collect data and information from the computer system of the accessing computer.
The following types of data are collected: Browser type, version used, user's operating system, host name, Internet service provider, user's IP address, date and time of access, websites from which the user's system accessed our website or the the user arrives from our website.
The legal basis for the temporary storage of the data and the log files is Article 6 Paragraph 1 Letter f GDPR with the above-mentioned legitimate interests.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
Storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. Our legitimate interest in data processing also lies in these purposes. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. We also reserve the right to check the files if there is a justified suspicion of illegal use or a specific attack on the site based on specific indications.

Use of cookies

We use cookies. Cookies are data that are stored in the internet browser or by the internet browser on the user's computer system when you visit a website and can be retrieved again. Cookies can contain a characteristic character string that enables the browser to be clearly identified when the website or a service integrated into it is called up again. We use cookies to enable the operation of our website (technically necessary cookies), to make our website more user-friendly (functional cookies), and for marketing and advertising purposes (advertising cookies).
Technical cookies: Some elements of our website require that the accessing browser can be identified even after a page change. The purpose of the use is to enable the website to function in the first place. Examples of technically necessary cookies are providing a shopping cart or registering as a registered user. The processing is therefore based on Article 6 Paragraph 1 lit. b or f GDPR.
Functional cookies: There may be functions that are not absolutely technically necessary for the operation of our website, but make it considerably easier to use, such as adopting language settings or font sizes, remembering search terms, etc.. Processing is also based on Article 6 paragraph 1 lit. b or f GDPR.
Advertising cookies: We also use cookies on some of our websites, which enable an analysis of the surfing behavior of users. In this way z. B.: Search terms entered in search engines, frequency of page views, use of website functions, and information about the operating system and browser, etc. are transmitted. The user data collected in this way is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user. The legal basis for the processing of personal data using cookies for analysis purposes is the existence of the relevant consent of the user - e.g

Content from External Providers

We use active JavaScript content and fonts on our website, which may also come from external providers such as Google. When you visit our website, these providers may receive information about your visit to our website, for example by transmitting your IP address. You can prevent this transmission by installing a JavaScript blocker such as the 'NoScript' browser plugin or by deactivating JavaScript in your browser. However, this can lead to functional restrictions. Some of our websites include content from third parties, such as videos from YouTube, maps from Google Maps, images, text and multimedia files, RSS feeds or other services from other websites. This always requires a transmission of your IP address to the provider of this content. We cannot make any statement about the use of your data by these providers and also have no influence on further processing. In particular, not about whether the data is used for other purposes, such as profiling. Please refer to the relevant data protection notices of the respective third-party providers. You can, among other things, protect yourself against further tracking by tracking pixels from these providers by switching off the acceptance of third-party cookies in your browser settings. The legal basis for the transmission of personal data when third-party providers are involved is if the user has given his or her consent in this regard - e.g

Google Maps

On this website we use the offer of Google Maps. This enables us to show you interactive maps directly on the website and enables you to conveniently use the map function. 

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. Personal data is transmitted to Google (IP address, time of the request, content of the request, amount of data transferred, website from which the request comes, language and version of the browser, information on the operating system). This takes place regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising purposes, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. The legal basis for data processing is Article 6 (1) (a) GDPR. whereby you must contact Google to exercise this. The legal basis for data processing is Article 6 (1) (a) GDPR. whereby you must contact Google to exercise this. The legal basis for data processing is Article 6 (1) (a) GDPR. 

Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the provider's data protection declaration. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy . For the exceptional cases in which personal data is transferred to the USA, standard contractual clauses apply.

Google Ads

We use Google Ads to draw attention to our attractive offers with the help of advertising material (so-called Google Ads) on external websites. In relation to the advertising campaign data, we can determine how successful the individual advertising measures are. We are interested in showing you advertising that is of interest to you, in making our website more interesting for you and in achieving a fair calculation of advertising costs.

These advertising media are delivered by Google via so-called "ad servers". To do this, we use ad server cookies, which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually expire after 30 days and are not intended to identify you personally. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user does not wants to be addressed more) is saved.

These cookies enable Google to recognize your internet browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. Each Ads customer is assigned a different cookie. This means that cookies cannot be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data in the advertising measures mentioned. Google only provides us with statistical evaluations. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material,

Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and are therefore informing you according to our level of knowledge: By integrating Ads Conversion, Google receives the information that you have accessed the relevant part of our website viewed or clicked on one of our advertisements. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out and save your IP address.

You can prevent participation in this tracking process in a number of ways:

  • a) by setting your browser software accordingly, in particular the suppression of third-party cookies means that you will not receive any advertisements from third-party providers;
  • b) by deactivating cookies for conversion tracking by setting your browser so that cookies from the domain "www.googleadservices.com" are blocked, https://adssettings.google.com/ , whereby this setting deleted when you delete your cookies;
  • c) by deactivating the interest-based ads of the providers who are part of the self-regulatory campaign "About Ads" via the link https://www.aboutads.info/choices , whereby this setting will be deleted if you delete your cookies;
  • d) by permanent deactivation in your browsers Firefox, Internet Explorer or Google Chrome under the link https://www.google.com/settings/ads/plugin . We would like to point out that in this case you may not be able to use all the functions of this offer to their full extent.

The legal basis for processing your data is Article 6 (1) (a) GDPR. Further information on data protection at Google can be found here: https://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html . Alternatively, you can visit the Network Advertising Initiative (NAI) website at https://www.networkadvertising.org . For the exceptional cases in which personal data is transferred to the USA, standard contractual clauses apply.

Privacy Policy for Social Media Presences

Facebook Fanpage

We operate one or more company websites ("fan pages") on the professional social media network Facebook, in particular for self-portrayal, for branding, but also for the purpose of customer communication and recruiting.

According to the judgment of the European Court of Justice (ECJ) of June 5th, 2018, Az. C-210/16, the operator of social media pages is at least jointly responsible for data processing, at least in the case of Facebook fan pages, within the meaning of Art. 26 DSGVO. Although Facebook offers such a declaration at https://www.facebook.com/legal/terms/page_controller_addendum , we do not know whether it now meets the requirements of the GDPR.

We only process your data - apart from the additional procedures below - if you contact us via the platform. In this case, Facebook collects your data and makes it available to us. Under certain circumstances, storage and further processing by us may also take place. The processing of your personal data in the event of an inquiry or application is based on our other relevant data protection declarations.

Depending on the case, the legal basis for the processing of personal data is processing to initiate and execute a contract with you in accordance with Article 6 (1) (b) GDPR or on the basis of our legitimate interest in communicating with users and our external representation for the purpose of Advertising in accordance with Article 6 (1) (f) GDPR.
If you have given the social network provider your consent to the data processing described above with effect for us, the legal basis is Article 6 (1) (a) GDPR.

Furthermore, we may collect data from visitors to our company website if the display as a visitor can be defined as processing. We do not store this data - subject to the further procedures listed below - but not on our own systems, nor are they systematically processed further through occasional acknowledgment.
For these processing steps, our information regarding the responsible body, the data protection officer and the declaration of your rights as the data subject apply.

We would like to point out that for any further processing on our fan pages, the data protection declaration of Meta Platforms, Inc. (1601 Willow Road Menlo Park, CA 94025 United States) or Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is applicable.

The data transfer to third countries is based on the use of standard contractual clauses according to the European Commission: https://de-de.facebook.com/help/566994660333381 . Further, detailed information on data processing by Facebook and the corresponding objection options can be found at https://www.facebook.com/about/privacy/ and at https://www.facebook.com/legal/terms/dataprocessing. Facebook is the provider of this service and is the only one authorized to provide complete information on data processing on Facebook.
We would like to point out that the assertion of data subject rights and requests for information are best addressed to Facebook. Only Facebook has access to your data and can take immediate action to delete or restrict the data, etc., or to provide information. Of course, we will support you in asserting your rights if necessary. Opt-out options can be found at: https://www.facebook.com/settings?tab=ads and https://www.youronlinechoices.com .

Additional information Facebook Insight

We use the "Facebook Insight" analysis function on our fan pages. The function serves the purpose of advertising and market research in order to provide you with more relevant content and to develop new functions that are of interest to you.
Facebook uses cookies that enable an analysis of your visits to the fan page. The information generated by the cookies about your use of the fan pages is usually transmitted to Facebook servers in the USA and stored there. When transferring data to third countries, Facebook relies on standard contractual clauses from the European Commission and thus undertakes to comply with European data protection rules: https://de-de.facebook.com/help/566994660333381 .

The processing takes place on the basis of Article 6 Paragraph 1 Letter f) GDPR from the legitimate interest in targeted advertising and targeted design of the fan pages. If you have given the social network provider your consent to the data processing described above with effect for us, the legal basis is Article 6 (1) (a) GDPR.
You can find more information on the terms of use and data protection at https://www.facebook.com/about/privacy/ . Detailed information on the respective processing and the possibility of objection can be found at https://www.facebook.com/legal/terms/page_controller_addendum and https://www.facebook.com/settings?tab=ads orhttps://www.youronlinechoices.com/ .

Data protection declaration for the Twitter channel

We operate one or more company websites on the professional social media network Twitter, in particular for self-portrayal, but also for recruiting.

According to the judgment of the European Court of Justice (ECJ) of June 5th, 2018, Az. C-210/16, the operator of social media pages is at least jointly responsible for data processing, at least in the case of Facebook fan pages, within the meaning of Art. 26 DSGVO.
We suspect an analogous applicability of this decision to other social networks, including Twitter. So far, we are not aware that Twitter offers an agreement that meets the requirements of Art. 26.

We would like to point out that you use the Twitter short message service offered here and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. sharing, rating). We only process your data if you contact us via the Twitter platform. In this case, Twitter collects your data and makes it available to us. Under certain circumstances, storage and further processing by us may also take place. The processing of your personal data in the case of an application is based on our applicant data protection declaration.

We process your data to the extent that we may re-tweet or reply to your tweets or compose tweets that refer to your account. Data freely published and distributed by you on Twitter is included by us and made accessible to third parties.

Depending on the case, the legal basis for the processing of personal data is processing to initiate and execute a contract with you in accordance with Art Based on our legitimate interest in communicating with users and our external representation for the purpose of advertising in accordance with Article 6 (1) sentence 1 lit. f) GDPR. If you have given the social network provider your consent to the data processing described above with effect for us, the legal basis is Art. 6 (1) (a) GDPR.

We process your data to the extent that we may re-tweet or reply to your tweets or compose tweets that refer to your account. Data freely published and distributed by you on Twitter is included by us and made accessible to third parties.

Depending on the case, the legal basis for the processing of personal data is processing to initiate and execute a contract with you in accordance with Art Based on our legitimate interest in communicating with users and our external representation for the purpose of advertising in accordance with Article 6 (1) sentence 1 lit. f) GDPR.
If you have given the social network provider your consent to the data processing described above with effect for us, the legal basis is Art. 6 (1) (a) GDPR.

Under certain circumstances, storage and further processing by us may also take place. The processing of your personal data is then based on one of our other data protection declarations, depending on which group of data subjects you belong to.
We may also collect data from the "likers" and commenters on our channel where the mere viewing can be defined as processing. However, we do not store this data on our own systems, nor is it systematically processed further through occasional acknowledgment. For these processing steps, our information regarding the responsible body, the data protection officer and the declaration of your rights as the data subject apply.

We would like to point out that the data protection declaration of Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) applies to any further processing on or via our Twitter channel.
Responsible is probably the Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.
We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties. We do not have any effective control options in this regard.
Standard contractual clauses serve as a guarantee for the transfer of personal data to third countries. A transfer impact analysis carried out on the basis of the Schrems II judgment of the ECJ did not reveal any increased risk potential.
Further information on the processing of personal data can be found here:

  • https://support.twitter.com/articles/105576#
  • https://help.twitter.com/de/search?q=datenschutz
  • https://support.twitter.com/articles/20172711# (possibility to view your data)
  • https://twitter.com/your_twitter_data (analysis of your Twitter data)
  • https://twitter.com/personalization (personalization options and opt-out)
  • https://support.twitter.com/forms/privacy (data processing information)
  • https://support.twitter.com/articles/20170320#

    • We would like to point out that the assertion of data subject rights and requests for information is best addressed to Twitter Inc. itself. Only Twitter has access to your data and can take immediate action to delete the data, restrict it, etc., or to provide information. Of course, we will support you in asserting your rights if necessary.

    Data protection declaration for the YouTube channel

    We operate one or more company websites on the Google Inc. social media network YouTube, in particular for self-portrayal, but also for recruiting.

    According to the judgment of the European Court of Justice (ECJ) of June 5th, 2018, Az. C-210/16, the operator of social media pages is at least jointly responsible for data processing, at least in the case of Facebook fan pages, within the meaning of Art. 26 DSGVO. We suspect an analogous applicability of this decision to other social networks, including YouTube. So far, we are not aware that YouTube offers an agreement that meets the requirements of Art. 26.

    We would like to point out that you use the YouTube channel offered here and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. sharing, liking, disliking, commenting).

    We only process your data if you contact us via the YouTube platform. In this case, YouTube collects your data and makes it available to us. Under certain circumstances, storage and further processing by us may also take place. The processing of your personal data is then based on one of our other data protection declarations, depending on which group of data subjects you belong to. Furthermore, we may collect data from visitors to our company website if the display as a visitor can be defined as processing. However, we do not store this data on our own systems, nor is it systematically processed further through occasional acknowledgment.

    Depending on the case, the legal basis for the processing of personal data is processing to initiate and execute a contract with you in accordance with Article 6 Paragraph 1 Letter b) GDPR (e.g. for questions about products or services) or on the basis of our legitimate interest of communication with users and our external presentation for the purpose of advertising in accordance with Article 6 (1) (f) GDPR. If you have given the social network provider your consent to the data processing described above with effect for us, the legal basis is Article 6 (1) (a) GDPR.

    For these processing steps, our information regarding the responsible body, the data protection officer and the declaration of your rights as the data subject apply.

    We would like to point out that for any further processing on our YouTube channel, the data protection declaration of Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 or alternatively the Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA is applicable. We have no lasting knowledge and no influence on the type and scope of the data processed by Google, the type of processing and use or the transfer of this data to third parties. We do not have any effective control options in this regard. Further information on the processing of personal data by YouTube can be found here:

    User conditions: https://www.google.com/analytics/terms
    Data protection declaration: https://www.google.de/intl/de/policies/privacy .
    In cases where personal data is transferred to the USA, standard contractual clauses apply. A transfer impact analysis carried out on the basis of the Schrems II judgment of the ECJ did not reveal any increased risk potential.

    Analysis and Tracking Services

    1&1 IONOS Web Analytics

    This website uses the analysis tool 1&1 WebAnalytics, a web analysis service of 1&1 IONOS SE. In WebAnalytics, data is collected exclusively for statistical evaluation and technical optimization of the website. The data is processed completely anonymously. Tracking and logging are enabled by default. The data is determined either by a pixel or by a log file. To protect personal data, WebAnalytics does not use cookies and the IP address is anonymized directly when it is collected. 

    The data is stored for 8 weeks. No data will be passed on to third parties and there will also be no transfer to third countries. The data is collected out of legitimate interest in order to ensure the security and stability of the offer and to be able to provide website visitors with the highest level of quality.

    Contact form and email contact

    There is a contact form on our website which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved. This data is: name, address, e-mail address, telephone number, etc. Not all of this has to be mandatory. At the time the message is sent, the following data is also stored: IP address, date and time. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
    Alternatively, you can contact us via the email address provided. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
    The legal basis for processing is:

    • For receiving the data on the basis of sending the contact form as consent in accordance with Article 6 Paragraph 1 Letter a in conjunction with Article 5 (expected processing) GDPR or alternatively on the basis of the legitimate interest in answering your contact request in accordance with Article 6 Paragraph 1 lit. f GDPR.
    • For the processing of data transmitted in the course of sending an e-mail, Art. 6 (1) lit. f GDPR with the above-mentioned legitimate interests.
    • If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.

    The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended and there is no reason for further storage. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified. Commercial and tax law retention periods may apply.
    The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

    Newsletter

    On our website you have the option of subscribing to a free newsletter with advertising content. Our newsletters contain information about our range of services, promotions, events, sweepstakes, job offers, contributions/articles. However, messages without advertising information that are sent as part of our contractual or other business relationship do not belong to newsletters. This includes, for example, sending service emails with technical information and queries about orders, events, competition notifications or similar messages. When registering for the newsletter, the data from the input mask is transmitted to us. In addition, the IP address of the calling computer and the time of the call are collected. Your consent will be obtained for the processing of the data as part of the registration process and reference will be made to this data protection declaration. If you purchase goods on our website via our online shop and enter your e-mail address, we reserve the right to send you newsletters with direct advertising for our own similar goods. There is no transfer of data to third parties in connection with data processing for sending newsletters. The data will only be used to send the newsletter. The legal basis for processing the data after the user has registered for the newsletter is Article 6(1)(a) GDPR if the user has given their consent, and for sending the newsletter as a result of the sale of goods in accordance with Section 7(3) UWG or Article 6 paragraph 1 letter f.
    The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the email address used. The subscription to the newsletter can be canceled by the user concerned at any time. For this purpose, there is a corresponding link in every newsletter. This also accepts a revocation of the consent for the newsletter dispatch.
    A statistical evaluation of the reading behavior only takes place to the extent that it can be determined whether the recipients have opened the newsletter and clicked on the links. This is a function that we only use to check user activities and make optimizations accordingly. For this purpose, the newsletter contains a so-called "web beacon", a pixel-sized file that is retrieved from our server when the newsletter is opened. This web beacon can be personalized so that personal data is collected. Clicks are tracked via personalized links on the respective website. If personalized data is collected, the legal basis is Article 6 (1) (a) GDPR.

    Data collection during registration and registered use

    Some of our websites require or offer registration. The data collected in this way is used for the purposes of using the respective websites and services, unless otherwise described and explicitly consented to during registration. The data collected result from the input mask during registration, the processing is based on Article 6 Paragraph 1 Letter b GDPR. All other data that you can store later to complete your profile is optional and voluntary and based on the legal basis of Article 6 Paragraph 1 Letter a GDPR. After registration, we may inform you about relevant circumstances related to our offer for which you have registered, using the email address provided. 

    Data in User Generated Content

    If you write comments or contributions, upload files to our server, publish images or use other services, your IP address and – if you are logged in – your user data will be stored for our security. Due to the multitude of illegal content that is posted on the Internet every day, we reserve the right to use this information for defense in legal disputes or for criminal prosecution, ie also to pass it on to opponents, law enforcement authorities and courts. The legal basis for the content provided is Art. 6 Para. 1 lit a and/or b GDPR, for all other data recorded in the process Art. 6 Para. 1 lit f GDPR.

    Comment subscriptions

    On some of our websites you can subscribe to follow-up comments. If you are not registered, you will receive a confirmation email as part of a so-called double opt-in procedure to check whether you are the legal owner of the specified mailbox. You can unsubscribe from the notification at any time. Notes on this are included in each of the emails. Registered users do not have to go through the double opt-in procedure, as this takes place during registration. The legal basis for sending the newsletter applies.

    Credit reports

    Furthermore, in the case of orders or commissions, we reserve the right to pass on personal data to third parties for creditworthiness checks, provided this is necessary to protect our legitimate interests. Only the data required to calculate the credit rating using a mathematical-statistical process by the credit agency is transmitted. We need creditworthiness information in order to be able to decide on the establishment and implementation of a contractual relationship while safeguarding our legitimate interests.

    Data transmission via the Internet

    Data transmission over the Internet is generally associated with certain risks. A special encryption of the data is not carried out, in particular messages from the contact form on our website and messages in the service chat are transmitted unencrypted. Please keep this in mind when submitting data. If you would like to communicate with us via encrypted e-mail, this is possible via SMIME encryption. Please let us know that you would like encryption, as we regularly send unencrypted emails due to the current low level of market penetration of email encryption processes.

    Data sharing

    If you provide us with personal data, these will only be passed on to third parties if this is necessary for the execution of the contractual relationship or if another legal reason legitimizes this transfer. However, we provide certain services with the cooperation of service providers. We have carefully selected these service providers and taken appropriate measures to protect your personal data.

    Retention periods

    The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

    Data protection declaration for customers (incl. interested parties)

    Information on data processing

    As a customer and as an interested party or other data subject, we process your personal data primarily to establish and fulfill a contractual relationship concluded with you or on the basis of a legitimate interest. Your data will be collected, stored and, if necessary, passed on by us to the extent necessary to provide the contractually agreed service, to provide information, to carry out direct marketing activities or other activities of our business operations. Failure to provide it may result in the contract not being able to be concluded. In addition, we only process your data if you have consented to the processing or if there is another legal permission.

    Purposes of data processing

    We process your personal data to achieve the following purposes in connection with the initiation and implementation of a contractual relationship or other activities in the interest of the company:

    • contract processing (including shipping, after-sales, complaints management)
    • communicating with business partners about products, services and projects and answering inquiries, customer service
    • advertising for existing customers, use as a selection criterion for direct marketing in order to be able to offer you a service that is tailored to you
    • the credit check
    • the management of our customer and supplier relationships, dealer support
    • the quality management
    • the improvement and development of intelligent and innovative services
    • customer analysis for market and opinion research
    • the handling of our logistics/our materials management
    • reporting about our company
    • compliance with legal or contractual requirements
    • resolving disputes, enforcing contracts and establishing, defending and exercising legal claims, detecting and prosecuting fraudulent and other illegal activities

    In addition, we only process your data with your express declaration of consent.

    Types of data processed by us

    The following personal data are processed:

    • Contact details; name, address, telephone number;
    • identification/payment data; Account number, VAT ID no.
    • order data; Quantity, turnover, intervals
    • spatial data; Addresses, delivery conditions
    • Image data: Photos and video recordings as part of company events and trade fair appearances
    • Other data; Other required information related to the business relationship or provided voluntarily, as well as from publicly available sources

    Categories of Recipients

    The personal data will be transmitted to group companies, supervisory authorities, legal service providers/auditors as necessary. If we are subject to a legal obligation to do so, we will provide your data to the competent authority upon request.
    In some cases, we use external service providers based in the European Economic Area to process your data.
    These service providers have been carefully selected by us, commissioned in writing and are bound by our instructions. Our service providers are regularly checked by us. The service providers will not pass this data on to third parties, but will delete it after the contract has been fulfilled and the statutory storage periods have expired, unless you have consented to further storage.
    These are, for example:

    • Bank, payment service provider
    • logistics company
    • craft shops
    • IT service provider
    • Marketing Service Provider
    • etc.

    In the case of orders on account, we reserve the right to carry out an assessment of the credit risk on the basis of mathematical-statistical processes (scoring). For this purpose, your data, which is necessary for the credit check, is transferred to a credit agency (e.g. Schufa, Creditreform, Bürgel, Atradius, Coface). If the credit check is positive, an order on account is possible. If the credit check is negative, we cannot offer you payment on account. You can object to the transmission of this data to the credit agency at any time, but it is then no longer possible to order on account.

    Legal bases of processing

    The legal bases for the processing of your data are in particular:

    1. Article 6 paragraph 1 letter a) on the basis of your consent, whereby no consent is required for the conclusion of a contract or the continuation of an existing contract
    2. Article 6 paragraph 1 letter b) for the establishment, implementation and termination of a contractual relationship
    3. Article 6 paragraph 1 letter c) to fulfill a legal obligation
    4. Article 6 paragraph 1 letter f) to safeguard a legitimate interest

    Legitimate Interests

    Our legitimate interests lie in the achievement of the above purposes and beyond, for example in:

    • Pursuing our business interests, including direct marketing and credit checks
    • The raising of efficiency and effectiveness potentials, also in cooperation with partners and possibly affiliated companies
    • Ensuring compliance with safety regulations, regulations, industry standards and contractual obligations
    • The establishment, exercise or defense of legal claims
    • The avoidance of damage and/or liability of the company through appropriate measures
    • The implementation of information and communication measures, including advertising
    • The reporting of company information

    Data Collected by Third Parties

    We may be provided with data from third parties, for example as part of recommendations. In this case, it is usually contact data in connection with data on specific product or service needs.
    If necessary, we collect data from credit agencies with regard to credit ratings and/or negative characteristics.

    Storage duration

    After the respective purpose has been achieved, your data will be deleted in compliance with the statutory retention periods.

    Privacy Policy for Applicants

    If you apply for a position in our company, we process and store your personal data. We take your privacy very seriously and would therefore like to take this opportunity to inform you about how your applicant data is handled.

    Purpose of Data Collection

    Before you join our company or during the application process, we process your personal data exclusively for the purpose of establishing a contractual relationship to the extent required.

    Types of data processed by us

    The following types of personal data are processed regularly:

    • applicant data ; Name, date of birth, curriculum vitae, nationality/work permit, etc. for the selection and recruitment process, entry and exit management,
    • private contact details ; Address, phone number, email (for contact purposes)
    • Data in the context of personnel screening ; e.g. police clearance certificate, reliability check (ZUP)
    • Possibly data subject to professional secrecy ; eg data on health suitability and any limitations
    • other data in personnel administration ; Severe disability (if relevant), driver's license holder

    We do not require any information from you that is not usable under the General Equal Treatment Act (AGG) (race, ethnic origin, gender, pregnancy, information on physical or mental illness, membership in a trade union, religion or belief, disability, age, sexual identity or sex life), unless relevant to the advertised position.
    We ask that you do not transmit such data to us. The same applies to content that is likely to infringe the rights of third parties (e.g. copyrights, ancillary copyrights or other intellectual property rights, personal rights, press law or general third-party rights).

    Legal bases of processing

    • to establish, implement and terminate a contractual relationship in accordance with Art. 6 Para. 1 lit.
    • to fulfill a legal obligation under Article 6 (1) (c) GDPR,
    • in the case of processing to safeguard a legitimate interest pursuant to Article 6 (1) (f) GDPR,
    • and on the basis of your consent through the voluntary provision of data that is not absolutely necessary for the purpose, such as hobbies in your CV. However, this is generally not necessary for the conclusion of a contract or the continuation of an existing contract. The legal basis is Article 6 (1) (a) GDPR.

    Our legitimate interests lie, for example, in

    • the optimization of the application processes,
    • Achieving efficiency gains by bundling services in individual group companies (especially human resources, IT),
    • ensuring compliance with safety regulations, regulations, industry standards and contractual obligations,
    • the assertion, exercise or defense of legal claims,
    • the avoidance of damage and/or liability of the company through appropriate measures.

    Categories of Recipients

    • Internal recipients according to the "need to know" principle,
    • Companies affiliated under company law (group companies) as joint controllers: The essential contents of the regulation of the tasks in relation to the rights of data subjects can be requested at the contact address provided, but according to Art. 26 Para. 3 DSGVO these rights can be claimed by data subjects from all companies involved .

    Deletion periods

    After the respective purpose has been achieved, your data will be deleted. However, data will be retained for as long as is necessary to defend legal claims. The storage period is usually 6 months. If your profile was sent to us by a personnel service provider and if there are commission claims from this service provider, the storage period can be until they are fulfilled or become statute-barred. If accounting-relevant processing has been carried out, such as the reimbursement of travel expenses, the data required for this will be deleted in compliance with the statutory retention periods, usually 6 or 10 years. If the application was successful and we conclude a contract with you, we will transfer the data collected during the application process to our personnel file.

    Privacy Policy for Employees

    Information on data processing

    We would like to inform our employees about how we handle their personal data within the scope of the employment relationship.

    Purpose of Data Collection

    During the period of your employment, your personal data will be processed mainly for the implementation and/or termination of the contractual relationship, including the tasks associated with the respective activity. Other purposes may lie in the processing for the purpose of complying with legal regulations (including third-party information claims) or in measures for corporate development or communication.

    Types of data processed by us

    As part of your employment relationship, we process the following personal data :

    • applicant data ; Name, date of birth, curriculum vitae, certificates, certificate of enrollment for students, work permit if applicable, driver's license for the entry process;
    • private contact details ; address, phone number, email;
    • official contact details ; e.g. telephone numbers, e-mail, place of work, job title;
    • image data ; Photo for identification and recordings within the framework of company events;
    • identification/payment data ; Identity card data or work permit to identify and determine the legitimacy of employment, place of birth, marital status, if you are a parent, proof of birth certificate(s) of the child(ren), tax identification number, health insurance membership, social security number (copy of social security card or letter from the pension insurance agency), wage tax class , allowances, denomination for church tax, account number, any garnishment of wages (for the purpose of payroll accounting and fulfillment of social security, tax and other legal obligations);
    • health data ; Absence/incapacity for work, e.g. as part of payroll accounting, for billing with health insurance companies or professional associations or as part of the legal obligations as an employer such as company integration management or the fulfillment of obligations in the protection of severely disabled people or as part of company self-control such as occupational safety or company medical examinations;
    • time recording, access and usage data ; Vacation times, working time accounts, shift schedules, if applicable, closing times or access logs, time logs relating to the activities carried out, closing times or access logs, including electronic logs as part of the use of our IT infrastructure, etc.;
    • Data in the context of personnel screening ; if within the scope of the information management system: e.g. police clearance certificate;
    • suitability and performance/behaviour control data ; Training and further education information, data for the purpose of measuring target achievement, e.g. for variable remuneration, data on incidents relevant to employment law; data on traffic violations (“tickets”);
    • other data in personnel administration : secondary employment, data in the context of company health care and company health management, occupational safety, if necessary a copy of the severely handicapped ID, if necessary a copy of the driver's license, any employee surveys;

    Categories of Recipients

    We send your personal data to the following recipients, e.g. to comply with legal obligations or obligations arising from the employment relationship:

    • Banking service providers, financial service providers, possibly service providers for calculating pension provisions,
    • Service providers for accounting of wages - tax consultants, auditors, service companies for information and communication technology, companies for software and equipment maintenance, service providers only for restructuring in the personnel area,
    • Health, social, pension and accident insurance providers as well as other insurance companies and providers of capital-forming benefits,
    • Authorities such as tax authorities, social security funds, employment agencies, possibly safety, health, road traffic or related fine offices, customs authorities or monitoring bodies for undeclared work and minimum wage; other authorities,
    • Medical Services,
    • Companies affiliated under company law (group companies) and responsible persons with joint responsibility: the essential contents of the regulation of the tasks in relation to the rights of data subjects can be requested at the contact address provided, but according to Art. 26 Para. 3 DSGVO these rights can be exercised by data subjects at all companies involved be claimed
    • Third-party debtor in the case of seizure of wages, insolvency administrator in the case of personal bankruptcy
    • Business partners and customers (official contact details), temporary work agencies

    Legal bases of processing

    When processing your personal data, we naturally comply with applicable law. Processing is therefore only carried out on a legal basis. The following legal bases are particularly relevant in the employment relationship:

    1. § 26 BDSG (version from May 25th, 2018) as far as necessary to carry out the employment relationship or to clarify a concrete suspicion of criminal offenses
    2. Article 6 paragraph 1 lit. a) on the basis of your consent, whereby no consent is required for the conclusion of a contract or the continuation of an existing contract,
    3. Art. 6 para. 1 lit.b) for the establishment, implementation and termination of a contractual relationship,
    4. Art. 6 para. 1 lit.c) to fulfill a legal obligation,
    5. Article 6 paragraph 1 letter f) to safeguard a legitimate interest
    6. Art. 88 GDPR based on collective agreements (company agreements)

    Legitimate Interests

    If we process your data within the scope of our legitimate interest, this lies, for example, in:

    • the implementation of electronic access controls,
    • the optimization of personnel planning,
    • the achievement of efficiency gains by bundling services in individual group companies (in particular human resources, IT, procurement)
    • ensuring compliance with safety regulations, regulations, industry standards and contractual obligations,
    • the assertion, exercise or defense of legal claims, including data for the documentation of service flows
    • the avoidance of damage and/or liability of the company through appropriate measures.
    • the implementation of internal information and communication measures.
    • the reporting of company information.

    You have the right to object to the processing of personal data within the scope of a legitimate interest for reasons that arise from your particular situation. We will then no longer process your data unless we can demonstrate compelling reasons worthy of protection that outweigh your rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
    We do not use the personal information you provide to make automated decisions about you.

    Data Collected by Third Parties

    Using the ELSTAM process, we collect data for payroll accounting, which the tax authorities make available to us for correct accounting. This applies in particular to the payroll data mentioned below. From 2021, due to the introduction of the electronic certificate of incapacity for work, we will be obliged to call up the AU data (ie the start and duration of the incapacity for work and the end date of continued payment of wages in the event of illness) from your health insurance company on the basis of a sick note from you.
    Note: The general information can be found on our data protection main page.

    Storage duration

    After the respective purpose has been achieved, your data will be deleted in compliance with the statutory retention periods, usually 6 or 10 years, or 30 years and longer for various data categories such as occupational pension schemes.