Information on data protection for our website
Artur Küpper GmbH & Co. KG (hereinafter referred to as "Artur Küpper" or "we"), data protection-compliant
handling and security in the context of the processing of your personal data is an important
concern. With this data protection information, we would like to inform you about how we handle
personal data in general and in particular.
Resources
Data protection information for customers, interested parties and business partners.pdf
Data protection information for suppliers and service providers.pdf
1 Responsibilities
1.1 Responsible within the meaning of data protection law
The controller within the meaning of data protection law is the natural or legal person who - alone or in
with others - determines the purposes and means of the processing of personal data.
determines.
The controller within the meaning of data protection law is:
Artur Küpper GmbH & Co. KG
Wülfrather Street 32 - 52
42553 Velbert
Telephone: +49 (2053) 497 - 0
E-mail: info@kuepper.eu
1.2 Our data protection officer
We have appointed an external data protection officer for our organization, who can be contacted at
the following contact details:
Boris Nicolaj Willm
Resilien[i]T GmbH
Monschauer Street 12
40549 Düsseldorf
Phone: +49 211 695289 92
E-mail: dsb.kuepper@resilienit.de
1.3 Responsible supervisory authority
You can contact the supervisory authority responsible for us at
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestr. 2-4
40213 Düsseldorf
Phone: +49 211 38424-0
Fax: +49 211 38424-999
E-mail: poststelle@ldi.nrw.de
2 General information on data protection
2.1 Which of your data do we process?
Depending on the specific processing situation and necessity, we collect and process different types of personal data.
types of personal data. We provide detailed information on this in this and / or
separate data protection information or as part of the data collection to the respective data subjects.
persons concerned.
2.2 For what purposes do we process your data and on what legal basis?
Depending on the specific processing situation, we collect and process various personal data.
personal data. Processing is always carried out in accordance with the provisions of the
General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) or other
The legal bases relevant to us result from Art. 6 para. 1 as follows:
2.2.1 On the basis of your consent
If you have given us your consent for the specific processing of your personal data, we will process your
we will process your personal data on this basis.
Information on data protection for
our website
Consent may relate, for example, to the transfer of data to partner companies, the
analysis of your data for targeted advertising measures or the sending of newsletters.
Consent is always voluntary. The refusal of consent or its revocation will not have any negative
negative consequences for you.
2.2.2 For the fulfillment of contractual obligations
We process your personal data for the fulfillment of contractual or quasi-contractual obligations
or to establish a contract, for example for existing customer support or to answer questions
answering questions from a prospective customer.
If you apply to us by post or electronically and provide us with personal data, we process this data.
data, we process this data exclusively for the purpose of initiating a future employment relationship.
employment relationship.
2.2.3 Due to legal obligations
Within the scope of our legal obligations, we process your personal data if this is
provided for or required by law. This may include, for example, the disclosure of your
data to government authorities in the context of tax or criminal prosecution proceedings, the
evaluation of your data to comply with regulatory requirements, sanctions list checks or the provision of certain
provision of certain information to statutory bodies.
The processing of your data on this basis is always necessary. The legal obligation to which we are
organization is subject to cannot be affected by any refusal or restriction on your part.
be affected. We assure you that your personal data will be processed in accordance with the law and that it will be fully protected.
their comprehensive protection.
2.2.4 On the basis of legitimate interests
We also process your personal data to protect our legitimate interests, provided that
your interests or fundamental rights and freedoms that require the protection of your personal data do not
require the protection of your personal data.
Subject to a balancing decision to be made in individual cases, we regularly assume that our legitimate interests
outweigh our legitimate interests in the context of the following listed
processing situations listed below:
- to support existing customers;
- to inform you about offers for services and products if we have received your name, e-mail address or postal address from you in connection with the provision of our services
and or the sale of our products; - to process your request after you have contacted us;
- to optimize our processes (e.g. to identify sources of error), offers and services; and
services; - Maintaining a customer database in our group of companies to improve customer service; and
customer service; - In the context of legal prosecution in the event of suspicion or criminal offense;
- to ensure the security, confidentiality and integrity of our IT systems (e.g. through security and
security and effectiveness tests); - to process your data in order to test IT systems and software products and to carry out migrations
migrations. As well as to ensure the functionality of new products and the correctness and
completeness of migrations. - In the event of a security incident affecting your data, we are obliged pursuant to Art. 33 GDPR to
to report this immediately to the competent data protection supervisory authority. In our
legitimate interest in complying with this legal obligation as quickly as possible, it may be
it may be necessary to process your personal data as part of the investigation of the incident.
process. However, no personal data of yours will be included in the reports to the data protection
the data protection supervisory authority; - to carry out internal audits, internal reviews and other control measures (e.g.
reviews by the data protection or information security officer) in order to fulfill legal
comply with legal requirements, ensure transparency in our business processes, continuously monitor these processes and
Information on data protection for
our website
to improve them. In doing so, it may be necessary to process documents or files that contain
receive personal data from you. - for corporate management and compliance with our financial and tax obligations
obligations (e.g. reporting, audits, internal audits, tax consultants, auditors and other
other control measures, e.g. by tax authorities and commissioned auditors); - to maintain a blacklist in order to implement the objection to processing pursuant to Art. 21 GDPR
to be implemented.
2.3 From whom do we receive your data?
In principle, we process your personal data that you yourself have provided or
collected from you. If necessary, we collect personal data from external sources
(see point: To whom do we pass on your data), we may refer you to other sources separately.
sources. Processing only takes place on the basis of a valid legal basis.
2.4 Who do we share your data with?
2.4.1 Companies, agencies and partners of Artur Küpper
As a matter of principle, we only pass on your personal data if this is necessary for the establishment,
execution or termination of a contract or contract-like relationship.
In these cases, data will only be passed on to companies affiliated with us or partners and representatives.
agencies. Partners and agencies are, in particular, independent commercial
sales representatives for the distribution of our goods and services at home and abroad. When you contact us
contact us, for example, we share the information you provide us with the respective
the Artur Küpper company/agency responsible for your region so that they can offer you our products
and services, depending on the needs and regionality of your request.
You can find an overview of our representatives and partners at
https://www.kuepper.eu/unternehmen/kontaktadressen
2.4.2 Processors and third parties
On our instructions, your personal data may be processed by processors,
insofar as their involvement is necessary for processing. In these cases, we ensure that the
your personal data is processed in accordance with the provisions of the GDPR.
Processors in this case are, for example, IT service providers, waste disposal companies, etc. In addition
These processors are also contractually obliged to either delete the data in accordance with the legal requirements when their services end.
to either delete or return the data to us in accordance with the legal requirements.
Your data will only be transmitted and forwarded to external recipients if this is permitted or required by law.
provisions permit or stipulate this.
Your data may be passed on to the following recipients:
- Public bodies and institutions and law enforcement authorities that receive data on the basis of legal
regulations (e.g. tax office, tax auditors, courts, employment agency, customs, etc.); - In the event of a legal dispute or suspicion of a criminal offense (e.g. courts, opposing attorneys,
authorities, contractual partners, consultants, business partners, opposing parties, to the extent necessary to
our rights); - Tax consultants, auditors, auditors, data protection officers,
information security officers or legal advisors; - Payment service providers, to process a payment transaction (e.g. financial institutions, payment services);
- Debt collection service providers or credit agencies, insofar as necessary to exercise our rights;
- IT and other service providers (e.g. for IT maintenance, cloud services, applications,
website support, advertising agency, destruction of files and data carriers, credit checks,
sanction list checks, as well as security and guard services, caterers, call centers); - Printing and logistics companies, telecommunications service providers, delivery services, e-mail providers
of the recipient, data carrier disposal service providers.
2.5 Information on the transfer of data to third countries
In our organization, we use services from providers located in countries outside the European Economic
economic area where there is no level of data protection comparable to that in the EU. With
Information on data protection for
our website
the use of these services, your personal data may be transferred to these countries and processed there.
processing there. We guarantee that this transfer will only take place within the framework of compliance with
Art. 44 et seq. of the General Data Protection Regulation (GDPR) in order to ensure an adequate level of protection for your
data.
2.6 Storage period
Unless an explicit or statutory storage period is specified at the time of collection, your personal data will be
deleted as soon as it is no longer required to fulfill the purpose for which it was stored and no
required to fulfill the purpose of storage and there are no statutory retention obligations or legal justification
for the storage exist.
If you assert a justified request for erasure or revoke your consent to data processing, your data will be
data processing, your data will be deleted unless we have other legally permissible reasons for storing your
reasons for storing your personal data (e.g. retention periods under tax or commercial law).
retention periods); in the latter case, the deletion will take place after these reasons no longer apply.
3 Your rights as a data subject
In accordance with the provisions of data protection law, we would like to inform you of your rights as a data
person. These rights are essential components of data protection and guarantee you
Control over your personal data. It is important to us that you are aware of your rights and
understand how you can assert them to protect your privacy and the integrity of your data.
protected. Below you will find a detailed breakdown of your rights and information on how you can
exercise them if necessary.
3.1 Access, rectification and erasure
You have the right to obtain information about your personal data processed by us. This
includes information about the source of the data, the recipients and the purpose of processing. Furthermore
the right to correction or deletion of this data, if necessary.
3.2 Right to restriction of processing
You have the right to request the restriction of the processing of your personal data.
This right is applicable under the following conditions
- Accuracy of the data: If you dispute the accuracy of your personal data and
verification is required. - Unlawful processing: If the processing is unlawful, but you oppose the erasure of the data and instead
and instead request a restriction of use. - The purpose of processing no longer applies but is required for legal claims: If the data
controller no longer needs the data for the purposes of the processing, but you require them for the establishment
for the establishment, exercise or defense of legal claims. - Objection to processing: If you object to the processing pursuant to Art.
21 para. 1 GDPR and it is still being examined whether the legitimate reasons of the data
controller outweigh your reasons.
During the restriction period, your data, apart from being stored, may only be used with your consent
or for the establishment, exercise or defense of legal claims or for the protection of the rights of another
rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
interest of the Union or of a Member State.
3.3 Right to data portability
You have the right, in accordance with the existing legal provisions, to have your personal data
that you have provided to us in a structured, widely used and machine-readable format.
receive. This right also enables you to have this data transferred directly from one controller to
controller to another, where technically feasible. This applies in cases where the
processing is based on consent or a contract and is carried out by automated means.
3.4 Right to object to data collection in special cases
You have the right to object to the processing of your personal data at any time if this is based on
if this is based on Article 6(1)(f). This provision permits data processing
Information on data protection for
our website
on the basis of the legitimate interests pursued by the controller or by a third party, unless your
interests or fundamental rights and freedoms which require the protection of personal data
prevail.
You have the unrestricted right to object at any time to the processing of your personal data for
personal data for advertising purposes. This includes direct marketing. As soon as you
object, the processing of your data for these purposes will cease. This right is
absolute, and will result in the immediate cessation of the relevant data processing.
Individuals have the right not to be subject to decisions based solely on
automated processing which produces legal effects concerning them or similarly significantly affects them.
significantly affect them in a similar manner.
The right to object also extends to profiling insofar as it is related to direct marketing.
connection with direct marketing.
3.5 Withdrawal of your consent to data processing
You have the right to withdraw processing based on your explicit consent at any time for the future.
revoked. However, this revocation does not affect the legality of the data processing that took place before your revocation.
your revocation took place.
Artur Küpper GmbH & Co. KG
Area: Data protection
Wülfrather Street 32 - 52
42553 Velbert
datenschutz@kuepper.eu
3.6 Right to lodge a complaint
If you are of the opinion that the processing of your personal data violates data protection law
violates data protection law, you have the right under Art. 77 (1) GDPR to lodge a complaint with a data protection supervisory authority
of your own choice. This also includes the supervisory authority responsible for us.
4 Data processing on our website
4.1 General information on the legal basis for data processing on this
website
If you have consented to data processing, we process your personal data on the basis of
on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, insofar as special
categories of data are processed in accordance with Art. 9 para. 1 GDPR. In the event of express consent
to the transfer of personal data to third countries, data processing also takes place on the basis of
on the basis of Art. 49 para. 1 lit. a GDPR. If you consent to the storage of cookies or access to information
information to your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of
data processing is also carried out on the basis of Section 25 (1) TDDDG. Consent can be revoked at any time
revocable at any time. If your data is required to fulfill the contract or to carry out pre-contractual measures
we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore
we process your data if it is necessary for the fulfillment of a legal obligation on the basis of
on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of our
legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. The relevant legal bases in each individual case
legal basis is provided in the following paragraphs of this privacy policy.
4.2 External hosting
We host our website externally. The personal data that is collected on our website is
are stored on the host's servers. This may include IP addresses,
contact requests, meta and communication data, contract data, contact details, names,
website accesses and other data generated via a website.
Our hoster will only process your data to the extent necessary to fulfill its performance obligations and in accordance with our
obligations and follows our instructions with regard to this data.
Hosting and website support is provided by:
Information on data protection for
our website
City PC GmbH
Am Bahnhof 16
64665 Alsbach-Hähnlein
We have concluded an order processing contract (AVV) for the use of the above service with the service provider.
the service provider. This is a contract prescribed by data protection law, which
contract that guarantees that the service provider will only process the personal data of our website visitors in accordance with our
our instructions and in compliance with the GDPR.
4.3 SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, we use SSL or TLS encryption for our
website(s), we use SSL or TLS encryption. You can recognize an encrypted connection by the fact
that the web address begins with "https://" and a lock symbol is displayed in your browser. If
SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
be read by third parties.
4.4 Cookies
Our Internet pages use so-called "cookies". Cookies are small data packets and do not cause
not cause any damage to your end device. They are either stored temporarily for the duration of a session
(session cookies) or permanently (permanent cookies) on your end device. Session cookies
are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device
until you delete them yourself or they are automatically deleted by your web browser.
Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies
third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website
website functions would not work without them (e.g. the shopping cart function or the display of videos).
of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.
be used.
Cookies that are required to carry out the electronic communication process, to provide certain functions
functions requested by you (e.g. for the shopping basket function) or to optimize the website (e.g. cookies to measure web
website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of
Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The
website operator has a legitimate interest in the storage of necessary cookies for the technically
technically error-free and optimized provision of its services. If consent to the
storage of cookies and comparable recognition technologies has been requested, the processing takes place
processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1
TDDDG); consent can be withdrawn at any time.
You can set your browser so that you are informed about the setting of cookies and
allow cookies only in individual cases, accept cookies for certain cases or generally
and activate the automatic deletion of cookies when closing the browser. When
deactivating cookies may limit the functionality of this website.
You can find out which cookies and services are used on this website in this
data protection information.
4.5 Consent tool (Matomo)
To obtain and manage user consent, we use the consent management tool from
Matomo. This ensures that cookies and tracking technologies are only used after you have given your express
consent in accordance with Art. 6 para. 1 lit. a GDPR.
When you enter our website, a cookie is stored in your browser in which the consent you have
consents you have given or the revocation of these consents are stored. This data is
not passed on to the provider of the consent tool.
The data collected will be stored until you ask us to delete it or until you delete the cookie yourself
or the purpose for data storage no longer applies. Mandatory statutory retention periods
Information on data protection for
our website
remain unaffected. Further information on data processing by Matomo can be found at
https://matomo.org/privacy-policy/
Cookie consent technology is used to obtain the legally required consent for the use of cookies.
the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
4.6 Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
- Browser type and browser version
- Operating system used
- referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has
a legitimate interest in the technically error-free presentation and optimization of its website
The server log files must be recorded for this purpose.
4.7 Contact form
If you send us inquiries via the contact form, your details from the enquiry form, including the
form, including the contact details you provide there, for the purpose of processing the request
and stored by us in the event of follow-up questions.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request is
related to the fulfillment of a contract or for the implementation of pre-contractual measures
is required. In all other cases, the processing is based on our legitimate interest in the effective
effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your
consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.
revocable at any time.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your
request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after
e.g. after your request has been processed). Mandatory statutory provisions - in particular
retention periods - remain unaffected.
4.8 Analysis tools
4.8.1 Matomo
This website uses the open source web analysis service Matomo.
With the help of Matomo, we are able to collect and analyze data about the use of our website by website
website visitors and to analyze it. This enables us to find out, among other things, when which
page views were made and from which region they come. We also record various
log files (e.g. IP address, referrer, browser and operating system used) and can measure whether
our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The
website operator has a legitimate interest in the analysis of user behavior in order to optimize both its
optimize both its website and its advertising. If a corresponding consent has been requested
has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1
TDDDG, insofar as the consent allows the storage of cookies or access to information in the
user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent is
revocable at any time.
IP anonymization
We use IP anonymization for the analysis with Matomo. Your IP address is shortened before the analysis
shortened so that it can no longer be clearly assigned to you.
Information on data protection for
our website
Hosting
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.
remain with us and are not passed on.
Opt-out completed; your visits to this website are not recorded by the web analysis tool. Please
note that the Matomo deactivation cookie on this website will also be deleted if you remove the cookies stored in your browser.
cookies stored in your browser. In addition, if you use a different computer
or use a different web browser, you will have to complete the deactivation procedure again.
We offer our website visitors the option of opting out of the analysis procedure on our website.
from the analysis procedure. To do this, you must deactivate the checkbox (opt-out). This will set a
cookie is set on your system, which signals to our system that your data should not be saved.
should not be stored. If you delete the corresponding cookie from your own system in the meantime, you must
set the opt-out cookie again.
You can find more information on the privacy settings of the Matomo software at the following
link: https://matomo.org/docs/privacy/.
5 Data processing as part of the application process
We offer you the opportunity to apply to us via the following channels:
- Our careers page
- by post
In the following, we inform you about the scope, purpose and use of your personal data collected as part of the
personal data collected during the application process. We assure you that the collection,
processing and use of your data in accordance with applicable data protection law and all
other statutory provisions and that your data will be treated in strict confidence.
To ensure a compliant application process, we ask you to always apply via the specified channels.
channels.
5.1 Scope and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact details).
personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.).
interviews etc.) insofar as this is necessary for the decision on the establishment of an employment relationship.
employment relationship is required. The legal basis for this is Art. 6 para. 1 lit. b GDPR
(general contract initiation) in conjunction with Section 26 BDSG under German law (initiation of an employment
employment relationship). If you claim reimbursement of travel expenses, we will process
your associated personal data (e.g. bank details, details of travel expenses claimed, etc.), legal basis
etc.), the legal basis for this is Art. 6 para. 1 lit. c GDPR (fulfillment of legal obligations).
If you have given us your consent - Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time
revocable for the future. Your personal data will only be passed on within our company
only to persons who are involved in the processing of your application.
If you provide links to your profiles in social networks in your application, we reserve the right to
view these as part of the selection process.
If you provide us with information about your previous employers or name a reference person
we may contact them with your express consent (Art. 6 para. 1 lit. a GDPR),
to obtain a recommendation or assessment of your person. This is done on the basis of our
legitimate interest in including such references in the decision-making process (Art. 6 para. 1 lit. f
GDPR).
5.2 Application portals, recruitment agencies and the Federal Employment Agency
In order to recruit employees, we commission recruitment agencies in certain cases or use
application portals to advertise jobs or to approach applicants directly. It depends on the
individual case or the respective channel whether the above-mentioned data is collected directly from you or via the recruitment agency.
Information on data protection for
our website
respective intermediary and/or transmitted to us. In addition, we receive from the
Federal Employment Agency with contact details in accordance with Section 38 (2) SGB III.
5.3 Online application interviews
As part of the application process, we offer interested parties the opportunity to conduct job interviews
via a video conferencing tool. This enables contactless interaction and helps to overcome geographical distances.
overcoming geographical distances. The video or audio material is not recorded or stored at any time.
recorded or stored at any time. Applicants are free to switch off the camera function in advance or during the
the interview. The applicant can refuse the video interview without giving reasons.
reasons. In this case, a mutually acceptable alternative will be sought.
If a video conferencing tool is used, the transfer of data to a third country (in particular the USA) cannot be ruled out.
(in particular the USA) cannot be ruled out. The legal basis for processing is consent
pursuant to Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time or if statutory retention obligations
retention obligations prevent deletion.
5.4 Retention period of the data
If we are unable to make you a job offer, if you reject a job offer or if you withdraw your
withdraw your application, we reserve the right to retain the data you have provided on the basis of our
our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application
application procedure (rejection or withdrawal of the application).
The data will then be deleted and the physical application documents destroyed. The
storage serves in particular as evidence in the event of a legal dispute. If it is evident
that the use of the data will be necessary after the expiry of the 6-month period (e.g. due to an
pending or imminent legal dispute), deletion will only take place when the purpose for the
further storage ceases to apply.
Longer storage may also take place if you have given your consent (Art. 6
para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion.
conflict with this.
6 Data processing in other cases
6.1 Request by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry, including all personal data resulting
personal data (name, request) for the purpose of processing your request.
stored and processed by us.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request is related to
related to the fulfillment of a contract or for the implementation of pre-contractual measures
is required. In all other cases, the processing is based on our legitimate interest in the effective
effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your
consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.
revocable at any time.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your
request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after
e.g. after your request has been processed). Mandatory statutory provisions -
in particular statutory retention periods - remain unaffected.
6.2 Data processing in the context of audio and video conferences
We use online conferencing tools, among other things, to communicate with our customers. The
tools we use are listed below. If you communicate with us via video or audio conference
via the internet, your personal data will be collected and processed by us and the provider of the
and the provider of the respective conferencing tool.
The conferencing tools collect all data that you provide/enter to use the tools (e-mail address and/or your telephone number). The conference tools also process the duration of the
duration of the conference, start and end (time) of participation in the conference, number of participants and other
"context information" in connection with the communication process (metadata).
Information on data protection for
our website
Furthermore, the provider of the tool processes all technical data that is required to process the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs,
device type, operating system type and version, client version, camera type, microphone or loudspeaker as well as
the type of connection.
If content is exchanged, uploaded or made available in any other way within the tool
within the tool, this is also stored on the tool provider's servers. Such content includes
in particular cloud recordings, chat/instant messages, voicemails, uploaded photos and videos,
files, whiteboards and other information shared while using the service.
Please note that we do not have full control over the data processing operations of the tools used.
tools used. Our options depend largely on the company policy of the respective provider.
respective provider. Further information on data processing by the conference tools can be found in the
data protection information of the tools used, which we have listed below this text.
6.2.1 Purpose and legal basis
The conference tools are used to communicate with prospective or existing contractual partners or to offer
or to offer certain services to our customers (Art. 6 para. 1 lit. b
GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of
communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f
GDPR). If consent has been requested, the tools in question are used on the basis of this consent.
on the basis of this consent; consent can be revoked at any time with effect for the future.
6.2.2 Storage duration
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as
systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for
or the purpose for data storage no longer applies. Stored cookies remain on your end device until
you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage period of your data stored by the operators of the conference tools for their own purposes.
purposes, we have no influence. For details, please contact the operators of the conference tools directly.
the operators of the conference tools.
6.2.3 Conference tool used - Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place,
South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found
the data protection information of Microsoft Teams: https://privacy.microsoft.com/de-de/privacystatement.
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The
DPF is an agreement between the European Union and the USA that ensures compliance with
European data protection standards for data processing in the USA. Every company certified under
DPF-certified company undertakes to comply with these data protection standards. Further
information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service.
concluded. This is a contract prescribed by data protection law, which
guarantees that it will only process the personal data of our website visitors in accordance with our
instructions and in compliance with the GDPR.
6.3 Video surveillance at our location(s)
To protect the property of our organization, employees, customers and suppliers as well as to
prevention and investigation of theft and vandalism, checking for material damage, regular functional
functional checks, video surveillance is carried out at our location(s). The storage period is 72
hours. Recordings required for the purpose of preserving evidence are stored for as long as this is
necessary for legal prosecution.
The recordings can be viewed by the service provider (processor) during maintenance of the system.
be viewed.
Information on data protection for
our website
In the context of criminal prosecutions, the data may be forwarded to authorities and or lawyers commissioned by us.
be forwarded.
The legal basis for this processing is Article 6(1)(f) of the European General Data Protection Regulation (overriding legitimate interest). Insofar as special categories of
of personal data are processed, this is done on the basis of Art. 9 para. 2 lit. f) in conjunction with Art. 6
(1) lit. f) GDPR, our interest lies in protecting the property of the company, its customers, suppliers
customers, suppliers and its employees against burglary, theft, vandalism, to safeguard the
householder's rights and to assert claims against third parties.
6.4 Dispatch of product information
If we send you information in the context of pre-contractual measures or an existing business
business relationship, we only process the data that is necessary. These are
- Personal details (first name and surname);
- Name of the company;
- Contact details (telephone number, e-mail address)
6.5 Sending newsletters to existing customers
If you order goods or services from us and enter your e-mail address, we may subsequently use this e-mail address to send you newsletters.
subsequently be used by us to send you newsletters, provided that we inform you of this in advance.
inform you of this in advance. In such a case, the newsletter will only contain direct advertising for our own
similar goods or services. You can unsubscribe from this newsletter at any time.
unsubscribe at any time. There is a corresponding link in every newsletter for this purpose.
In this case, the legal basis for sending the newsletter is Art. 6 para. 1 lit. f GDPR in conjunction
with § 7 para. 3 UWG.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us in a blacklist
to prevent future mailings to you. The data from the blacklist will only be used for this
purpose and will not be merged with other data. This serves both your interest and
as well as our interest in complying with the legal requirements when sending newsletters
(legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time.
not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
outweigh our legitimate interest.
6.6 Christmas and New Year greetings
We may send Christmas and New Year greetings to customers and business partners at the end of the year. In order to
send them to you, your name and address will be collected and processed.
The processing of the data is based on a business purpose in accordance with Art. 6 para. 1 lit. f GDPR. The
controller has a legitimate interest in thanking you for the customer and business relationship
and to promote these.
Your data will not be forwarded to third parties.
If you do not wish to receive greeting cards from us, you can object to receiving them. The
objection without giving reasons, as described in the section Data subject rights, to us.
address to us. Your data will then no longer be used for this purpose.
7 Our social media presence
7.1 Data processing by social networks
We maintain publicly accessible profiles on social networks. The individual social networks used by us
social networks we use are listed below.
Social networks can generally analyze your user behavior comprehensively if you visit their
website or a website with integrated social media content (e.g. like buttons or advertising banners).
visit. Visiting our social media presences triggers numerous data protection-relevant
processing operations are triggered. In detail:
Information on data protection for
our website
- If you are logged in to your social media account and visit our social media presence
the operator of the social media portal can assign this visit to your user account.
to your user account. However, your personal data may also be collected under certain circumstances
even if you are not logged in or do not have an account with the respective social media portal.
have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your
device or by recording your IP address. - With the help of the data collected in this way, the operators of the social media portals can create user profiles
in which your preferences and interests are stored. In this way, they can
interest-based advertising inside and outside the respective social media presence.
be displayed. If you have an account with the respective social network, the interest-based
interest-based advertising can be displayed on all devices on which you are logged in
or were logged in. - Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing
processing operations may be carried out by the operators of the social media portals. Details
can be found in the terms of use and privacy policies of the respective social media portals.
social media portals.
7.2 Legal basis
Our social media presences are intended to ensure the broadest possible presence on the Internet. This
is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social
The analysis processes initiated by the social networks may be based on different legal bases, which must be
operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a
GDPR).
7.3 Controller and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the
operator of the social media platform for the data processing operations triggered during this visit.
responsible. You can exercise your rights (information, rectification, erasure, restriction of processing,
data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media
respective social media portal (e.g. Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals.
have. Our options depend largely on the corporate policy of the respective provider.
provider.
7.4 Storage duration
The data collected directly by us via the social media presence will be deleted from our systems as soon as you
deleted as soon as you ask us to delete it, revoke your consent to storage or the purpose for
purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them.
delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data stored by the operators of social networks for their own purposes.
purposes, we have no influence. For details, please contact the social network operators directly
the operators of the social networks (e.g. in their data protection information, see below).
7.5 Social networks in detail
7.5.1 XING
We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany,
Germany. Details on how they handle your personal data can be found in the
Data protection information from XING: https://privacy.xing.com/de/datenschutzerklaerung
7.5.2 LinkedIn
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza,
Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you wish to deactivate LinkedIn advertising cookies, please use the following link
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Information on data protection for
our website
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs
Details on how they handle your personal data can be found in the data protection information
from LinkedIn: https://www.linkedin.com/legal/privacy-policy
7.5.3 YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow
Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in the
Data protection information from YouTube: https://policies.google.com/privacy?hl=de
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The
DPF is an agreement between the European Union and the USA that ensures compliance with
European data protection standards for data processing in the USA. Every company certified under
DPF-certified company undertakes to comply with these data protection standards. Further
information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active