Basic
We provide this information in order to transparently explain how we handle your personal data (which, according to supreme court rulings, also includes the IP address) when you visit our website. According to Article 4 (1) of General Data Protection Regulation (in the following: “GDPR”), personal data is any information relating to an identified or identifiable natural person.
Privacy policy and information
We take the protection of your data and your privacy very seriously and comply with our obligations under data protection law. We collect and process your personal data in accordance with European and national legal requirements. We explicitly explain how and in what form we process your data in this privacy policy.
When visiting our website, we are forced to collect various personal data – this serves on the one hand to ensure the functionality of our website and on the other hand to increase the attractiveness of our website through the use of various tools.
In addition, we would like to point out that data transmission over the Internet is not possible without accepting possible security gaps. Even we cannot guarantee complete protection of your data, but we make every effort to protect your data comprehensively.
Why do we need your data?
Your data is collected so that we can display our website without errors. Other data could be used to analyze your user behavior.
Furthermore, the data collection is carried out on a legal basis:
If you have consented to data processing, we process your personal data on the basis of Article 6 Paragraph 1 Subparagraph 1 (a) GDPR respectively Article 9, Paragraph 2 (a) GDPR, if sensitive data are processed according to Article 9 Paragraph 1 GDPR. The processing of data according to Article 9 GDPR is only permitted in certain cases.
If you have consented to the storage of cookies or to the access to information on your device, such as by device fingerprinting, the data processing is based on Section 25 Paragraph 1 German Telekommunikation-Telemedien-Datenschutz-Gesetz (TTDSG).
The consents can be revoked at any time with effect for the future. You assert the revocation by means of informal communication by e-mail to us. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
If we collect your data to fulfill a contract or to carry out pre-contractual measures, your data will be processed on the basis of Article 6 Paragraph Subparagraph 1 (b) GDPR. If your data is required for the fulfillment of a legal obligation, we process your data on the basis of Article 6 Paragraph 1 Subparagraph 1 (c) GDPR.
Data processing may also be collected on the basis that we are exercising our legitimate interest in data processing. In this case, data processing is possible provided that your interests or the interests of third parties do not conflict with the data processing. According to this, data processing is carried out in accordance with Article 6 Paragraph 1 Subparagraph 1 (f) GDPR.
We will specify the relevant legal basis in each individual case in the relevant section.
Who is responsible?
As the website operator, we are responsible for the data processing on our website under data protection law in accordance with Article 4 (7) GDPR. You can reach us at the following contact details:
Dr. Günther Kast GmbH & Co. Technische Gewebe Spezial-Fasererzeugnisse KG
Abt-Reubi-Straße 6
87527 Sonthofen
+49 8321 66410
info@kast.de
How to reach our data protection officer
dataprotection@kast.de
How long do we store your data?
We adhere to the respective statutory retention period for the maximum duration of the storage of your personal data. Your data will only be stored by us until we no longer need it for our data processing. With regard to the storage of your data, we are bound by the purpose for which we collected your data. Unless a specific storage period is stated in this information, your personal data will remain with us until the purpose for data processing no longer applies.
If you assert a legitimate request for deletion or revoke your consent to data processing, we must delete your data in the event that there are no other legally permissible reasons for the continued storage of your data, such as retention periods under commercial and tax law. We can only comply with your request for deletion when these reasons no longer apply.
Where do we get your data?
We collect your data because you provide us with the data via a contact form or other means. There is additional data that is collected automatically or only after your consent when you visit our website. This is mainly technical data such as your operating system and the time of the page view.
To whom do we provide your data?
We use tools from third-party companies based in and outside the EU and the EEA. Your personal data may be transferred to these third-party companies if you have activated these tools – unless they are necessary for the functionality of the website.
Furthermore, we also use tools from companies based in the USA or other third countries that are not secure under data protection law. Your personal data may also be transferred to these companies if you have activated the corresponding tools. In these countries, there is no level of data protection comparable to that in the EU.
Such data transfer requires an adequacy decision issued by the EU Commission, which ensures a comparable level of protection of your personal data. In the event that there is no such adequacy decision, other appropriate safeguards pursuant to Article 44 GDPR et seq. must be taken.
How is the handling of money on this website?
We offer the direct conclusion of a contract with costs on our website. In order to be able to fulfil this contract and process the payment, you are required to provide us with your payment details. The payment details are the account number, IBAN, BIC, account holder, credit card number, validity period and other details required for the payment.
A payment transaction via the common means of payment such as Visa, MasterCard or direct debit is carried out exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes to https://. Furthermore, you can recognise it by the lock symbol in your browser line. With encrypted communication, your payment data cannot usually be read by third parties.
What rights do you have? – Your data subject rights
You can assert your rights according to Article 12 GDPR et seq. can be asserted.
Revocation of consent to data processing
In part, we process your data with your express consent. You can revoke an already given consent at any time with effect for the future. You assert the revocation by means of informal communication by e-mail to us. You can also contact our data protection officer, he will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
Objection in special cases / against direct advertising, Article 21 DS-GVO
If the data processing is carried out on the basis of Article 6 Paragraph 1 Subparagraph 1 (f) GDPR, then you can object to the processing of your personal data for reasons that arise from your particular situation. This also applies to any profiling – the legal basis for such profiling can be found in this information. If you exercise your right to object, your personal data concerned will no longer be processed unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims under Article 21 Paragraph 1 GDPR.
If we process your personal data for direct marketing, you have the right to object to the processing of personal data concerning you for the purpose of such marketing. This also applies to profiling insofar as it is related to direct advertising. If you object, your personal data will subsequently no longer be sent for the purpose of direct advertising in accordance with Article 21 Paragraph 2 GDPR.
Right to data portability
You have the right to have data that we process automatically handed over to you or to a third party in a common machine-readable format. If you request the transfer of the data to another controller, it will only be done if it is technically possible.
Right to information, deletion and correction
Within the scope of Article 15 Paragraph 1 GDPR, you can assert the right to free information about your stored personal data, their origin, recipients and the purpose of data processing. Furthermore, you could assert a right to correction or deletion of this data, if applicable. If you have any questions about your rights, you can contact us or our data protection officer at any time.
Right to restriction of processing
You may also request the restriction of the processing of your personal data. If you have any questions about this right, you can contact us or our data protection officer at any time. A right to restriction exists in the cases specified by law. If you dispute the accuracy of your data, we need time to verify this. For this period, you have the right to request restriction of your data. In the event that the processing of your data is unlawful, you can demand the restriction of processing instead of the deletion of the data. If we no longer need your personal data, but you wish to exercise, defend or assert legal claims, you have the right to request at least the restriction of data processing. If you have lodged an objection in accordance with Article 21 Paragraph 1 GDPR, we must weigh your interests against ours, during which time you have the right to request the restriction of the data.
If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or any Member State.
Right of complaint to a competent supervisory authority
As a data subject, you still have the right to file a complaint with a supervisory authority in the event of violations of the GDPR. This must be the competent supervisory authority under data protection law in your federal state. You always have the right to file a complaint, regardless of what other measures you take.
More information
We expressly object to the sending of unsolicited advertising and information material to our contact data. We expressly reserve the right to take legal action against unsolicited advertising, such as the sending of spam e-mails.
For security reasons and to protect the transmission of confidential content, we use an SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
Server log files
The site provider collects and stores information in server log files that your browser automatically transmits to us. This includes the following data: Browser type and browser version, operating system used, referrer URL, host name of the accessing computer, time of the server request and furthermore also your IP address.
Your data will not be merged with data from other data sources. The legal basis for data processing is Article 6 Paragraph 1 Subparagraph 1 (f) GDPR, as we as site operator have a legitimate interest in the technically error-free presentation and optimisation of our website. Server log files must be collected for this purpose.
Hosting of our website
We host our website with an external provider:
ID.KOM
Dieselstraße 1
87437 Kempten
All personal data collected on the website – such as your IP address, meta and communication data, contract data, contact data, names, accesses and other data generated via a website are stored on the hoster’s servers.
The legal basis for the processing of your personal data is Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. Our legitimate interest lies in the most reliable presentation of our website.
In the event that we have requested your consent, the processing of your data is based on Article 6 Paragraph 1 Subparagraph 1 (a) GDPR and Section 25 Paragraph 1 TTDSG, if the data use is subject to the consent to store cookies or access information in the user’s terminal device, such as device fingerprinting, as defined by the TTDSG. Consent can be revoked at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
In order to demonstrate data protection-compliant processing and to outline our respective obligations, we have concluded an agreement on commissioned processing. This is a contract required under Article 28 Paragraph 3 GDPR, which ensures that our order processor only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
Setting cookies
We use cookies on our website. These are small text files and data packets that are placed on the end devices but do not cause any damage there. The cookies are stored either temporarily for a session as session cookies or permanently as permanent cookies on your terminal device. Session cookies are automatically deleted at the end of the session, whereas permanent cookies are stored on the end device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies could also be stored on your end devices; these are third-party cookies. They enable the use of services of this company, such as cookies for processing payment services.
Cookies fulfill different functions. In part, they are technically necessary for certain applications on the website to function at all, such as the shopping cart function. Other cookies are used to evaluate user behavior on our site or to display advertising. Cookies that are technically absolutely necessary and are therefore to be regarded as necessary cookies are stored on the basis of Section 25 Paragraph 2 TTDSG, unless another legal basis is explicitly stated. The storage of cookies is mandatory in order to be able to create the technical prerequisites for an error-free and optimized website. For cookies that are not technically mandatory, consent is requested in accordance with Section 25 Paragraph 1 TTDSG. In this case, the cookies will only be stored on the basis of this consent. The consent can be revoked at any time with effect for the future. You assert the revocation by means of informal communication by e-mail to us. You can also contact our data protection officer, he will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
You can set your browser to inform you about the setting of cookies and to allow them only in individual cases. Furthermore, you can also generally exclude the storage of cookies and activate automatic deletion of cookies when closing the browser. We would recommend this procedure. In the event that you generally deactivate cookies, the functionality of our website as well as the display may be limited. When using cookies from third-party companies and for analysis purposes, we will again inform you separately. In this case, we will additionally request your consent.
Cookie banner on our website:
Our cookie banner on our website (request for consent) comes from a third-party provider. The provider of the cookie banner is Sample company supplier Street supplier Postcode and city Provider hereafter: Name. With the help of the cookie banner, we obtain your consent that certain cookies that are not required for the technical presentation of the website may be stored on your end device. We need this consent in order to be able to demonstrate a legal basis for the storage.
When you enter our website, personal data is transmitted to our cookie banner provider. This involves the following data: Your response to our consent request in the context of the cookie banner, your IP address, information about your browser and your terminal device as well as the time of your visit to our website.
When you enter our website, a connection is established to the provider’s servers so that your consent or other declarations regarding the setting of cookies can be obtained. After the declaration has been made, our provider stores a cookie in your internet browser so that it can assign whether you have consented to the cookies being set or whether you have rejected them. Furthermore, it is used to allocate any revocation that may have taken place at a later date. This data is stored until you request us to delete the data, delete the cookie yourself or the purpose for data processing no longer applies. If the deletion conflicts with legal retention periods, these remain unaffected.
The legal basis for obtaining consent is Section 25 Paragraph 1 TTDSG. You can revoke your consent at any time with effect for the future. If you wish to change your settings, please contact us or follow the instructions on our website. You can assert a possible revocation by means of an informal message sent to us by e-mail. You can also contact our data protection officer, who will inform us of your request. However, the lawfulness of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
In order to demonstrate data protection-compliant processing and to outline our respective obligations, we have concluded an agreement on commissioned processing. This is a contract required under Article 28 Paragraph 3 of GDPR, which ensures that our order processor only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
Contact options on our website
We offer various ways to contact us on our website.
Inquiries via contact form
You can use our contact form at any time to send us enquiries. We process the data you have provided in the contact form, as well as your e-mail address, in order to be able to process your enquiry and in the event that we still have follow-up questions for you. However, we do not pass on your data to third parties without your consent.
The legal basis for the processing of your data is Article 6 Paragraph 1 Subparagraph 1 (b) GDPR, insofar as your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In other cases, the processing is based on our legitimate interest in the effective processing of your request in accordance with Article 6 Paragraph 1 Subparagraph 1 (f) GDPR or on your consent pursuant to Article 6 Paragraph 1 Subparagraph 1 (a) GDPR, if this has been requested by us. You can revoke your consent at any time with effect for the future. An informal communication by e-mail to us is sufficient for this purpose. However, this does not affect the legality of our data processing until the revocation has taken place.
The data you provide will remain with us until you request us to delete it or revoke your consent to store it. Mandatory legal provisions such as statutory retention periods remain unaffected.
Inquiries by e-mail, telephone and fax
You can contact us at any time by e-mail, telephone and fax. In doing so, we process the data that you have provided to us in order to be able to process your inquiry. However, we will not pass on your data to third parties without your consent.
The legal basis for the processing of your data is Article 6 Paragraph 1 Subparagraph 1 (b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In other cases, the processing is based on our legitimate interest in the effective processing of your request in accordance with Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. or based on your consent according to Article 6 Paragraph 1 Subparagraph 1 (a) GDPR, if this was requested by us. You can revoke your consent at any time with effect for the future. For this purpose, an informal communication by e-mail to us is sufficient. However, the legality of our data processing until the revocation is not affected.
The data you provide will remain with us until you request us to delete it or revoke your consent to store it. Mandatory legal provisions such as statutory retention periods remain unaffected.
Data processing by social networks
We use a publicly accessible profile on various social networks.
The social networks may already analyse your behaviour when you visit our website, as we have integrated plug-ins of the social networks or other links. Personal data is also collected if you are not logged in as a user or do not have an account with the respective provider. Your data is collected via cookies that are stored in your terminal device or by recording your IP address.
The social networks create user profiles. In these profiles, they store your interests and preferences so that you are shown interest-based advertising. If you maintain a profile with the respective provider, the advertising will be displayed on all devices on which you are or were logged in.
The data you provide will remain with us until you request us to delete it or revoke your consent to store it. Mandatory legal provisions such as statutory retention periods remain unaffected. Stored cookies, unless they are session cookies, remain on your device until you delete them.
In order to prove data protection-compliant processing and to outline our respective obligations, we have concluded an agreement on commissioned processing with the respective provider. This is a contract prescribed by data protection law in accordance with Art. 28 Paragraph 3 GDPR, which ensures that our commissioned processor only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DS-GVO.
Instagram plug-in and Instagram profile
We maintain a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter: “Meta”). In addition, we have integrated a plug-in from Instagram on our website. You can recognise this by the Instagram profile button.
The mere integration of the plug-in does not lead to any direct data transmission to Meta. Personal data is only processed when information is called up that goes beyond the start page of an Instagram profile; this processing is no longer attributable to us as the operator, as you have voluntarily placed yourself under Meta’s data sovereignty with your consent through the “two-click solution”.
The legal basis for our data processing is our legitimate interest in achieving the greatest possible visibility in social media in accordance with Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. If a corresponding consent has been requested, Meta’s data processing is based on your consent in accordance with Article 6 Paragraph 1 Subparagraph 1 (a) GDPR. You can revoke your consent at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
The use of an Instagram profile does not result in joint responsibility for any data processing of personal data according to Article 26 GDPR. By using the “two-click solution” provided by us, you voluntarily decide to place yourself under the data sovereignty of Meta. Contrary to the ECJ ruling of 05.06.2018, C-210/16, there is therefore no responsibility based on a joint decision on the purposes and means of data processing, as Meta only processes personal data at the time when you have already voluntarily placed yourself under Meta’s data sovereignty. The processing of personal data that takes place after the transfer to Meta is not attributable to us. Furthermore, in the event of joint responsibility, the required agreement pursuant to Art. 26 Paragraph 3 of GDPR can be found in the addendum provided by Meta: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are obliged to provide the data protection information in accordance with Article 13 GDPR et seq. and to integrate the Meta-Tool on our website in a data protection compliant manner. You can assert your data protection rights directly with Meta. In the event that you assert your data protection rights with us in relation to the use of Instagram, we are obliged to forward your request to Meta.
The data processed by Meta is also transferred to the USA and other third countries. The data transfer to the USA is again based on an adequacy decision of the EU Commission. Meta is a certified partner for the EU-US Privacy Framework. Details can be found at: https://facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://facebook.com/policy.php. Further information can be found in the Terms of Use and the Privacy Policy. These can be found at: https://de-de.facebook.com/about/privacy/ and https://de-de.facebook.com/legal/terms/.
Integration of analysis tools and plug-ins
We use various analytics and advertising tools.
To provide evidence of data protection-compliant processing and to outline our respective obligations, we have concluded an agreement on commissioned processing with the respective provider. This is a contract required by Article 28 Paragraph 3 GDPR under data protection law, which ensures that our order processor only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
Integration of Google Tag Manager
We use a Google Tag Manager to integrate tracking or statistical tools on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google Tag Manager”). The technology does not create a user profile, does not store cookies and does not perform any analyses itself, it only stores your IP address. The Google Tag Manager manages the integrated tools. The data processed by Google is also transferred to the USA and other third countries. The data transfer to the USA is again based on an adequacy decision of the EU Commission. Google is a certified partner for the EU-US Privacy Framework. Details can be found at: https://privacy.google.com/businesses/controllerterms/mccs/
Integration of Google Analytics in case of activating Google Maps
We use the web analytics services of Google Analytics to perform user analysis. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). Google collects personal data for the analysis of user behaviour, which is stored on our server, whereby the storage of the IP address is only anonymised. Google helps us to collect data on when our site was accessed and from which region, as well as whether and which purchases were made via the website. In order to carry out this analysis, Google stores log files such as the IP address, referrers, browsers used and operating systems. In addition, Google may also record your mouse and scrolling movements as well as your clicks.
The legal basis for data processing is our legitimate interest in anonymised analysis to improve our services in accordance with Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. If a corresponding consent was requested, the data processing by Google is based on your consent in accordance with Article 6 Paragraph 1 Subparagraph 1 (a) GDPR. You can revoke your consent at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
Google stores the data for two months, after which it is anonymised. You can view details on this at the following link: https://support.google.com/analytics/answer/7667196?hl=de.
Use of Google Signals: When using Google Signals, Google Analytics also collects your location, search history and YouTube history, if applicable, as well as demographic data such as visitor data. Google Signals uses this data to send you personalised advertising. If you have a Google account and are logged in to it, Google Signals will also pull your data from your Google account. Furthermore, Google also uses the data to create anonymised user profiles and to display user behaviour in statistics.
“E-commerce measurement”: With the help of this measurement, we analyse the purchasing behaviour of our website visitors in order to improve our offer on our website. Google stores information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product. Google then summarises this information and assigns it to the respective user.
Integration of Google Ads in case of activating Google Maps
We use the Google Ads online advertising programme to play advertisements in Google or on third-party websites when certain terms are entered in Google (keyword targeting). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). Furthermore, Google also pursues target group targeting, which displays advertising tailored to the target group by means of user data stored at Google, such as location data or interests. As website operators, we can evaluate and analyse this data in order to improve our services. In particular, we are interested in which search terms were entered and how many ads led to corresponding clicks.
The legal basis for the data processing is our legitimate interest in the effective marketing of our products and our services according to Article 6 Paragraph 1 Subparagraph 1 (f) GDPR.
If a corresponding consent was requested, the data processing by Google is based on your consent in accordance with Article 6 Paragraph 1 Subparagraph 1 (a) GDPR. You can revoke your consent at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
The data processed by Google is also transferred to the USA and other third countries. The data transfer to the USA is again based on an adequacy decision of the EU Commission. Google is a certified partner for the EU-US Privacy Framework. Details can be found at: https://privacy.google.com/businesses/controllerterms/mccs/
Integration of Google Fonts Integration of Google Analytics in case of activating Google Maps
We use web fonts provided by Google for the uniform display of fonts. The fonts are installed locally, for this reason no connection to Google’s servers is established.
Integration of Google Maps
We use Google Maps to display our location. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: „Google“).
Google Maps stores your IP address, which is transmitted to Google’s servers. We have no influence on the data processing by Google. Google may additionally embed Google Web Fonts when using Google Maps.
The legal basis for the data processing is our legitimate interest in an appealing presentation of our online offer according to Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. If a corresponding consent was requested, the data processing by Google is based on your consent according to Article 6 Paragraph 1 Subparagraph 1 (a) GDPR. You can revoke your consent at any time with effect for the future. You assert the revocation by means of informal communication by e-mail to us. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
The data processed by Google is also transferred to the USA and other third countries. The data transfer to the USA is again based on an adequacy decision of the EU Commission. Google is a certified partner for the EU-US Privacy Framework. Details can be found at: https://privacy.google.com/businesses/controllerterms/mccs/
Audio and video conferences
We use audio and video conferencing tools to communicate with our clients.
General information
Both we and our tool provider process your personal data. Our provider processes data that is strictly necessary, such as email address and your phone number. Our provider also processes metadata. This is the following data: Duration of the conference, start and end of the conference, number of participants and context information. Finally, technical data is also processed that is necessary for the provision of the respective service. This is the IP address, MAC addresses, device IDs, operating system, client version, camera type, speakers and the type of connection. Any content, such as cloud recordings, chat messages, voicemails, uploaded photos and videos, files and whiteboards that you share, upload or otherwise provide during the conference will be stored by our provider. We do not have full control over what data is processed by our provider and for what purpose.
The legal basis for data processing is Article 6 Paragraph 1 Subparagraph 1 (b) GDPR, insofar as our communication relates to our contractual partners or specific services to our customers. Furthermore, the data processing is based on our legitimate interest in simplifying and accelerating communication with us pursuant to Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. If you have given your consent in accordance with Article 6 Paragraph 1 Subparagraph 1 (a) GDPR, your e-mail address will be passed on to our transport company so that you can track the shipping status of your order. You can revoke your consent at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
The data we store remains with us until you request us to delete it or revoke your consent to store it. Mandatory legal provisions such as statutory retention periods remain unaffected. The cookies set also remain on your end device until you delete them yourself.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
Conference provider
If the respective provider also transfers the processed data to the USA and other third countries, this data transfer to the USA is based on an adequacy decision of the EU Commission. The decisive factor is whether the respective partner is certified for the EU-US Privacy Framework. Details can be found in the information on the respective provider.
In order to prove data protection-compliant processing and to outline our respective obligations, we have concluded an agreement on commissioned processing with the respective provider. This is a contract prescribed by data protection law in accordance with Art. 28 Paragraph 3 GDPR, which ensures that our commissioned processor only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.
We use the following provider:
Zoom
We use the conference tool Zoom. The provider is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113 USA. Data transmission: https://zoom.us/de-de/privacy.html – Privacy policy details: https://zoom.us/de-de/privacy.html
ClickMeeting
We use the conference tool ClickMeeting. The provider is ClickMeeting Spólka z organiczona odpowiedzialnoscia, located at ul. Arkonska 6/a4, 80-387 Gdansk, Poland. Privacy policy details: https://clickmeeting.com/de/legal
TeamViewer
We use the conference tool TeamViewer. The provider is TeamViewer Germany GmbH, Jahnstr. 30, 73037 Göppingen. Privacy policy details: https://www.teamviewer.com/de/datenschutzerklaerung
Skype for Business
We use the conference tool Skype for Business. The provider is Skype Communications SARL, 23-29 Rives de Clausen, L-2165 Luxembourg. Privacy policy details: https://privacy.microsoft.com/de-de/privacystatement/.
GoToMeeting
We use the conference tool GoToMeeting. The provider is LogMeln, Inc, 320 Summer Street Boston, MA 02210, USA. Privacy policy details: https://www.logmeininc.com/de/legal/privacy
Microsoft Teams
We use the conference tool Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Privacy policy details: https://privacy.microsoft.com/de-de/privacystatement
Google Meet
We use the conference tool Google Meet. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details of the privacy policy: https://policies.google.com/privacy?hl=de
Webex
We use the conference tool Webex. The provider is Webex Communications Deutschland GmbH, Hansaalee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany. Data transmission: https://www.cisco.com/c/de_de/about/trust-center/data-protection-and-privacy-policy.html and https://konferenzen.telekom.de/fileadmin/Redaktion/conference/cisco-webex/Webex_Compliance_Deutsch_V1.0.pdf – Privacy policy details: https://www.cisco.com/c/de_de/about/legal/privacy-full.html
Our own services – dealing with applicants
You have the opportunity to send us an unsolicited application or apply for an advertised position at any time. We accept applications by e-mail, by post and via our online application form. In the following, we would like to inform you about the data processing within the application process.
We process your personal data such as contact and communication data, application documents and notes in the context of job interviews, insofar as they are necessary for the establishment of an employment relationship. The legal basis for our data processing is Article 6 Paragraph 1 Subparagraph 1 (b) GDPR in conjunction with. Section 26 of German Bundesdatenschutzgesetz (BDSG). If you have given your consent in accordance with Article 6 Paragraph 1 Subparagraph 1 (a) GDPR, the data processing is based on your consent. You can revoke your consent at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
In the event that we introduce you to an employment relationship, your data will be further processed for the performance of your employment.
If we are unable to offer you a position, you decline our offer or withdraw your application, we reserve the right to retain your documents for up to six months after the end of the application process. After this period, your data will be deleted and destroyed. Mandatory legal retention periods remain unaffected. If you have given us your consent to store your data for a longer period, it may be stored for a longer period.
You have the option of being included in our applicant pool. This includes all documents and information from your application so that we can contact you if there are suitable vacancies. The legal basis for this data processing is your express consent in accordance with Article 6 Paragraph 1 Subparagraph 1 (a) GDPR. You can revoke your consent at any time with effect for the future. You can revoke your consent by sending us an informal e-mail. You can also contact our data protection officer, who will inform us of your request. However, the legality of the data processing carried out until the revocation remains unaffected by the revocation exercised by you.
OneDrive
We have integrated OneDrive on this website. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter „OneDrive“).
OneDrive allows us to include an upload area on our website where you can upload content. When you upload content, it is stored on OneDrive’s servers. When you enter our website, a connection to OneDrive is also established so that OneDrive can determine that you have visited our website.
The use of OneDrive is based on Article 6 Paragraph 1 Subparagraph 1 (f) GDPR. As the site operator, we have a legitimate interest in having a reliable upload area on our website. If a corresponding consent has been requested, the processing is based exclusively on Article 6 Paragraph 1 Subparagraph 1 (a) GDPR. The consent can be revoked at any time with effect for the future.
In order to prove data protection-compliant processing and to outline our respective obligations, we have concluded an agreement on commissioned processing with the respective provider. This is a contract prescribed by data protection law in accordance with Art. 28 Paragraph 3 GDPR, which ensures that our commissioned processor only processes the personal data of our website visitors in accordance with our instructions and in compliance with GDPR.