INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA
(1) Below we provide information on the collection of personal information when using this website. Personal data is all information personally referable to you, e.g. name, address, e-mail addresses, user behaviour.
(2) Responsible data collector in the sense of Art. 4, par. 7 EU General Data Protection Regulation (GDPR) is FRIEDRICH DUSS Maschinenfabrik GmbH & Co. KG, Konrad Duss, Calwer Str. 17, 75387 Neubulach, Email: firstname.lastname@example.org (please refer to the legal information). You can contact our responsible data protection officer at any time via e-mail at email@example.com or by mail to our postal address with additional marking „data protection officer“.
(3) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, and if applicable your name and your telephone number) will be stored by us in order to answer your questions. We delete the data arising in this context once the storage is no longer needed or limit its processing if statutory retention obligations exist.
(4) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. We also specify the defined criteria for the storage period.
(1) You have the following rights towards us regarding your personal data:
– right to be informed
– right to correction or deletion
– right to limit the processing
– right to object the processing
– right to data portability.
(2) You also have the right to file a complaint with a data protection supervisory authority concerning our processing of your personal data.
COLLECTION OF PERSONAL DATA WHEN VISITING OUR WEBSITE
(1) If you use the website for information purposes only and thus do not otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which we technically require to display our website to you and to guarantee stability and security (legal basis is Art. 6, par. 1 S. 1 lit. f GDPR):
– IP address
– date and time of inquiry
– time zone deviation to Greenwich Mean Time (GMT)
– content of inquiry (specific site)
– access status/HTTP status code
– respective volume of data transferred
– the website forwarding the inquiry
– operating system and GUI
– language and version of browser software.
(2) In addition to the data mentioned above, cookies are stored on your computer when you use our website and services. Cookies are small text files that are stored on your hard disk in association with the browser you're using and by which the party which sets the cookie (i.e. us) receives specific information. Cookies cannot run programmes or deliver viruses to your computer. They serve to make our internet presence more user-friendly and effective (legal basis is Art. 6, par. 1 S. 1 lit. f GDPR).
Additionally, we make use of so-called Local Storage and Session Storage technologies (also referred to as “local data”, “local memory” and “session memory”). For Local Storage, data are locally stored in your browser’s cache. They remain available and readable even after the browser window or the program has been closed unless you do not clear the cache actively. Local Storage saves your preferences on your computer while you use our website and thus allows you to use them. The functions of Session Storage generally correspond to those of the Local Storage explained, except that respective data are automatically removed from your browser’s cache immediately as soon as the browser (“session”) is being closed.
Third parties have no access to data saved in the Local Storage or Session Storage. Suchlike data won’t be disclosed to third parties and/or used for promotional purposes. The technology will in particular be used to present you our content in interesting graphical form (e.g. pop-up windows etc.) and to adjust our services and website navigation to your specific needs. You can organize the Local Storage-content in your browser settings for “history” or “local data” (depending on the type of browser you use). However, restricting the above features can result in limited functionality.
- a) This website uses the following types of cookies, the scope and functionality of which are explained below:
– transient cookies (see b)
– persistent cookies (see c).
b) Transient cookies are automatically deleted when you shut down the browser. These include session cookies, in particular. They store a so-called session ID which assigns the various inquiries forwarded by your browser during the joint session. This facilitates identifying your computer when you return to the site. Session cookies are deleted when you log out or shut down the browser.
c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in your browser's security settings at any time.
d) You may configure your browser settings according to your needs and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.
ADDITIONAL FUNCTIONS AND SERVICES PROVIDED ON OUR WEBSITE
(1) Apart from the purely informational use of our website, we offer various services that you can use if interested. For this purpose, you will usually have to disclose further personal data which we use to provide the respective service and to which the aforementioned data processing principles apply.
(2) In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and checked regularly.
(3) Furthermore, we may disclose your personal data to third parties if we offer participation in campaigns and prize games, contracts or similar services together with partners. You will receive more detailed information on this when you provide your personal data or through the below specification of the services.
(4) If our service providers or partners are located in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the service.
OBJECTION TO OR REVOCATION OF THE PROCESSING OF YOUR DATA
(1) If you have given your consent to the processing of your data, you can revoke this at any time. Once communicated to us, such revocation affects the permissibility of the processing your personal data.
(2) If we base the processing of your personal data on the weighing of interests, you may object to the processing. This is the case if processing is in particular not necessary to fulfil a contract with you, which is described by us in the below description of the functions. When such objection is raised, we ask you to explain the reasons why we should not process your personal data as we have done. If your objection is justified, we will examine the situation and either cease or adjust the data processing or explain to you our compelling reasons worthy of protection, on the basis of which we will continue processing.
(3) Of course you may object to the processing of your personal data for advertising and data analysis purposes at any time. You may inform us about your objection to promotional purposes at the below contact data: FRIEDRICH DUSS Maschinenfabrik GmbH & Co. KG, Konrad Duss, Calwer Str. 17, 75387 Neubulach, Email: firstname.lastname@example.org.
TERM OF STORAGE OF PERSONAL DATA
We will store personal data in accordance with the retention periods stipulated by law (e.g. under commercial or tax law). Thereafter, the respective data will be deleted if it is no longer needed to fulfil the contract and/or there is no legitimate interest on our part in further storage.
USE OF CLOUDFLARE
(2) Further information on the purpose and scope of the data collection and its processing by the third party can be found in the data protection declaration of the provider. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.cloudflare.com/de-de/privacypolicy/. This is a service provided by Cloudflare, Inc., 101 Townsend St,, San Francisco, CA 94107, USA, email@example.com. We cannot rule out that CloudFlare will continue to process your personal data in the USA. Cloudflare, Inc. (USA) has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. In addition, we use the standard contractual clauses of the EU with the provider, available at https://www.cloudflare.com/cloudflare-customer-scc/.
SOCIAL-MEDIA AND THIRD PARTIES
USE OF SOCIAL MEDIA PRESENCES
(1) We are currently present on the following social media: Facebook, Instagram. We use the so-called two-click solution. This means that when you visit our page, in principle no personal data is passed on to the providers of the social media platform. You can identify the provider of the social media platform by the marking on the box over their first letter, logo or a link. Only if you click on the marked field and activate it does the social media platform provider receive the information that you have called up the corresponding website of our online offer. In addition, the data stated under the section “COLLECTION OF PERSONAL DATA WHEN VISITING OUR WEBSITE” of this declaration is transmitted. In the case of Facebook, according to the statement by the provider in Germany the IP address is anonymized immediately. Through the activation of the link, personal data from you is therefore transmitted to the respective provider and stored there (in the case of American providers, in the USA). As the provider undertakes the collection of data especially through cookies, we recommend that you delete all cookies through the security settings of your browser before clicking on the grey box.
(2) We have no influence on the data collected and the data processing procedures, nor are we aware of the full scope of the data collection, the purposes of the processing and the retention periods. We do not have information either about the erasure of the collected data by the provider.
(4) The passing on of data takes place regardless of whether you have an account at the plug-in provider and are logged in there. If you are logged in at the plug-in provider, your data collected by us is assigned directly to your account at the plug-in provider. If you click the activated button and e.g. link the page, the plug-in provider also stores this information in your user account and informs your contacts publicly. We recommend that you regularly log out after using a social network, especially before activating the button, so that you can avoid attribution to your profile at the plug-in provider.
(5) Further information about the purpose and scope of the data collection and its processing by the plug-in provider is available in the following data privacy statements by these providers. There you also receive further information about your rights in this respect and possible settings to protect your privacy.
(6) Addresses of the respective plug-in providers and URL with their data privacy provisions:
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information about data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications as well as http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook is subject to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
b) Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google is subject to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
c) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter is subject to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
d) Xing AG, Gänsemarkt 43, 20354 Hamburg, GER; http://www.xing.com/privacy.
e) T3N, yeebase media GmbH, Kriegerstr. 40, 30161 Hannover, Germany; https://t3n.de/store/page/datenschutz.
f) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn is subject to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
g) Flattr Network Ltd. 2nd Floor, White bear yard 114A, Clerkenwell Road, London, Middlesex, England, EC1R 5DF, Great Britain; https://flattr.com/privacy.
h) Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA, https://help.instagram.com/155833707900388. Provider in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, Facebook Ireland Limited is a company registered under Irish law, commercial register no.: 462932.
(7) Please note the Facebook data privacy provisions under https://www.facebook.com/policy.php. Data processing at Facebook and Instagram is in shared responsibility. Further information about shared responsibility is available under https://www.facebook.com/legal/terms/page_controller_addendum.
USE OF YOUTUBE VIDEOS
(1) This website uses the Youtube embedding function for display and playback of videos offered by the provider Youtube. To this end, the extended data protection mode is used to ensure, according to provider information, that user information will only be stored once the playback function of the video is started. When the playback of embedded YouTube videos is started, the provider sets "YouTube" cookies in order to collect information about user behaviour. According to indications from Youtube, the use of those cookies is intended, among other things, to record video statistics, to improve user-friendliness and to avoid improper actions. If you are logged in to Google, your information will be directly associated with your account when you click on a video. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button. Google saves your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place in particular according to Art. 6 (1) point f GDPR on the basis of the legitimate interests of Google in the insertion of personalized advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
(2) Regardless of whether the embedded video is played back, a connection to the Google network "double click" is established when visiting this website. This may trigger further data processing beyond our control.
(3) Further information about the purpose and scope of data collection and its processing by YouTube is available in the data privacy statement, which also provides further information about your rights and possible settings to protect your privacy: http://www.google.de/intl/de/policies/privacy. This is a service provided from 22.01.2019 by Google Ireland Limited (“Google”), a company registered and operated under Irish law (register no. 368047), with head office at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). We cannot rule out that Google continues to also process your personal data in the USA. Google LLC (USA) is subject to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.
(2) Google will not use your IP address transmitted by your browser in connection with other Google data.
(4) This website uses Google Analytics with the extension _anonymizeIp(), which means that IP addresses are stored in shortened format so that IP addresses are only processed further in abbreviated form to prevent them being directly linked to a particular individual.
(5) This is a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google). The Google Analytics service is used to analyse how our website is used. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our site. Google LLC based in the United States is certificated for the EU-US data protection agreement „Privacy Shield“, which guarantees the EU data protection standard, https://www.privacyshield.gov/EU-US-Framework.
(1) If we offer you the sending of a newsletter by e-mail, WhatsApp or other electronic media, you can subscribe to our newsletter by consenting, with which will inform you about our current interesting offers. The advertised goods and services are stated in the consent declaration.
(2) For the subscription to our newsletter, we use the so-called double-opt-in procedure. This means that we send an e-mail to your stated address after registration, asking for confirmation that you wish the newsletter to be sent. If you do not confirm your registration within 24 hours, your information is blocked and automatically erased after a month. In addition, we store your used IP addresses and the time of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, clarify any potential misuse of your personal data.
(3) The only obligatory detail for sending the newsletter is your e-mail address. The stating of further, specially indicated data is voluntary and is used to be able to address you personally. After your confirmation, we store your e-mail address for the purpose of sending the newsletter. The legal basis is Art. 6 par. 1 p. 1 line a GDPR.
(4) You can withdraw your consent to sending the newsletter at any time and deregister from the newsletter. You can declare the withdrawal with a click on the link in every newsletter e-mail, by e-mail or by a message to the contact details in the legal notice.
(5) We would like to point out that when we send the newsletter we evaluate your user behaviour. For this evaluation, the sent e-mails contain so-called web beacons or tracking pixels, representing single-pixel image files that are stored on our website. For the evaluations, we link the aforementioned data and the web beacons with your e-mail address and an individual ID. The data is collected exclusively pseudonymized, so the IDs are not associated with your further personal data and direct personal identification is excluded. With the data thus acquired, we compile a user profile to be able to tailor the newsletter to your individual interests. We establish when you read our newsletter, what links in it you click on and deduce your personal interests. This data is linked with actions you carry out on our website.
You can object to this tracking at any time by clicking on the designated link provided in every e-mail or by informing us through another contact channel. The information is stored for as long as you are subscribed to the newsletter. After deregistering, we store the data purely statistically and anonymously. Furthermore, such tracking is not possible if you have deactivated as standard the display of images in your e-mail program. In this case, the newsletter is not displayed in full and you may not be able to use all the functions. If you display the images manually, the aforementioned tracking occurs.
DATA PRIVACY NOTE FOR APPLICANTS
(1) We process the personal data of applicants exclusively for the purpose of carrying out the application procedure. Apart from traditional job offers, applicants can make contact through our online quick application form. The collection, storage, processing and use of personal application data in line with the General Data Protection Regulation (GDPR) are necessary to carry out precontractual measures, as well as to uphold legitimate interests, especially in carrying our application procedures. The legal basis is Art. 6 par. 1 p. 1 line b and line r GDPR. If applicants have granted consent, the legal basis is Art. 6 par. 1 p. 1 line e GDPR. There is no obligation to grant any required consents and granted consents can be revoked – individually or collectively – for the future at any time. In this case, the data collected and stored based on the consent is erased.
(2) The data of applicants is principally erased as soon as the purpose of processing expires. This is the case if an application procedure has been concluded, at the latest after 6 months. It does not apply if there are legal retention periods beyond this that must be observed, or consent has been granted for a longer storage of the application data.
Further information on data protection for customers, interested parties, suppliers, service providers or other data subjects can be found here.