Notes on data protection
On this page you will find information on data protection in connection with our online offer, in particular on which personal data is collected regularly or upon specific request when visiting our website. We also inform you about the purpose and legal basis of the processing and what rights you, as a visitor to the website, are entitled to in this regard.
We have endeavoured to keep the explanations as comprehensible as possible and will be happy to answer any questions you may have. You will find the relevant contact details at the end of this document.
Note: If terms such as “responsible party”, “data subject”, “personal data”, “processing” etc. appear in the following, we use the definitions from Article 4 of the European Data Protection Regulation (EU-DSGVO) at these points. You can find the text of the EU-DSGVO, for example, here:
https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=CELEX:02016R0679-20160504.
Note: If terms such as “controller”, “data subject”, “personal data”, “processing” etc. appear in the following, we use the definitions from Article 4 of the European Data Protection Regulation (EU-DPA) at these points. You can find the text of the EU-DSGVO, for example, here:
https://eur-lex.europa.eu/legal-content/DE/ALL/?uri=CELEX:02016R0679-20160504.
Processing of personal data
With our online offer we would like to inform you about our services and offers and give you the possibility to easily contact us or to use our services. As far as we process personal data within the scope of our online offer, this is done beyond this core purpose also for the purposes stated in this privacy policy.
Calling up our online offer
In order to be able to transmit the contents of our online offer (e.g. pictures, texts, documents) retrieved by you to your computer, we collect and store the IP address assigned to your computer at the time of retrieval. The legal basis for this processing is article 6 paragraph 1 lit b DSGVO. We also use this data to prevent misuse and to prosecute related criminal offences, and in this respect we invoke Article 6 Paragraph 1 lit f (Our legitimate interest in this case: to ensure proper data processing and the availability of our online service).
Other purposes
If you provide us with personal data (names, addresses, contact details) in the context of an enquiry, a booking or an order, these data will be processed exclusively for the purpose of processing this enquiry, for making an offer you have requested or for processing a resulting contractual relationship. The legal basis for this processing is therefore Article 6 paragraph 1 lit b DSGVO. Without the existence and processing of this data, it is not possible to process your inquiry, booking or order. Nevertheless, if the processing of data relating to you is based on consent (Article 6 paragraph 1 letter a DSGVO) in individual cases, you can revoke this consent at any time. However, this does not affect the lawfulness of the processing until revocation.
Transfer to third parties
If, in the course of processing, we disclose your personal data to other persons and companies (contract processors or third parties), transmit data to them or grant them access to this data in any other way, this will only be done on the basis of a legal permit. This can result from the fulfilment of a contract (Article 6 Paragraph 1 lit b DSGVO), a consent granted by you (Article 6 Paragraph 1 lit a DSGVO), a legal obligation (Article 6 Paragraph 1 lit c DSGVO) or from our legitimate interests (Article 6 Paragraph 1 lit f DSGVO). Possible candidates are, for example, service providers in the field of web hosting, e-mail marketing, software development or service providers in customer care or order processing.
If we commission third parties to process your personal data, this is always done on the basis of a corresponding contract for order processing in accordance with Article 28 DSGVO. We select the service providers carefully and regularly check that these partners comply with data protection regulations. When transmitting data, we take precautions to exclude the possibility that service providers other than those contractually bound by the contract may obtain knowledge of your personal data. The service providers commissioned by us are obliged by the contract for order processing to process your data exclusively in accordance with our instructions and the currently valid data protection standards. They are also prohibited from processing the data for purposes other than those agreed.
We do not sell your data to third parties or market them in any other way.
If it is necessary for the clarification of an illegal use of our online offer or for legal prosecution, we will pass on your personal data to law enforcement authorities and, if applicable, to injured third parties, even without your express consent, if there are concrete indications of illegal or abusive behaviour. A transfer can also take place if this serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These are criminal prosecution authorities, authorities that prosecute administrative offences subject to fines and the tax authorities. In these cases, your data will be passed on on the basis of our legitimate interest in combating abuse, prosecuting criminal offences and securing, asserting and enforcing claims (Article 6 Paragraph 1 lit. f DSGVO) or to fulfil a corresponding legal obligation (Article 6 Paragraph 1 lit. c DSGVO).
Transfers to third countries
If we process data in a third country (i.e. outside the European Union or the European Economic Area) or if this is done in the context of using the services of third parties or disclosure or transfer of data to third parties, we ensure that it is only done within the framework of the above-mentioned legal permissions, i.e. as a rule to fulfil (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. We also ensure that we will only store personal data in a third country if special conditions pursuant to Article 44 et seq. DSGVO, i.e. in particular on the basis of special guarantees, such as the establishment of a level of data protection corresponding to that of the European Union. This also includes compliance with officially recognised contractual obligations (standard contractual clauses of the European Union)
Security of data processing
We use technical and organizational security measures to protect the personal data you have provided us from accidental or intentional manipulation, loss, destruction or unauthorized access by third parties. We also require these precautions on a contractual basis from our service providers who have or could have contact with personal data. As far as you have the possibility to communicate personal data within the scope of our online offer (contact form or similar), the transmission is carried out using a strong encryption.
Standard periods for the deletion of data
We routinely delete personal data when legally required retention periods have expired. If your personal data is not affected by this, it will be deleted or made anonymous if the purposes stated in this data protection declaration cease to apply. Unless this Privacy Policy otherwise contains other, deviating provisions regarding the storage of data, the data collected by us will be stored for as long as necessary for the purposes for which they were collected.
Detection and prosecution of misuse
We keep information for the recognition of misuse as well as for the prosecution of misuse, in particular your IP address recorded when you call up information from our online offer, for a maximum of 7 days. The legal basis for this is article 6 paragraph 1 lit. f DSGVO. Our legitimate interest lies in the trouble-free operation of our online service as well as in the defence of misuse or attacks on our online service.
Waiver of automated decision making or profiling
We dispense with profiling and do not carry out any automated decision making.
Use of cookies
In order to make our Internet presence user-friendly for you and to adjust it optimally to your needs, we may use cookies in some areas. Cookies” are small files that are stored on the user’s computer when using our online services. Within the cookies, different information can be stored, primarily it serves us to store the information about a user (or the device on which the cookie is stored) during or after his visit within an online offer.
Temporary cookies (session cookies) are usually of fundamental importance for the function of our website. This is, for example, the allocation of anonymous session IDs to bundle several queries to a web server or the error-free functioning of registrations and orders. These temporary cookies are automatically deleted at the end of your visit. Other (persistent) cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Cookies that are required to provide certain functions (e.g. shopping basket function) are stored on the basis of Art. 6 Para. 1 lit. f DSGVO. As the provider of these functions, we have a legitimate interest in the storage of these cookies for the technically correct and optimal provision of our services. Insofar as other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, we refer to them separately elsewhere in this data protection declaration.
If you do not want cookies to be stored on your computer, you can deactivate the corresponding option in the system settings of your browser. Cookies already stored can be deleted in the system settings of your browser. Irrespective of this, you can also declare a general objection to the use of cookies used for direct marketing and the associated tracking on pages such as http://www.aboutads.info/choices/ (USA) or http://www.youronlinechoices.com/.
Your rights regarding the processing of personal data
Right of information
You have the right to request information from us as to whether we process personal data about you. If this is the case, we must provide you with information in accordance with Article 15 Paragraph 1 DSGVO about
– the processing purposes;
– the categories of personal data processed;
– the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organisations;
– if possible, the planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining that duration;
– the existence of a right of rectification or erasure of personal data relating to you or of a right to have the processing limited by the controller or to object to such processing;
– the existence of a right of appeal to a supervisory authority;
– if the personal data are not collected from you, any available information as to their origin;
– the existence of automated decision-making, including profiling, in accordance with Article 22 paragraphs 1 and 4 FADP and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on you as a data subject.
The information must be provided by us within one month of receiving your request. Please note that we may require proof of your identity in order to be able to fulfil the right to information.
Right to correction of incorrect data
If the personal data concerning you is incorrect, you have the right to have it corrected by us immediately (Article 16 DSGVO).
Right to deletion
Under certain conditions, you have the right to request the immediate deletion of personal data concerning you. This is the case, for example, if the personal data are no longer necessary for the purposes for which they were originally collected, if you have revoked any consent necessary for processing, or if for other reasons there is no legal basis for processing. If you have objected to the processing and there are no overriding reasons for processing the personal data concerning you, the data must also be deleted. In the case of direct mail, the data must be deleted in any event if you have objected to the processing. Further details can be found in Article 17 DSGVO.
Right to restrict processing
Under certain conditions, you have the right to restrict the processing of personal data concerning you (Article 18 DSGVO). This is the case, for example, if processing by us is not lawful, but you refuse to delete the data and instead demand that its use be restricted. Similarly, the processing is to be restricted, while we will check, upon your objection, whether our legitimate reasons for processing outweigh yours.
Right to data transferability
Article 20 DSGVO gives you the right to receive the data concerning you that you have provided us with in a common, structured and machine-readable format or to transfer this data to another responsible party, for example another service provider. However, this presupposes that the processing of this data is based on consent or a contract and is carried out using automated procedures.
Right of objection
You have the right to object to the processing of personal data relating to you at any time in accordance with Article 21 of the DPA if there are reasons for doing so that arise from your particular situation, insofar as data are involved that are processed on the basis of Article 6 paragraph 1 letters e or f of the DPA. This also applies to profiling based on these provisions. In this case we will stop processing the data unless we can show compelling reasons for processing worthy of protection that outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims.
You can assert all the above rights by post or by sending us an e-mail. You will find the relevant contact details at the end of this document.
Right to complain to a supervisory authority
You have the opportunity to contact a supervisory authority if you have concerns or specific complaints regarding the processing of personal data that takes place at our company. For example, you can contact the supervisory authority responsible for us:
The State Commissioner for Data Protection and Freedom of Information of Rheinland-Pfalz
Hintere Bleiche 34
55116 Mainz
Phone: +49 (0) 6131 208-2449
Fax: +49 (0) 6131 208-2497
Website: https://www.datenschutz.rlp.de/
e-mail: poststelle@datenschutz.rlp.de
Data protection information in the application procedure
We process applicant data only for the purpose and within the framework of the application procedure and in accordance with the legal requirements. The processing is carried out to fulfil our (pre-)contractual obligations within the framework of the application procedure within the meaning of Art. 6 para. 1 lit. b. DSGVO or Art. 6 para. 1 lit. f. DSGVO if the data processing becomes necessary for us, e.g. within the scope of legal proceedings (in Germany, § 26 BDSG applies additionally).
The application procedure requires applicants to provide us with their application data. If we offer an online form, the necessary applicant data are marked. Otherwise, they result from the job descriptions published by us. As a rule, this includes personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, CV and certificates. In addition, applicants can provide us with additional information voluntarily.
By submitting their application, applicants agree to the processing of their data for purposes of the application procedure in accordance with the principles set out in this data protection declaration.
Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 DSGVO are voluntarily communicated as part of the application procedure, their processing is additionally carried out in accordance with Art. 9 Para. 2 lit. a DSGVO (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 DSGVO are requested from applicants within the framework of the application procedure, their processing is additionally carried out in accordance with Art. 9 Para. 2 letter b DSGVO (e.g. health data if these are necessary for the exercise of the profession).
If made available, applicants can submit their applications to us by means of an online form on our website. The data will be transmitted to us in encrypted form according to the state of the art.
If applicants send us their applications by e-mail, it is pointed out that it is not possible to accept encrypted e-mails. We can therefore not assume any responsibility for the transmission path of the application between the sender and the receipt on our server and therefore recommend rather to use an online form or the postal dispatch. It is always possible to send an application by post.
If the application for a job offer is not successful, the applicants’ data will be deleted. Applicants’ data is also deleted if an application is withdrawn, which applicants are entitled to do at any time. Subject to a justified revocation by the applicants, the data will be deleted after a period of six months so that we can answer any follow-up questions regarding the application and meet our obligations to provide evidence under the Equal Treatment Act. Invoices for any reimbursement of travel expenses will be archived in accordance with tax law requirements.
Contact
When you contact us (e.g. via contact form, e-mail, telephone or social media), personal data provided by you will be processed for the purpose of processing the contact request and answering it in accordance with Art. 6 Para. 1 letter b) DSGVO.
This personal data will not be passed on to third parties unless this is necessary for processing the enquiry and is therefore covered by permission in accordance with Article 6 Paragraph 1 lit. b) DSGVO.
We delete the enquiries if the processing is no longer necessary. We review the necessity every two years. In all other respects, the statutory archiving obligations apply, within the scope of which we store data to the extent necessary to fulfil these archiving obligations.
Hosting
We use hosting services from an external service provider for the provision of this online offer. In doing so, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f DSGVO.
We have concluded an agreement with the corresponding service provider for order processing in accordance with Art. 28 DSGVO, thus ensuring that data protection is also implemented at this service provider.
Collection of access data and log files
We, or our hosting provider, collect logs and statistics about every access to the server on which our online offer is provided. These access data include the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. The legal basis for this processing is Art. 6 para. 1 lit. f. DSGVO. Our legitimate interest lies in the technically faultless provision of this online offer and in the clarification of misuse or criminal acts.
For security reasons (e.g. for the clarification of misuse or fraud), the aforementioned information is stored for a maximum of 7 days and then deleted or made completely anonymous. Data whose further storage is required for evidential purposes is excluded from deletion until final clarification of the respective incident.
Integration of third party services and content
We use content or service offerings from third parties within our online offering to integrate their content and services, such as videos or fonts. This always presupposes that the IP address of visitors to our website is transmitted to these third party providers, as without the IP address they would not be able to send the content to their browsers. The IP address is therefore required to display this content. The legal basis for this transmission is our legitimate interest in the analysis, optimisation and economic operation of our online offer in the sense of Art. 6 Paragraph 1 lit. f. DSGVO.
We endeavour to use only such contents whose respective providers use the IP address only for the delivery of the contents. Third party providers may use so-called pixel tags (invisible graphics) for statistical or marketing purposes, depending on the offer. The “pixel tags” inevitably also transmit usage information regarding our online offer to the third party provider. The pseudonymous information can also be stored in cookies on the device you use. These cookies may contain technical information on the browser and operating system, referring websites, visiting time and other information on the use of our online offer, among other things, and may also be combined with such information from other sources at the third-party provider.
YouTube
We occasionally integrate videos via the “YouTube” platform of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. If you call up a page within our online offer on which a YouTube video is included in this way, a connection to the servers of YouTube is established. In doing so, the YouTube server is also informed of your IP address and the information which of our pages you have visited. If you are logged in to your YouTube account during this process, Youtube will associate this request with your personal profile. You can prevent this by logging out of your YouTube account before accessing our pages.
YouTube is used because of our interest in an attractive presentation of our offers and the information of visitors. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO.
Further information on the handling of user data can be found here: Privacy policy of YouTube under: https://www.google.de/intl/de/policies/privacy. Opt-out options for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de) or Google’s settings for the use of data for marketing purposes (https://adssettings.google.com/). You can prevent Google Analytics from collecting data by clicking on the following link. Then a so-called Opt-Out-Cookie will be set, which prevents the future collection of your data when visiting this website:
Google Fonts
For the uniform display of fonts, we integrate so-called web fonts, namely the fonts of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google Fonts”). When you call up a page, your browser loads the required web fonts from servers of the provider Google into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google’s servers and transmit your IP address to Google. The use of Google Web Fonts is based on our legitimate interest in a uniform and attractive presentation of our online offers in the sense of Art. 6 para. 1 lit. f DSGVO. If your browser does not support Web Fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in the Google data protection declaration: https://www.google.com/policies/privacy/.
Here you will find information on a possible opt-out with regard to profiling with the provider Google: https://adssettings.google.com/authenticated.
Responsible
EHRT Maschinenbau GmbH
Rolandsecker Weg 30
D-53619 Rheinbreitbach
Tel. +49 (0) 22 24 / 92 48 63-0
Fax +49 (0) 22 24 / 92 48 63-24
E-mail info@ehrt.de
Imprint: https://ehrt.de/de/impressum.html
Diese Datenschutzhinweise haben den Stand 01.03.2020.