• Email
  • Drucken

Data Protection

DATA PROTECTION

1. An overview of data protection

General

The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data collection on our website

Who is responsible for the data collection on this website?

The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.

How do we collect your data?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?

You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website

The party responsible for processing data on this website is:

centrotherm international AG
Württemberger Straße 31
89143 Blaubeuren
Deutschland

Telephone: +49 7344 918-9900
E-Mail 

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. 

The competent supervisory authority in our case is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
70173 Stuttgart
Germany

Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Opposition to promotional emails

We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

3. Data protection officer

Statutory data protection officer

We have appointed a data protection officer for our company.

Daniel Voigtländer
E-Mail

4. Data collection on our website

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:

     

  • Browser type and browser version
  •  

  • Operating system used
  •  

  • Referrer URL
  •  

  • Host name of the accessing computer
  •  

  • Time of the server request
  •  

  • IP address
  •  

These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

5. Analytics and advertising

Google Analytics

This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

IP anonymization

We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin

You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.

For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

Outsourced data processing

We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic data collection by Google Analytics

This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".

SUPPLIERS

Privacy Information in accordance with Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR) 

Data protection is important to us. In the following document, we inform you about how we process your data and what your rights are.

1. Who is responsible for data processing and who can you contact?

centrotherm international AG
Württemberger Str. 31
89143 Blaubeuren
Germany
+49 (0)7344 918-9900
E-Mail 

2. Data Protection Officer’s contact details

Daniel Voigtländer
E-Mail

3. Purposes of processing and legal basis

Your personal data are processed in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection requirements. The processing and use of individual data depends on the agreed or requested service. Our contract documentation, forms, consent declarations and other information made available to you (e.g. on our website or in our General Terms and Conditions) contain further details and supplementary information about the purposes for which data are processed.

3.1 Consent – Art. 6 (1) (a) GDPR

If you have given us your consent to the processing of your personal data, that consent provides the legal basis for the processing specified therein. You may withdraw your consent at any time with future effect.

3.2 Fulfilment of contractual obligations – Art. 6 (1) (b) GDPR

We process your personal data to fulfil our contracts with you, most notably in order to process orders and allow you to avail of our services. Your personal data are furthermore processed to undertake measures and activities within the scope of pre-contractual relationships.

3.3 Fulfilment of legal obligations – Art. 6 (1) (c) GDPR

We process your personal data where this is necessary for the fulfilment of legal obligations (e.g. commercial or fiscal laws).

We may furthermore process your data for: checking identity and age; fraud and money laundering prevention; prevention, combatting and solving of terrorism financing and crimes that jeopardise assets; comparisons with European and international anti-terror lists; fulfilment of fiscal controlling and report-ing obligations and the archiving of data for the purposes of data protection and data security and inspection by fiscal and other authorities. It may furthermore be necessary to disclose personal data with-in the scope of measures imposed by the authorities/courts of law for the purposes of obtaining evidence, criminal proceedings or to enforce claims under civil law.

3.4 Our legitimate interest or that of third parties – Art. 6 (1) (f) GDPR

We can also use your personal data on the basis of an overriding interest, in order to preserve our legitimate interest or the legitimate interest of a third party. This is undertaken for the following purposes:

  • for advertising or market research where you have not refused the use of your data;
  • to obtain information and for the exchange of data with credit agencies where this exceeds our economic risk;
  • for the limited storage of your data where erasure is not possible or would entail disproportionate effort owing to the special nature of that storage;
  • for comparison with European and international anti-terror lists where this extends beyond statutory obligations;
  • for the further development of services and products and existing systems and processes;
  • for the disclosure of personal data within the scope of due diligence, e.g. with regard to the sale of a company;
  • to enrich our data through using or searching publicly accessible data;
  • for statistical evaluations or market analyses;
  • for benchmarking;
  • to assert legal claims and for the purpose of defence in the event of legal disputes that are not directly associated with the contractual relationship;
  • to develop scoring systems or automated decision-making processes;
  • for internal and external examinations and/or security checks;
  • for the possible monitoring or recording of telephone calls for quality control and training purposes;
  • to certify matters relating to private law or official matters;
  • to secure and preserve our right to determine who may have access to our premises by means of appropriate measures (e.g. video surveillance, visitor badge).

4. Categories of personal data that we process

The following data are processed:

  • Personal details (name, date of birth, profession/sector and similar data);
  • Contact details (address, e-mail address, telephone number and similar data);
  • Information about your financial situation (credit details including data for assessing economic risk);
  • Supplier history.

We furthermore process personal data from public sources (e.g. internet, media, press, trade and association registers, register of residents, debtor lists, land registers).

Where necessary in order for us to provide our service, we process personal data that we have acquired legally from third parties (e.g. address marketing companies, credit agencies).

5. Who receives your data?

Within our company we pass on your personal data to those departments who require these data to fulfil contractual and statutory obligations and/or to assert our legitimate interest.

Your data may moreover be shared with the following instances:

  • processors contracted by us (Art. 28 GDPR) particularly in areas such as IT services, logistics and printing services, external data centres, support/maintenance of IT applications, document processing, purchasing/procurement, marketing, telephony, audit services, lending institutions, courier services;
  • public authorities and institutions on presentation of a statutory or official order under the terms of which we are obliged to provide information about data, report or share data, or where sharing data is in the public interest;
  • instances and institutions relating to our legitimate interest or the legitimate interest of a third party for the purposes set out in 3.5 above (e.g. authorities, credit agencies, debt collection services, lawyers, courts of law, assessors, Group-owned companies, committees and supervisory authorities);
  • other instances with whom you have authorised us to share your data.

6. Transfer of your data to a third country or an international organisation

Data is transferred to instances in states outside the European Union (EU) and/or the European Eco-nomic Area (EEA) – so-called “third countries” – where necessary for the fulfilment of an order/contract from and/or with you, where this is a statutory requirement (e.g. fiscal reporting obligations), where it is in our legitimate interest (e.g. address book shared by the entire centrotherm Group) or the legitimate interest of a third party to do so, or where you have given us your consent.

The processing of your data in a third country may also be undertaken in connection with the employment of service providers within the scope of order processing. Where the country in question is not covered by a resolution of the EU Commission confirming that an adequate level of data protection is in place there, we shall in accordance with EU data protection requirements ensure by means of suitable contracts that your rights and freedoms are adequately protected and guaranteed. We will provide corresponding detailed information to you on request.

7. For how long do we store your data?

Where necessary we process your personal data throughout the duration of our business relationship. This also includes the initiation and handling of a contract.

We are moreover subject to various retention and documentation obligations arising out of the German Commercial Code (HGB) and the German Fiscal Code. The prescribed retention and/or documentation periods set out therein extend up to ten years beyond the end of the business relationship and/or the precontractual legal relationship.

Finally, the retention period is also defined on the basis of legal statutes of limitation which, for instance, are three years according to Art. 195 ff of the Federal Civil Code (BGB) as a rule, but may also be thirty years in certain cases.

8. To what extent is automated decision-making (including profiling) used in individual cases?

We do not use any purely automated decision-making processes as set out in Art. 22 GDPR. Should we use these processes in individual cases we will notify you separately where this is a legal requirement.

9. Your rights to privacy

You have the right to information (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a data protection authority (Art. 77 GDPR). In principle, Art. 21 GDPR gives you the right to object to our processing of personal data. However this right to object only applies where you can show the existence of very special personal circumstances whereby the rights of our company may override your right to object. Should you wish to exercise one of these rights, please contact our Data Protection Officer.

10. Your obligations in providing us with your personal data

You only need to provide us with those data that are necessary for the provision of your services as a supplier, or those data which we are legally obliged to collect. As a rule, without these data we will not be in a position to conclude a contract with you. Insofar as we request data from you at a later date, you will be informed separately that the provision of such data is voluntary.

11. Information about your right to object – Art. 21 GDPR

You have the right at all times to object to the processing of your data under the provisions of Art. 6 (1) (f) GDPR (processing is necessary for the purposes of a legitimate interest) or Art. 6 (1) (e) GDPR (processing is necessary in the public interest) where grounds exist arising out of your particular situation. This shall also apply to processing for the purposes of profiling in the sense of Art. 4 (4) GDPR.

If you object, your personal data will no longer be processed unless where we can demonstrate compelling legitimate grounds for such processing that override your interests, rights and freedoms, or where the processing serves the establishment, exercise or defence of legal claims.

Your objection can be made by simply writing to the address shown at 1. above.

12. Your right to lodge a complaint with the competent supervisory authority

You have the right to lodge a complaint with the data protection authority (Art. 77 GDPR). The competent supervisory authority in our case is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
70173 Stuttgart
Germany

CUSTOMERS

Privacy Information in accordance with Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)

Data protection is important to us. In the following document, we inform you about how we process your data and what your rights are.

1. Who is responsible for data processing and who can you contact?

centrotherm international AG
Württemberger Str. 31
89143 Blaubeuren
Germany
+49 (0)7344 918-9900
E-Mail

2. Data Protection Officer’s contact details

Daniel Voigtländer
E-Mail

3. Purposes of processing and legal basis

Your personal data are processed in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection requirements. The processing and use of individual data depends on the agreed or requested service. Our contract documentation, forms, consent declarations and other information made available to you (e.g. on our website or in our General Terms and Conditions) contain further details and supplementary information about the purposes for which data are processed.

3.1 Consent – Art. 6 (1) (a) GDPR

If you have given us your consent to the processing of your personal data, that consent provides the legal basis for the processing specified therein. You may withdraw your consent at any time with future effect.

3.2 Fulfilment of contractual obligations – Art. 6 (1) (b) GDPR

We process your personal data to fulfil our contracts with you. Your personal data are furthermore processed to undertake measures and activities within the scope of precontractual relationships.

3.3 Fulfilment of legal obligations – Art. 6 (1) (c) GDPR

We process your personal data where this is necessary for the fulfilment of legal obligations (e.g. commercial or fiscal laws).

Checking identity and age; fraud and money laundering prevention; prevention, combatting and solving of terrorism financing and crimes that jeopardise assets; comparisons with European and international anti-terror lists; fulfilment of fiscal controlling and reporting obligations and the archiving of data for the purposes of data protection and data security and inspection by fiscal and other authorities. It may furthermore be necessary to disclose personal data within the scope of measures imposed by the authorities/courts of law for the purposes of obtaining evidence, criminal proceedings or to enforce claims under civil law.

3.4 Our legitimate interest or that of third parties – Art. 6 (1) (f) GDPR

We can also use your personal data on the basis of an overriding interest, in order to preserve our legitimate interest or the legitimate interest of a third party. This is undertaken for the following purposes:

  • for advertising or market research where you have not refused the use of your data;
  • to obtain information and for the exchange of data with credit agencies where this exceeds our economic risk;
  • for the limited storage of your data where erasure is not possible or would entail disproportionate effort owing to the special nature of that storage;
  • for comparison with European and international anti-terror lists where this extends beyond statutory obligations;
  • for the further development of services and products and existing systems and processes;
  • for the disclosure of personal data within the scope of due diligence, e.g. with regard to the sale of a company;
  • to enrich our data through using or searching publicly accessible data;
  • for statistical evaluations or market analyses;
  • for benchmarking;
  • to assert legal claims and for the purpose of defence in the event of legal disputes that are not directly associated with the contractual relationship;
  • to develop scoring systems or automated decision-making processes;
  • for internal and external examinations and/or security checks;
  • for the possible monitoring or recording of telephone calls for quality control and training purposes;
  • to certify matters relating to private law or official matters;
  • to secure and preserve our right to determine who may have access to our premises by means of appropriate measures (e.g. video surveillance; visitor badge).

4. Categories of personal data that we process

The following data are processed:

  • Personal details (name, date of birth, profession/sector and similar data);
  • Contact details (address, e-mail address, telephone number and similar data);
  • Information about your company’s financial situation (credit details including scoring, i.e. data for assessing economic risk), no financial data about individuals;
  • Customer history.

We furthermore process personal data from public sources (e.g. internet, media, press, trade and association registers, register of residents, debtor lists, land registers).

Where necessary in order for us to provide our service, we process personal data that we have acquired legally from third parties (e.g. address marketing companies, credit agencies).

5. Who receives your data?

Within our company we pass on your personal data to those departments who require these data to fulfil contractual and statutory obligations and/or to assert our legitimate interest.

Your data may moreover be shared with the following instances:

  • processors contracted by us (Art. 28 GDPR) particularly in areas such as IT services, logistics and printing services, external data centres, support/maintenance of IT applications, document processing, purchasing/procurement, marketing, telephony, audit services, lending institutions, courier services;
  • public authorities and institutions on presentation of a statutory or official order under the terms of which we are obliged to provide information about data, report or share data, or where sharing data is in the public interest;
  • instances and institutions relating to our legitimate interest or the legitimate interest of a third party for the purposes set out in 3.5 above (e.g. authorities, credit agencies, debt collection services, lawyers, courts of law, assessors, Group-owned companies, committees and super-visory authorities);
  • other instances with whom you have authorised us to share your data.

6. Transfer of your data to a third country or an international organisation

Data is transferred to instances in states outside the European Union (EU) and/or the European Economic Area (EEA) – so-called “third countries” – where necessary for the fulfilment of an order/contract from and/or with you, where this is a statutory requirement (e.g. fiscal reporting obligations), where it is in our legitimate interest (e.g. address book shared by the entire centrotherm Group) or the legitimate interest of a third party to do so, or where you have given us your consent.

The processing of your data in a third country may also be undertaken in connection with the employment of service providers within the scope of order processing. Where the country in question is not covered by a resolution of the EU Commission confirming that an adequate level of data protection is in place there, we shall in accordance with EU data protection requirements ensure by means of suitable contracts that your rights and freedoms are adequately protected and guaranteed. We will provide corresponding detailed information to you on request.

7. For how long do we store your data?

Where necessary we process your personal data throughout the duration of our business relationship. This also includes the initiation and handling of a contract.

We are moreover subject to various retention and documentation obligations arising out of the German Commercial Code (HGB) and the German Fiscal Code. The prescribed retention and/or documentation periods set out therein extend up to ten years beyond the end of the business relationship and/or the precontractual legal relationship.

Finally, the retention period is also defined on the basis of legal statutes of limitation which, for instance, are three years according to Art. 195 ff of the Federal Civil Code (BGB) as a rule, but may also be thirty years in certain cases.

8. To what extent is automated decision-making (including profiling) used in individual cases?

We do not use any purely automated decision-making processes as set out in Art. 22 GDPR. Should we use these processes in individual cases we will notify you separately where this is a legal requirement.

9. Your rights to privacy

You have the right to information (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a data protection authority (Art. 77 GDPR). In principle, Art. 21 GDPR gives you the right to object to our processing of personal data. However this right to object only applies where you can show the existence of very special personal circumstances whereby the rights of our company may override your right to object.

Should you wish to exercise one of these rights, please contact our Data Protection Officer.

10. Your obligations in providing us with your personal data

You only need to provide us with those data that are necessary for the initiation and performance of a business relationship or a precontractual relationship with us, or those data which we are legally obliged to collect. As a rule, without these data we will not be in a position to conclude or perform the contract. This may also include data that are required later within the scope of the business relation-ship. Insofar as we request data from you at a later date, you will be informed separately that the provision of such data is voluntary.

11. Information about your right to object – Art. 21 GDPR

You have the right at all times to object to the processing of your data under the provisions of Art. 6 (1) (f) GDPR (processing is necessary for the purposes of a legitimate interest) or Art. 6 (1) (e) GDPR (processing is necessary in the public interest) where grounds exist arising out of your particular situation. This shall also apply to processing for the purposes of profiling in the sense of Art. 4 (4) GDPR.

If you object, your personal data will no longer be processed unless where we can demonstrate compelling legitimate grounds for such processing that override your interests, rights and freedoms, or where the processing serves the establishment, exercise or defence of legal claims.

We may also process your personal data for the purposes of direct advertising. If you do not wish to receive advertising, you have the right to object at any time. This also applies to profiling where this is connected with direct marketing. We will observe this objection in the future.

Your data will no longer be processed for the purposes of direct advertising if you object to processing for these purposes.

Your objection can be made by simply writing to the address shown at 1. above.

12. Your right to lodge a complaint with the competent supervisory authority

You have the right to lodge a complaint with the data protection authority (Art. 77 GDPR). The competent supervisory authority in our case is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
70173 Stuttgart
Germany

JOB APPLICANTS (only available in German)

Datenschutzinformation nach Art. 13, 14 und 21 der Datenschutz-Grundverordnung DSGVO 

Datenschutz ist für uns ein wichtiges Anliegen. Nachfolgend informieren wir Sie, wie wir Ihre Daten verarbeiten und welche Rechte Ihnen zustehen.

1. Wer ist für die Datenverarbeitung verantwortlich und an wen können Sie sich wenden?

centrotherm international AG
Württemberger Str. 31
89143 Blaubeuren
07344 918-9900
E-Mail

2. Kontaktdaten des Datenschutzbeauftragten

Daniel Voigtländer
E-Mail 

3. Verarbeitungszwecke und Rechtsgrundlage

Ihre personenbezogenen Daten werden nach den Bestimmungen der Datenschutz-Grundverordnung (DSGVO), dem Bundesdatenschutzgesetz (BDSG) und anderen relevanten Datenschutzvorschriften verarbeitet. Unseren Vertragsunterlagen, Formularen, Einwilligungserklärungen und den anderen Ihnen zur Verfügung gestellten Informationen (z.B. auf der Webseite oder in den Geschäftsbedingungen) können Sie weitere Details und Ergänzungen zu den Verarbeitungszwecken entnehmen.

3.1 Einwilligung (Art. 6 Abs. 1 a DSGVO)

Falls Sie uns eine Einwilligung zur Verarbeitung von personenbezogenen Daten erteilt haben, ist die jeweilige Einwilligung Rechtsgrundlage für die dort genannte Verarbeitung. Sie können Einwilligungen jederzeit mit Wirkung für die Zukunft widerrufen.

3.2 Erfüllung von vertraglichen Pflichten (Art. 6 Abs. 1 b DSGVO)

Wir verarbeiten Ihre personenbezogenen Daten zum Zwecke der Abwicklung des Bewerbungsverfahrens. Die Verarbeitung kann auch auf elektronischem Wege erfolgen. Dies ist insbesondere dann der Fall, wenn Sie Ihre Bewerbungsunterlagen auf dem elektronischen Wege, beispielsweise per E-Mail oder über ein auf der Internetseite befindliches Webformular an uns übermitteln.

3.3 Erfüllung rechtlicher Verpflichtungen (Art. 6 Abs. 1 c DSGVO)

Wir verarbeiten Ihre personenbezogenen Daten, falls dies zur Erfüllung von rechtlichen Verpflichtungen notwendig ist.

4. Kategorien von personenbezogenen Daten die von uns verarbeitet werden

Folgende Daten werden verarbeitet:

  • Name, Vorname
  • Kontaktdaten (wie z.B. Email-Adresse, Anschrift, Telefon-Nr.)
  • Komplette Bewerbungsunterlagen (wie z.B. Lebenslauf, Zeugnisse, Referenzen)

5. Wer erhält Ihre Daten?

Wir geben Ihre personenbezogenen Daten innerhalb unseres Unternehmens an die Bereiche weiter, die diese Daten zur Erfüllung der vertraglichen und gesetzlichen Pflichten bzw. zu der Umsetzung un-seres berechtigten Interesses benötigen.

Darüber hinaus können folgende Stellen Ihre Daten erhalten:

  • von uns eingesetzte Auftragsverarbeiter (Art. 28 DSGVO) insbesondere im Bereich (z.B. IT-Dienstleistungen, Logistik und Druckdienstleistungen, externe Rechenzentren, Unterstützung/Wartung von EDV-/IT-Anwendungen, Belegbearbeitung, Einkauf/Beschaffung, Marketing, Telefonie, Wirtschaftsprüfungsdienstleistung, Kreditinstitute, Kurierdienste);
  • öffentliche Stellen und Institutionen bei Vorliegen einer gesetzlichen oder behördlichen Verpflichtung, nach der wir zur Auskunft, Meldung oder Weitergabe von Daten verpflichtet sind oder die Datenweitergabe im öffentlichen Interesse liegt;
  • Stellen und Institutionen aufgrund unseres berechtigten Interesses oder des berechtigten Interesses des Dritten für im Rahmen der unter Ziffer 3.5 genannten Zwecke (z.B. an Behörden, Auskunfteien, Inkasso, Rechtsanwälte, Gerichte, Gutachter, konzernangehörige Unternehmen, Gremien und Kontrollinstanzen);
  • sonstige Stellen, für die Sie uns Ihre Einwilligung zur Datenübermittlung erteilt haben.

6. Übermittlung Ihrer Daten an ein Drittland oder an eine in-ternationale Organisation

Eine Datenübermittlung an Stellen in Staaten außerhalb der Europäischen Union (EU) bzw. des Europäischen Wirtschaftsraums (EWR), sogenannte Drittländer findet nicht statt.

7. Wie lange speichern wir Ihre Daten?

Schließt der für die Verarbeitung Verantwortliche einen Anstellungsvertrag mit einem Bewerber, werden die übermittelten Daten zum Zwecke der Abwicklung des Beschäftigungsverhältnisses unter Beachtung der gesetzlichen Vorschriften gespeichert. Wird von dem für die Verarbeitung Verantwortlichen kein Anstellungsvertrag mit dem Bewerber geschlossen, so werden die Bewerbungsunterlagen drei Monate nach Bekanntgabe der Absageentscheidung automatisch gelöscht, sofern einer Löschung keine sonstigen berechtigten Interessen des für die Verarbeitung Verantwortlichen entgegenstehen. Sonstiges berechtigtes Interesse in diesem Sinne ist beispielsweise eine Beweispflicht in einem Verfahren nach dem Allgemeinen Gleichbehandlungsgesetz (AGG).

8. Inwieweit gibt es eine automatisierte Entscheidungsfindung im Einzelfall (einschließlich Profiling)?

Von uns werden keine rein automatisierten Entscheidungsverfahren gemäß Artikel 22 DSGVO eingesetzt. Sollten wir diese Verfahren in Einzelfällen einsetzen, werden wir Sie hierüber gesondert informieren, sofern dies gesetzlich vorgegeben ist.

9. Ihre Datenschutzrechte

Sie haben das Recht auf Auskunft nach Art. 15 DSGVO, das Recht auf Berichtigung nach Art. 16 DSGVO, das Recht auf Löschung nach Art. 17 DSGVO, das Recht auf Einschränkung der Verarbeitung nach Art. 18 DSGVO sowie das Recht auf Datenübertragbarkeit nach Art. 20 DSGVO. Darüber hinaus besteht ein Beschwerderecht bei einer Datenschutzaufsichtsbehörde (Art. 77 DSGVO). Grund-sätzlich besteht nach Artikel 21 DSGVO das Widerspruchsrecht gegen die Verarbeitung von personenbezogenen Daten durch uns. Dieses Widerspruchsrecht gilt allerdings nur bei Vorliegen ganz besonderer Umstände Ihrer persönlichen Situation, wobei Rechte unseres Hauses Ihrem Widerspruchsrecht ggf. entgegenstehen können. Falls Sie eines dieser Rechte geltend machen wollen, wenden Sie sich bitte an unseren Datenschutzbeauftragten.

10. Umfang Ihrer Pflichten, uns Ihre Daten bereitzustellen

Sie stellen nur diejenigen Daten bereit, die für den Bewerbungsprozess erforderlich sind. Ohne diese Daten werden wir in der Regel nicht in der Lage sein, mit Ihnen einen Arbeitsvertrag zu schließen. Sofern wir darüber hinaus Daten von Ihnen erbitten, werden Sie auf die Freiwilligkeit der Angaben gesondert hingewiesen.

11. Ihr Beschwerderecht bei der zuständigen Aufsichtsbehörde

Ihnen steht ein Beschwerderecht bei der Datenschutzaufsichtsbehörde zu (Art. 77 DSGVO). Die für uns zuständige Aufsichtsbehörde ist:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Königstrasse 10 a
70173 Stuttgart