The party responsible in accordance with data-protection law is:

Dockweiler AG
An der Autobahn 10/20
19306 Neustadt-Glewe, Germany

+49 38757 58 0
info@dockweiler.com

 

The contact details of the data-protection officer of Dockweiler AG are as follows:

Jennifer Jähn-Nguyen
datenschutz nord GmbH
Sechslingspforte 2
22087 Hamburg

Web: www.datenschutz-nord-gruppe.de
E-Mail: office@datenschutz-nord.de

 

This version: January 2021

 

1.            Basic information regarding data processing and its legal basis

1.1.        This data-privacy statement explains the type, scope and purpose of the personal information that we process as part of the online activity of our websites and associated sites and their functions and content (hereinafter commonly referred to as “online activity” or “website”). The data-privacy statement applies regardless of the web domains, systems, platforms and/or devices (e.g. desktop or mobile) on which the online activity takes place.

1.2.        Terms such as “personally identifiable data” or “data-processing”, are employed as defined in article 4 of the General Data Protection Regulation (GDPR).

1.3.        The processing of these personally identifiable data belonging to site users includes such information as the names and addresses of customers, along with usage data (e.g. the pages visited on our website, and interest shown in our products) and content-related data (such as those found in completed contact forms).

1.4.        The term “user” includes all categories of persons likely to be affected by data-processing. These include business associates, customers, interested parties and other visitors to our website. If terms like “user” are employed in conjunction with “he”, “his” or “him”, etc., they are understood to refer to either gender.

1.5.        We process all personally identifiable user-data in full compliance with the applicable data-protection regulations. The processing of user-data is therefore exclusively subject to the corresponding legal consent. This means in particular that data-processing for the provision of our contractual services (e.g. the processing of orders), as well as online services or as required by law, requires the informed consent of the user concerned, as does the exercising of our legitimate interests (with respect to the analysis, optimization, commercial operation and online security of our website within the meaning of art. 6, sect. 1, subsection f of the GDPR, with particular reference to audience measurement and the creation of profiles for advertising and marketing purposes, as well as the collection of access data and use of third-party services).

1.6.        Please note that the legal basis of consent is art. 6, sect. 6, subsection 1, para. a; and art. 7 of the GDPR; the legal basis of our order-fulfilment processes and the implementing of contractual measures is art. 6, subsection 1, para. b of the GDPR; the legal basis for processes designed to fulfil our legal obligations is art. 6, subsection 1, para. c of the GDPR; and the legal basis of processes designed to protect our legitimate interests is art. 6, subsection 1, para. f of the GDPR.

 

2.            Security measures

2.1.        We implement organizational, contractual and technical security measures in conformity with the latest standards in order to ensure compliance with the provisions of data-protection legislation and to ensure that the data that we process are protected against accidental or intentional manipulation, loss, destruction and access by unauthorized persons.

2.2.        Specific security measures in this respect include the encrypted transfer of data between your browser program and our server.

 

3.            Disclosure of data to external service-providers and other third parties

3.1.        All disclosure of data to third parties is strictly subject to the corresponding legislation. We only disclose data to third parties on the legal basis of, for example, art. 6, subsection 1, para. b of the GDPR (contractual purposes) or art. 6, subsection 1, para. f of the same regulation (legitimate interests relating to the economic and effective management of our business operations).

3.2.        Whenever we use subcontractors to deliver our services, we take appropriate legal steps and apply suitable technical measures to ensure the personally identifiable data are protected in accordance with relevant statutory provisions.

3.3.        If and insofar as this data-privacy statement refers to content, online tools or other resources provided by outside suppliers (referred to hereinafter collectively as “third parties”) whose registered place of business is in a third country, it will be assumed that transfers of data will take place in the country or territory of that registered place of business. The term “third countries” is understood to refer to territories where the GDPR has no direct legislative application, with particular reference to countries outside the European Union (EU) and/or the European Economic Area (EEA). The transfer of data to third countries shall be subject to the existence of an adequate level of data protection, user consent or legal permission.

 

4.            Contact procedures

4.1.        Whenever a user contacts us (via an online contact form or by e-mail), that user’s details are processed as part of the corresponding enquiry and its resolution in accordance with art. 6, subsection 1, para. b) of the GDPR.

4.2.        The user’s data may be saved to our customer-relationship management (CRM) system or a similar enquiry-management system.

4.3.        We use “C4C” (SAP Hybris Sales Cloud / SAP Cloud for Customer), a CRM system supplied by SAP.

4.4.        Contact in the application process: We process your personal data in accordance with the applicable data protection regulations on the basis of § 26 (1) BDSG and the DSGVO. We process the data that you disclose to us as part of your online application exclusively for the purpose of applicant selection, i.e. for the decision on the establishment of an employment relationship with you. Data processing for other purposes does not take place.

You determine the scope of the data that you wish to transmit to us as part of your online application. Online applications are transmitted electronically to our HR department and processed there as quickly as possible. The transmission is encrypted. As a rule, applications are forwarded to the heads of the relevant departments in our company. Your data will not be passed on beyond this. Your data will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 6 months.

 

5.            Collection of access data and log files

5.1.        We maintain server log files, on the legal basis of our legitimate interest as defined in art. 6, subsection 1, para. f of the GDPR, to track all access to the server used to host the service concerned. These access data include the names of retrieved web pages, files, access dates and times, amounts of data transferred, confirmations of successful retrieval, browser program types and versions, each user’s operating system, the corresponding referrer URL (i.e. the previously visited website), IP addresses and the name of the corresponding ISP (Internet service provider).

5.2.        Log-file data are retained for security reasons (e.g. for the investigation of misuse or fraud) for a maximum of seven days, and are then deleted. If data are required for the purposes of evidence, their deletion may be delayed until the incident concerned has been definitively dealt with.

 

6.            Cookies and audience measurement

6.1.        Cookies are pieces of information that our web server or third-party web servers transfer to the user’s web browser program for storage and later retrieval. Cookies may take the form of small files or other types of saved information.

6.2.        We use so-called “session cookies”, which are only stored for the duration of your current visit to our website (e.g. in order to store your login status or to allow the “shopping cart” function to work, and thus allow you to use our online services as a whole). Each session cookie contains a unique, randomly generated identification number, known as the “session ID”. The cookie also contains information on its origin and its storage period. These cookies cannot store any other type of data. Session cookies are deleted as soon as you leave our website, e.g. by logging out or closing your browser program.

6.3.        You will be notified accordingly, in accordance with this data-privacy statement, whenever cookies are used to compile pseudonymous audience-measurement figures.

6.4.        If you do not want cookies to be saved to your computer, please disable the corresponding feature in your browser program’s system settings. You can also delete previously saved cookies by going to the system settings of your browser program. The disabling of cookies can however lead to certain restrictions on the features and functions of our website.

6.5.        If you wish to disable cookies used for audience-measurement and advertising purposes, please go to the opt-out page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and also the United States version of the website  (http://www.aboutads.info/choices)  or the European website  (http://www.youronlinechoices.com/uk/your-ad-choices/) to register your opt-out.

 

7.            Cookie Consent with Consent Manager Provider
7.1.        Our website uses the cookie consent technology of MANDARIN MEDIEN Gesellschaft für digitale Lösungen mbH to obtain your consent to the storage of certain cookies on your terminal device and to document this in accordance with data protection law. The provider of this technology is MANDARIN MEDIEN Gesellschaft für digitale Lösungen mbH, Mueßer Bucht 1, 19063 Schwerin, Germany, https://www.mandarin-medien.de/ (hereinafter "Consent Manager Provider").

7.2.        When you enter our website, a connection is established to the servers of MANDARIN MEDIEN in order to obtain your consents and other declarations regarding cookie use. Subsequently, MANDARIN MEDIEN stores a cookie in your browser in order to be able to assign the consents granted to you or their revocation. The data collected in this way is stored until you request us to delete it, delete the MANDARIN MEDIEN cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.

7.3.        The use of the Consent Manager of MANDARIN MEDIEN takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

7.4.        CONTRACT DATA PROCESSING AGREEMENT
We have concluded an order processing contract with MANDARIN MEDIEN. This is a contract required by data protection law, which ensures that MANDARIN MEDIEN Gesellschaft für digitale Lösungen mbH only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO.

8.            Google Analytics

8.1.        Acting on the basis of our legitimate interest (i.e. with respect to the analysis, optimization and commercial operation of our website within the meaning of art. 6, sect. 1, subsection f of the GDPR), we employ Google Analytics, a web-analysis service supplied by Google Inc. (hereinafter “Google”). Google uses “cookies”. The information collected by cookies on your usage of this website is transferred to and stored on a server owned by Google and located in the United States of America.

8.2.        Google is certified under the terms of the Privacy Shield Framework, which means that it undertakes to observe European data-protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

8.3.        Google will use this information on our behalf to evaluate how you use our website, and also to compile reports on website activity and provide as with further information regarding the use of this website and Internet-related services. The data so obtained may be used to compile pseudonymous user-profiles.

8.4.        We only use Google Analytics in conjunction with the IP anonymization function. This means that Google will save your IP address in a truncated (abbreviated) form within a member state of the European Union or a state subscribing to the agreement governing the European Economic Area. Only in exceptional cases will a full IP address be transferred to a Google server in the USA and truncated there.

8.5.        The IP address obtained from your web browser program will not be linked to any other data held by Google. You can disable the saving of cookies by configuring the settings of your browser software accordingly. You can also prevent cookie-generated information and other information on your use of the website being transferred to or processed by Google. To do so, you will need to download and install the corresponding browser plug-in, available from: https://tools.google.com/dlpage/gaoptout?hl=en.

8.6.        For further information on how Google uses your information, and your options regarding system settings and opposition to this, please go to the corresponding Google websites: https://policies.google.com/technologies/partner-sites?hl=en-GB (“How Google uses information from sites or apps that use our services”), https://policies.google.com/technologies/ads?hl=en-GB (“How Google uses cookies in advertising”), http://www.google.de/settings/ads (“Controlling the information that Google uses to display advertising to you”).

 

Google Analytics Remarketing

Our websites leverage the features of Google Analytics Remarketing combined with the cross-device capabilities of Google Ads and the Google Marketing Platform. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

This feature allows the Google Analytics Remarketing ad groups to be linked to the cross-device features of Google AdWords and Google DoubleClick. In this way, interest-based, personalised advertising messages that have been customised to you based on your previous usage and surfing behaviour on one device (e.g. mobile phone) can also be displayed on another of your devices (e.g. tablet or PC).

Once you have given your consent, Google will link your web and app browsing history to your Google Account for this purpose. That way, the same personalised advertising messages can appear on any device you sign in to with your Google Account.

To support this feature, Google Analytics collects Google-authenticated IDs from users who are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.

You can permanently opt out of cross-device remarketing/targeting by disabling personalised advertising in your Google Account; to do so click on this link: https://www.google.com/settings/ads/onweb/

The aggregation of the data collected in your Google Account is subject to your consent alone, which you can provide or revoke at Google (Article 6 (1) (a) GDPR). The collection of data for data collection operations that are not merged into your Google Account (e.g. because you do not have a Google Account or have objected to it being merged) take place subject to Sec. 6 (1) (f) GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymous analysis of website visitors for advertising purposes.

For more information and the data protection provisions, please see the Google privacy policy at: https://www.google.com/policies/technologies/ads/ 

 

9.            Newsletter

9.1.        This section clarifies the contents of our newsletter, subscriptions to it, its dispatch procedures, its corresponding statistical evaluation processes, and how you can exercise your right to oppose such procedures. You confirm, by subscribing to our newsletter, your consent to receiving it and to the application of the procedures concerned.

9.2.        Newsletter contents: we send out newsletters, emails and other electronic messages containing advertising information (referred to collectively herein after as “newsletters”), subject exclusively to the consent of the recipient or corresponding legal permission. Newsletter subscribers consent to receiving information specifically defined as forming part of such newsletters. Our newsletters also contain information regarding our products, offers, promotions and our company.

9.3.        Double opt-in and logging procedure: subscriptions to our newsletters follow a so-called “double opt-in” procedure. This means that you will receive an e-mail asking you to confirm your subscription. This confirmation prevents anyone logging on from a different e-mail address. A record is kept of newsletter subscriptions in order to fulfil the legal requirements of the log-on procedure. These include storage of the corresponding log-on data, the time and date of confirmation and the user’s IP address. In the same manner, any changes made your details will be saved by the provider of dispatching services.

9.4.        Dispatching service provider: newsletters are dispatched using “Serial Mail”, an online platform supplied for the purpose by JAM Software GmbH, of Am Wissenschaftspark 26, 54296 Trier, Germany. For details of this service provider’s data-protection provisions, please go to: https://www.jam-software.de/company/privacy.shtml.

9.5.        This service provider likewise confirms that it saves information in anonymous form (i.e. without assigning a user to it), in order to optimize and improve its services with respect, for example, to the technical optimization of its dispatch procedures and the presentation of the newsletter, and also to evaluate statistics on the countries where addressees are based. The dispatching service provider does not however use the details of our newsletter addressees for its own purposes, and does not disclose them to any third party.

9.6.        Subscription details: if you wish to subscribe to our newsletter, you merely need to provide us with your e-mail address. The “name” option allows us to address the newsletter to you personally.

9.7.        Our engaging of a dispatching service provider, implementation of statistical surveys and analysis and logging of subscription procedures are all subject to the “legitimate interest” provisions of art. 6, sect. 1, subsection f of the GDPR. Our interest in this respect is focused on the deployment of a user-friendly and secure newsletter system designed to serve users’ expectations and our commercial interests in equal measure.

9.8.        Termination/cancellation: you can cancel your newsletter subscription at any time by withdrawing your consent to receiving it. This will also cancel your consent to the dispatching service provider and corresponding statistical analysis. It is unfortunately impossible to cancel your newsletter subscription and your consent to statistical analysis as separate items. Please go to the end of any issue of the newsletter to find the corresponding “cancellation” link. The personally identifiable data of users who are only registered as newsletter subscribers will be deleted as soon as they cancel their subscription.

 

10.            Integration of third-party services and content

10.1.        Our website includes on-screen buttons offering access to social media websites. In order to protect your data, these buttons are included in graphic format only, with an embedded link to let you access the website concerned. Clicking on any of these graphic buttons will forward you to the corresponding service provider. Your data will not be sent to the service provider concerned until you do so. If you do not click on a graphic element, there will be no exchange of data between you and the provider of the “social media” button concerned. For details of how social media networks collect and use your data, please consult the terms and conditions of use of the service provider concerned.

10.2.        Our website contains social-media buttons with links to the following organizations:

• XING button, corresponding to XING SE, of Dammtorstrasse 30, 20354 Hamburg, Germany. For details of XING’s data-protection policy, please go to https://privacy.xing.com/en/privacy-policy
• LinkedIn button, corresponding to LinkedIn Ireland Unlimited Company, of Wilton Place, Dublin 2, Ireland. For details of LinkedIn’s data-protection policy, please go to: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
• YouTube button, corresponding to Google Inc., of 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“YouTube”). For details of Google’s data-protection policy, please go to https://developers.google.com/+/web/buttons-policy

10.3.        Participation in surveys:

• To conduct surveys on our website, we use the services of SurveyMonkey Europe UC, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland. When you voluntarily participate in this survey, SurveyMonkey collects information about the device and application you use to participate in the survey. This includes your IP address, operating system version, device type, system and performance information, and browser type. If you are participating in the survey through a mobile device, SurveyMonkey also collects the UUID of the device. SurveyMonkey also uses third-party tracking services, which in turn use cookies and page tags (also known as web beacons) to collect usage and user statistics. We have no control over the amount of information SurveyMonkey collects. For more information about cookies used by SurveyMonkey, privacy and retention periods, please visit https://www.surveymonkey. de/mp/legal/privacy-policy/#pp-section-10.
• You can prevent the installation of cookies by deleting existing cookies and disabling cookie storage in your web browser settings. Please note that in this case you may not be able to use all functions of our website to their full extent.
• We use SurveyMonkey to provide you with surveys. For this purpose, we have a legitimate interest in processing the aforementioned data, which is based on Art. 6 para. 1 lit. f) EU-GDPR.
• SurveyMonkey Europe UC is a subsidiary of SurveyMonkey Inc., based in the United States. It is not excluded that your data collected by SurveyMonkey may also be transferred to the USA. However, SurveyMonkey Inc. has signed the Privacy Shield Agreement between the European Union and the United States and is certified to comply. SurveyMonkey is therefore committed to complying with the standards and regulations of European data protection law.
• or more information about the EU Privacy Shield and its validity, please visit https://www .privacyshield.gov/participant?id=a2zt0000000Gn7zAAC&status=Active.

 

 

11.          Rights of users

11.1.      Users have the right to request and receive, free of charge, information about the personal data that we retain on file.

11.2.      Users also have the right to amend incorrect data, restrict its processing and delete personally identifiable data and, where applicable, assert their rights to data portability and, if there is any suspicion of unlawful data-processing, to file a complaint with the competent supervisory authority.

11.3.      Users may also withdraw their consent with future effect.

 

12.          Deletion of data

12.1.      Data that we hold on file will be deleted as soon as they are no longer required for their intended purpose, provided there are no statutory retention obligations the contrary. Restrictions apply to the processing of user data that are not deleted for purposes permitted by law (i.e. the data concerned are blocked, and cannot be used for other purpose). This applies, for example, to user data that need to be retained for commercial or tax-related purposes.

12.2.      The statutory retention period is six years, in accordance with article 257, sect. 1 of the HGB, the German Commercial Code, (covering trading books, inventory, opening balances, financial statements, business correspondence, accounting entries, etc.), and ten years as established in article 147, sect. 1 of “AO”, the German tax code (covering accounts, records, status reports, voucher entries, commercial and trade correspondence and tax -related documents, etc.).

 

13.          Right to object

Users may at any time exercise their statutory right to cancel the future processing of their personally identifiable data. This opposition may refer in particular to processing for the purposes of direct marketing.

 

14.          Amendments to the data-privacy statement

14.1.      We reserve the right to amend this data-privacy statement for the purposes of conformity with changing legal aspects, or to adapt it to changes made to services or data-processing procedures. However, this only applies to statements concerning data processing. Changes shall be exclusively subject to user consent whenever such user consent is required or if any provision of the data-privacy statement affects our contractual relationship with users.

14.2.      Users are asked to examine the contents of our data-privacy statement at regular intervals.