§ 1 INFORMATION ABOUT
THE COLLECTION OF PERSONAL DATA
(1) The following
information concerns the collection of personal data while using this website.
Personal data are all data that can be personally related to you, e.g. name,
address, email addresses, user behaviour.
(2) The
responsible officer pursuant to Article 4 (7) EU General Data Protection
Regulation (GDPR) is Kistenmacher Auto + Technik GmbH & Co. KG,
Lindenstraße 2-10, 21244 Buchholz, Tel. +49 (0)4181 990540, Mail:
kat@kat-germany.de
. You can contact our data protection officer Jens Borchardt, LL.M. (IT&T) at j.borchardt@schlutius-privacy.de or at our postal address with the addition "Data protection officer".
(3) When you contact us
by email or using a contact form, the data you give us (your email address,
your name and phone number if applicable) is stored by us in order to answer
your question. When storage is no longer necessary, we will delete the
applicable data or restrict the processing of it if legal retention
requirements apply.
(4) If we use
contracted service providers for individual functions of our web-based
services, or if we wish to use your data for advertising purposes, we will
inform you below in detail about the respective processes, naming the defined
criteria for storage duration.
§ 2 YOUR RIGHTS
(1) You have the
following rights towards us with regard to your personal data:
- Right to information,
- Right to correction or deletion,
- Right to restriction of processing,
- Right to refusal of processing,
- Right to data portability.
(2) You also have the
right to lodge a complaint about our processing of your personal data with a
data protection authority.
§ 3 COLLECTION OF
PERSONAL DATA WHEN YOU VISIT OUR WEBSITE
(1) If you are only
using the website for information and do not register or transmit information
to us in any other way, we only collect the personal data which your browser
transmits to our server. If you wish to view our website, we collect the following
data that are technically necessary for us to display our website to you and
guarantee its stability and security (the legal basis is Article 6 (1) sentence
1 lit. f GDPR):
- IP address – Date and time of the enquiry
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status / HTTP status code
- Quantity of data transferred in each case
- The website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.
(2) In addition to the
data mentioned above, cookies are stored on your PC when you use our website.
Cookies are small text files that are saved on your hard drive in association
with the browser you use and through which particular information is
transmitted to the location setting the cookie (in this case by us). Cookies
cannot run programmes or transmit viruses to your computer. They serve to make
the internet presence more user-friendly and effective in general.
§ 4 OTHER FUNCTIONS AND
OFFERS ON OUR WEBSITE
(1) As well as the
purely informational use of our website, we offer various services that you may
use if they interest you. To do so, you must generally provide further personal
data, which we use in order to provide the respective service and to which the
above-mentioned principles of data processing apply.
(2) We sometimes use
external service providers to process your data. They have been carefully
selected and commissioned by us, are bound to our instructions and are regularly
monitored.
(3) We can also pass
your personal data on to third parties if we offer special offer participation,
lotteries, contract conclusions or similar services together with partners. You
can find more information about this if you enter your personal data or below
in the description of the offer.
(4) If our service
providers or partners are located in a country outside the European Economic
Area (EEA), we will inform you about the consequences of this in the
description of the offer.
§ 5 REVOCATION OR
WITHDRAWAL OF CONSENT TO THE PROCESSING OF YOUR DATA
(1) If you have agreed
to the processing of your data, you can revoke this at any time. After you have
pronounced it to us, the revocation influences the permissibility of processing
your personal data.
(2) If we base the
processing of your personal information on consideration of interests, you can
revoke your consent to processing. This is the case, in particular, if
processing is not necessary for fulfilment of a contract with you, which is
always outlined by us in the subsequent description of the functions. When
exercising the right of revocation, we ask you to cite the reasons why we
should not process your personal information as we have previously done. In the
case of a justified revocation, we will examine the situation and either stop
or adjust the data processing or convey to you our protection-worthy and
necessary reasons for continuing the processing.
(3) Of course, you can
revoke consent to the processing of your personal data for advertising and data
analysis purposes at any time. You can inform us of your advertising revocation
at the following contact points: info@schlutius-privacy.de.
§ 6 USE OF SOCIAL MEDIA
PLUG-INS
(1) We currently use
the following social media links: Facebook, YouTube, LinkedIn.
(2) We have no
influence on the data captured or the data processing procedures, nor do we
know the entire scope of data collection, the purpose of processing or the
retention periods. We also have no information about the deletion of the
collected data by the linked provider.
(3) You can find more
information about the purpose and scope of data collection and processing by
the plug-in provider in their data protection statements, which are given
below. You can also find further information there on your rights in this
regard and the setting options to protect your privacy.
(4) Addresses of the
respective plug-in providers and URLs with their data protection notices:
a) Google Ireland
Limited, Gordon House, Barrow Street, Dublin 4, Irland
b) Facebook Ireland
Limited, 4 Grand Canal Square, Dublin 2, Ireland
Facebook Ireland Limited ist ein nach irischem Recht registriertes Unternehmen.
Handelsregisternummer: 462932
c) LinkedIn
Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA;
http://www.linkedin.com/legal/privacy-policy. LinkedIn has committed to the
EU-US-Privacy-Shield,
https://www.privacyshield.gov/EU-US-Framework
.
§ 7 USE OF YOUTUBE
This website uses the
Youtube embedding feature to watch and play videos from Youtube. We use the
advanced privacy mode, which, according to the vendor, does not start storing
user information until the video plays. The moment the embedded video begins playing,
Youtube uses cookies to gather information about user behavior.
According to Youtube,
this includes capturing video statistics, improving usability, and preventing
abusive practices.
Regardless of how the
embedded video plays, each visit to this site will connect to the DoubleClick
Google Network, potentially causing further data processing without our having
any influence over it.
§ 8 USE OF DATA
WHEN USING OUR SOCIAL MEDIA CHANNELS
When you our profiles
in social networks to contact us, we process the following personal data: your
name, your IP address, the date and time of the request, the time zone
difference to Greenwich Mean Time (GMT).
The legal basis for
processing this data is Art. 6 Para. 1 lit. b, f GDPR.
If you use our profiles
in social networks to contact us (e.g. by creating your own posts, responding
to one of our posts or sending us private messages), the data you provide to us
will be used by us exclusively for this purpose processed to be able to contact
you. The legal basis for data collection is therefore Article 6 Paragraph 1
lit. a) and b) GDPR. We delete stored data as soon as it is no longer necessary
to store it or you ask us to delete it; In the case of statutory retention
requirements, we limit the processing of the stored data accordingly.
§ 9 USE OF APPLICANT
AND EMPLOYEE DATA
(1) In order to
establish, conduct and terminate the employment relationship, we collect and
process information (both in paper format and in digital form).
a) These data may
essentially include:
-
Master data (name,
academic title, address, date and place of birth, gender, personnel
number)
-
marital status,
children, religion and nationality
-
contract data
(type of employment, level of employment, start / end of employment)
-
organizational
data (job title, supervisor, location, management level)
-
wage and salary
payment data (basic salary, variable salary components, surcharges, tariff
classification, tax code, payslip data, bank details, information on
social security, information on wage garnishment)
-
Performance data (assessments)
-
Business contact and communication data
-
Profile data,
certifications, information on school and vocational training, completed
training courses for further education and qualification, language skills,
other qualifications such as primary, disaster, fire and evacuation
helpers
-
working hours,
absenteeism, holidays, travel and travel time, exemptions (paid, unpaid,
maternity and parental leave)
-
Permissions
(access rights and access bookings, access rights to IT systems and data
processing procedures, protocol data on the use of communication and data
processing systems, photographs, video surveillance recordings)
-
Ergonomic data on
workplace equipment and workplace design, equipment used and company
property used by you
-
Applicant data
(application, CV, certificates, evidence of education and training,
diplomas)
-
Possibly. previous
values of the aforementioned data (history data)
b) Rarely can
information on health and occupational reintegration management, disability
status and other workplace-relevant health data be included, as far as they
relate to employment.
c) In addition,
organizational data and administrative information about your position and the
workplace as well as log data on the operation and use of data processing systems
and data processing procedures are collected and processed. It is necessary to
provide data for the employment relationship and the use of the IT systems.
Without the processing of employee data, the employment relationship can not be
carried out.
(2) We collect, process
and use your personal information solely for employment purposes and for
business purposes permitted by our business, which are related to your role and
function in our business.
a) These include:
-
Processing of applications
-
justification,
implementation and termination of the employment relationship
-
Exercise and
fulfillment of the rights and obligations of employees' interests arising
from a law, collective agreement or works agreement
-
detection of
possible crimes committed by employees in the employment relationship
-
Performance determination and performance
management
-
Fee calculation and payroll
-
Human Resources,
Personnel Planning, Personnel Management, Personnel Development and
Training
-
Compliance with
legal requirements, eg. B. according to labor law, tax law and social
security law
-
Internal administrative and organizational
purposes
-
Ensuring the
security and protection of processing methods and data from unauthorized
access, falsification and unauthorized use
-
Protecting the
company's assets, assets and assets from theft and other damage
b) Your data will be
processed for purposes other than those mentioned only to the extent that such
processing is compatible with the purposes of the employment relationship. We
will inform you about such processing of your data about this processing and,
if necessary, obtain your consent.
Consent will not give
you any disadvantages.
(3) Your personal data
will only be transmitted or disclosed to external parties to the extent
required by law or required to fulfill the contract of employment concluded
with you (eg to tax and social security authorities, banks, auditors).
Your personal data may
also be transmitted to service companies for the purpose of performing data
processing tasks, e.g. B. to carry out the automated personal data processing
or payroll.
We
will observe the data protection regulations.