Privacy Policy

1. An overview of data protection

General

The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data collection on our website

Who is responsible for the data collection on this website?

The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.

How do we collect your data?

Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.

Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?

You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website

The party responsible for processing data on this website is:

Max Schlatterer GmbH & Co. KG
Robert-Bosch-Str. 9
89542 Herbrechtingen

Telephone: +49 7324 150
Email: info@esband.de

represented by Thomas Beckh, Jens Färber and Stefan Renner.

Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: http://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “http://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Encrypted payments on this website

If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.

Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “http://” and the lock icon in your browser line is visible.

In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.

Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Notice for applicants: Your application documents will be deleted six months after the end of the application process.

Opposition to promotional emails

We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

3. Data protection officer

Statutory data protection officer

We have appointed a data protection officer for our company.

Herr Frank Grossmann
Grossmann GmbH
Hauptstraße 54
89160 Dornstadt

https://grossmann-datenschutz.de/
Email: mail@grossmann-datenschutz.de

4. Data collection on our website

Cookies

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address

These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Contact form

Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

Registration on this website

You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.

To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.

We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Processing of data (customer and contract data)

We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.

Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

Data transmitted when entering into a contract with online shops, retailers, and mail order

We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.

The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

5. Information for applicants

On our website we provide the possibility to apply on vacancies or to apply initiatively. This can be done via email or an online application form.

Please note that the data transfer is not necessarily secure when applying via email. Therefore, please make sure to encrypt your message or the attachment with your application documents (for example as a zip file with a password – you will find a tutorial here: https://www.heise.de/tipps-tricks/ZIP-Archiv-mit-einem-Passwort-schuetzen-So-geht-s-3907870.html). Please contact us, if you need further information about the possibilities of sending encrypted messages. The transfer of information that you attach via our online application system is always encrypted.

1. a) Purposes of processing personal data: management of the application process, decision about the conclusion of a contract of employment. Furthermore, we use the data for the assertion and prevention of legal claims (legal basis for the latter: Art. 6 Sec.1 f GDPR).
2. b) Description of the persons affected and the corresponding data or data categories:

Applicant details: surname, name, address, contact data, date of birth, sex, preferred working hours, certificates of education as well as ZÜP result.

Voluntarily provided data: photo, information about the status of severe disability, family status, information about children, bank account (in case of entitlement to refunds of travel expenses), internships, hobbies and salary expectations.
Statements regarding the status of severe disability refer to a special category of personal data (Art. 9 GDPR) and are obviously particularly secured.

1. c) Legal basis for the data processing: Art. 6 Sec. 1 b GDPR, where being explicitly identified, and also Art. 6 Sec.1 c and f GDPR.

Recipients or categories of recipients of personal data:
HR department and superior of the position applied to as well as the Business Development Department, the management board and possibly employees of the Shipping Department. The application system “Bewerber3” operates on our server (on premises). A transfer of the data to third parties will only be made within the scope of contract data processing of our service providers.

Furthermore, your personal data will be checked if you comply with the European Sanctions list before the conclusion of a contract of employment. That means that a software will compare your name and surname as well as your address to the status data of the Sanctions lists. In case of a complete or partial conformity with the Sanctions lists, the Shipping Department will receive a notification to perform a manual check in order to verify the results of the software. This serves primarily to conclude a contract of employment with the applicants and secondarily to fulfil a legal obligation that we have to maintain (Art. 6 Sec. 1 c GDPR, as legal regulations forbid the provision of financial means including the payment of the salary to persons listed on corresponding Sanctions lists). Based on the Art. 6 Sec. 1 f GDPR the Sanctions lists will be checked by a software named ANTON (software producer: ANTON Software GmbH | Marie-Curie-Str. 3 | 37079 Göttingen). Besides our check with the Sanctions lists of the EU, we also check Sanctions lists published by the US. It is our legitimate interest to avoid any trade problems with the US as we perform business activities in this country.

Your personal data will only be forwarded to third parties where we are legally obliged to do so (based on Art. 6 Sec. 1 c GDPR) and if necessary the data will be forwarded to lawyers and tax consultants based on the legal basis of Art. 6 Sec. 1 c GDPR or rather Art. 6 Sec. 1 f GDPR. When it comes to forwarding your personal data to lawyers, it is our legitimate interest to exercise, assert or defend legal claims. When it comes to forwarding your personal data to external tax consultants, it is our legitimate interest to meet our tax obligations properly.

1. d) There is no intension to forward personal data to a third country or to an international organization; except for the examination according to the US Sanctions list (see section c above). The data security and an appropriate level of data protection (European standard contractual clauses or “Privacy Shield”) are guaranteed.
2. e) Period of time concerning saving personal data or – if not possible – factors for the determination of the period of time: in case of no conclusion of a contract of employment, the stored data will be deleted 6 months after completion of the application process. In case of concluding a contract of employment, your application documentation will be stored as part of the personnel records. You will be informed separately about the following usage of the data in your contract of employment.
3. f) The provision of personal data is not required by law or contract. Nevertheless, it is necessary to indicate the personal data for the conclusion of a contract of employment. You are not obliged to provide us with the personal data. If your personal data are not made available to us, we cannot take your application into account within our application process.
4. g) The decision making is not automated.
5. h) You have the right to demand information about your personal data as well as correction or deletion or limitation of usage. If the prerequisites are fulfilled, you have the right to object the processing of your data. Please note that you also have the right of transferring your data. That means that you have the right to receive your personal data in a structured, up-to-date and machine-readable format and you have the right to transfer your personal data to other responsible persons without obstacles from our side. You are entitled to contact the responsible data protection authority in order to complain. (Please also compare the information from section 2 regarding your rights as well as the responsible supervisory authority).
6. i) Right of objection

You have the right at all time, for reasons relating to your particular situation, to file an objection against the use of your personal data according to Art. 6 1 f GDPR published on the 25/05/2018.

In this case we do not process your personal data unless we can provide compelling and legitimate reasons for processing your personal data that outweigh your interests, rights and freedoms or it serves the processing, establishment, execution or defense of legal claims.

6. Analytics and advertising

Matomo

Type and scope of processing

We use the open source software tool Matomo (formerly PIWIK) on our website. The software sets a cookie in your browser (for cookies, see above). If individual pages of our website are accessed, the following data is stored

• Two bytes of the IP address of the user’s accessing system (anonymised IP address)
• The website accessed
• The website from which the user accessed the website (referrer)
• The subpages that are accessed from the accessed website
• The time spent on the website
• The frequency with which the website is accessed

The software runs exclusively on the servers of our website. Your personal data is only stored there. The data is not passed on to third parties.

Purpose and legal basis

We process your data with the help of the Matomo analysis software for the purpose of evaluating the use of individual components and content of our website on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. You give your consent by setting the use of cookies (cookie banner / Consent Manager), with which you can also declare your revocation at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR. There is no legal or contractual obligation to provide your data. If you do not give us your consent, you can visit our website without restriction, but not all functions may be fully available.

Storage period

The specific storage period of the cookies set is 13 months.

7. Plugins and tools

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under http://www.google.de/intl/de/policies/privacy.

Vimeo

Our website uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our website or do not have a Vimeo account. The information is transmitted to a Vimeo server in the US, where it is stored.

If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.

For more information on how to handle user data, please refer to the Vimeo Privacy Policy at http://vimeo.com/privacy.

Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about handling user data, can be found at http://developers.google.com/fonts/faq and in Google’s privacy policy at http://www.google.com/policies/privacy/.

Google Maps

This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of Google at http://www.google.de/intl/de/policies/privacy/.