Data Protection

Data Protection Policy

General information 

The following information provides a basic overview of what happens to your personal data when you visit this website. Personal data are data by way of which you can be personally identified. For detailed information about data protection, please see our Data Protection Policy stated in this text. 

Data recording on this website 

Who is responsible for the data recording on this website? 

On this website, data are recorded by the website operator. You can find the website operator’s contact data in the “Information about the controller” section of this Data Protection Policy. 

How do we record your data? 

On the one hand, your data are recorded in that you state such data to us. This may, for example, be data that you enter in the contact form. 

Other data are recorded automatically, or based on your consent, by our IT systems when you visit the website.  These are, above all, technical data (e.g. internet browser, operating system or the time at which pages are viewed).  Data are recorded automatically as soon as you establish contact with this website. 

What do we use your data for? 

Some of the data are collected to guarantee fault-free provision of the website. Other data may be used to analyze your data behavior. 

What rights do you have in respect of your data? 

You have the right at any time to obtain information free of charge about the origin, recipients and purpose of your stored personal data. In addition, you have the right to request the rectification or erasure of such data. Once you have granted your consent to the data processing, you may withdraw such consent at any time for the future. In addition, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. 

Furthermore, you have the right to lodge a complaint with the relevant supervisory authority. 

You can contact us at any time in that respect and with regard to additional questions on the subject of data protection. 

Analysis tools and third party provider tools 

Your surf behavior may be evaluated statistically when you visit this website. This applies, above all, by way of so-called analysis programs. 

You can find detailed information about these analysis programs in the following Data Protection Policy. 

The controller for the data processing on this website is 

Elkamet Kunststofftechnik GmbH 
Georg-Kramer-Str. 3 
D-35216 Biedenkopf 
Tel.: +49 (0) 6461 930 0 
E-mail: info(at)elkamet.de 

The controller is the natural or legal person who solely or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses and the like). 

We have appointed a data protection officer: 

Peter Kattner 
TÜV Informationstechnik GmbH - TÜV NORD GROUP 
Langemarckstr. 20 
D-45141 Essen 
Tel.: +49 (0) 6461 930 500 
E-mail: datenschutzbeauftragter(at)elkamet.de 

External hosting 

This website is hosted by an external service provider (hoster). The personal data that are recorded on this website are stored on the hoster’s servers. This may, above all, include IP addresses, contact enquiries, meta and communication data, contract data, contact details, names, website access and other data that are generated via a website. 

The hoster is used for the purpose of executing the contract entered into with our potential and existing customers (Article 6, sub-section 1, Point b. GDPR) and in the interest of the secure, fast and efficient provision of our online program (Article 6, sub-section 1, Point f, GDPR). 

Our hoster shall only process your data insofar as such action is necessary to honor its service obligations and follow our instructions in relation to such data. 

We use the following hoster: 

Domainfactory GmbH 
Oskar-Messter-Str. 33 
D-85737 Ismaning 

Data protection 

The operators of these pages take the protection of your personal data very seriously. We treat your personal data in confidence and in line with the statutory data protection requirements as well as this Data Protection Policy. 

Various personal data are recorded when you use this website. 

Personal data are data by way of which you can be personally identified. This Data Protection Policy explains which data we record and what we use the data for. It also explains how, and for what purpose, that applies. 

We draw attention to the fact that the forwarding of data on the internet (e.g. in the case of communication by e-mail) may be subject to security gaps. Data cannot be completely protected against access by third parties. 

SSL or TLS encryption 

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential information such as orders or enquiries that you send to us as the site operator. You can recognize an encrypted link in that the address line of the browser changes from “http://” to “https://” and via the padlock symbol in your browser reference box. If the SSL or TLS encryption is activated, the data that you forward to us cannot be read by third parties. 

Storage period 

Where a more specific period was not stated in this Data Protection Policy, we shall retain your personal data until the purpose for the data processing becomes inapplicable. If you assert a justified erasure request or withdraw your consent to data processing, your data shall be deleted provided we do not have any other legally permissible reasons for the storage of your personal data (e.g. tax or commercial law storage periods). 

Withdrawal of your consent to data protection 

Many data processing procedures are only possible on the basis of your express consent. You may withdraw granted consent at any time. The withdrawal does not affect the legality of the data processing that applies up until the withdrawal. 

Right to object to the data recording in certain cases and object to direct advertising (Article 21 GDPR) 

IF DATA PROCESSING OCCURS BASED ON ARTICLE 6, SUB-SECTION 1, POINT E, OR F, GDPR, YOU HAVE THE RIGHT AT ANY TIME, FOR REASONS THAT APPLY BASED ON YOUR SPECIAL SITUATION, TO LODGE AN OBJECTION TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. PLEASE SEE THIS DATA PROTECGTION POLICY, WHICH FORMS THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED. IF YOU MAKE AN OBJECTION, WE SHALL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN FURNISH PROOF OF COMPULSORY REASONS WORTHY OF PROTECTION IN FAVOUR OF THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR THE PROCESSING IS AIMED AT THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION IN ACCORDANCE WITH ARTICLE 21, SUB-SECTION 1, GDPR). 

IF YOUR PERSONAL DATA ARE PROCESSED TO IMPLEMENT DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA THAT AFFECTS YOU FOR THE PURPOSE OF SUCH ADVERTISING. THIS ALSO APPLIES TO POOLING WHERE IT IS ASSOCIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA SHALL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION IN ACCORDANCE WITH ARTICLE, 21, SUB-SECTION 2, GDPR). 

Right to lodge a complaint with the relevant supervisory authority 

In the event of violations of GDPR, data subjects shall have a right to lodge a complaint with a supervisory authority, in particular in the Member States of their customary place of residence, their workplace or the location of the presumed violation. The right to lodge a complaint applies irrespective of other administrative law or court remedies. 

Right to data portability 

You are entitled to the surrender of data, which we automatically process based on your consent or by way of executing a contract, to you or a third person in a conventional, machine-readable, format. Where you request the direct transmission of such data to another controller, this shall only apply where it is technically feasible. 

Information, deletion and rectification 

As part of the valid, statutory provisions, you are entitled at any time to receive information, free of charge, about the personal data stored about you, their origin and recipients and the purpose of the data processing and, where applicable, you have a right to correction or deletion of such data. You can contact us at any time in that respect and with regard to matters involving personal data. 

Right to restriction of processing 

You have the right to request the restriction of the processing of your personal data. You can contact us at any time in that respect. The right to restriction of processing applies in the following cases: 

If you dispute the accuracy of the personal data we are storing, we normally require time to review this. For the duration of the review, you have the right to request the restriction of the processing of your personal data. 

If the processing of your personal data was/is unlawful, instead of the deletion you may request the restriction of the data processing. 

If we no longer require your personal data, but however you require such data for the establishment, exercise or defense of legal claims, instead of the deletion you shall have the right to request the restriction of the processing of your personal data. 

If you have made an objection in accordance with Article 21, sub-section 1, GDPR, your interests must be weighed against our interests. As long as it is not clear whose interests override in such a situation, you shall have the right to request the restriction of the processing of your personal data. 

If you have restricted the processing of your personal data, such data may only be processed, apart from the storage of such data, following your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State. 

Objection to advertising mails 

The use of contact data published as part of the obligation to provide publication details to forward advertising and information material not expressly requested is hereby rejected. The site operators expressly reserve the right to take legal action in the event of the unsolicited forwarding of advertising information, for example by way of spam mails. 

Google Web Fonts (local hosting) 

This site uses so-called Web Fonts for the standardized presentation of fonts, which are made available by Google. Google Fonts are installed locally. In that respect, a connection to Google servers is not established. 

You can find further information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s Data Protection Policy: https://policies.google.com/privacy?hl=de

Google Analytics 

This website uses Google Analytics, a web analysis services of Google Inc. ("Google"). Google Analytics uses so-called Cookies, text files that are stored on your computer and which facilitate an analysis of how you use the website. The information created by the cookie about how you use this website is normally transferred to a Google server in the USA and stored there. However, in the case of the IP anonymization on this website, your IP address will be shortened by Google before it is forwarded. This applies within the Member States of the European Union or in other signatory states to the European Economic Area. Only in exceptional cases will the entire IP address be sent to a Google server in the USA and shortened there. By order of the operator of this website, Google shall use this information to evaluate your use of the website, to put together reports on the website activities and to render additional services associated with the website and internet use for the website operator. 

The IP address forwarded as part of Google Analytics from your browser shall not be grouped together with other data from Google. 

You can prevent the saving of cookies by way of a corresponding setting in your browser software; however, we draw attention to the fact that in such a case you may not be able to fully use all the functions on this website. Furthermore, you can prevent the recording of the data created by the cookie and related to your use of the website (including your IP address) and forwarding to Google as well as the processing of such data by Google by downloading and installing the browser plug-in via the following link:: http://tools.google.com/dlpage/gaoptout?hl=de 

This website uses Google Analytics with the "_anonymizeIp()" extension. As a result, IP addresses are processed in abbreviated form, which means that personal references can be ruled out. If the data collected about you are related to a person, this is immediately excluded and the personal data are deleted immediately. 

We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user. Google has submitted to the EU-US Privacy Shield, https:// www.privacyshield.gov/EU-US-Framework for the exceptional cases in which personal data are forwarded to the USA, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Article 6(1), Sentence 1, Point f, GDPR. 

Information of the third party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 

User Conditions: 

http://www.google.com/analytics/terms/de.html, Data Protection Overview: http://www.google.com/intl/de/analytics/learn/privacy.html, and the Data Protection Policy: http://www.google.de/intl/de/policies/privacy

Cookies 

So-called Cookies are used on our internet pages. Cookies are small text files and do not cause any damage on your terminal. They are either placed on your terminal temporarily for the duration of a session (Session Cookies) or permanently (Permanent Cookies). Session Cookies are automatically deleted at the end of your visit. Permanent Cookies remain on your terminal until you personally delete them or automatic deletion occurs via your web browser. 

In part Cookies can be placed on your terminal by third party companies when you gain access to our site (Third Party Cookies). This enables us or you to use certain services of the third party company (e.g. Cookies for processing payment services). 

Cookies have various functions. Numerous Cookies are required in a technical sense because certain website functions would not work without these (e.g. the shopping basket function or the display of videos). Other Cookies are aimed at evaluating user behavior or displaying advertising. 

Cookies that are necessary to conduct the electronic communication procedure (Necessary Cookies) or to provide certain functions requested by you (Functional Cookies, e.g. for the shopping basket function) or to optimize the website (e.g. Cookies for measuring the web audience) are placed on the basis of Article 6, sub-section 1, Point f, GDPR, provided no other legal basis is stated. The website operator has a justified interest in the storage of Cookies for the technical fault-free and optimized provision of its services. In cases in which your consent for the placing of Cookies was sought, the respective Cookies shall be placed exclusively on the basis of such consent (Article 6, sub-section 1, Point a, GDPR); the consent may be withdrawn at any time. 

You can adjust your browser so that you are informed of the placing of Cookies and only permit Cookies in an individual case, exclude the acceptance of Cookies for certain cases or in general and activate the automatic deletion of Cookies when the browser is closed. The functionality of this website may be restricted in the case of deactivating Cookies. 

Where Cookies are used by third party companies or for analysis purposes, we shall inform you of this separately as part of this Data Protection Policy, and where applicable seek your consent. To that end we use the “consentmanager” tool, which has currently found the Cookies on our website that are stated below. 

Server log files 

The provider of the pages automatically collects and stores information in so-called server log server files that your browser automatically forwards to us. These are: 

  • Browser type and browser version of the used operating system 

  • Referrer URL 

  • Host name of the accessing computer 

  • Time of the server inquiry via the IP address 

Such data shall not be merged with other data sources. 

Such data are recorded on the basis of Article 6(1), Point f, GDPR. The website operator has a justified interest in the technically fault-free presentation and optimization of its website – the server log files need to be recorded to that end. 

Contact form 

If you direct inquiries to us via the contact form, your details from the contact form including the contact data you have stated there shall be saved by us for the purpose of processing your inquiry and in the event of follow-up questions. We shall not forward such data without your consent. 

Such data shall be processed on the basis of Article 6, sub-section 1, Point b, GDPR, provided your inquiry is associated with executing a contract or is necessary to adopt pre-contractual measures. In all other cases, the processing shall be based on our justified interest in the effective processing of the inquiries directed to us (Article 6, sub-section 1, Point f, GDPR) or your consent (Article 6, sub-section 1, Point a, GDPR) provided this was requested. 

We shall retain the data you enter in the contact form until you ask us to delete such data, withdraw your consent to the storage of such data or the purpose for the data storage becomes inapplicable (e.g. following completed processing of your inquiry). This does not affect mandatory statutory provisions, in particular storage periods. 

Inquiry by e-mail, telephone or fax 

If you contact us by e-mail, telephone or fax, your inquiry, including all resulting personal data (name, inquiry) shall be stored and processed by us for the purpose of processing your inquiry. We shall not forward such data without your consent. 

Such data shall be processed on the basis of Article 6, sub-section 1, Point b, GDPR, provided your inquiry is associated with executing a contract or is necessary to adopt pre-contractual measures. In all other cases, the processing shall be based on our justified interest in the effective processing of the inquiries directed to us (Article 6, sub-section 1, Point f, GDPR) or your consent (Article 6, sub-section 1, Point a, GDPR) provided this was requested. 

We shall retain the data you have forwarded to us in the contact questions until you ask us to delete such data, withdraw your consent to the storage of such data or the purpose for the data storage becomes inapplicable (e.g. once the processing of your inquiry has been completed). This does not affect compulsory statutory provisions, in particular statutory storage periods. 

Processing employee and applicant data 

Your personal data are generally collected directly from you, e.g. as part of the application process, based on Section 26(1), BDSG, as stated in the version dated 25.05.2018. Furthermore, we may also have received data from third parties (e.g. job boards such as Indeed or employment agencies). 

In addition, we may process personal data that we have permissibly obtained from publicly accessible sources (e.g. professional social networks). If we collect data from such sources, we shall inform you without delay in accordance with Article 14, GDPR, about the circumstance involving the data collection and what purpose we are pursuing via, and how we intend to process, your data. 

The categories of personal data that are processed of employees include, in particular, your master data (such as first name, surname, name affixes, nationality, personnel number), contact data (such as private address, mobile/telephone number and e-mail address) as well as the data of the entire application process (cover letter, CV, (work) references and proof of qualifications). 

If you have also voluntarily provided special categories of personal data (such as health data, religious affiliation or degree of disability) in the application letter or in the course of the application procedure, processing shall only occur if you have consented to this. 

We process personal employee and applicant data on the basis of and in compliance with the European Data Protection Regulation (EU GDPR), the Federal Data Protection Act (BDSG) and all other relevant regulations in German labor law (e.g. AGG (German General Act on Equal Treatment), BetrVG (German Works Council Constitution Act) and SGB (German Code of Social Law) etc.). 

The processing of your personal data within the scope of the application process is primarily aimed at performing the application procedure, in particular determining the extent to which you are suitable for the advertised position. The processing of your applicant data is required for the decision on the establishment of an employment relationship. The primary legal basis for this is Article 88 GDPR in conjunction with  Section 26(1) BDSG. 

Recipients of employee and applicant data 

At our company, only those persons and offices receive your personal data that require such data to make a decision about your employment and honor our legal and contractual obligations. 

Contrary this, we forward employee data if we legally undertake to do so. 

Storing employee and applicant data 

Personal applicant data forwarded to us shall be deleted as soon as it they no longer required for the aforementioned purposes, at the latest after 6 months. This does not apply if you have agreed to a longer storage period, the storage is required for the purpose of furnishing proof or legal regulations prevent deletion. For example, we retain your applicant data for as long as there is a possibility that you may assert legal claims against our company, e.g. due to a violation of the provisions of AGG. 

By contrast, if your application leads to the establishment of an employment contract with you, your data shall continue to be stored and used for the purposes involving customary administrative and organizational processes and to implement the employment relationship in compliance with applicable legal provisions. 

What rights can employees or applicants assert? 

Applicants as well as employees, and all other data subjects, are of course entitled to the data subject rights in accordance with Articles 15 to 22, GDPR, when our company processes their personal data. For details in this respect, see point 6 above. Furthermore, data subjects have the right to lodge a complaint with the aforementioned data protection officer (see point 3.) or with a data protection supervisory authority. 

Please address complaints to the data protection supervisory authority responsible for our company: 

Hessian Commissioner for Data Protection and Freedom of Information PO Box 3163 D-65021 Wiesbaden 

Tel.: +49 611 1408 – 0 
Fax: +49 611 1408 - 900 / 901 
E-mail: poststelle(at)datenschutz.hessen.de 

 

Visitor and company management 

We collect your personal data as part of our security concept to inform you without delay in the event of a plant evacuation or other incidents. We store and collect the data based on Article 6(1), Point f), EU General Data Protection Regulation (GDPR). 

Our company organizes web conferences for the virtual organization of meetings and/or meetings, during which the voice of the participants is transmitted via microphone and, where applicable, their image is also transmitted via webcam to all other participants (hereinafter in brief: “Video Conferences”). In this respect, we use service providers that make their software and, where applicable, their technology available to us (hereinafter: Video Conference Systems). We have entered into a commissioned processing agreement with these service providers in accordance with Article 28 GDPR. 

Processing data as part of Video Conferences 

Our company processes various types of data for the use of “Video Conferencing.” The total volume of data processed in the context of Video Conferencing depends on the functional scope of the video conferencing system provided by the video conferencing service provider, and the amount of data made available by the respective user before, during and after participating in a “Video Conference.” 

The following personal data may, in principle, be the subject of processing for the purpose of conducting a Video Conference: 

  • Personal information about the participant: e.g. display name, online status (optional), status messages, profile picture (optional), e-mail address where applicable and preferred language. 

  • Meeting metadata: e.g. date, time, duration, meeting ID, phone number (where applicable) and location. 

  • Text, audio, video and other multimedia data: Data from the microphone, a webcam/video camera or a screen display of your terminal device (using the screen/content sharing function) are processed during the meeting for the display of video signals as well as the playback of audio signals and multimedia files. The latter is required, for example, if screen sharing is required as part of a screen presentation. Data transmission from the camera and microphone can be switched on and off independently at any time and by any user. The screen/content sharing function must be actively activated by the user and can also be terminated at any time. 

In a Video Conference, you also have the option of using the chat function in tandem. In this respect, the text entries you make, the sharing of links or content and social interactions (such as: Emoticons, pictograms, like buttons for comments or the sending of so-called GIFs - Graphics Interchange Format) are processed to display them to the participants in “Video Conferences.” 

Legal bases of the data processing 

The legal basis differs depending on whether employees of our company, employees of our affiliated companies or third parties participate in the Video Conference hosted by us: 

If the personal data of employees of our company and/or of employees of our affiliated companies are processed (so-called internal meetings), Section 26, BDSG, in conjunction with Article 88, GDPR, forms the legal basis of the data processing for implementation (operational organization) of the employment relationship. 

With regard to other Video Conferences, including with external third parties without (employment) contractual relationships, our implementation of video conferences is geared towards the legal basis set out in Article 6(1), Point f), GDPR. In this respect we also have a legitimate interest in effectively conducting “Video Conferences” with third parties. 

Storing Video Conference data 

“Video Conferences” are not recorded as a matter of principle. If a recording is planned, we shall inform the participants transparently and, where necessary, obtain the consent of all participants. 

Files shared by users in chats are stored in the respective participant account of the user who shared the file. Files shared by participants in a channel are stored in a local directory of the respective participants. 

Recipients of Video Conferences 

Personal data processed in conjunction with participation in “Video Conferences” are, in principle, only forwarded to our order processors, i.e. the service providers who support us in conducting the Video Conferences. 

Apart from this, data are only forwarded to third parties if we as a company legally undertake to do so (e.g. by court order), or if the persons concerned have expressly consented to the forwarding of their data. 

We have taken comprehensive technical and organizational precautions to protect your personal data from unauthorized access, misuse, loss and other external interference. To this end, we regularly review our security measures and adjust them in line with the latest technological developments. 

Insofar as parts of the website are also offered in languages other than German, this exclusively constitutes a service for our guests, visitors, interested parties and employees who do not speak German. 

The data protection declaration applies to all pages of www.elkamet.de. It does not extend to any linked websites or internet pages of other providers. 

Please contact us if you are not satisfied with the data protection measures described here, or if you have any questions regarding the collection, processing and/or use of your personal data. We shall answer your questions as quickly as possible and endeavor to implement your suggestions. Please address your data protection issues to datenschutzbeauftragter(at)elkamet.de

This Data Protection Policy shall be updated with effect for the future in the event of new legal requirements or significant changes to the functional scope of our websites. We therefore recommend that you read our Data Protection Policy at regular intervals. In the event that we make material changes, we shall issue a clear notice in this section. 

Biedenkopf, in November 2021