In this statement, “we,” Elkamet Kunststofftechnik GmbH (all contact details can be found in the legal notice), as the responsible party within the meaning of the General Data Protection Regulation (‘GDPR’), inform you about the processing of your personal data in connection with the use of this website (available at elkamet.com), hereinafter referred to as “the website,” and the interactions described herein.
Elkamet Kunststofftechnik GmbH acts in accordance with the GDPR. It owns other companies. These include Elkamet Inc., Elkamet s.r.o & Elkamet Co. Ltd. Personal data may be further processed within the group.
You can contact our data protection officer and our data protection team here: Mr. Sükrü Sezgin, TÜV Informationstechnik GmbH - TÜV NORD GROUP, Am TÜV 1, 45307 Essen, Germany, telephone: +49 (0) 6461 930 500, email: datenschutzbeauftragter@elkamet.de.
The scenarios in which we process personal data are listed below.
1. Visiting the website:
1.1 SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
With encryption activated, the data you transmit to us cannot be read by third parties. We follow the recommendations of the German Federal Office for Information Security (BSI) for the secure configuration of web servers.
1.2 Log files
Each time you access the website and depending on the use of certain functions on it, data such as the date and time of access, your IP address, and the content accessed are transmitted from your browser to our server and stored in log files in order to provide you with the requested content and to ensure the functionality and security of our systems.
The log files are deleted or anonymized after seven days at the latest. If and as long as there is suspicion of access relevant to security, the relevant data will be stored for the duration of the investigation of the potential attack and, if necessary, the implementation of countermeasures, in particular the enforcement of legal claims.
The legal basis for the aforementioned processing is our interest in a stable and secure website (Art. 6 (1) (f) GDPR).
Specifically, the following data categories are processed in this context:
The aforementioned data will not be passed on to third parties. Without the provision of this data, it is not possible to use the website.
1.3 External hosting
This website is hosted by an external service provider (host). We use the following host: Domainfactory GmbH, Oskar-Messter-Str. 33, D-85737 Ismaning. The personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website.
The host is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 (1) (f) GDPR).
Our host will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.
1.4 Cookies
Wir verwenden Cookies, um die Nutzung unserer Webseite zu ermöglichen und zu optimieren. Neben notwendigen Cookies zur Sitzungssteuerung setzen wir dauerhafte Cookies ein, um Präferenzen zu speichern (z. B. Spracheinstellungen). Sie können Cookies in Ihrem Browser deaktivieren, jedoch kann dies die Nutzung bestimmter Funktionen beeinträchtigen. Da Cookies in verschiedenen Diensten auf der Website eingesetzt werden, informieren wir über die jeweils verarbeiteten Datenkategorien in den Informationen zum jeweiligen Dienst.
1.5 Usercentrics Cookiebot
We use the consent management tool “Usercentrics Cookiebot” from Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark. This tool enables us to collect and manage our users' consent to the use of cookies and similar technologies in accordance with the law.
When you visit our website, Usercentrics Cookiebot stores a cookie in your browser to record and document the consents granted or refused for the individual cookie categories. This cookie does not store any personal data, but only your consent (or refusal) to the use of certain cookies and an anonymized identification code, which on the one hand enables the assignment of consent and on the other hand avoids a new query as long as the settings are not changed.
We use Usercentrics Cookiebot based on our interest in operating a website with user-friendly consent management (Art. 6 (1) (f) GDPR) and are also obliged to demonstrate compliance with data protection regulations (Art. 6 (1) (c) GDPR).
The consent data is stored for the legally required period and then automatically deleted. You can change your cookie settings and consents at any time by clicking on the cookie icon in the lower right corner of this page and adjusting your preferences or revoking your consent there.
For more information on data processing by Usercentrics Cookiebot, please refer to the privacy policy of Usercentrics A/S at https://www.cookiebot.com/de/privacy-policy/.
2. Contact
To use certain services on our website (e.g., contact forms), you can voluntarily provide personal or business data. This data will be used exclusively to provide the respective service.
The legal basis for this is Art. 6 (1) lit. b GDPR. The data will be deleted after the respective service has been provided, provided that there are no legal retention obligations.
3. Analysis services
3.1 Matomo
This website uses the open source web analysis service Matomo. Matomo uses technologies that enable cross-page recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymized before storage.
With the help of Matomo, we are able to collect and analyze data about the use of our website by website visitors. This allows us to find out, among other things, when which pages were viewed and from which region they came. We also collect various log files (e.g., IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g., clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the anonymous analysis of user behavior in order to optimize both its website and its advertising.
IP anonymization
We use IP anonymization for analysis with Matomo. This means that your IP address is truncated before analysis so that it can no longer be clearly assigned to you.
We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.
3.2 Google Tag Manager
We use Google Tag Manager on our website, a tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), which enables us to centrally manage and execute certain tags and codes for tracking and analysis tools on our website.
Google Tag Manager itself does not process any personal data, but merely allows the management of tags that are used by other services that use it, which in turn may collect/process data.
Data transfer to Google servers in the USA cannot be ruled out. Google is certified under the EU-US Data Privacy Framework (adequacy decision of the EU Commission pursuant to Art. 45 GDPR) and is also committed to ensuring an adequate level of data protection on the basis of the Standard Contractual Clauses (SCC) of the European Commission (Art. 46 GDPR). Further information on this can be found in Google's privacy policy at https://policies.google.com/privacy.
The legal basis for processing is your consent pursuant to Art. 6 (1) (a) GDPR, which you can declare and revoke using the consent management tool used on the website.
3.3 Google Analytics
We evaluate visits to this website using the analysis tool “Google Analytics,” a service provided by Google, in order to continuously optimize our website. The following information is primarily processed:
IP address (truncated);
(sub)pages accessed;
visitor behavior on the pages (e.g., clicks, scrolling behavior, and length of stay);
Approximate location of the visitor (country and city);
Technical information such as browser used, Internet provider, device, and screen resolution;
Source of your visit (i.e., which website or advertising medium brought you to us);
You can prevent these cookies from being set by adjusting your browser software settings as described under “Cookies.”
We collect the IP address so that the analysis service can distinguish between different visitors and so that we can identify the countries, regions, and cities from which we receive visitors, but we shorten the IP address at the time of collection so that we cannot identify you specifically.
The legal basis for processing is your consent in accordance with Art. 6 (1) (a) GDPR, which you can declare and revoke via our consent management tool.
Data from each individual visit is deleted 14 months after collection.
Google Analytics is provided by Google LLC, USA, which receives your data in order to provide us with the analysis service.
Your data is transferred to the USA as described. Google is certified under the EU-US Data Privacy Framework (adequacy decision of the EU Commission pursuant to Art. 45 GDPR) and is also committed to ensuring an adequate level of data protection on the basis of the Standard Contractual Clauses (SCC) of the European Commission (Art. 46 GDPR). For more information, please refer to Google's privacy policy at https://policies.google.com/privacy.
3.4 Facebook-Pixel
The website uses “Facebook Pixel,” an analytics service provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). This service allows us to track user behavior when they arrive at the website via a Facebook advertisement. This enables us to measure the effectiveness of advertisements and optimize our marketing activities.
This service allows us to collect information about the actions you take on the website (e.g., clicks or visits to specific pages). If you are a Facebook member, this data is linked to your Facebook account and used for targeted advertising. Facebook may link the collected data to other information about you that Facebook has collected itself.
The legal basis for the use of the service is your consent (Art. 6 (1) (a) GDPR), which you can declare via our consent management tool and revoke at any time.
The aforementioned data may also be transferred to the USA. Facebook is certified under the EU-US Data Privacy Framework (adequacy decision of the EU Commission pursuant to Art. 45 GDPR) and is also committed to ensuring an adequate level of data protection on the basis of the European Commission's Standard Contractual Clauses (SCC) (Art. 46 GDPR). For more information on data processing by Facebook, please refer to Facebook's privacy policy at https://www.facebook.com/about/privacy.
The data mentioned will be stored for as long as necessary for the purposes mentioned above. You can prevent the use of the Facebook pixel at any time by revoking your consent or adjusting the settings for personalized advertising in your Facebook account.
3.5 LinkedIn-Pixel
We use the LinkedIn Insight Tag (“LinkedIn Pixel”) on our website, an analytics and conversion tracking tool provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”). The LinkedIn Insight Tag helps us understand the behavior of users who come to our website via a LinkedIn ad, enabling us to evaluate and improve the effectiveness of our advertising campaigns.
The aforementioned service processes data such as your IP address, browser properties, and referrer URL, as well as information about actions you take on our website (e.g., pages visited). This data is pseudonymized and anonymized by LinkedIn after seven days, so that it is no longer possible to draw conclusions about individual persons. However, LinkedIn may link the data to your LinkedIn account and use it for targeted advertising.
The legal basis for use is your consent (Art. 6 (1) (a) GDPR), which you can declare via our consent management tool and revoke at any time.
The data mentioned may also be transferred to the USA and other third countries. LinkedIn is certified under the EU-US Data Privacy Framework (adequacy decision of the EU Commission pursuant to Art. 45 GDPR) and is also committed to ensuring an adequate level of data protection on the basis of the European Commission's Standard Contractual Clauses (SCC) (Art. 46 GDPR). For more information on data processing by LinkedIn, please refer to LinkedIn's privacy policy at https://de.linkedin.com/legal/privacy-policy and https://privacy.microsoft.com/de-de/data-privacy-notice.
The data is stored for up to 90 days and then anonymized. You can object to the use of the LinkedIn Insight Tag by adjusting your cookie settings on our website or changing the settings for interest-based advertising in your LinkedIn account.
4. Our social media presence
We maintain publicly accessible profiles on social networks in order to provide information about our company and to engage with active users.
We currently operate company profiles with the following providers:
Joint responsibility pursuant to Art. 26 GDPR
For certain processing of personal data on our social media profiles (e.g., page insights), we are jointly responsible with the respective platform operator within the meaning of Art. 26 GDPR.
We would like to point out that data processing on the platforms may also take place outside the EU or the EEA. This may give rise to risks (e.g., in the enforcement of data subject rights).
The respective platform provides information on joint responsibility and data processing:
Please note that we have no complete control over data processing by the platform operators. Use of the platforms is at your own risk.
5. Business partner
Unless otherwise agreed with our business partners, we only process their personal data for the purpose of conducting business relations, e.g. for communication, processing inquiries, and providing contractual services (legal basis: fulfillment of a contract pursuant to Art. 6 (1) (b) GDPR), in the context of fulfilling our legal obligations (legal basis: legal obligation pursuant to Art. 6 (1) (c) GDPR), and insofar as our interests justify data processing in individual cases (legal basis: balancing of interests pursuant to Art. 6 (1) (f) GDPR, whereby our interests may include, for example, the effective provision of our services, direct marketing, or the security of our infrastructure).
The data is stored for as long as is necessary for the purposes mentioned or as we are legally obliged to do so, and third parties only receive data to the extent that this is necessary for the fulfillment of the contract with the respective business partner or as we are legally obliged to do so.
6. Applications
6.1 Processing of employee and applicant data
Personal data is usually collected directly from you as part of a direct survey—for example, during the application process—on the basis of Section 26 (1) BDSG (version dated May 25, 2018). In addition, we may also have received personal data from third parties (e.g., job boards).
Where applicable, we also process personal data that we have lawfully obtained from publicly accessible sources (e.g., professional social networks). In this case, we will inform you immediately of the source of the data, the purpose of the processing, and the intended use in accordance with Art. 14 GDPR.
If you apply to us via our application portal (https://www.karriere.elkamet.de), which is operated on our behalf by rexx systems GmbH, Süderstraße 75–79, 20097 Hamburg, or by other means, e.g., by email, all information provided is voluntary.
However, we require meaningful information about your professional qualifications so that we can consider you for the position to be filled. We process your data as part of the application process. This includes the possibility of forwarding your data to other companies within the Elkamet Group if it becomes apparent that your qualifications are better suited to a position advertised there.
The categories of personal data processed include, in particular, your master data (such as first name, last name, name affixes, nationality, personnel number), contact details (such as private address, mobile/telephone number, email address) and data relating to the entire application process (cover letter, resume, (employment) references, proof of qualifications).
If you have voluntarily provided us with special categories of personal data (such as health data, religious affiliation, degree of disability) as part of the application process, this data will only be processed if you have consented to this.
We process personal employee and applicant data on the basis of and in compliance with the European General Data Protection Regulation (EU GDPR), the Federal Data Protection Act (BDSG), and all other relevant provisions of German labor law (e.g., AGG, BetrVG, SGB, etc.).
The processing of your personal data as part of the application process primarily serves to carry out the application procedure, in particular to determine the extent to which you are suitable for the advertised position. The processing of this data is necessary in order to be able to decide on the establishment of an employment relationship. The primary legal basis for this is Art. 88 GDPR in conjunction with Section 26 (1) BDSG.
Our interest in effective personnel development is decisive for the transfer of application data to other companies within the Elkamet Group (Art. 6 (1) (1) (f) GDPR).
6.2 Recipients of employee and applicant data
Within our company, only those persons and departments who need your personal data to make decisions about your employment and to fulfill legal or contractual obligations will have access to it.
Notwithstanding this, we will transfer employee data if we are legally obliged to do so.
6.3 Storage of employee and applicant data
The personal applicant data transmitted to us will be deleted as soon as it is no longer required for the above-mentioned purposes – after 6 months at the latest. Longer storage will only take place if you have expressly consented to this, if it is necessary for the preservation of evidence, or if statutory retention obligations prevent this. For example, we will retain your applicant data for as long as there is a possibility that you may assert legal claims against our company – e.g., due to a violation of the provisions of the AGG.
If your application leads to the establishment of an employment contract with you, your data will continue to be stored and used for the purposes of the usual administrative and organizational processes and for the performance of the employment relationship in compliance with the applicable legal regulations. If you are not hired, we will delete your data no later than 6 months after its receipt. If legal issues arise, the data will be stored until clarification and then deleted immediately.
7. Embedded third-party content
The privacy policy applies to all pages of www.elkamet.de. It does not extend to any linked websites or Internet presences of other providers. The following third-party content is integrated into the website.
YouTube-Videos
Some pages of our website embed videos from the YouTube platform, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. These videos are embedded in what is known as “extended privacy mode,” which, according to YouTube, ensures that no information about visitors to our website is transmitted to YouTube as long as the videos are not played.
As soon as you play an embedded YouTube video, a connection to the YouTube servers is established and YouTube receives the information that you have visited our website. Cookies and similar technologies may also be set, which YouTube uses to collect information about your user behavior. If you are logged in to YouTube or another Google service, Google may be able to link this information to your user account.
The legal basis for the aforementioned data processing is your consent (Art. 6 (1) (a) GDPR), which you give by activating the videos.
Your data will also be transferred to the USA. Google is certified under the EU-US Data Privacy Framework (adequacy decision of the EU Commission pursuant to Art. 45 GDPR) and is also committed to ensuring an adequate level of data protection on the basis of the European Commission's Standard Contractual Clauses (SCC) (Art. 46 GDPR). For more information, please refer to Google's privacy policy at https://policies.google.com/privacy. There you will also find information about the storage and deletion of the collected data. You can prevent the embedding of YouTube videos and the associated data processing by deactivating the playback of videos on our website.
8. Visitor and external contractor management
We collect your personal data as part of our security concept so that we can inform you immediately in the event of a factory evacuation or other incidents. The data is collected and stored by us on the basis of Art. 6 (1) lit. f) of the EU General Data Protection Regulation (GDPR).
9. Your rights
As a data subject, you have the following rights with regard to your data:
You also have the right to complain to a data protection supervisory authority about our processing of your personal data. The competent supervisory authority is the Hessian Commissioner for Data Protection and Freedom of Information, Gustav-Stresemann-Ring 1, 65389 Wiesbaden.
If you have any questions about the processing of your data, please send an email to datenschutzbeauftragter@elkamet.de or contact us at the address given at the beginning.
Updated: July 2025
Stand: Juli 2025
