Privacy Policy
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy below.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the website operator's contact details in the legal notice for this website.
How do we collect your data?
Your data is collected when you communicate it to us. For example, this could be data that you enter in a contact form.
Other data is automatically collected by our IT systems or with your consent when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page access). This information is automatically collected as soon as you access this website.
What do we use your data for?
Some of the data is collected to ensure that the website is working as it should. Other data may be used to analyse your usage behaviour.
What rights do you have regarding your data?
You have the right to obtain information about the origin, recipients and purpose of your stored personal data free of charge at any time. You also have a right to request the rectification or erasure of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. In addition, you have the right to request that the processing of your personal data be restricted under certain circumstances. You also have the right to submit a complaint to the competent supervisory authority.
You can contact us about this, as well as with any further questions regarding data protection, at any time at the address given in the legal notice.
Analytics tools and third-party tools
When you visit this website, your surfing behaviour can be evaluated statistically. This is primarily done using analytics programs.
Detailed information about these analytics programs can be found in the following privacy policy.
2. Hosting and Content Delivery Networks (CDN)
External hosting
This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact data, names, website access and other data generated by a website.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Article 6(1)(b) GDPR) and in the interest of a secure, fast and efficient provision of our website by a professional provider (Article 6(1)(f) GDPR).
Our host will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.
We use the following host:
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen, Germany
Conclusion of a contract for commissioned data processing
To ensure that data processing is carried out in compliance with data protection regulations, we have concluded a contract for commissioned data processing with our host.
3. General information and mandatory information
Data protection
The operators of these pages take the protection of your personal data very seriously. We handle your personal data with utmost confidentiality and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose your data is collected.
Be mindful that data transmission over the Internet (e.g. communication by email) can be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
Note regarding the responsible body
The body responsible for data processing on this website is:
BB Stanz- und Umformtechnik GmbH
Nordhäuser Straße 44
06536 Berga, Germany
+49 (0) 34651 2988-0
info@bb-berga.de
The responsible body is the natural or legal person who decides on the purpose and means of processing of personal data (e.g. names, email addresses etc.), either alone or in conjunction with others.
Storage duration
Unless a specific storage duration has been specified in this privacy policy, we will retain your personal data until the purpose of the data processing is no longer applicable. If you make a legitimate request for erasure or revoke your consent to data processing, your data will be erased unless we have any other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the erasure will take place after these reasons cease to apply.
Note on data transfer to the United States
Our website includes tools from companies based in the United States. When these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to make you aware that the United States is not a safe third country within the meaning of EU data protection law. US companies are required to disclose personal information to security authorities without the possibility of legal action by you as a data subject. Therefore, it cannot be excluded that US authorities (e.g. intelligence services) will process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.
Revoking your consent to data processing
Many data processing operations are only possible with your express consent. You have the right to revoke your consent at any time. The legality of the data processing carried out prior to revocation remains unaffected by the revocation.
Right to object to the collection of data in special cases and to direct marketing (Article 21 GDPR)
If data is processed on the basis of Article 6(1)(e) or (f) GDPR, you have the right to object at any time to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you file an objection, we will no longer process your relevant personal data unless we can demonstrate that there are compelling legitimate grounds to process it that override your interests, rights and freedoms, or if its processing is required for the establishment, exercise or defence of legal claims (objection according to Article 21(1) GDPR).
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, including profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection pursuant to Article 21(2) GDPR).
Right of appeal to the competent supervisory authority
In the event of a breach of GDPR, the parties concerned shall have the right to appeal to a supervisory authority, specifically in the Member State of their habitual residence, place of work or place of suspected breach. The right of appeal shall be without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request direct transmission of the data to another responsible person, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content such as orders or requests that you send to us as a site operator, this page uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the padlock symbol in the browser line.
When SSL or TLS encryption is activated, the data that you send to us cannot be read by third parties.
Information, erasure and rectification
Within the scope of the applicable statutory provisions, you have the right to obtain information, at any time and free of charge, about your stored personal data, its origin and recipients, as well as the purpose of data processing. You also have the right to request that this data be rectified or erased, where applicable. You can contact us about this, as well as with any further questions regarding personal data, at any time at the address given in the legal notice.
Right to restriction of processing
You have the right to request that the processing of your personal data be restricted. You can contact us at any time at the address given in the legal notice. The right to restrict processing exists in the following cases:
- If you contest the accuracy of your personal data stored by us, we usually need time to verify this. While this verification process is ongoing, you have the right to request that the processing of your personal data be restricted.
- If the processing of your personal data was/is carried out unlawfully, you can request restriction of the data processing instead of erasure.
- If we no longer require your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of erased.
- If you have filed an objection pursuant to Article 21(1) GDPR, your rights and our interests will have to be weighed against each other. While a decision as to whose interests prevail is outstanding, you have the right to request the processing of your personal data be restricted.
If you have chosen to restrict the processing of your personal data, such data - with the exception of its storage - may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
Objection to promotional emails
We expressly object to the use of contact data published within the scope of the legal notice obligation to send unsolicited advertising and information material. The operators of this website reserve the right to take legal action in the case of the unsolicited receipt of advertising information, such as in the form of spam email.
5. Analytics tools and advertising
Matomo (formerly Piwik)
This website uses the open source web analytics service Matomo. Matomo uses technologies that enable cross-page recognition of the user for analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before it is saved.
Matomo enables us to collect and analyse data about the use of our website by site visitors. This enables us to find out when the pages were accessed and from which region they were viewed. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our site visitors perform certain actions (e.g. clicks, purchases etc.).
The use of this analytics tool is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both its website and its advertising. If corresponding consent has been requested (e.g. consent for the storage of cookies), processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; the consent can be revoked at any time.
Hosting
We host Matomo with the following third-party provider:
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen, Germany
Conclusion of a contract for commissioned data processing
We have concluded a contract for commissioned data processing with these third-party providers to ensure that the data collected with Matomo is processed exclusively in accordance with our instructions and in accordance with the GDPR.
6. Plugins and tools
Google Web Fonts (local hosting)
To ensure the uniform display of fonts, this site uses web fonts provided by Google. The Google Fonts are installed locally. A connection to Google's servers does not take place.
Find more information about Google Web Fonts athttps://developers.google.com/fonts/faqand in Google's Privacy Policy:https://policies.google.com/privacy?hl=de.
Google Maps
This site uses the Google Maps service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
It is necessary to store your IP address in order to use the Google Maps functions. This information is usually transmitted to and stored by Google on servers in the United States. The provider of this site has no influence on this data transmission.
Google Maps is used in the interest of making our website attractive and to make it easier for users to locate the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. If corresponding consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; the consent can be revoked at any time.
Data transmission to the United States is based on the standard contractual clauses of the EU Commission. Details can be found here:https://privacy.google.com/businesses/gdprcontrollerterms/andhttps://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
For more information on how user data is handled, please refer to Google's Privacy Policy:https://policies.google.com/privacy?hl=de.
7. Our own services
Handling applicant data
We enable you to submit job applications to us (e.g. by email, post or via an online application form). In the following, we will provide you with information about the scope, purpose and use of your personal data collected during the application process. We assure you that the collection, processing and use of your data will be in accordance with applicable data protection laws and all other statutory provisions and that your data will be treated as strictly confidential.
Scope and purpose of data collection
When you send us an application, we will process your personal data (e.g. contact and communications data, application documents, notes taken during interviews etc.), as far as this is necessary to make a decision on establishing an employment relationship. The legal basis for this is Section 26 of the new Federal Data Protection Act (BDSG) under German law (initiation of an employment relationship), Article 6(1)(b) GDPR (general contract initiation) and - if you have given your consent - Article 6(1)(a) GDPR. You may revoke your consent at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your application.
If your application is successful, the data you have submitted on the basis of Section 26 of the new Federal Data Protection Act (BDSG) and Article 6(1)(b) GDPR will be stored in our data processing systems for the purpose of implementing the employment relationship.
Data retention period
If we are unable to offer you a job, you reject a job offer or withdraw your application, we reserve the right to use the data you provide on the basis of our legitimate interests (Article 6(1)(f) GDPR) for up to six months from the end of the application procedure (rejection or withdrawal of the application). The data will then be erased and the physical application documents destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the six-month period has elapsed (e.g. due to an imminent or pending legal dispute), the data will not be erased until the purpose for further storage no longer applies.
A longer retention period may also take place if you have given the appropriate consent (Article 6(1)(a) GDPR) or if legal storage obligations prevent erasure.