DATA PROTECTION DECLARATION
We are glad that you are interested in our Company and in our products and services, and we want you to feel safe and secure when you visit our website – and that includes the matter of protecting your data. The protection of your data is something that we take very seriously. We take it as given that the currently valid versions – at any time – to the provisions of the European General Data Protection Regulations (GDPR) and of Federal German Data Protection Regulations (BDSG) must be adhered to.
As a part of our duties of information, we intend to configure this Data Protection Declaration as transparently as possible. With that in mind, we would like to present you, below, with a description of the purpose underlying the processing of your data, the utilisation of cookies, tracking/analysis tools, social media services and other third-party services. We will also make it clear, in the process, what your own rights are.
If there are any questions left outstanding – with regard to the handling of your personal data – you are most welcome to contact ourselves or our data protection officer (contact details are shown below).
Spitzer Silo-Fahrzeugwerke GmbH
Tel. +49 6261 8005-0
Fax +49 6261 8005-60
is the responsible centre (data manager) in the definition given by GDPR, as the operator of this website (https://www.spitzer-silo.com/)and it decides, either independently or in conjunction with other parties, as to the purposes and means of processing personal data (hereinafter referred to as “data”).
DATA PROTECTION OFFICER
IT-Sicherheit und Datenschutz (IT Security and Data Protection)
Our data protection officer will also be available to assist you with questions concerning your rights as a data subject, or to receive your suggestions, and also as the contact person for you if you have any complaints to make.
DEFINITIONS OF TERMS
The legislator requires that personal data must be processed in a legitimate way, in good faith and in a manner which is easy for the data subject to understand (“legitimacy, processing in good faith, transparency”). In order to make sure of this, we would like to inform you about the individual statutory definitions of terms. These are terms which are also used in this Data Protection Declaration:
(1) Personal data
“Personal data” means all information which relates to an identified or an identifiable individual (hereinafter referred to as a “data subject”); an identifiable data subject is regarded as being an individual who can be identified directly or indirectly, and especially by the allocation of a code such as a name, a code number, location data, an online code or one or several specific characteristics which characterise such a data subject’s physical, physiological, genetic, mental, financial, cultural or social identity.
“Processing” means any procedure which is carried out with or without the use of automated methods, or any series of processes in connection with personal data such as collection, logging, organisation, ordering, storage, adaptation or modification, readout, picking, utilisation, disclosure by transmission, propagation or any other form of sharing, matching or association, restriction, deletion or destruction.
(3) Restriction of processing
“Restriction of processing” is the marking of stored personal data for purposes of restricting the future processing of it.
“Profiling” is any form of automated processing of personal data whereby such personal data is used for purposes of assessing certain personal aspects which relate to a data subject, with particular reference to analysing or protecting aspects in connection with working capacity, financial circumstances, health, personal preferences, interests, reliability, behaviour, whereabouts or relocation in respect of such individual person.
“Pseudonymising” is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without drawing upon additional information, to the extent that this additional information is stored separately and is subject to technical and organisational safeguards which assure that the personal data can no longer be attributed to an identified or identifiable individual person.
(6) File system
A “filesystem” is any structured compilation of personal data which is accessible according to defined criteria, irrespective of whether such a compilation is ordered centrally, on a decentralised basis or in line with functional or geographical criteria.
(7) Data manager
A “data manager” is an individual person or a corporation, public authority, institution or other centre which – either alone or in conjunction with others – decides upon the purposes and means of processing of personal data; if the purposes and means of such processing are stipulated by European Union law or by member states’ law, then the data manager and/or the specified criteria for its appointment may be governed under European Union law or by member states’ law.
(8) Job processor
A “job processor” is an individual or a corporation, public authority, institution or other centre which processes personal data on behalf of the data manager.
A “Recipient” is an individual person or corporation, public authority, institution or other centre to which personal data is disclosed, irrespective of whether or not the case relates to a third party. However, public authorities which may possibly receive personal data in the context of a specific investigation job in accordance with European Union law or member states’ law do not count as recipients; the processing of such data by such public authorities takes place in accordance with applicable data protection regulations corresponding to the purposes of processing.
(10) Third parties
A “third party” is an individual person or corporation, public authority, institution or other centre – other than the data subject, the data manager, the job processor and the parties – which is authorised to process the personal data subject to the direct responsibility of the data manager or of the job processor.
The data subject’s “consent” is any indication of consent given voluntarily for a specified case, in an informed and fully comprehensible way – in the form of a declaration or any other unequivocal action constituting confirmation – by means of which the data subject indicates that the data subject consents to the processing of the personal data relating to the data subject.
LEGITIMACY OF PROCESSING
The processing of personal data is legitimate only if there is a legal basis for the processing. Particular examples of a legal basis for processing may be as follows, under Article 6, paragraph 1, clauses a) – f), GDPR:
a. The data subject has given consent for the processing of personal data relating to the data subject, for one or more specific purposes;
b. Processing is required for purposes of the fulfilment of a contract to which the data subject is a party, or for the carrying-out of pre-contractual procedures which are implemented at the data subject’s request;
c. Processing is required for purposes of fulfilling a legal obligation which is incumbent upon the data subject;
d. Processing is required in order to protect essential interests held by the data subject or by any other individual person;
e. Processing is required for purposes of completing a task which is in the public interest or which is carried out by order of the public authorities and has been transferred to the data manager;
f. Processing is required in order to protect the justified interests of the data manager or of any third party, if it is the case that the interests or the basic rights and basic freedoms of the data subject – requiring the protection of personal data – have to take precedence, particularly where the data subject is a child.
INFORMATION CONCERNING THE COLLECTION OF PERSONAL DATA
- Please find below some information concerning the collection of personal data when our website is used. Examples of personal data are: names, addresses, email addresses and user behaviour.
- When contact is made with us by email, the data which you disclose (your email address, possibly your name and your telephone number) will be processed by us for purposes of answering your questions. We will erase the data arising in this connection once it is no longer necessary to store such data, or otherwise the processing will be restricted, where there are statutory storage obligations.
Collection of personal data when our website is visited
When you use our website purely for purposes of gathering information – i.e. if you do not sign up or if you do not disclose information to us by any other means – we will collect only such personal data as your browser passes to our server. If you would like to look at our website, we will collect the following data – data which we technically need in order to provide you with a display of our website and in order to ensure stability and security (here, the legal justification is Article 6, paragraph 1, clause 1, sub-clause f), GDPR):
- IP address
- Date and time of enquiry
- Time zone difference relative to Greenwich Mean Time (GMT)
- Content of request (specific page)
- Access status/HTTP status code
- Quantity of data transferred in a given instance
- Website from which the request originates
- Operating system and its interface
- Browser software language and version.
Utilisation of cookies
(1) In addition to the above-mentioned data, cookies will be stored on your computer when you use our website. Cookies are small text files which the browser which you are using will allocate and store on your hard drive, and through which the centre which is using the cookie will receive certain information. Cookies cannot run any programs or transfer viruses onto your computer. Their purpose is to make your overall Internet experience more user-friendly and more effective.
(2) This website uses the following types of cookie, and we will explain their scope and their mode of operation below:
- Transient cookies (see a. above)
- Persistent cookies (see b. above)
a. Transient cookies are erased by automated means once you close your browser. This includes session cookies, in particular. Session cookies store a “session ID” by means of which various requests from your browser can be attributed to the session as a whole. Accordingly, your computer can be recognised when you return to our website. Session cookies are erased once you log off or close your browser.
b. Persistent cookies are erased by automated means once a preset period – which may differ from one cookie to another – has elapsed. At any time, you can erase the cookies by visiting the security settings in your browser.
c. You can configure your browser settings according to your own preferences, and you can, for example, choose to accept third-party cookies or to decline all cookies. “Third-party cookies” are cookies which are used by a third party and – consequently – not used by the actual website which you have just visited. Please note that if you deactivate cookies, you may possibly not be able to use all the functions of this website.
Cookies which are not technically necessary can be set only subject to consent as granted by yourself (as derived from the legal justification corresponding to Article 6, paragraph 1, clause 1, subclause a), GDPR.
You can use the following link at any time in order to adapt your cookie settings, and to revoke any consents already issued: Data protection settings.
Our website’s further functions and services
- In addition to the purely information-based use of our website, we offer various services which may be of interest to you. In order to use them, you will normally need to disclose further personal data which we will use in order to provide the corresponding service, and which will be subject to the above-mentioned data-processing principles.
- To some extent, we use external providers for the processing of your data. These providers have been carefully selected and appointed by ourselves, they work subject to our instructions and are regularly monitored. Necessary agreements concerning job processing have been negotiated.
- We may also pass your personal data on to third parties if we act in conjunction with partners to offer participation in campaigns, gambling games, the opportunity to negotiate contracts or similar services, to the extent that you have issued us with your corresponding consent. The legal basis for this comes from Article 6, paragraph 1, clause 1, sub-clause a), GDPR. You will receive further information when you disclose your personal data or – further on – where the offer is described.
- Where our providers or our partners are based in a country outside of the European Economic Area (EEA), we take precautions in order to have the transfer of data configured such as to comply with data-protection requirements.
Our offer of services is essentially addressed to adults. Those under the age of 18 should not disclose any personal data to us without the consent of parents or guardians.
ONLINE APPLICATION PROCEDURES
(1) Scope of data processing
On our website, you have the option of submitting applications.
In order for you to participate in application procedures, it is necessary to disclose personal data. This data will include, amongst other items: identification data such as your forename, surname, date of birth, your contact details such as your address, telephone number or email address, together with data concerning your education and/or professional history, such as school reports and professional references, details of training courses, traineeships or previous employers. This data may originate from an application form which had to be filled in online on the application platform, or it may consist of documents which you yourself have submitted, such as a letter, a CV, an application-related photo, references or other items of proof for professional qualifications. Data which is an essential requirement for participating in the application procedure will be appropriately designated as required information.
In this Data Protection Declaration, where we do not mention the name of any third party who is providing the online application function, this means that no data will be forwarded to any third parties.
(2) Purpose and legal basis for data processing
We process the above-mentioned data for purposes of completing the application procedure. If you have issued us your consent, then the legal basis for the processing of data will be Article 6, paragraph 1, clause 1, sub-clause a), GDPR. If the above-mentioned data is processed for purposes of setting up a relationship of employment/contractual relationship, then the legal basis will be Article 88, paragraph 1, GDPR, in conjunction with §26, Paragraph 1, GDPR, and/or Article 6, paragraph 1, clause 1, sub-clause b), GDPR.
(3) Duration of storage
Your data will be erased as soon as it is no longer required for achieving the purpose for which it was collected. In the event that – following the application procedure – a relationship of employment or of education, a traineeship or other service relationship should arise – then in the first instance the data will continue to be stored and will be transferred to your personal files. Otherwise the application procedure will terminate once a decline has been received. In that event, the data will be erased after six months. No data will be erased if any further processing and storage of your personal data should be required – in any given instance – for purposes of proving, exercising or defending legal claims. In such cases, we hold a justified interest in continued processing and storage of your personal data. The legal basis for this comes from Article 6, paragraph 1, clause 1, sub-clause f), GDPR. A further instance of data not being erased is where we are obliged – on the basis of legal regulations – to continue storing your personal data.
(4) Revocation and objection
At any time, you are entitled to revoke consent which you previously issued to us. In particular, you are entitled at any time to withdraw your application. In the context of your application procedure, you should disclose to us only such personal data as is required in order for you to participate in the application procedure – and for the procedure to be completed. There is no legal or contractual obligation to disclose any data. Please note, however, that without such data we will be unable to complete the application procedure, such that it will not be possible to give consideration to your application. At any time, you can have the stored data concerning yourself amended.
ORGANISING A VIDEO MEETING
On our website, we offer our customers the opportunity to arrange a video meeting with our Marketing Department.
If you utilise our contact form for purposes of setting up the video meeting, we will ask you for some personal information. You will need to indicate your name and your telephone number in order for us to respond to your request. Any further information concerning yourself may be disclosed voluntarily.
Your details will be emailed directly to us, and then processed further.
The processing of data for purposes of establishing contact with us is conducted on the basis of your freely granted consent. When you set the consent checkbox and click on “Request video meeting now” button, you are effectively giving your consent for the processing of your contact details for the above mentioned purposes. If you do not wish to give your corresponding consent, then you should break off the procedure. Then the contact form will not be sent out, and none of your data will be processed.
Accordingly, the data entered on your contact form will be processed exclusively within the framework of your consent (Article 6, paragraph 1, clause 1, sub-clause a), GDPR). At any time, you can revoke this consent with future effect. In order to do so, you should write to Spitzer Silo-Fahrzeugwerke GmbH, Brühlweg 10, 74834 Elztal-Dallau, or otherwise send an email to firstname.lastname@example.org.
We utilise your data only to the extent required for purposes of processing your contact enquiry and for further correspondence with you. The data which we collect for purposes of using the contact form will be stored with us for purposes of handling your enquiry and in order to deal with any subsequent questions, and will then be erased – as required under data protection regulations – after the enquiry which you submitted has been completed, unless any other statutory storage obligation is applicable.
If you contact us using the Microsoft Teams videoconferencing tool, then we will process the following data in connection with the online meeting:
- Communications details (e.g. email address)
- Personal master data
- Authentication data
- Content of communications
- Log files, protocol data, meta data (e.g. IP address, point in time of being online, etc.)
- Details of your profile with MS Teams
Microsoft Teams is part of Microsoft 365. Microsoft Teams is a collaboration tool which also includes a videoconferencing function. Microsoft 365 is a program from the following provider: Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399 USA. Microsoft reserves the right, in its conditions of use, to process customer data for its own business purposes. We can exercise no influence over Microsoft’s processing of data. With Microsoft, we have negotiated data protection agreements in order to be able to ensure a minimum of data protection.
The legal basis for the processing of personal data – as described here – is Article 6, paragraph 1, clause 1, sub-clause f), GDPR. The required justified interest which we hold for this purpose arises from the great benefit which our customers obtain from being able to communicate personally with our employees, and from the objective of improving our customer service by means of customer satisfaction polls.
You can find more information about how your data is processed by Microsoft by consulting Microsoft’s data protection declaration on https://privacy.microsoft.com/de-de/privacystatement.
You can find more information about how your data is processed by Microsoft Teams by using the following link: https://docs.microsoft.com/de-de/microsoftteams/teams-privacy.
INCORPORATION OF GOOGLE MAPS
(1) This website uses Google Maps, from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for the display of interactive (national) maps in order to provide a visual display of geographical information. When you use this service, you will receive a display of our location, which makes it easier for you to visit our premises..
(2) Please note that even when you merely call up the subsidiary pages with which the Google Maps map is incorporated, information about your use of our website (such as, for example, your IP address) will be transferred to Google’s servers, where it will be stored. In this connection, your information may also be transferred to the servers of Google LLC in the USA. This will happen irrespective of whether Google provides a user account by means of which you are logged in, and irrespective of whether there is any user account in place. When you are logged in with Google, your data is directly attributed to your account. If you do not wish for your profile to be used for attribution with Google, then you should log off before you press the button. Google stores your data (even for users who are not logged in) as user profiles, and analyses them.
(2) Collection, storage and analysis take place in accordance with Article 6, paragraph 1, clause 1, subclause f), GDPR, on the basis of Google’s justified interest in fading in personalised advertising, market research and/or the appropriate configuration of Google websites. You hold a right of objection to the configuration of such user profiles, and in order to exercise that right you will need to contact Google.
(3) If a corresponding consent for the setting and/or storage of cookies was requested and issued, then processing will take place exclusively on the basis of Article 6, paragraph 1, clause 1, sub-clause a), GDPR. At any time, you can revoke your consent with future effect by clicking on “Change data protection settings”. Then an opt-out cookie will be set, which prevents the logging of your data on your future visits to this website.
You can find out more about data protection by visiting http://www.google.de/intl/de/policies/privacy/
You can find the conditions for use for Google Maps on https://www.google.de/intl/de/policies/terms/regional.html and on https://www.google.com/intl/de_US/help/terms_maps.html.
INCORPORATING YOUTUBE VIDEOS
(1) We have included YouTube videos in our online service; these are stored on https://www.youtube.com/ and can be played directly from our website. [All of these are incorporated in “expanded data protection mode”, which means that no data about yourself as a YouTube user is transferred if you do not play the videos. Only if you play the videos will the data mentioned in paragraph 2 be transferred. We have no control over this transmission of data.]
(2) By virtue of your visit to the website, YouTube receives information to the effect that you have called up a corresponding subsidiary page of our website. Furthermore, the data mentioned in §3 of this Declaration will be released. This will happen irrespective of whether YouTube provides a user account by means of which you are logged in, and irrespective of whether there is any user account in place. When you are logged in with Google, your data is directly attributed to your account. If you do not wish for your profile to be used for attribution with YouTube, then you should log off before you press the button. YouTube will store your data as user profiles and will use it for purposes of advertising, market research and/or the appropriate configuration of its website. A particular purpose for such analysis being conducted (and this includes users who are not logged in) is to provide appropriate advertising in order to inform other users of this social network about your activities on our website. You hold a right of objection to the configuration of these user profiles, and in order to exercise this right you will need to contact YouTube.
(3) Our purpose – in incorporating YouTube – is to enable us to present you with various videos on our website, so that you can watch them directly on our website.
The legal basis for the processing of personal data – as described here – is Article 6, paragraph 1, clause 1, sub-clause f), GDPR. The necessary, justified interest which we hold in this connection resides in the great benefit which is offered by YouTube. By incorporating external videos, we are able to place less of a load on our servers, and can use the corresponding resources for other purposes. Amongst other benefits, this can enhance the stability of our servers. YouTube and/or Google also hold a justified interest in enhanced (personally-related) data in order to improve its own services.
If a corresponding consent for the setting and/or storage of cookies was requested and was issued, then processing will take place exclusively on the basis of Article 6, paragraph 1, clause 1, sub-clause a), GDPR. At any time, you can revoke your consent with future effect by clicking on “Change data protection settings”. Then an opt-out cookie will be set, which prevents the logging of your data on your future visits to this website.
You can find out more information by consulting the data protection tips given by YouTube and/or by Google, which you can download from the following address: www.google.com/policies/privacy/
You can apply privacy settings for your Google account by means of the following link: https://www.google.com/account/about/?hl=de
DATA SUBJECTS’ RIGHTS
(1) Revoking consent
If the processing of personal data is based on consent which has been issued, then you hold the right at any time to revoke your consent. The revoking of consent does not affect the legitimacy of processing which took place on the basis of consent until such consent was revoked.
You can contact us at any time in order to exercise your right of revocation.
(2) Right of information
At any time, under Article 15, GDPR, you are entitled to receive information about the data which we have processed. In particular, you can ask for information concerning the purposes of processing, the categories of the data which has been processed, the categories of potential recipients and the planned duration of storage.
(3) Right of amendment
Under Article 16, GDPR, you hold the right to require us to promptly notify you of any incorrect, personally-related data. You hold the right (subject to taking account of the purposes of the processing) to require – by making an additional declaration, if necessary – that any incomplete personally-related data should be supplemented.
(4) Right of erasure (“Right to be forgotten”)
Under Article 17, GDPR, you can require the erasure of your data if the storage of such data is no longer necessary and if there is no other form of legal basis for the processing of it. You can also require erasure if you have filed an objection to the processing and if there are no justified reasons, taking a higher priority, for the further processing of your data, and if your data was processed unjustifiably, or if there is a legal obligation for it to be erased under EU law or national law.
(5) Right for restriction of processing
Under Article 18, GDPR, furthermore, you hold the right for restriction of processing if you wish to contest the correctness of the data for a period which will enable the data manager to investigate the correctness of the data; if the processing was unjustified, although you decline the erasure of the data; if the purpose of the processing has been completed although the data is needed for purposes of substantiating your legal claims or if you have objected to it under Article 21, GDPR, and if it is not yet certain whether the data manager’s justified reasons take precedence over your own interests.
(6) Right for transferability of data
Under Article 20, GDPR, you hold the right to receive the data concerning yourself in a currently viable, structured and system-readable format (transferability of data). Furthermore, you can have a situation established – subject to certain prerequisites – whereby your data is transmitted directly from a data manager, to the extent that this is technically possible.
(7) Right of contestation
You hold the right at any time to object to the utilisation of your data for the above-mentioned purposes (Article 21, GDPR). This is possible to the extent that your objection is substantiated against direct advertising or if there are reasons for objection inherent in your particular situation. In the case of objection against direct advertising, you hold a general right of objection which will be applied by ourselves with no need for any particular situation to be indicated.
(8) Right of presenting an objection to a supervisory body
Irrespective of any other form of available Governmental or Court redress, you also hold the right of filing an objection with a supervisory body, particularly in the member state in which you reside, at your workplace or in the location of the claimed infringement, if the data subject believes that the processing of the personal data relating to the data subject constitutes an infringement of the corresponding Regulation.
You can find a list of supervisory bodies (for the non-public sphere) together with the corresponding address, on:
CHANGES TO OUR DATA PROTECTION PROVISIONS
We reserve the right to amend our security and data protection measures to the extent that this is necessary in connection with technical developments. In such cases, furthermore, we will adapt our data protection statements as appropriate. Consequently, we would ask you to consult the version of our Data Protection Declaration which is applicable at the time. The current status is April 2021.