Data protection policy
1. Name and contact details for the processing controller and the company data protection officer
This information on data protection applies to data processing by:
Controller: Steinmüller Engineering GmbH (hereinafter referred to as: Steinmüller), Fabrikstraße 5, D-51643 Gummersbach, Germany Email: firstname.lastname@example.org Telephone: +49 (0)2261 – 789500 Fax: +49 (0)2261 –78950199.
Steinmüller's company data protection officer may be reached at the address dhpg IT-Services GmbH, Bunsenstr. 10, 51647 Gummersbach, to the attention of Dr Christian Lenz, and/or at email@example.com or +49 2261 8195-0.
2. Collection and storage of personal data and nature and purpose of its use
a) For visiting the website
When accessing our website www.steinmueller.com, information is automatically sent to our website servers by the browser used on your end device. This information is temporarily stored in what is known as a log file. The following information is recorded without your cooperation and stored until it is automatically erased:
- IP address of the computer making the request,
- date and time of access,
- name and URL of accessed file,
- the website the page is being accessed from (referrer URL),
- browser used and, where applicable, your computer's operating system and the name of your access provider.
The stated data is processed by us for the following purposes:
- ensuring a smooth connection to the website,
- ensuring ease of use of our website,
- evaluating system security and stability and
- for other administrative purposes.
The legal basis for data processing is Article 6 section 1 clause 1f GDPR.
b) For using our contact form
We offer you the opportunity to contact us regarding any queries you may have via a contact form on the website. You must enter a valid email address, your company, first- and surname so that we know who the query has come from and so we can answer it. You may enter additional details voluntarily.
Data is processed for the purposes of making contact with us in accordance with Article 6, section 1 clause 1a GDPR, subject to your consent given voluntarily. The personal data we collect for the use of the contact form is automatically erased once your query has been dealt with.
If you have expressly given your consent or a legitimate interest exists (in accordance with Article 6 section 1 clause 1a GDPR), we will use your email address to regularly send you our newsletter. Our legitimate interest is, to promote our business. To receive the newsletter, you only need to enter an email address. You may unsubscribe at any time, via a link at the end of each newsletter, for example. Alternatively, you can also send your unsubscribe request by email to firstname.lastname@example.org at any time.
d) For job application
Steinmüller Engineering GmbH believes it is particularly important to ensure the highest possible protection of your personal data. During the job application process we use technical and organisational measures to protect all personal data collected and processed against unauthorised access and tampering. Your data will only be used for the purposes of recruitment at Steinmüller Engineering GmbH. We use your personal data in accordance with Article 6(1)(a) GDPR to process your application within our company and to send you corresponding messages. You can withdraw your consent at any time by emailing email@example.com. You have the right to information, correction and deletion of data as well as completion, restriction and issue of the data in readable format. You can assert your right to lodge a complaint with the supervisory authority of your ordinary place of residence or work or send it to our company headquarters. We will delete your data 6 months after completion of the application process.
3. Transmission of data
Your personal data will not be transferred to third parties for any purposes other than those listed in the following. We shall only pass on your personal data to third parties if:
- you have expressly consented to this in accordance with Article 6, section 1 clause 1a GDPR,
- it is necessary to pass on the data in accordance with Article 6 section 1 clause 1f GDPR in order to establish, exercise or defend legal claims and there is no reason to assume that you have an overwhelming interest worth protecting in your data not being passed on,
- there is a legal obligation to pass on the data in accordance with Article 6 section 1 clause 1c GDPR, and
- this is legally permissible and required in accordance with Article 6 section 1 clause 1b GDPR for the performance of contracts.
4. Subjects' rights
You have the right:
- to request communication regarding your personal data processed by us according to Article 15 GDPR. Specifically, you may request communication regarding the purposes of processing, the category of the personal data, the categories of recipients to whom your data was or is disclosed, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to appeal, the origin of your data, if this was not collected by us, and the existence of automated decision-making including profiling, and where necessary, meaningful information regarding the details thereof;
- to request that your personal data stored by us be rectified immediately, should it be inaccurate, or that said data be completed, according to Article 16 GDPR;
- to request the erasure of your personal data stored by us, according to Article 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to meet a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;
- to request the restriction of processing of your personal data, according to Article 18 GDPR, if you dispute the accuracy of the data, the processing is unlawful, you nevertheless oppose its erasure and we no longer require the data, you nevertheless require the data for the establishment, exercise or defence of legal claims or you have filed an objection to the processing according to Article 21 GDPR;
- to receive your personal data that you have supplied to us in a structured, commonly-used and machine-readable format or to request it be transmitted to another controller ('data portability') according to Article 20 GDPR;
- to withdraw the consent you have previously given to us at any time according to Article 7 section 3 GDPR. This shall result in us no longer being able to continue the data processing based on this consent in future and
- to lodge a complaint with a supervisory authority according to Article 77 GDPR. You can usually contact the supervisory authority in your ordinary place of residence or workplace or our company headquarters for this purpose.
5. Right to object
If your personal data is being processed on the basis of legitimate interests according to Article 6 section 1 clause 1f GDPR, you have the right, according to Article 21 GDPR, to object to the processing of your personal data if the grounds for your objection arise from your particular situation or the objection is to direct marketing. In the latter instance, you have a general right to object which is implemented by us without a particular situation being stated. If you would like to assert your right to withdraw or object, simply send an email to firstname.lastname@example.org.
6. Data security
As part of your visit to our website, we use the prevalent SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. The closed lock or castle symbol in your browser's lower status bar will indicate whether an individual page on our website is encrypted. We also make use of suitable technical and organisational security measures to protect your data from accidental or wilful manipulation, loss in whole or in part, destruction or unauthorised third-party access. Our security measures undergo constant improvement in line with advances in technology.
We use 1&1 Web Analytics cookies on our site. These are small files which are automatically created by your browser and are stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device and do not contain any viruses, trojans or other malware. The information that is stored in the cookie arises in conjunction with the specific end device being used. However, this does not mean that we directly obtain knowledge of your identity. Cookies are used partly to make using our service easier for you. Accordingly, we use what are known as session cookies to recognise that you have already visited individual pages on our website. These are automatically erased once you leave our site.
The data processed by cookies is required for the stated purposes to safeguard our legitimate interests and those of third parties in accordance with Article 6 section 1 clause 1f GDPR.
Most browsers accept cookies automatically. However, you can configure your browser to prevent cookies from being stored on your computer or to ensure that a message always appears before a new cookie is created. However, complete deactivation of cookies may prevent you from being able to use all the functions of our website.
As yet, there are no indications that tracking tools are used. However, should this occur, a description should be added to the data protection policy. We can provide a recommendation in this regard.
8. Social media plug-ins
On our website, we use social plug-ins from the social network Xing to raise awareness of our company, in line with Article 6 section 1 clause 1f GDPR. The underlying promotional purpose shall be considered a legitimate interest as defined by the GDPR. Responsibility for operation in compliance with data protection must be guaranteed by the relevant supplier. We integrate these plug-ins using what is known as the two-click method, to protect visitors to our website as much as possible.
Our website uses social media plug-ins from Xing in order to personalise your use. We use the 'SHARE' button for this purpose. This is a service from Xing. When you access a page on our web presence containing this kind of plug-in, your browser connects directly to the Xing servers. The content of the plug-in is transmitted directly from Xing to your browser and embedded into the web page.
The embedding of the plug-in informs Xing that your browser has accessed the relevant page of our web presence, even if you do not have a Xing account or are not currently logged into Xing. This information (including your IP address) is sent directly from your browser to a Xing server in xxxx and stored there.
If you are logged into Xing, Xing can assign the visit to our website directly to your Xing account. If you interact with the plug-ins, by clicking the 'SHARE' button, for example, the relevant information shall also be sent directly to a Xing server and stored there. The information is then also published on Xing and shown to your Xing contacts.
Xing can use this information for the purposes of marketing, market research and needs-based design of the Xing pages. For this purpose, Xing creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertising shown to you on Xing, to inform other Xing users of your activities on our website and to provide additional services associated with the use of Xing.
If you do not wish Xing to assign data collected via our web presence to your Xing account, you must log out of Xing before visiting our website. Please see Xing's data protection information (https://www.xing.com/privacy/) for details of the purpose and scope of data collection and further processing and use of data by Xing, your rights in this regard and setting options for protecting your privacy.
9. Validity of the data protection policy and amendments
This data protection policy is currently valid and was last updated in May 2018. Further development of our website and services or changes to legal and/or official provisions may require amendments to this data protection policy. You can view and print out the current data protection policy on the website at https://www.steinmueller.com/de/datenschutz.html at any time.
This website makes use of 1&1 WebAnalytics. This concerns a web analysis service by 1&1 Internet AG; Montabaur. WebAnalytics utilises so-called "Cookies"; Text files that are saved to your computer and which make possible an analysis of website usage. The information created by the Cookie concerning your use of this website (including your IP address, which is however, anonymised so that it cannot be allocated to a specific connection), is transferred to a 1&1 server, and it is saved there.
1&1 utilises this information to analyse your usage of the website, in order to collate and produce reports about the website activities for the website operator about website usage and the internet connected services. 1&1 will also transfer this information if necessary to third parties insofar as this is legally permitted or insofar as the data is processed by a third party contracted by 1&1. Under no circumstances will 1&1 connect your IP address with other data held by 1&1.
You can prevent the installation of Cookies by using the relevant setting in your browser software; however, as a precaution we wish to point out that in cases such as this, you will not be able to use all the functions of this website to their full extent. By using this website, you agree that the data produced about you may be used by 1&1 in the aforementioned manner, and for the aforementioned purpose.