privacy

Data privacy statement

We would like to thank you for visiting our website (www.doppstadt.de, www.doppstadt.com, www.doppshop.de) and are very pleased that you are interested in our group of companies. Data protection is particularly important for the management of Doppstadt Umwelttechnik GmbH. Our website can usually be used without providing any personal information. If a data subject would like to make use of particular services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

Personal data such as the name, address, e-mail address or phone number of a data subject are always processed in accordance with the EU’s General Data Protection Regulation and in accordance with the country-specific data privacy regulations that are applicable for Doppstadt Umwelttechnik GmbH. With this privacy policy we aim to inform you about the type, scope and purpose of the personal data that we collect, use and process. In addition to that, this privacy policy also informs data subjects about their rights.

As controller, Doppstadt Umwelttechnik GmbH has implemented a number of technical and organizational measures in order to ensure the most seamless protection for personal data processed via this website. That said, internet-based data transfers can generally involve security vulnerabilities, making it impossible to guarantee complete protection. For this reason, every data subject is free to communicate personal data to us in an alternative manner at their discretion, for instance, by phone.

1. Definitions

The privacy policy of Doppstadt Umwelttechnik GmbH is based on terms used by the European regulators and legislators when enacting the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand both for the general public and for our customers and business partners. To ensure this, we would like to explain the terms that are used here in advance. In our privacy policy, we use the following terms, among others:

a) Personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter called “data subject concerned” or “data subject”). An identifiable natural person is one, who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Affected person

An affected person is any identified or identifiable natural person, whose personal data are processed by the controller.

c) Processing

(4) Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Blocking of processing

Blocking of processing means the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling

Profiling is any type of automated processing of personal data that comprises the use of personal data to evaluate certain personal aspects relating to a natural person, especially in order to analyze or predict aspects relating to work performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change in location of this natural person.

f) Pseudonymization

Pseudonymization means the processing of personal data in such a way that personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and subject to technical and organizational measures ensuring that the personal data cannot be assigned to an identified or identifiable natural person.

g) Controller

Controller means the natural or legal person, public authority, institution or any other body, while alone or jointly with others determines the purposes and means of processing personal data. If the purposes and means of such processing are specified on the basis of European Union law or the law of the member states, the controller or the specific criteria for his or her designation can be provided in accordance with European Union law or the law of the member states.

h) Processor

Processor means a natural or legal person, public authority, institution or any other body which processes personal data on behalf of the controller.

i) Recipient

Recipient means a natural or legal person, public authority, institution or any other body, to which personal data are disclosed, regardless of whether it is a third party or not. Public authorities which possibly receive personal data as part of a specific investigation mandate under European Union law or the law of the member states, are not deemed as recipients.

j) Third party

A third party is a natural or legal person, public authority, institution or any other body other than the data subject concerned, the controller, the processor and the persons, who are authorized to process the personal data under the direct responsibility of the controller or the processor.

k) Consent

Consent is any declaration of intent voluntarily given by the data subject for the specific case in an informed manner and unambiguously in the form of a declaration or any other recognizable affirmative act, with which the data subject indicates that they agree with the processing of their personal data.

2. Name and address of the controller and contact details of the data security officer

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union and other provisions of data protection nature is the:

Doppstadt Umwelttechnik GmbH
Steinbrink 4
D-42555 Velbert
Tel. +49 2052 889-0
Fax. +49 2052 889-144
e-mail: info[at]doppstadt.de
Internet: www.doppstadt.de

The controller has appointed a data security officer who can be reached as follows:

Doppstadt Umwelttechnik GmbH
Data security officer Stephan Viehoff
Steinbrink 4
D-42555 Velbert
Tel. +49 2052 889-0
Fax. +49 2052 889-144
e-mail: datenschutz[at]doppstadt.de

Every data subject is entitled to contact our data security officer directly at any time with any questions and suggestions he or she may have relating to privacy protection.

3. Collection of general data and information when visiting our website

Our website collects some general data and information every time it is accessed by a data subject or an automated system. Such general data and information are stored in the server’s log files. The following may be collected

(1) the operating system used by the accessing system and its interface,

(2) the browser type used including language and version of the browser software,

(3) the website, from which an accessing system reaches our website (a so-called referrer),

(4) the sub-websites which are accessed by an accessing system on our website,

(5) the date and the time of access to the website (including time zone difference to Universal Time Coordinated (UTC),

(6) the amount of data transferred in each respective case,

(7) the internet protocol address (IP address),

(8) the internet service provider of the accessing system

(9) other similar data and information that serves to avert risks in case of attack on our information technology systems.

When using such general data and information, Doppstadt Beteiligungs GmbH does not draw any conclusions about the data subject. This information is needed to

(1) correctly provide the contents of our website,

(2) optimize the contents of our website and the advertising for it,

(3) ensure the permanent functionality of our information technology systems and the technology of our website,

(4) provide law enforcement authorities with the necessary information for prosecution purposes in case of a cyber attack.

This anonymously collected data and information are thus evaluated on the one hand statistically and on the other hand with the objective of increasing data protection and security in our company in order to ultimately ensure an optimum level of security for the personal data that we process. The anonymous data from server log files are stored separately from all personal data provided by a data subject.

4. Cookies

We use cookies on our website. Cookies are small text files that are saved locally on your computer by your web browser (e.g., Mozilla Firefox or Internet Explorer) when you visit our website. They are only saved there for a session ("session cookie") or longer ("persistent cookie").

Many websites and servers use cookies. Many cookies contain a “cookie ID,” which is a unique identifier that consists of a string of characters that websites and servers use to associate cookie with the specific web browser on which the cookie is stored. This allows the visited websites and servers to distinguish the data subject's individual browser from other web browsers that contain other cookies. The specific web browser can be recognized and identified by the unique cookie ID.

By using cookies, we can provide the users of our website with more user-friendly services that would not be possible without cookies.

The information and offers on our website can be optimized to the user using a cookie. As we have already mentioned, cookies allow us to recognize our users when they revisit the website. The purpose of this recognition feature is to make it easier for users to use our website.

Some of our website's features cannot be offered without the use of technically required cookies. On the other hand, other cookies allow us to perform various analyses. Among other things, we use cookies to make our website more user-friendly and effective for you, for example, by tracking your use of our website and identifying your preferences. If third parties process information using cookies, they will collect the information directly via your browser. Cookies do not damage your end device. They cannot execute programs and do not contain viruses.

Our website uses different cookies whose nature and function are explained in more detail below.

Type of cookies used:

Type 1: Session cookies

Our website uses session cookies, which are automatically deleted as soon as you close your browser. These types of cookies are technically necessary to enable you to use our website.

Type 2: Persistent cookies

Our website also uses persistent cookies. Persistent cookies are cookies that, even if you close your browser, continue to be stored in your browser or on your hard drive for a longer period of time. They are activated each time you revisit the web page that has set the cookie or are recognized in some other way, for example, by an advertising network. The information stored in the persistent cookie is then transmitted to the website or advertising network. The storage period varies depending on the cookie. You can delete persistent cookies through your browser settings.

Origin of cookies:

First-party cookies

First-party cookies are created by the operator of the website that the user is visiting and cannot be read across websites.

Third-party cookies

Third-party cookies are not created by the operator of the website that the user is currently visiting, but rather by a third party who sets his own cookie through the operator's website. We will let you know in this data privacy policy if a third party sets cookies through our website.

Functions of the used cookies:

Function 1: Required cookies

These cookies are required for technical reasons so that you can visit our website and use the features we offer. This applies, for example, to cookies that ensure that your user-defined configuration of functionalities you have set up on our website is maintained across sessions. In addition, these cookies contribute to safe and proper use of the website.

Function 2: Performance-related cookies

These cookies allow us to analyze website use and improve the performance and functionality of our website. For example, cookies collect information about how our website is used by visitors, which pages of the website are accessed the most frequently, or whether error messages are displayed on certain pages.

Function 3: Cookies for marketing:

Advertising cookies (third party providers) allow various offers to be displayed that are tailored to your interests. These cookies can be used to track the user's web activity over a longer period of time. The cookies may even recognize you on several of the end devices you use.

Cookies based on function 2 and 3 will only be activated if you have given your consent. You can give your consent by actively clicking on "Accept" in the displayed notice (if necessary after selecting individual cookies or groups of cookies for which you give your consent). You can revoke your consent at any time by, for example, revisiting this consent banner and changing your settings. Your revocation does not affect the legality of the processing that was performed based on the previously granted consent until you revoked it.

Note: if you elect to use your right of objection to the use of these cookies, an opt-out cookie will be set in your browser that blocks the operator of the website or a third party from collecting any more data via advertising cookies. If you delete this opt-out cookie, the operator or third party will once again be able to collect your data. Make sure that you check the useful life of an opt-out cookie.

If you have given us your consent to use cookies based on the notice displayed on the website ("cookie banner"), the legality of the use shall also be based on Article 6 (1) clause (1) (a) of the GDPR. The legal basis for technically required cookies (in other words, those that are necessary for the smooth functioning of our website) is Article 6 (1) (c) of the GDPR.

Most browsers are designed to accept cookies by default; however, you can configure your respective browser to accept only certain cookies or no more cookies at all. Please be aware that you may not be able to use functions of our website and may instead receive warning or error messages on our website when cookies are deactivated in your browser settings.

You can also delete cookies that are already stored in your browser through your browser settings. It is also possible to set your browser to notify you before storing cookies. Since the various browsers may differ in their respective functionalities, we ask you to refer to your browser's Help menu for the configuration options. Information about the most common web browsers can be found here:

If you would like a comprehensive overview of all third-party access to your web browser, we recommend installing plug-ins that have been specially developed for this.

We recommend that you completely unsubscribe after you have finished using a device that you share with others if the browser is set to allow cookies.

5. Contact

You have the option of contacting us by mail, phone fax or e-mail.

If you contact us by mail, we can process in particular your address data (e.g. first and last name, address, place of residence, postal code), date and time of receipt of your correspondence and any data that are provided in your correspondence.

If you have contacted us, it is possible that a secretary service may also process your data and send that to us after receipt of your communication. Depending on the data that you provide her, we will contact you either by phone, fax or e-mail and call you back or write you if necessary.

If you contact us by phone, your phone number in particular and, if required, your name, e-mail address, time of the call and details relating to the reason for your call will be processed during the call upon request.

If you contact us by fax, the fax number or the sender ID as well as the data resulting from the fax will be processed in particular.

When contacting us via e-mail, your e-mail address, time of the e-mail and any data resulting from the text (including documents possibly attached) will be processed in particular.

The purpose of processing the above data is to process your contact request and to be able to contact you in order to answer your request. The legal basis for the above-described processing of personal data is Art. 6 Para. 1 (f) of GDPR. It is our legitimate interest to offer you the opportunity to contact us at any time and to respond to your inquiries.

The personal data will only be processed for as long as is necessary to process the contact request.

6. Registration on our website

You have the opportunity of registering on your website by providing your personal data. The personal data transmitted to us are determined by the respective entry screen that is used for registration. The personal data provided by you will only be collected and stored for our internal use and for our own purposes. We can transfer such data to one or more processors, e.g. a parcel service, who also uses personal data exclusively for use, which can be attributed to us.

When registering on our website, the IP address assigned by your Internet Service Provider (ISP), the date and the time of your registration are also saved. These data are stored in light of the fact that the misuse of our services can only be prevented in this manner and such data also enable the investigation of crimes committed if necessary. In this respect, the storage of such data is necessary for our own security. In general, such data are not provided to third parties, unless there is a legal obligation to do or the provision is used for law enforcement purposes.

Your registration takes place subject to voluntary disclosure of your personal data to us in order to offer you contents or services, which can only be offered to registered users as a result of the nature of the matter. Registered persons are free to change the personal data provided during registration at any time or to have such data deleted from the database in full.

Upon request, we will provide every data subject with information about the personal data that we have saved with regard to them. We moreover correct or delete personal data on request or at your notice, unless stipulated otherwise by statutory safekeeping obligations. All of our employees are available to you as contact in this context.

7. Use of our webshop

If you would like to place an order in our webshop at www.doppshop.de, it is necessary for completing the contract that you provide the personal data that we need for processing your order. Mandatory information which is necessary for processing contracts shall be marked separately, additional information is voluntary. We process the data provided by you in order to take care of your order. To do this, we are able to send your payment information to our main bank or a payment service provider. The legal basis for this is Art. Art. 6 Para. 1 Cl. 1 (b) of GDPR.

You can voluntarily create a customer account by allowing us to save your data for later purchases. When creating an account, the data provided by you will be stored revocably. You can also delete all other data, including your user account, at any time in the customer section.

We can also process the data that you provide in order to inform you about other interesting products in our product range or send you e-mails with technical information.

Due to commercial and tax regulations, we are obligated to store your address, payment information and order details for a period of ten (10) years.

To prevent unauthorized access by third parties to your personal data, in particular financial data, the order process is encrypted using TLS technology.

8. Use of data when registering for the e-mail newsletter

On the website of Doppstadt Umwelttechnik GmbH, users have the opportunity to subscribe to our company’s newsletter. The personal data transmitted to during the subscription to our newsletter come from the entry screen used for this purpose.

Doppstadt Umwelttechnik GmbH regularly informs its customers and business partners about the company’s range of products by way of a newsletter. In general, our company’s newsletter may only be received by the data subject if

(1) the data subject has a valid e-mail address and

(2) the data subject has registered to receive the newsletter.

For legal reasons, a confirmation e-mail will be sent to the e-mail address entered by the data subject initially when subscribing to the newsletter on the basis of a double-opt-in process. This confirmation e-mail is used to check whether the owner of the e-mail address as data subject has authorized the receipt of the newsletter.

When registering to receive the newsletter, we moreover save the IP address assigned by the internet service provider (ISP) for the computer system used by the data subject at the time of registering as well as the time and date of registration. The collection of such data is necessary in order to be able to track any (possible) misuse of a data subject’s e-mail address at a later date and thus serves to provide legal protection for the controller.

The personal data collected during the registration to receive the newsletter are used exclusively to send our newsletter. Moreover, subscribers to the newsletter could be informed via e-mail if this is necessary for operating the newsletter service or for a registration in this regard, as may be the case in the event of changes to the newsletter offer or changes in technical factors.

Personal data collected as part of the newsletter service are not passed on to third parties. The data subject is entitled to cancel the subscription to our newsletter at any time. Consent to store personal data that the data subject has provided us for sending newsletters can be revoked at any time. Every newsletter contains a corresponding link for revoking this consent. Moreover, it is possible to unsubscribe from the newsletter directly on our website at any time or to inform us in this regard in another manner.

9. Newsletter tracking

The newsletters of Doppstadt Umwelttechnik GmbH contain so-called tracking pixels. A tracking pixel is a miniature graphic element that is embedded in e-mails which are sent in HTML format in order to allow for a recording and analysis of the log file. It enables a statistical evaluation of the success or failure of online marketing campaigns. Based on embedded tracking pixels, Doppstadt Umwelttechnik GmbH is able to recognize whether and when an e-mail has been opened by a data subject and which links in the e-mail have been clicked by the data subject.

Such personal data collected using a tracking pixel contained in a newsletter are stored by us and evaluated in order to optimize the sending of newsletters and to even better adapt the contents of future newsletters to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are entitled to revoke at any time the declaration of consent given separately in this regard using the double-opt-in procedure. After revoking the consent, the personal data will be deleted by us. Unsubscribing from our newsletters automatically means for Doppstadt Umwelttechnik GmbH revocation of consent.

10. Contact option on our website

Due to statutory regulations, the website of Doppstadt Umwelttechnik GmbH contains information that enables visitors to quickly contact us electronically and communicate directly with us, which also include a general e-mail address. If you contact us by e-mail or by using the contact form, the personal data that you provide will be saved automatically. Such personal data provided to us on a voluntary basis are saved for processing purposes or to be able to contact you. Such personal data are not passed on to third parties.

11. Routine deletion and blocking of personal data

We process and store your personal data only for the period that is necessary to attain the purpose of storage or if this has been provided for by the European regulators and legislators or another legislator in laws or regulations to which we are subject.

If the purpose of storage no longer applies or if a storage period prescribed by the European regulators and legislators or another legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

12. Rights of the data subject

a) Right to confirmation

Every data subject has the right as granted by European regulators and legislators to request confirmation from the controller with regard to whether personal data relating to the data subject are processed. If a data subject would like to make use of this right to confirmation, they are entitled to contact an employee of the controller at any time.

b) Right to information

Any person affected by the processing of personal data has the right granted by European regulators and legislators to obtain information free of charge about their personal data stored and receive a copy of such information from the controller at any time. Moreover, the European regulators and legislators have granted affected persons to receive the following information:

  • Purposes of processing
     
  • Categories of personal data that are processed
     
  • The recipients or categories of recipients, to whom the personal data have been or will be disclosed, in particular for recipients in third countries or for international organizations
     
  • If possible, the planned duration, for which the personal data are stored, or if that is not possible, the criteria for determining this duration
     
  • The existence of a right to correct or delete the personal data relating to the data subject or to restrict the processing of personal data by the controller or a right to object to such processing
  • The existence of a right to file a complaint with a supervisory authority
     
  • If the personal data are not collected from the data subject concerned: All available information about the origin of the data
     
  • The existence of an automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 of GDPR and – at least in these cases – meaningful information on the logic involved as well as the scope and the desired effects of such processing for the data subject.

Moreover, the data subject also has the right to be informed as to whether the personal data were transferred to a third country or an international organization. If this is the case, the data subject is also entitled to receive information about the appropriate guarantees in connection with the transfer.

If a data subject would like to make use of this right to information, they are entitled to contact an employee of the controller at any time.

c) Right to correction

Every data subject affected by the processing of personal data has the right granted by European regulators and legislators to request immediate correction of any incorrect personal data relating to them. Moreover, the data subject is entitled to request completion of incomplete personal data, even by means of a supplementary statement, while taking into account the purposes of processing.

If a data subject would like to make use of this right to correction, they are entitled to contact an employee of the controller at any time.

d) Right to deletion (Right to be forgotten)

Every data subject affected by the processing of personal data has the right as granted by European regulators and legislators to request that the controller immediately delete the personal data relating to them if one of the following reasons applies and as far as processing is not necessary:

  • The personal data were collected for such purposes or processed in another manner for which the data are no longer needed.
     
  • The data subject revokes their consent, which processing was based on under Art. 6 Para. 1 (a) of GDPR or Art. 9 Para. 2 (a) of GDPR, and there is no other legal basis for the processing.
     
  • The data subject objects to the processing in accordance with Art. 21 Para. 1 of GDPR, and there are no overriding legitimate reasons for the processing, or the date subject objects to the processing in accordance with Art. 21 Para. 2 of GDPR.
     
  • The personal data were processed unlawfully.
     
  • The deletion of personal data is necessary for fulfilling a legal obligation under EU law or the law of member states, to which the controller is subject.
     
  • The personal data were collected with regard to offered services of the information society in accordance with Art. 8 Para. 1 of GDPR.

If one of the aforementioned reasons applies and a data subject wants to have their personal data stored by Doppstadt Beteiligungs GmbH deleted, they can contact an employee of the controller at any time. The employee of Doppstadt Beteiligungs GmbH will arrange for the immediate compliance with the deletion request.

If the personal data were disclosed or released by Doppstadt Umwelttechnik GmbH and our company as controller is obligated under Art. 17 Para. 1 of GDPR to delete the personal data, then Doppstadt Umwelttechnik GmbH shall undertake appropriate measures, including those of a technical nature, while taking into account the available technology and implementation costs, in order to inform other controllers who are processing the disclosed personal data that the data subject has requested the deletion of all links to the personal data or copies or replications of the relevant personal data by these other data controllers, provided that the processing thereof is not necessary. The employee of Doppstadt Umwelttechnik GmbH will take the necessary steps in individual cases.

e) Right to restrict processing

Every data subject affected by the processing of personal data has the right as granted by European regulators and legislators to request that the controller restrict processing if one of the following prerequisites has been satisfied:

  • The accuracy of the personal data is disputed by the data subject, for a period of time that enables the controller to check the accuracy of the personal data.
     
  • The processing is unlawful, the data subject declines the deletion of personal data and instead requests the restriction of the use of personal data.
     
  • The controller no longer needs the personal data for processing purposes, but the data subject requires such information to assert, exercise or defend any legal claims.
     
  • The data subject has objected to processing in accordance with Art. 21 Para. 1 of GDPR and it is not yet clear whether the controller’s legitimate reasons outweigh those of the data subject.

If one of the aforementioned requirements has been fulfilled and a data subject wants to have their personal data stored by Doppstadt Umwelttechnik GmbH deleted, they can contact an employee of the controller in this regard at any time. The employee of Doppstadt Umwelttechnik GmbH will take the necessary steps to restrict processing.

f) Right to portability of personal data

Every data subject affected by the processing of personal data has the right as granted by European regulators and legislators to receive the personal data that they have provided to the controller in a structured, standard and machine-readable format. The data subject moreover has the right to transfer such personal data to another controller without any hindrance on part of the controller, who had received the personal data, provided that the processing is based on the consent given in accordance with Art. 6 Para. 1 (a) of GDPR or Art. 9 Para. 2 (a) of GDPR or on a contract under Art. 6 Para. 1 (b) GDPR and processing is carried out with the aid of automated processes if the processing is not necessary for carrying out a task that is in the interest of the general public or in the exercise of official authority, which was transferred to the controller.

Moreover, the data subject has the right when exercising their right to portability of the personal data in accordance with Art. 20 Para. 1 of GDRP to have the personal data directly sent from one controller to another controller, provided that this is technically feasible and that that is not adversely affected by the rights and freedoms of other persons.

To assert the right to portability of personal data, the data subject may contact an employee of Doppstadt Umwelttechnik GmbH at any time.

g) Right to object

Every data subject affected by the processing of personal data has the right as granted by European regulators and legislators for reasons arising from a particular situation to object at any time to the processing of personal data relating to them, which is based on Art. 6 Para. 1 (e) or (f) of GDPR. This also applies to profiling based on these provisions.

Doppstadt Umwelttechnik GmbH will no longer process personal data in case of an objection, unless we are able to provide compelling legitimate reasons for such processing that outweigh the interests, rights and freedoms of the data subject or the processing serves the assertion, exercising and defense of legal claims.

If Doppstadt Umwelttechnik GmbH processes personal data for direct advertising purposes, the data subject has the right to object to the processing of personal data at any time for the purpose of such advertising. This also applies to profiling insofar as it involves such direct advertising. If the data subject objects to data processing by Doppstadt Umwelttechnik GmbH for the purpose of direct advertising, Doppstadt Umwelttechnik GmbH will no longer process personal data for such purposes.

In addition, the data subject has the right for reasons that result from their particular situation to object to the processing of personal data relating to them, which is carried out at Doppstadt Umwelttechnik GmbH for scientific or historical research purposes or for statistical purposes according to Art. 89 Para. 1 of GDPR, unless such processing is necessary for fulfilling a task in an official interest.

To assert the right to object, the data subject may contact any employee of Doppstadt Umwelttechnik GmbH directly. The data subject is moreover free to assert their right to object with the aid of automated procedures subject to technical specifications in connection with the use of services of the information society, regardless of Directive 2002/58/EC.

h) Automated decisions in individual cases including profiling

Every data subject affected by the processing of personal data has the right as granted by European regulators and legislators not to be subjected to a decision based solely on automated processing – including profiling, which has a legal effect on them or similarly has a significant impact on them, provided that the decision

(1) is not necessary for forming or fulfilling an agreement between the data subject and the controller, or

(2) is admissible as a result of statutory provisions of the European Union or the member states, which the controller is subject to and these statutory provisions contain appropriate measures for safeguarding the rights and freedoms and the legitimate interests of the data subject or

(3) is made with the express consent of the data subject.

If the decision

(1) is necessary for forming or fulfilling an agreement between the data subject and the controller, or

(2) is made with the express consent of the data subject,

Doppstadt Umwelttechnik GmbH takes appropriate measures for safeguarding the rights and freedoms as well as the legitimate interests of the data subject, which at least includes the right to obtain the involvement of a person on part of the controller, to present their own position and to contest the decision.

If a data subject would like to make use of rights relating automated decisions, they are entitled to contact an employee of the controller in this regard at any time.

i) Right to revoke consent under data privacy laws

Every data subject affected by the processing of personal data has the right as granted by European regulators and legislators to revoke consent to processing of personal data at any time.

If a data subject would like to assert their right to revoke consent, they are entitled to contact an employee of the controller in this regard at any time.

j) Right to file a complaint with a supervisory authority

If you are of the opinion that the processing of personal data concerning you violates the GDPR, you have the right to complain to a supervisory authority, in particular in the member state of your place of residence, your place of work or the location of the alleged infringement without prejudice to any other administrative or judicial remedy.

The supervisory authority, to whom the complaint was submitted, shall inform the complainant about the status and the results of the complaint, including the possibility of any judicial remedy in accordance with Art. 78 of GDPR.

Contact details for the competent supervisory authority:

Landesbeauftragte für Datenschutz und Informationsfreiheit
(State Official for Data Privacy and Freedom of Information)
North Rhine Westphalia
Helga Block
Postfach 20 04 44
40102 Düsseldorf
Kavalleriestraße 2-4
40213 Düsseldorf
Tel.: +49(0)2 11/384 24-0
Fax: +49(0)2 11/384 24-10
e-mail: poststelle[at]ldi.nrw.de
Homepage: http://www.ldi.nrw.de

13. Data protection for applications and in the application process

We collect and process the personal data of applicants in order to carry out the job application process. Processing can able carried out electronically. This is especially the case if an applicant sends us the relevant application documents electronically, e.g. by e-mail or by using a web form via our website.

If we enter into an employment agreement with an applicant, the data transferred are stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If we do not enter into an employment agreement with the applicant, the application documents will be automatically deleted six (6) months of announcing the rejection, provided that there are not any other legitimate interests on our part preventing a deletion. Other legitimate interests in this sense is, e.g., an obligation to provide proof in a process based on the Allgemeines Gleichbehandlungsgesetz (AGG: Germany’s General Law on Non-discrimination).

14. Use of Facebook Custom Audiences including Facebook Pixel

This website uses the remarketing function "Custom Audiences" from Facebook Inc. ("Facebook"). This enables users of the website to be shown interest-based advertisements ("Facebook ads") when visiting the social network Facebook or other websites that also use the method. We are therefore interested in showing you advertisements that are of interest to you in order to make our website more interesting for you. Your express consent is required for this.
Facebook Custom Audiences is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland; The parent company is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
Due to the marketing tools used, your browser automatically establishes a direct connection to the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you are visiting our website Accessed the website or clicked on one of our advertisements. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered on Facebook or have not logged in, there is a possibility that the provider will find out and save your IP address and other identification features.
With the help of the Facebook pixel, Facebook is able, on the one hand, to determine the visitors of our online offer as a target group for the display of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to only display the Facebook ads we have placed to those Facebook users who have shown an interest in our online offer or who have certain that we transmit to Facebook ("Custom Audiences"). With the help of the Facebook pixel, we would also like to ensure that our Facebook ads correspond to the potential interest of the users and do not have a nuisance. With the help of the Facebook pixel, we can also understand the effectiveness of Facebook advertisements for statistical and market research purposes by seeing whether users were forwarded to our website after clicking on a Facebook advertisement (so-called "conversion").
Furthermore, when using the Facebook pixel, we use the additional function "extended comparison" (this includes data such as telephone numbers, email addresses or Facebook IDs of the users) to form target groups ("custom audiences" or "look alike audiences") ) transmitted to Facebook (encrypted). You can find further information on "extended comparison" at https://www.facebook.com/business/help/611774685654668.
The legal basis for the processing of your data is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

 

Revocation of your consent

We only use Facebook Custom Audiences with your consent. You can withdraw your consent once you have done so by clicking

  • prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of our website to their full extent;
  • Deactivate your consent using our consent tool;
  • As a logged in user, deactivate the "Facebook Custom Audiences" function at https://www.facebook.com/settings/?tab=ads#_.

Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy.  

15. Privacy notice for our Facebook fan page

We maintain a fan page on the Facebook social media platform. Facebook Ireland Ltd (“Facebook”) provides us as “administrator” with “Facebook Insights”. These involve different statistics that provide us with information about the use of our Facebook fan page by visitors. More information in this regard can be found at
https://www.facebook.com/business/pages/manage#page_insights.

Facebook processes various information (including personal data) in order to generate these statistics.

In accordance with Art. 26 of GDPR, Facebook and we share a joint responsibility when it comes to the processing of Insights data. For the in-depth regulation of the respective responsibility, Facebook has prepared an updated Page Insights addendum that took effect on November 28, 2019 and shall apply to further use of Facebook pages as of this date.

We provide you with this information from Facebook in words as part of the required transparency below; You can also find this directly on Facebook’s page at
https://www.facebook.com/legal/terms/page_controller_addendum.

 

* * *

 

Information about Page Insights

If people use Facebook products like pages, among other things, Facebook (including “we” or “us”) collects information as described in Facebook’s Data Policy under “What kinds of information do we collect?” (Information about how we use cookies and similar technologies can be found in our Cookie Policy).

This also includes information about how people use Facebook products, e.g. the types of contents the people view or with whom they interact, or the actions they take (see under “Thins you and others do and provide” in Facebook Data Policy) as well as information about the devices you use (e.g. IP addresses, operating system, browser type, language settings, cookie data; see under “Device Information” in Facebook’s Data Policy). The information that Facebook actually collects depends on whether and how people use the Facebook Products.

As explained in Facebook’s Data Policy under “How do we use this information?”, Facebook also collects and uses information in order to provide analytical services, so-called Page Insights, for page administrators, so that they have information about how people interact with their pages and the associated contents. The processing of personal data for Page Insights may be subject to the following agreement on shared responsibility (Pages Insights Controller Addendum).

Data processing for Page Insights

Page Insights are compiled statistics that are generated on the basis of certain events that are logged by Facebook servers if people interact with pages and contents associated with them. Such events consist of varying data points, which include, e.g., the following, depending on the specific event:

  • An action. This includes actions like the following (you can see the actions that are available for your page in the Insights section of your page):
    • Viewing a page, a post, a video, a story or other contents associated with a page
    • Interacting with a story
    • Following or unfollowing a page
    • Liking or unliking a page or a post
    • Recommending a page in a post or comment
    • Commenting on, sharing or reacting to a page’s post (including the type of reaction)
    • Hiding a page’s post or reporting it as spam
    • Moving the mouse over a link to a page or its name or the profile picture of a page in order to preview the page’s contents
    • Clicking on the website, phone number, “Get directions” button or another button on a given page
    • Viewing the event on a page, reacting to an event (including the type of reaction), clicking on an link for event tickets
    • Starting a Messenger communication with the page
    • Viewing or clicking on items in a page’s shop
       
  • Information about the action, the person taking the action, and the browser/app used for that. These are for example:
    • Date and time of action
    • Country/city (estimated from IP address or imported from user profile in case of logged-in users)
    • Language code (from the browser’s http header and/or language setting)
    • Age/gender group (from the user profile, only for logged-in users)
    • Previously visited websites (from the browser’s http header)
    • Whether the action was taken from a computer or a mobile device (from the browser’s user agent or from app attributes)
    • Facebook user ID (only for logged-in users)

We determine whether people are logged-in users of Facebook via cookies in accordance with our Cookie Policy. Only a few events can be triggered by people who are not logged into Facebook. This includes, among other things, visiting a page or clicking on a photo or video in a post to view it.

Page administrators do not have access to personal data that are processed as part of events but only access to the aggregated Page Insights. Events that are used to generate Page Insights do not store any IP addresses, cookie IDs or any other identifiers associated with people or their devices aside from a Facebook user ID for people logged into Facebook.

The events logged by Facebook to generate Page Insights are determined exclusively by Facebook and cannot be set, changed or otherwise influenced by page administrators.

Pages Insights Controller Addendum

Where an interaction of people with your page and the content associated with it triggers the creation of an event for Page Insights which includes personal data for whose processing you (and/or any third party for whom you are creating or administering the page) determine the means and purposes of the processing jointly with Facebook Ireland Limited, you acknowledge and agree on your own behalf (and as agent for and on behalf of any such other third party) that this Page Insights Controller Addendum ("Page Insights Addendum") applies:

  • You and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook Ireland”, “we” or “us”; together the “Parties”) acknowledge and agree to be joint controllers in accordance with Art. 26 of GDPR for the processing of personal data in events for Page Insights (“Insights Data”). The joint controllership covers the creation of those events and their aggregation into Page Insights that are provided to page administrators. The Parties agree that for any other processing of personal data in connection with a page and/or the content associated with it for which there is no joint determination of the purposes and means, Facebook Ireland and, as the case may be, you, remain separate and independent controllers.
  • The processing of Insights Data is subject to the provisions of this Page Insights Addendum. They apply to all activities in the course of which Facebook Ireland, its employees or processor(s) process Insights Data.
     
  • Facebook Ireland's and your responsibilities for compliance with the obligations under the GDPR with regard to the processing of Insights Data are determined as follows:
    • Facebook Ireland: Facebook Ireland will ensure that it has a legal basis for the processing of Insights Data, which are set out in the Data Policy of Facebook Ireland (see under “What is our legal basis for processing data?”). Unless specified otherwise in this Page Insights Addendum, Facebook Ireland assumes the responsibility for compliance with the applicable obligations under the GDPR for the processing of Insights Data (including, but not limited to, Art. 12 and 13 of GDPR, Art. 15 to 21 of GDPR, Art. 33 and 34 of GDPR). Facebook Ireland will implement appropriate technical and organizational measures to ensure the security of the processing in accordance with Art. 32 of GDPR. This does include the measures listed in the Annex below (as updated from time to time, for example to reflect technological developments). All employees of Facebook Ireland involved in the processing of Insights Data are bound by appropriate obligations to maintain the confidentiality of Insights Data.
    • Page administrators: You should ensure that you also have a legal basis for the processing of Insights Data. In addition to the information provided to data subjects by Facebook Ireland via the Information about Page Insights, you should identify your own legal basis including the legitimate interests you pursue, if applicable, the responsible data controller(s) on your side including their contact details as well as the contact details of the data protection officer(s) (Art .13 Para. 1 (a – d) of GDPR), if any.
       
  • Facebook Ireland will make the essence of this Page Insights Addendum available to data subjects (Art. 26 Para. 2 of GDPR). This is currently done via the Information about Page Insights data, which can be accessed from all pages.
     
  • Facebook Ireland decides in its sole discretion how to comply with its obligations under this Page Insights Addendum. You acknowledge and agree that only Facebook Ireland has the power to implement decisions about the processing of Insights Data. You also acknowledge and agree that the lead supervisory authority for the joint processing is the Irish Data Protection Commission (notwithstanding Article 55(2) of GDPR, where applicable).
  • This Page Insights Addendum does not grant you any right to request the disclosure of personal data of Facebook users that is processed in connection with Facebook Products, including especially for Page Insights that we provide to you.
     
  • The Parties designate the communication channels referenced in the Information about Page Insights data or in any subsequent document as contact points for data subjects.
     
  • If data subjects exercise their rights under GDPR with regard to the processing of Insights Data against you (Art. 26(3) of GDPR), or you are contacted by a supervisory authority with regard to the processing of Insights Data, each a "Request", you will forward all relevant information regarding such Requests to us promptly but within a maximum of seven calendar days. For this purpose, you can submit this form. Facebook Ireland agrees to answer Requests from data subjects in accordance with our obligations under this Page Insights Addendum. You agree to take all reasonable endeavors in a timely manner to cooperate with us in answering any such Request. You are not authorized to act or answer on Facebook Ireland’s behalf.
     
  • If you use a Page, you agree that any claim, cause of action or dispute that you have against us, which arises out of or relates to this Page Insights Addendum, must be resolved exclusively in the courts of Ireland, that you irrevocably submit to the jurisdiction of the Irish courts for the purpose of litigating any such claim and that the laws of Ireland will govern this Page Insights Addendum, without regard to conflict of law provisions. If you are a consumer who habitually resides in a member state of the European Union, only 4.4 of our Terms of Service applies.
     
  • We may need to update the Page Insights Addendum from time to time. By continuing any use of Pages after any notification of an update to this Page Insights Addendum, you agree to be bound by it. If you do not agree to the updated Page Insights Addendum, please stop all use of Pages. If you are a consumer who habitually resides in a member state of the European Union, only 4.1 of our Terms of Service applies.
     
  • If any portion of this Page Insights Addendum is found to be unenforceable, the remaining portion will remain in full force and effect. If we fail to enforce any portion of this Page Insights Addendum, it will not be considered a waiver. Any amendment to or waiver of these terms requested by you must be made in w Disable Google Analytics Tracking
Contact
m.e.s. ideenreich GmbH


Phone: 0049 (0) 2175 99067 0
Email: service@mesideenreich.de
Categories
Payments
Mastercard Visa Paypal
Social Network
* All prices are including VAT | plus shipping costs