Below we inform you of how we collect personal data when you use our website. Personal data are all data which relate to you personally, e.g. your name, address, email, user behaviour. We employ technical and organisational security measures in order to protect your data from incidental or deliberate manipulation, loss, destruction and access by unauthorised persons. Our security measures are reviewed regularly and keep pace with technological advances.
1 Controller for data processing
The controller according to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is
BANDES GmbH
Ohmstraße 1
23701 Eutin
Germany (see our Company Information).
2 Opportunity to contact our Data Protection Officer
You can reach our Data Protection Officer under our postal address with the addition “Data Protection Officer”.
3 Your rights
You have the following rights towards us in relation to your personal data:
3.1 General rights
You have the right to information, rectification, erasure, limited processing, to object to the processing and to data portability. If the processing is based on your consent, you have the right to withdraw your consent in relation to us with effect for the future.
3.2 Rights in the event of data processing according to a legitimate interest
According to Art. 21 para. 1 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 e GDPR (Data processing in the public interest) or Art. 6 para. 1 f GDPR (data processing to protect a legitimate interest), including profiling based on those provisions. If you object, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.
3.3 Rights in case of direct marketing
Where we process your personal data for direct marketing purposes, then you in accordance with Art. 21 para. 2 GDPR shall have the right to object at any time to processing of the personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes.
3.4 Right to lodge a complaint with a supervisory authority
You further have the right to lodge a complaint with the competent supervisory authority regarding processing of your personal data by us.
4 Collection of personal data when you visit our website
If you visit our website merely for information purposes, i.e. if you do not register or send us information in any other way, we only collect the personal data which your browser sends to our server. When you request to view our website, we collect the following data which are technically required for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6 para. 1 f GDPR:
Name of the website accessed, file, data and time of the access, data volume transmitted, report of successful access, browser type and version, user operating system, referrer URL (page visited previously), IP address and requesting provider.
5 Contact by email or contact form
When you contact us by email or via the contact form, we save the data provided by you (your email address, if applicable your name and your phone number) in order to respond to your query. Where our contact form asks for input not required to establish contact, we have marked these as optional. This information helps us to tailor our response to your query and to better process your request. You provide this information entirely voluntarily and with your consent, Art. 6 para. 1 a GDPR. If this information relates to communication methods (e.g. email address, phone number), you further give your consent for us to contact you using this communication method to answer your query. You may of course withdraw this consent at any time.
We delete any data obtained in this context once storage is no longer required, or we restrict processing if the data is subject to legal retention obligations.
6 Applications
You may apply to our company electronically at any time, particularly by email or online forms. We will of course only use your data to process your application, and not pass on your data to third parties. Please note that encrypted emails are not transmitted with access protection.
If you are applying for a specific role, and this role has already been filled, and we think that you may be suited, or better suited, to a different role, we would like to forward your application within the Company. Please let us know if you do not agree to such forwarding.
Your personal data will be deleted when the application process ends, or after a maximum of 6 months if you have not given your explicit approval for longer storage of your data or if we have concluded a contract. The legal basis is Art. 6 para. 1 a, b and f GDPR and § 26 of the German Federal Data Protection Act (BDSG).
7 Use of cookies
When you use our website, we place cookies on your computer. Cookies are small text files which are allocated to the browser used by you and saved on your hard drive and which ensure that the location of the cookie receives specific information. Cookies cannot execute programmes or transmit viruses to your computer. Their purpose is to make the website offer more user-friendly and effective overall.
This website uses the following types of cookies whose scope and functionality are explained below:
7.1 Transient cookies
These cookies are deleted automatically when you close your browser. They particularly include session cookies. These cookies save a so-called session ID which is used to allocate different browser queries to the joint session. This means that your computer can be recognised when you return to our website. The session cookies are deleted if you log out or close the browser.
7.2 Persistent cookies
These cookies are deleted automatically after a specific duration which can vary by cookie. You can delete these cookies at any time in your browser’s security settings.
7.3 Flash cookies
The Flash cookies used are not saved by your browser, but by your Flash plug-in. We also use HTML5 storage objects, which are saved on your end device. These objects save the required data independently of the browser used by you and do not have an automatic expiry date. If you want to prevent Flash cookies from being processed, you must install the relevant add-on, e.g. “Better Privacy” for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by setting your browser to Private Mode. We also recommend regularly deleting your cookies and browser history manually.
7.4 Preventing cookies
You can configure your browser settings as desired and e.g. reject third-party cookies or all cookies. We need to point out that this can mean that you will not be able to use all functions on this website.
You can manage many online display cookies from companies via the US site
http://www.aboutads.info/choices/ or the EU site
http://www.youronlinechoices.com/uk/your-ad-choices/.
7.5 Legal basis and storage duration
The legal bases for a possible processing of personal data and for the storage durations can vary, and these are presented in the following sections.
8 Website analysis
We use different services as presented below to analyse and optimise our websites. We e.g. analyse how many users visit a site, what information is most in demand and how users find the offer. We e.g. record data relating to which website the data subject visited before our website (so-called referred), which subpages of the website were accessed, how often and how much time was spent on the subpage. This helps us to improve offers and make them more user-friendly. The data collected are not used to personally identify individual users. The data collected are anonymous or highly pseudonymised. The legal basis for this is Art. 6 para. 1 f GDPR.
8.1 Google Analytics
This website uses Google Analytics, a web analysis service by Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Its use includes the operating type Universal Analytics. This makes it possible to allocate data, sessions and interactions to a pseudonymised user ID across several devices and thus to analyse a user’s activities across devices.
Google Analytics uses cookies which make it possible to analyse your use of the website. The information regarding your use of this website, which is created by the cookie, is normally sent to the Google server in the USA and saved there. If IP anonymisation is enabled on this website, Google first abbreviates your IP address in countries that are Member States of the European Union or Contracting Parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to the Google server in the USA and abbreviated there. The IP address transmitted by your browser as part of Google Analytics is not combined with the other Google data. Commissioned by the operator of this website, Google will use this information in order to analyse use of the website, compile website activity reports and provide other services related to website or internet use for the website operator. These purposes also constitute our legitimate interest in the data processing. The legal basis for using Google Analytics is § 15 para. 3 TMG and Art. 6 para. 1 f GDPR. The data sent by us and linked to cookies, user IDs or advertising IDs are deleted automatically after 14 months. Data which have reached the end of their retention duration are deleted automatically once a month. For more information on the Terms and Conditions of Use and on Data Privacy, see https://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de
You can prevent cookies from being saved by setting your browser software accordingly; however, we would like to point out that in such a case, you will be unable to fully use all functions of this website. In addition, you can prevent the data created by the cookie and related to the use of the website (incl. your IP-address) from being recorded by Google and processed by Google by downloading and installing http://tools.google.com/dlpage/gaoptout?hl=de. Opt-out cookies prevent your data from being recorded when you visit this website in future. In order to prevent Universal Analytics across several devices, you must implement the opt-out on all systems used. Click here to add the opt-out cookie: to display interactive maps directly on the website and allows you to easily use the map function.
When you visit the website, Google receives the information that you have accessed the relevant subpage of our website. In addition, the data mentioned in Section 4 of this Statement are transmitted. This is done regardless of whether Google provides a user account, whether you are logged into this account, or whether you have no such account. If you are logged into Google, your data are allocated directly to your account. If you do not want this information to be allocated to your Google profile, you must log out before enabling this button. Google saves your data as user profiles and uses them for advertising, market research and/or other purposes relating to designing a website tailored to market need. Such an analysis is performed (including for users who are not logged in) particularly to provide advertising tailored to market need and to inform other users of the social network of your activities on our website. You have the right to object to the creation of such user profiles, but to exercise this right, you must contact Google.
For more information on the purpose and scope of the data collection and processing by the plug-in provider, please see the providers’ Data Privacy Statement. This is also where you can find out more about your rights and settings options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has subjected itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
10 Data transfer
Your data are not generally transferred to third parties, except where we are legally obligated to do so, or if the data transfer is required to implement the contractual relationship, or if you have explicitly consented to a transfer of your data in advance.
Your data are only made available to external service providers or partner companies if this is necessary. In such cases, the scope of the disclosed data is limited to the absolute minimum amount of data required. To the extent that our service providers come in contact with your personal data, we ensure in the context of order processing as per Art. 28 GDPR that they equally comply with the provisions of the data protection laws. Please also refer to the relevant providers’ Data Privacy Statements. The relevant service provider is responsible for third-party services, even though we also monitor compliance of the services with the legal requirements where this is reasonable.
11 Data security
We employ technical and organisational security measures in order to protect your data from incidental or deliberate manipulation, loss, destruction and access by unauthorised persons. Our security measures are reviewed regularly and keep pace with technological advances.
As at May 2018