Data Protection

Schoeller Werk GmbH & Co. KG (hereinafter Schoeller) takes the protection of personal data very seriously. We have therefore implemented technical and organisational measures to ensure compliance with the data protection regulations at Schoeller. All activities on the web conform with the applicable legal regulations pertaining to the protection of personal data and data security. We are constantly improving our security measures in line with technological development. However, we cannot warrant complete data security with regard to e-mail communication. We therefore advise you to send confidential information by post.

In using our website, you give your consent to the collection and processing of your personal data pursuant to this data protection Information.

$1 Information about the collection of personal data

(1) The following section informs you about the collection of personal data when using our website. Personal data refers to all data that refer to you personally, e.g. name, address, e-mail addresses, user behaviour.

(2) The controller pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is Schoeller Werk GmbH & Co., Im Kirschseiffen, D-53940 Hellenthal/ Eifel. You can contact our data protection officer under our postal address stating “Data Protection Officer” or at Datenschutz@schoellerwerk.de.

(3) When you contact us by e-mail or using a contact form, we save the data that you provide (your e-mail address, possibly your name and your phone number) so that we can answer your questions. We erase the data acquired in this way once storage is no longer necessary, or we limit the processing where statutory retention obligations apply.

(4) If we use contracted service providers for individual functions, we shall inform you in detail about the respective processes as stated below. The same applies if we want to use your data for promotional purposes. In doing so, we will also inform you of the stipulated criteria regarding the storage period.

$2 Your rights

(1) You have the following rights against us with regard to the personal data concerning you:

  • pursuant to Art. 15 GDPR you have the right to demand access to your personal data being processed by us. In particular you can demand information about the purposes of the processing, the categories of personal data, the categories of recipient to whom the personal data have been or will be disclosed, the planned storage period; about the existence of the right to request rectification, erasure or restriction of processing or the right to object to such processing and the right to lodge a complaint; about the source of your data if not collected by us, and about the existence of automated decision-making, including profiling with meaningful information about the details;
  • pursuant to Art. 16 GDPR you have the right to obtain the rectification without due delay of any inaccurate data or to have incomplete personal data saved by us completed;
  • pursuant to Art. 17 GDPR you have the right to obtain the erasure of your personal data saved by us unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • pursuant to Art. 18 GDPR you have the right to obtain restriction of processing of your personal data insofar as you contest the accuracy of the personal data, the processing is unlawful but you oppose the erasure of the personal data and we no longer need the data, but you require them for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Article 21 GDPR;
  • pursuant to Art. 20 GDPR you have the right to receive your personal data which you made available to us, in a structured, commonly used and machine-readable format or the right to demand transmission of the data to another controller;
  • pursuant to Art. 7 (3) GDPR you have the right to withdraw your consent from us at any time. This means that we are no longer allowed to continue in future with the data processing referred to in this consent, and

(2) Insofar as your personal data are processed on the basis of legitimate interests pursuant to Art. 6 (1) f GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation or if your objection pertains to processing for direct marketing. In the latter case you have a general right to object which shall be implemented by us without stating a particular situation.

Please send your enquiry/objection to info@schoellerwerk.de or in writing to the following address:

Schoeller Werk GmbH & Co. KG

Im Kirschseiffen

D-53940 Hellenthal/ Eifel

(3) Furthermore, you have the right to lodge a complaint with a data protection supervisory authority about the way we process your personal data.

$3 Collection of personal data on visiting our website

(1) On making a purely informational visit to the website, i.e. without registering or providing us with any other information, we only collect the personal data sent by your browser to our server. When you merely view our website, we collect the following data that are technically necessary for us to show you our website and to warrant stability and security (the legal basis is Art. 6 (1) f GDPR):

–    IP address

–    Date and time of the enquiry

–    Content of the request (specific page)

–    Access status/HTTP status code

–    Data volume transmitted in each case

–    Website from which the request comes

–    Browser

–    Operating system and its user interface

–    Language and version of the browser software.

(2) We use cookies on our website. These are small files that are automatically created by your browser and saved on your device (laptop, tablet, smartphone etc.) when you visit our website. Cookies do not cause any damage to your device. They do not contain any viruses, Trojans or other malware.

(2) The cookies store information resulting in the context of the specific device being used. However, this does not give us direct knowledge of your identity. On the one hand, the use of cookies lets us make our website more pleasant for you to handle. We use so-called session cookies to recognise that you have already visited individual pages of our website. They are erased automatically when you leave our website.

(3) We also use temporary cookies to make the website more user-friendly. These are saved on your device for a certain defined period. When you visit our website again to use our services, they recognise automatically that you visited us before and see which inputs and settings you activated so that you don’t have to do that again.

(4) On the other hand, we use cookies to keep statistical records of the use of our website. The statistics are evaluated in order to optimise our website for you (see no. 4). When you revisit our website, these cookies recognise automatically that you visited us before. These cookies are erased automatically after a certain period of time.

(5) The data processed by cookies are necessary for the stated purposes to protect our legitimate interests and those of third parties pursuant to Art. 6 (1) f GDPR.

(6) Cookies are accepted automatically by most browsers. However, you can configure your browser so that no cookies are saved on your computer or so that a message appears every time before a new cookie is created. However, if you disable cookies completely, you may possibly no longer be able to use all the functions of our Website.

$4 Use of Piwik

(1) This website uses the web analysis service Piwik to analyse the use of our website so that regular improvements can be made. The corresponding statistics let us improve our service and make it more interesting for you as user. The legal basis for using Piwik is Art. 6 (1) (f) GDPR.

(2) Cookies (see details in § 3) are stored on your computer to proceed with this evaluation. The controller saves the information generated in this way only on his server in [Germany]. You can adjust the evaluation by erasing existing cookies and by preventing them from being saved. Please note that when you prevent cookies from being saved, you may not be able to use the full functionality of this website. You can adjust your browser to prevent cookies from being saved. You can prevent the use of Piwik by removing the following tick and thereby activating the opt-out-plug in: Piwik Objection Form

(3) This website uses Piwik with the “AnonymizeIP” setting. As a result, the IP addresses are only used in abbreviated form in order to eliminate direct reference to persons. Your IP address transmitted with Piwik will not be associated with any other data held by us.

(4) Piwik is an open source project. Information about the third-party provider regarding data protection can be found on https://piwik.org/privacy/policy.

$5 Social media plug-ins

(1) We currently use the following social media plug-ins: [Facebook, Xing, LinkedIn]. In doing so, we use the so-called two-click solution. That means when you visit our website, in principle no personal data are forwarded initially to the providers of the plug-ins. You can recognise the provider of the plug-in by the marking on the box over his initial letter or the logo. We offer you the possibility of communicating directly with the provider of the plug-in by pressing the button. You have to click on the marked field to activate it before the plug-in provider is informed that you have accessed the corresponding page of our website. In addition, the data named under § 3 of this statement are transferred. In case of Facebook and Xing, the IP address is rendered anonymous immediately, according to the respective providers in Germany. In other words, on activating the plug-in, your personal data are transmitted to the respective plug-in provider and saved there (in the USA for US-American providers). The plug-in provider collects data especially using cookies so that we advise you to erase all cookies using the security settings of your browser before you click on the greyed out box.

(2) We have no influence on the collected data and data processing, nor do we know the full scope of data collection, the purposes of processing or the storage periods. Nor do we have any information about erasing the collected data by the plug-in provider.

(3) The plug-in provider saves the data collected about you as a use profile which is then implemented for the purposes of advertising, market research and/or appropriate design of his website. This kind of evaluation is carried out particularly to display appropriate advertising (even for users that have not logged on) and to inform other social network users about your activities on our website. You are entitled to object to the generation of these user profiles: to do so, you must contact the respective plug-in provider. With these plug-ins, we offer you the possibility of interacting with the social networks and other users so that we can improve our website and make it more interesting for you as user. The legal basis for using the plug-ins is Art. 6 (1) (f) GDPR.

(4) The data are forwarded regardless of whether you have an account with the plug-in provider and have logged in. If you have logged in with the plug-in provider, your data collected on our website are associated directly with your existing account with the plug-in provider. When you press the activated button and e.g. link the page, the plug-in provider also saves this information on your user account and shares it publicly with your contacts. We recommend that you log off regularly after using a social network, but especially before activating the button, so that you can prevent any association with your profile with the plug-in provider.

(5) More information about the purpose and scope of data collection and processing by the plug-in provider can be found in the privacy policies of these providers as stated below. Here you can also find more information about your corresponding rights and how you can adjust the settings to protect your privacy.

(6) Addresses of the respective plug-in providers and URLs with their privacy policies:

Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; https://www.facebook.com/policy.php; more information about data collection: https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-other#applications and https://www.facebook.com/about/privacy/your-info#everyoneinfo.

Facebook subscribes to the EU US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://www.xing.com/privacy.

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy. LinkedIn subscribes to the EU US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

$6 Integration of YouTube clips

(1) We have integrated some YouTube clips on our website. The clips are saved on https://www.YouTube.com and can be played directly from our website. The clips have all been integrated in “extended data protection mode”. Accordingly, no data about you as user are transferred to YouTube if you do not play the clips. The data named in paragraph 2 are not transferred until you play the clips. We have no influence on this data transfer.

(2) On visiting the website, YouTube is informed that you have accessed the corresponding subpage of our website. In addition, the data named under § 3 of this statement are transferred. This happens regardless of whether you are logged on via a YouTube user account or whether no user account exists. If you are logged on to Google, your data are associated directly to your account. If you do not want to be associated with your profile on YouTube, you must log out before pressing the button. YouTube saves your data as use profile for the purposes of advertising, market research and/or appropriate design of its website. This kind of evaluation is carried out particularly to display appropriate advertising (even for users that have not logged on) and to inform other social network users about your activities on our website. You are entitled to object to the generation of these user profiles: to do so, you must contact YouTube.

(3) More information about the purpose and scope of data collection and processing by YouTube is provided in their privacy policy. Here you can also find more information about your rights and how you can adjust the settings to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and subscribes to the EU US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

$7 Other functions and features of our website

(1) In addition to the purely informational use of our website, we also offer various services which you can use if these are of interest to you. As a rule, you will then have to give additional personal data that we use to provide the respective service and which are subject to the principles of data processing named above.

(2) In some cases, we use external service providers to process your data. We have selected these service providers carefully and commissioned them accordingly. They are required to act in compliance with our instructions and are checked regularly.

(3) Furthermore, we can forward your personal data to third parties if necessary for contract management, for asserting our rights, especially asserting claims arising from contractual relationships and for protecting our own legitimate business interests in terms of advising and supporting our customers, and when we offer the conclusion of contracts or similar services together with partners. You will receive more information about this when you state your personal data; further details can also be found below in the description of the offer.

 (4) Insofar as our service provider or partner should be based in a state outside the European Economic Area (EWR), we will inform you about the resulting consequences in the description of the offer.

$8 Data security

In the context of your visit to our website, we use the widespread SSL method (secure socket layer) in conjunction with the highest encryption level supported by your browser. As a rule, this refers to 256 bit encryption. If your browser does not support 256 bit encryption, we will revert to 128 bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the fact that the key or lock symbol is shown closed in the bottom status bar of your browser.

Otherwise we use suitable technical and organisational measures to protect your data from random or intentional manipulation, partial or complete loss, destruction or unauthorised third-party access. We are constantly improving our security measures in line with technological development.

$9 Changes in the data protection Statement

We reserve the right to update this data protection statement from time to time, particularly to incorporate changing legislation or jurisprudence. You are therefore advised to visit this website regularly to keep informed about the protection and processing of your data.

$10 General

Here at Schoeller we also take data protection within the company very seriously.

The pertinent statutory regulations demand that personal data are processed so as to warrant the rights of the data subjects to the confidentiality and integrity of their data. According to these regulations, it is forbidden to proceed with unauthorised or unlawful processing of personal data or to intentionally or unintentionally violate the security of processing in such a way that causes destruction, loss, alteration or unintentional disclosure or unauthorised access.

We have therefore obtained a commitment from our employees to maintain confidentiality and in particular to comply with the data protection regulations for upholding confidentiality pursuant to Art. 5 (1) f, Art. 32 (4) General Data Protection Regulation (GDPR).

Accordingly, the employees are forbidden from proceeding with unauthorised processing of personal data or to use them or make them available to third parties in any form. When external service providers are commissioned by Schoeller to proceed with the processing of personal data for the first time, they are bound by contract to comply with the requirements of Art. 28 GDPR.

 

May 2018