We are using cookies in order to provide you with the best service possible. By using our site, you consent to the use of cookie. More information ok

We are using cookies in order to provide you with the best service possible. By using our site, you consent to the use of cookie. More information ok

Data Protection Declaration

[Translate to 中国語:]

Grenzebach Maschinenbau GmbH thanks you for your visit to our website and your interest in the products and services of the Grenzebach brand.

Table of contents

  1. Objective
  2. Name and address of the controller
  3. Name and address of the data protection officer
  4. General information on data processing
  5. Processing of personal data
  6. Rights of the data subject
  7. Description of individual services

    1. Contact form and E-mail contact
    2. Collection of access data

      1. Cookies & Reach Measurement
      2. Google Analytics
      3. Google Tag Manager
      4. Google Re/Marketing Services
      5. Google Ads

    3. Grenzebach Career
    4. Grenzebach Purchasing Supplier Application
    5. Newsletter

  8. Grenzebach on the social media
  9. Integration of services and contents of third parties
  10. Modifications to the Privacy Policy

 

1. Objective

This Privacy Policy explains the nature, scope and purpose of the processing (including collection, processing and use as well as obtaining consent) of personal data within or online offer and related websites, functions and contents (hereinafter referred to collectively as “online offer” or “website”). The Privacy Policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) used on which the online offer is implemented.

2. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulation is:

Grenzebach Maschinenbau GmbH
Albanusstrasse 1
86663 Asbach-Bäumenheim/Hamlar
Phone: +49 906 982-2000
E-mail: info@grenzebach.com
www.grenzebach.com

(Hereinafter referred to as “provider”, “we” or “us”).

3. Name and address of the data protection officer

If you have any questions or suggestions on the topic of data privacy, then please contact our data protection officer.

The data protection officer of the controller is:

Data Protection Officer
Albanusstrasse 1
86663 Asbach-Bäumenheim/Hamlar
Phone: +49 906 982-2000
E-mail: dataprivacy@grenzebach.com

The term “user” includes all customers and visitors of our online offer. The terms that are used, such as “user”, shall be understood as gender neutral.

4. General information on data processing

The Grenzebach Group gives high priority to protecting the personal data of visitors, applicants, employees and all third parties associated with us. If we transfer your data to a country outside the EU, then this is implemented in accordance with regulation of the EU GDPR (General Data Protection Regulation). You can be certain that we ensure the protection of your privacy and your right to data protection at all times. This Privacy Policy provides you with information about how Grenzebach handles information that is collected during your visit to the websites of the Grenzebach Group.

We only process personal data of the user subject to the relevant data protection regulations according to the principles of data economy and data avoidance. This means that data of the user are only processed if legal permission exists, particularly if the data is required for the performance of our contractual and online services or if stipulated under law, or if consent has been given.

We decide upon organisational, contractual and technical security measures in accordance with the state of the art, in order to ensure compliance with data protection laws, thereby protecting the data we process against accidental or deliberate manipulation, loss, destruction as well as against access by unauthorised persons.

If, within the context of this Privacy Policy, content, tools or other means from other providers (hereinafter collectively referred to as “third party providers”) are used and their stated headquarters are located abroad, it is to be assumed that a data transfer takes place in die the country of the third party providers’ headquarters that ensures a legally required security of the data.

5. Processing of personal data

In addition to the uses of personal data expressly stated in this Privacy Policy, they are also processed for the following purposes based on legal permission or the consent of the user:

  • The provision, execution, maintenance, optimisation and backup of our services and user services;
  • Personal data will be deleted if they have fulfilled their purpose and their deletion does not conflict with retention obligations.

6. Rights of the data subject

If your personal data is processed, then you are a data subject within the meaning of the GDPR and you are entitled to the following rights from the controller:

Right to information

You may request from the controller a confirmation regarding whether your personal data are processed by us. If such processing takes place, then you may request the following information from the controller:

The purpose for which the data are processed

(2)   The categories of the personal data that are processed

(3)   The recipients or categories of recipients to whom your personal data has been or will be disclosed

(4)   The planned duration of the storage of your personal data or, if specific information cannot be provided, criteria for determining the storage period

(5)   The existence of a right of rectification or deletion of your personal data, of a right to restriction of the processing by the controller, or a right to objection to such processing

(6)   The existence of a right to appeal to a supervisory authority

(7)   All available information about the origin of the data, if the personal data are not collected from the data subject

(8)   The existence of automatic decision-making, including profiling in accordance with Art. 22 para. 1 and 4 of the GDPR and – at least in such cases – meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject

You have the right to request information as to whether your personal data is transferred to a third country or to an international organisation. In this context, you may request to be informed about the appropriate guarantees in accordance with Art. 46 of the GDPR in connection with the transfer.

Right to rectification

You have the right to rectification and/or completion from the controller, if your processed personal data are incorrect or incomplete. The controller must implement rectification without delay.

Right to the restriction of processing

You may request that the processing of your personal data be restricted under the following conditions:

(1)   If you dispute the correctness of your personal data for a period of time that enables the controller to check to correctness of the personal data

(2)   If there is no legal basis for the processing, and you reject the deletion of the personal data, instead requesting the restriction on use of the personal data

(3)   If the controller no longer needs the personal data for processing, yet you require these in order to assert, exercise or defend legal claims

(4)   If you have filed an objection against the processing in accordance with Art. 21 para. 1 of the GDPR and it has not yet been determined whether the legitimate reasons of the controller outweigh your reasons.

If the processing of your personal data has been restricted, then such data may only be processed – with the exception of data storage – with your consent or for the assertion, exercising or defence of legal claims, or for the protection of the rights of another natural or legal person, or on the grounds of an important public interest of the European Union or a member state.

If the processing restriction has been based on the above-named conditions, then you will be notified of the lifting of the restriction in advance by the controller.

Right to deletion

Deletion obligation

You may request the controller to delete your personal data without delay, which the controller is obligated to carry out if one of the following reasons applies:

(1)   Your personal data is no longer required for the purpose for which it was collected or otherwise processed

(2)   You revoke your consent on which the processing was based, in accordance with Art. 6 para. 1 (a) or Art. 9 para. 2 (a) of the GDPR, and there is no other legal basis for processing.

(3)   You file an objection against the processing in accordance with Art. 21 para. 1 of the GDPR and there are no overriding legitimate reasons for the processing, or you file an objection against the processing in accordance with Art. 21 para. 2 of the GDPR.

(4)   Your personal data has been processed unlawfully.

(5)   The deletion of your personal data is required in order to fulfil a legal obligation under European Union law or the law of the member state to which the controller is subject.

(6)   Your personal data has been collected in relation to information society services offered in accordance with Art. 8 para. 1 of the GDPR.

Information to third parties

If the controller has made your personal data public and is obliged to delete these in accordance with Art. 17 para. 1 of the GDPR, then he/she shall implement appropriate measures, even of a technical nature, taking into consideration the available technology and implementation costs in order to inform those who process the personal data that you, as the data subject, have requested the deletion of all links to these personal data, or copies or replications of these personal data.

Exceptions

The right to deletion does not exists insofar as the processing is required for the following:

(1)   To exercise the right of freedom of expression and to information;

(2)   To fulfil a legal obligation required for processing under the law of the European Union or the member state to which the controller is subject, or to perform a task in the public interest or an act of official authority conferred upon the controller

(3)   For reasons of public interest in the area of public health in accordance with Art. 9 para. 2 (h and i) as well as Art. 9 para. 3 of the GDPR

(4)   For archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes in accordance with Art. 89 para. 1 of the GDPR, insofar as the law referred to under section a) is likely to render impossible or seriously impair the objectives of such processing, or

(5)   For the assertion, exercising or defence of legal claims

Notification obligation

If you have asserted your right to correction, deletion or restriction of the processing against the controller, then he/she is obliged to notify all recipients to whom your personal data was disclosed of this correction or deletion of the data, or of the restriction of the processing, unless this proves to be impossible or involves a disproportionate effort.

You have a right to be notified of these recipients by the controller.

Right to data portability

You have a right to receive your personal data that you have provided to the controller in a structured, commonly used and machine-readable format. In addition, you have the right to transmit these data to another controller without hindrance by the controller to whom the personal data was provided, if

(1)   the processing is based on a consent in accordance with Art. 6 para. 1 (a) of the GDPR or Art. 9 para. 2 (a) of the GDPR or on a contract in accordance with Art. 6 para. 1 (b) of the GDPR, and

(2)   the processing is implemented via automated means.

In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another controller, if this is technically feasible. Freedoms and rights of other persons must not be affected by this.

The right to data portability is not applicable to the processing of personal data that is necessary for the performance of a task in the public interest, or an act of official authority conferred upon the controller.

Right to object

For reasons arising from your particular situation, you have the right to object at any time to the processing of your personal data that is implemented based on Art. 6 para. 1 (e or f) of the GDPR; this also applies to profiling based on these provisions.

The controller will no longer process your personal data, unless the controller can prove that there are compelling and legitimate reasons that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercising or defence of legal claims.

If your personal data are processed for direct marketing purposes, then you have the right to object at any time to the processing of your personal data for direct marketing purposes; this equally applies to profiling, if it is directly connected to such direct marketing.

If you object to the processing for the purpose of direct marketing, then your personal data will no longer be processed for these purposes.

In the context of the use of information society services – notwithstanding Directive 2002/58/EC – you may exercise your right to object by automated means using technical specifications.

Right to withdraw the declaration of consent subject to statutory data protection

You have the right to withdraw your declaration of consent subject to statutory data protection at any time. The withdrawal of the consent does not affect the legality of the processing that is implemented based on the consent until the withdrawal.

Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – that has legal effect on you or that significantly impairs you in a similar manner. This does not apply, if the decision

(1)   is necessary for the conclusion or fulfilment of a contract between you and the controller,

(2)   is authorised under the law of the European Union or the member state to which the controller is subject and which also sets forth suitable measures for safeguarding your rights, freedoms and legitimate interests, or

(3)   is based on your explicit consent.

However, these decisions may not be based on special categories of personal data according to Art. 9 para. 1 of the GDPR, to the extent that there is no applicability of Art. 9 para. 2 (a or g) of the GDPR and that appropriate measures have been established for the protection of your rights, freedoms and legitimate interests.

Regarding the cases referred to in (1) and (3), the controller has to take appropriate measures in order to safeguard the rights, freedoms and your legitimate interests, at least the right to obtain intervention by a person representing the controller, to state one’s own position and to contest the decision.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judiciary remedy, particularly in the member state of your habitual residence, place of work or place of the alleged infringement, if you consider the processing of your personal data a violation against the GDPR.

The responsible supervisory authority is: Bayerisches Landesamt für Datenschutzaufsicht

Address
Promenade 27 (Schloss)
PO Box 606
91522 Ansbach

Contact
Phone: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
E-mail: poststelle@lda.bayern.de

Possibility of lodging a complaint and of elimination

E-mail addresses have been established in order to assert to assert the rights of data subjects. Please send your queries to these addresses. These are partially service-specific addresses and are described below for the individual services. In the case of basic data protection questions, please contact the data protection officers. Please understand that we must maintain a process for queries in which your personal identity must be unequivocally determined, and it must be checked whether the deletion is even permitted.

7. Description of individual services

7.1 Contact form and E-mail contact

Description

Our website has a contact form that can be used for contacting us electronically. If a user makes use of this, then the data entered on the screen are transmitted to us and stored. These are the following data: form of address, surname, first name, E-mail address, company, address data, purpose of the query

At the time the message is sent, the following data are also stored:

  • Creation date, spam factor, time for the completion of the form, IP address of the sender, user agent of the sender

An alternative contact possibility is via the provided E-mail address. In this case, the personal data of the user transmitted with the E-mail will be stored.

In this regard, no data are forwarded to third parties. The data are exclusively used for processing the correspondence.

Legal basis

For the processing of the data, your consent is obtained as part of the transmission, and reference is made to this Privacy Policy (Art. 6 para. 1 (a) of the GDPR).

Purpose of the data processing

The processing of personal data from the input screen solely serves the processing of the contact. In the case of contact via E-mail, there is also the necessary legitimate interest in processing the data. The other personal data processed during the transmission serve to prevent a misuse of the contact form and to ensure the security of our information technology systems.

Period of storage

The data are deleted as soon as the purpose of their collection has been fulfilled. For the personal data from the input screen for the contact form as well as that which has been transmitted via E-mail, this is as soon as the correspondence with the user has ended. The correspondence has come to an end, if it can be assumed from the situation that the issue in question has been conclusively clarified. After a period of 2 months, the data are automatically deleted from the web server.

Personal data additionally collected during transmission will be deleted after a period of seven days at the latest. The data you share are transmitted in encrypted form by your browser to our server, converted to an E-mail there, and then sent to us. Please be aware that E-mails you send us will not be encrypted.

Possibility of lodging a complaint and of elimination

The user has the option of withdrawing the consent for the processing of personal data at any time. If the user contacts us via E-mail, then he/she can object to the storage of his/her personal data at any time. In such a case, the correspondence cannot be continued.

Please send your queries to clear@grenzebach.com and observe the notes under “Possibility of lodging a complaint and of elimination”.

7.2 Collection of access data

Description

For each user access to a page or file, access data are saved via this procedure in a log file on the server of our provider TeleData GmbH.

Each data record consists of:

  • Browser type
  • Browser version
  • Operating system used
  • Referrer URL
  • Time of the server request
  • IP address
  • HTTP status code (200)
  • Size of the transmission (9728)
  • Access method (GET)

The storage of the log data is implemented on the web server for a period of 7 days (Section 113b para. 3 (1) of the Telecommunications Act (Telekommunikationsgesetz - TKG))

We only use the log data is accordance with statutory provisions for statistical evaluations for the purpose of the operation, the security and the optimisation of our online offer. However, we reserve the right to subsequently review the log data, if there is concrete evidence regarding legitimate suspicion of unlawful use.

Legal basis

Legal basis for the processing of the user’s personal data is Art. 6 para. 1 (f) of the GDPR.

Purpose of the data processing

The processing of user personal data enables our analysis of the surfing behaviour of our users. The obtained data enables us to compile information about the use of individual components of our website. This helps us to continuously improve our website and its user-friendliness. For these purposes, it is also our legitimate interest to process the data in accordance with Art. 6 para. 1 (f) of the GDPR. By means of anonymising the IP address, user interest in the protection of personal data is sufficiently taken into account.

Period of storage

The data will be deleted as soon as they are no longer required for our recording purposes. In our case,this is effective after 7 days.

Possibility of lodging a complaint and of elimination

Please send your queries to clear@grenzebach.com and observe the notes under “Possibility of lodging a complaint and of elimination”.

7.2.1 Cookies & Reach Measurement

Description

Cookies are Information sent to the user’s web browser by our web server or third party web servers and stored there for future retrieval. Users will be informed about the use of cookies as a part of pseudonymous reach measurement in this Privacy Policy.

Legal basis

Legal basis for the processing of the user’s personal data is Art. 6 para. 1 (f) of the GDPR.

Purpose of the data processing

The purpose of using technically necessary cookies is to simplify website use for the users. Some functions of our website cannot be offered without the use of cookies. This requires that the browser will also be recognised after a change of page. Example of the are the adoption of language setting as well as remembering search terms. User data collected by technically necessary cookies are not used to create user profiles.

The analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimise our offer. A more detailed description of this can be found in the Google Analytics section.

Period of storage

Viewing this online offer is also possible with the exclusion of cookies. If the user does not wish to have cookies to be saved on his/her computer, then you are asked to deactivate the relevant option in the system settings of your browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies could lead to functional restrictions of this online offer.

It is possible to manage many online display cookies of companies via specially provided web pages.

Possibility of lodging a complaint and of elimination

Please send your queries to clear@grenzebach.com and observe the notes under “Possibility of lodging a complaint and of elimination”.

We use cookies in order to ensure you the best possible service. If you continue to use our website, then you consent to the use of cookies.

7.2.2 Google Analytics

Description

We use Google Analytics, a web analytics service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are saved on your computer and allow an analysis of the use of this website by you. The use of the information generated through the cookies about your use of the website, such as

  • Browser type/version
  • Operating system used
  • Referrer URL (previously visited website)
  • Host name of the computer taking access (IP address),
  • Time of the server request is generally transmitted to a Google in the USA and stored there.

Google will use this information on our behalf in order to evaluate the use of our online offer by the users, to compile reports about the activities within this online offer and to offer further services based upon the use of this online and the Internet use of the related services. The processed data could be used to generate pseudonymous usage profiles of the users.

We only use Google Analytics with activated IP anonymisation. This means that the IP address of the user is shortened by Google within member states of the European Union or other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

Legal basis

For these purposes, it is also our legitimate interest to process the data. The legal basis for the use of Google Analytics is Section 15 para. 3 of the German Teleservices Act (Telemediengesetz - TMG) or Art. 6 para. 1 (f) of the GDPR, as the case may be.

Purpose of the data processing

The processing of user personal data enables our analysis of the surfing behaviour of our users. The obtained data enables us to compile information about the use of individual components of our website. This helps us to continuously improve our website and its user-friendliness. For these purposes, it is also our legitimate interest to process the data in accordance with Art. 6 para. 1 (f) of the GDPR. By means of anonymising the IP address, user interest in the protection of personal data is sufficiently taken into account.

Period of storage

The data sent by us and linked to cookies, user identifiers (such as user ID) or advertising IDs are automatically deleted after 14 months. The deletion of data where the retention period has elapsed is implemented automatically once a month.

Possibility of lodging a complaint and of elimination

The users can prevent the storage of cookies by a respective setting for their browser software; in addition, the users can prevent the collection of data generated by cookies and related to their use of the online offer as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en-GB.

You can avoid the functionality of Google Analytics by clicking onto the following link. An opt-out-cookie is set avoiding that your data is collected when visiting this website: Google Analytics deactivation

[Translate to 中国語:]

Please refer to the Google, websites if you require further information on the use of data for advertising purposes by Google as well as options for settings and revocation:

7.2.3 Google Tag Manager

Description

Google Tag Manager is a solutions which allows us to manage so-called website tags via an interface (and thus we can integrate Google Analytics and other Google marketing services, for example, into our online offer). The tag manager itself (which implements the tags) does not process any personal data of the user. With respect to processing personal data of users, we refer to the following information on Google services. Use policy: https://www.google.de/analytics/tag-manager/use-policy.

7.2.4 Google Re/Marketing Services

Description

We use the marketing and remarketing services (in short “Google Marketing Services”) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).

The Google Marketing Services enable the display of advertisements for and on our website more precisely, in order to only display those of potential interest to users. In the case of users being displayed advertisements of products for which he/she showed interest at other websites, this is referred to as “remarketing”. The Google Marketing Services allow the display of advertisement for and on our website more precisely to only present relevant advertisement to the users. If users see advertisement for products, for which they have shown interest on other websites, this is referred to as "remarketing". For this purpose, when opening our and other websites where the Google Marketing Services are active, a Google code is immediately executed by Google and so-called (re)marketing tags (invisible graphics or codes which are called "web beacons") are incorporated into the website. With the tags an individual cookie, i.e. a small file is saved on the device of the user (comparable technologies to cookies are also possible). Cookies can be set by various domains, among others by google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com.

This file logs

  • which websites the user visits,
  • the contents that are relevant to the user and
  • which offers the user clicked on, as well as
  • technical information about the browser and the operating system,
  • linking websites,
  • visiting time
  • and other indications about the use of the online offer.

The IP address is also recorded, and we forward information within the scope of Google Analytics, that the IP address is shortened in the member state of the European Unions or in other member state of the European Union and is only in some exceptional cases completely transmitted to a Google server in the USA and is shortened there. The IP address is not combined with data within other Google services. The information indicated above can also be connected to such information from other sources. If the user visits other websites afterwards, advertisement matching the user’s interests will be displayed.

The user data are processed under a pseudonym within the scope of the Google Marketing Services. This means that Google not only saves and processes, for example, the name or the email address of the user, but processes the relevant data cookie-related within pseudonymous user profiles. This means that from the Google point of view, not only advertisement for specifically identified users are managed or displayed, but for the cookie owner, independently from the fact to whom the cookie belongs. This does not apply if a user has given the express permission to Google to process the data without pseudonymisation. The information about "DoubleClick" collected by the user is transmitted to Google and is saved on the Google servers in the US.

The Google Marketing Services we use include among other things the online advertising program "Google Ads". In the case of Google Ads, every Ads customer receives another "conversion cookie".  Cookies cannot be tracked via the websites of Google Ads customers. The information obtained by the conversion cookies is used to create conversion statistics for Google Ads customers who have decided in favour of conversion tracking. The Google Ads customers are informed about the overall number of users who clicked on this ad and who are forwarded to the website incorporating a conversion tracking tag. However, you do not receive any information with which the user could be personally identified.

Based on the Google Marketing Service "DoubleClick", we integrate advertisements of third parties. DoubleClick uses Cookies with which Google and the related partner websites are enabled to launch advertisements based on the visits of customers to this website or other websites on the Internet.

Based on the Google Marketing Service "AdSense", we also integrate advertisements of third parties. AdSense uses Cookies with which Google and the related partner websites are enabled to launch advertisements based on the visits of customers to this website or other websites on the Internet.

Another Google Marketing Service we use is the "Google Tag Manager" with which further Google analysis and marketing services can be incorporated into our website (e.g. "AdWords", "DoubleClick" or "Google Analytics").

Further information about data use for marketing purposes by Google can be found on the overview page: https://www.google.com/policies/technologies/ads, the Privacy Policy of Google can be accessed at https://www.google.com/policies/privacy.

Possibility of lodging a complaint and of elimination

If you want to object to data collection by the Google Marketing Services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.

7.2.5 Google Ads

Description

Our website uses the Google conversion tracking. If you were directed to our website via a Google advertisement, then a cookie will be set on your computer by Google Ads. The cookie for the conversion tracking is set when a user clicks on advertisement launched by Google. These cookies expire after 30 days and do not serve the purpose of personal identification. If the user visits certain pages on our website and the cookie has not yet expired, then we and Google can see that the user has clicked on the advertisement and was forwarded to this website. Every Google Ads customer receives a different cookie. Cookies cannot be tracked via the websites of Ads customers as a result. The information obtained by the conversion cookies is used to create conversion statistics for Ads customers who have decided in favour of conversion tracking. The customers are informed about the overall number of users who clicked on this ad and who are forwarded to the website incorporating a conversion tracking tag. However, you do not receive any information with which the user could be personally identified.

Possibility of lodging a complaint and of elimination

If you do not wish to participate in tracking, you can reject selection of the respective cookie - e.g. by browser setting, which generally deactivates cookies automatically, or you can adjust your browser so that the cookies are blocked by the domain "googleleadservices.com".

Please note that you are not permitted to delete the opt-out cookies as long as you do not wish to have your measuring data recorded. If you have deleted all of your cookies in the browser, then you have to reset the respective opt-out cookie.

Privacy Policy Google reCAPTCHA

We use the Google service reCAPTCHA in order to determine whether a specific entry in our contact or newsletter form is made by a human or a computer. Based on the following data, Google checks whether you are a human or a computer: IP address of the terminal used, the website you visited and where the CAPTCHA is embedded, the date and the duration of the visit, the recognition data of the type of browser and operating system used, Google account, if you are logged in to Google, mouse movements of the reCAPTCHA surfaces and task i which you need to identify images. The legal basis for the described data processing is Art. 6 para. 1 (f) of the General Data Protection Regulation. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated input (attacks).

7.3 Grenzebach Career

Description

Grenzebach processes your personal data in order to answer your queries, to process your order or to provide you with access to special information or offers. Grenzebach would also like to simplify your job search. For this reason, you can apply for positions online directly on Grenzebach Career pages at the respective subsidiary. We assure you that your information will be treated with confidentiality. The data entered here will be processed and used exclusively for the purpose of the selection of applicants within the Grenzebach Group and a possible, subsequent talent pool. If you would like to be added to our talent pool, you receive a separate email for this purpose. You must agree to being added to the talent pool in writing, and you can naturally object to this at any time.

When you apply for a job at Grenzebach, you will be asked to provide certain personal data (such as name, address, E-mail). In addition, questions specific to the position may be asked. When applying for a job at our company, it is also essential for you to include your professional history and a cover letter. Further information, in order to increase your application chances for instance, are voluntary.

There is no processing of special categories of personal data (meaning that there is no information about racial or ethnic background, political opinions, religious or philosophical beliefs, membership in a trade union, health or sex life).

These data are solely used for the application procedure at Grenzebach.

The storage of your data is implemented securely in the SuccessFactors application. Your data will be transferred, maintained and processed in a computer centre in the eurozone. With SuccessFactors, regulations have been contractually established, thereby enabling secured processing within the framework of a data processing agreement (DP agreement) according to the EU General Data Protection Regulation.

Grenzebach provides no guarantee for the continuous availability of the Grenzebach Career pages.

Legal basis

Legal basis for the data processing is the consent of the user in accordance with Art. 6 para. 1 (a) of the GDPR.

Purpose of the data processing

The personal data described here will be used for the purpose of applicant management.

Period of storage

After the conclusion of the application process, all of the data relating to a specific application will be deleted in accordance with the respectively applicable statutory regulations. This could cover a period of 6 months.

If you have not logged on to your account in the applicant management system again within 6 months, then Grenzebach will send you an email with the request to update your data. If you do not do this within the specified deadline, then your account will be automatically deleted. If future statutory requirements demand a change of the storage period, then this will be adjusted without previous announcement.

In the case of a hiring, your data will be stored and processed as employee data.

If you have been selected for the talent pool, then your data will be stored until your revocation.

Possibility of lodging a complaint and of elimination

You can view your data at any time via the application. In addition, you have the right to have all data blocked, changed or deleted, to object to the processing of the data or to have incorrect data corrected at any time. Please change or delete your own data in the portal to the extent that this is possible. If you have any further questions, please contact career@grenzebach.com.

7.4 Grenzebach Purchasing Supplier Application

Description

On our website, a Purchasing Supplier Application is available that can be used for the electronic application as a supplier. If a user makes use of this, then the data entered on the screen are transmitted to us and stored. These are the following data: Company name, street, postal code, city, country, phone, fax, E-mail (company), website, surname, first name, position, phone, E-mail (contact), language, ISO certifications, supply range.

At the time the message is sent, the following data are also stored:

  • date and time of sending the form

An alternative contact possibility is via the provided E-mail address. In this case, the personal data of the user transmitted with the E-mail will be stored.

In this regard, no data are forwarded to third parties. Grenzebach processes your personal data in order to answer your queries or to provide you with access to special information or offers.

Legal basis

For the processing of the data, your consent is obtained as part of the transmission, and reference is made to this Privacy Policy (Art. 6 para. 1 (a) of the GDPR).

Purpose of the data processing

The processing of personal data from the input screen solely serves the processing of the contact. In the case of contact via E-mail, there is also the necessary legitimate interest in processing the data. The other personal data processed during the transmission serve to prevent a misuse of the supplier form and to ensure the security of our information technology systems.

Period of storage

The data are deleted as soon as the purpose of their collection has been fulfilled. For the personal data from the input screen for the contact form as well as that which has been transmitted via E-mail, this is as soon as the correspondence with the user has ended. The correspondence has come to an end, if it can be assumed from the situation that the issue in question has been conclusively clarified. Your data on the server will  be automatically deleted after a period of 2 months.

Log data additionally collected during transmission will be deleted after a period of seven days at the latest. The data you share are transmitted in encrypted form by your browser to our server, converted to an E-mail there, and then sent to us. Please be aware that E-mails you send us will not be encrypted.

Possibility of lodging a complaint and of elimination

The user has the option of withdrawing the consent for the processing of personal data at any time. If the user contacts us via E-mail, then he/she can object to the storage of his/her personal data at any time. In such a case, the correspondence cannot be continued.

Please send your queries to clear@grenzebach.com and observe the notes under “Possibility of lodging a complaint and of elimination”.

7.5 Newsletter

Our cost-free newsletter regularly informs you about new products and special promotions via E-mail. The data you enter here will only be used to personalise the newsletter and will not be forwarded to third parties. You can unsubscribe to the newsletter or withdraw your consent at any time via E-mail to event@grenzebach.com. Your data will be deleted once the receipt of the newsletter has been completed, unless the deletion conflicts with statutory storage obligations. The data will not be forwarded to third parties.

For the dispatch of the newsletter, we use the services of the provider CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, with which the dispatch of the newsletter can be organised and analysed. For this purpose, the data (name and E-mail address) are stored on servers of CleverReach in Germany or Ireland. The data are collected exclusively in pseudonymous form. The IDs are thus not linked to your other personal data, and a direct personal reference is excluded. The use of CleverReach enables us to analyse the behaviour of newsletter recipients. It is thereby possible, among other things, to analyse how many recipients have opened the newsletter message and how often a specific link has been clicked in the newsletter. Using what is referred to as conversion tracking, it is also possible to analyse whether a predetermined action has occurred after clicking the links in the newsletter (such as the purchase of a product on our website). This in turn serves the purpose of becoming acquainted with the reading habits of the users and adjusting the content accordingly; the aim of this, however, is not the monitoring of individual users. This also serves our legitimate interest. Additional information on the data analysis by means of CleverReach newsletter can be found here: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing regarding the analysis is implemented on the basis of our legitimate interests (Art. 6 para. 1 (f) of the GDPR). If you do not wish for an analysis to be carried out via CleverReach, then you must unsubscribe to the newsletter. There is a link available for this purpose in each newsletter message. Your data that we store for the purpose of the newsletter subscription will be stored by us until you unsubscribe, and subsequently they will be deleted from our servers as well as those of CleverReach. Data that we store for other purposes remains unaffected by this. Details can be found in the privacy policy of CleverReach at: https://www.cleverreach.com/en/privacy-policy/. We have concluded a data processing agreement with CleverReach and fully implemented the strict guidelines of the European GDPR with the use of CleverReach.

8. Grenzebach on the social media

In addition to our website, Grenzebach Maschinenbau GmbH is also present on various social media. We are currently present on YouTube, LinkedIn, Facebook and XING. Please find the purpose and scope of the data collection as well as the provisions for use of your data by the respective platform in the privacy policy of the respective platform operator.

9. Integration of services and contents of third parties

It is possible that the content or services of third-party providers, such as city maps or fonts of other websites, will be integrated within our online offer. The integration of the contents of third party providers always presupposes that the third party providers are aware of the IP address of the user, as they would be unable to send the contents to the browser of the user without the IP address. The IP address is therefore required for the display of such content. The providers of the third-party contents are also able to set their own cookies and process the data of the user for their own purposes. In the process, they are able to create usage profiles of the users from the processed data. We will use such content with the greatest possible data economy and data avoidance as well as selection of third-party providers with data security in mind.

The following illustration provides an overview of third-party providers as well as their contents, in addition to links to their privacy policies, which provide further references to their processing of data and, previously mentioned here in part, revocation options (referred to as opt-out):

  • External fonts of Google, Inc., www.google.com/fonts (“Google Fonts”). The integration of the Google Fonts is implemented by means of calling a server at Google (generally in the USA). Privacy Policy: https://www.google.com/policies/privacy/
  • Setting maps of the “Google Maps” service of the third-party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/.
  • We integrate videos of the “YouTube” platform of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/

10. Modifications to the Privacy Policy

We reserve the right to amend the Privacy Policy in order to make adjustments to a change in legal situations, or in the case of changes of the service as well as the data processing. However, this shall only apply in regard to clarifications for the data processing. If the consent of the user is required, or if components of the Privacy Policy contain regulation of the contractual relationship with the users, then these changes are implemented only with the consent of the users.

The users are requested to acquaint themselves with the content of the Privacy Policy on a regular basis.