These privacy guidelines apply for the data processing by:
OZV GmbH & Co. KG
Grüner Weg 1-3
(hereinafter: “OZV GmbH & Co. KG”),
Phone: +49 2405 456-0
Fax: +49 2405 456-285
Data Protection Officer:
Kleinermann & Sohn GmbH
Phone: +49 (0) 2401 605-40
The external data protection officer (DPO) of OZV GmbH & Co. KG can be contacted at the aforementioned mailing address and/or at firstname.lastname@example.org.
Collection and Storage of Personal Data as well as their Type and Purpose and Use
When Visiting the Website
When visiting our website, information is automatically sent to our website’s server by the browser used on your device. This information is temporarily stored in a so-called log file. In so doing, the following information is collected without any action upon your part and stored until it is automatically erased:
· IP address of the device used to access the site,
· Date and time of day of the access,
· Name and URL of the retrieved file,
· Website from which access is made (referrer URL),
· Browser used and, where applicable, the operating system of your device as well as the name of your access provider.
The aforementioned data are processed by us for the following purposes:
· Ensuring a seamless connection to the website,
· Ensuring comfortable use of our website,
· Evaluation of the system security and system stability as well as
· For additional administrative purposes.
The legal basis for the data processing is Art. 6(1) Clause 1 lit. f GDPR. Our legitimate interest follows from the aforementioned purposes for data collection. In no case will we use the collected data for the purpose of determining who you are.
When Sending an Enquiry via E-Mail
On our website, we offer you the possibility of contacting us via e-mail. If you do so, the user’s personal data provided with the e-mail will be stored. The personal data is only used for the processing of the enquiry. Herein also lies our required legitimate interest in the processing of the data. The data is not disclosed to third parties. An alignment or combination of the data collected in this manner with data which have possibly been collected by other components of our website is likewise not made. The legal basis for the processing of the data which are provided through the sending of an e-mail is Art. 6(1) lit. f GDPR. If the e-mail contact is for the purpose of concluding a contractual agreement, then the additional legal basis for the processing is Art. 6(1) lit. b GDPR. The data will be erased as soon as they are no longer required to achieve the purpose of their collection.
Disclosure of Data
Your personal data will not be disclosed to third parties for any other purposes than the purposes listed below.
We will pass on your personal data to third parties only if:
· You have issued your express consent in accordance with Art. 6(1) Clause 1 lit. a GDPR,
· The disclosure is required in accordance with Art. 6(1) Clause 1 lit. f GDPR in order to assert, exercise or ward off legal claims and we have no to assume that you have a predominant interest worthy of protection in the non-disclosure of your data,
· In case that a statutory obligation in accordance with Art. 6(1) Clause 1 lit. c GDPR exists for the disclosure, and that this is legally permissible and required in accordance with Art. 6(1) Clause 1 lit. b GDPR for the implementation of the contractual relationships with you.
||storage of user´s language settings for the purpose of the website.
||used by Google Analytics for visitor differentiation to analyse the use of our website.
||used by Google Analytics for visitor differentiation to analyse the use of our website.
||used by Google Analytics for visitor differentiation to analyse the use of our website.
Analytical Tools and Plug-Ins
The analytical tools and plug-ins which are listed below and which we use are implemented upon the basis of Art. 6(1) Clause 1 lit. f GDPR. Via the analytical tools and plug-ins which we use, we wish firstly to ensure a requirements-based design and the continuous optimisation of our website. Secondly, we use the analytical tools and plug-ins to compile statistics regarding the use of our website and to evaluate the optimisation of our offerings for you. These interests must be regarded as being legitimate in accordance with the aforementioned guideline.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
Use of Google Analytics
Our website uses functions of the Google Analytics web analysis service. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files which are stored on your computer and which enable an analysis of your use of the website. As a rule, the information generated by the cookie regarding your use of this website is transmitted to a Google server in the USA and stored there. Herein also lies our legitimate interest in accordance with Art. 6(1) Clause 1 f GDPR. Google has accepted the EU-US Privacy Shield, a framework for regulating transatlantic exchanges of personal data for commercial purposes between the European Union and the United States and is certified in accordance with this framework. Thus, Google is obliged to fulfil the standards and the guidelines of European data protection laws.
You can find detailed information on this in the following linked entry:
We have activated the IP anonymisation on this website (anonymizelp). Thus, your IP address is shortened beforehand by Google within the member countries of the European Union or in other contracting states to the European Economic Area Agreement. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the website, to draft reports regarding the website activities and to render additional services to us which are associated with the use of the website and the Internet.
The IP address transmitted by your browser within the parameters of Google Analytics will not be commingled with other data by Google. You can prevent the storage of cookies by adjusting the settings on your browser software; however, we wish to point out to you that, in this case, you may not be able to use all the features of this website.
Moreover, you can prevent the data (including your IP address) that have been generated by the cookie and which make reference to your use of the website from being transmitted to Google as well as the processing of these data by Google by downloading and installing the browser plug-in that is available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively to the browser add-on, particularly in the case of browsers on mobile devices, you can also prevent the data collection by Google Analytics by clicking on this link. An opt-out cookie is placed which will prevent the future collection of your data when visiting this website. The opt-out cookie is valid only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must once again place the opt-out cookie.
You can find additional information regarding the data protection in conjunction with Google Analytics in, for example, the Google Analytics Help Section (https://support.google.com/analytics/answer/6004245?hl=de).
Typekit by Adobe
On our website, Typekit from Adobe Systems Software Ireland Limited is used. When entering our website, these fonts are downloaded by your browser in the browser cache to correctly display the fonts. To do so, your browser creates a connection to the Adobe servers. We use these fonts to display our website in an appealing manner. The legal basis for this is Art. 6(1) Clause 1 lit. f GDPR. If your browser does not support these fonts, your computer uses a standard font.
· Provided font types for analytical tools and plug-ins
· ID of the sentence
· Type of sentence (string “configurable” or “dynamic”)
· Account ID (identifies the customer from whom the sentence is)
· Service which provides the font types (e.g. Typekit or Edge Web Fonts)
· Application which requests the font types (e.g. Adobe Muse)
· Server which provides the font types (e.g. Typekit Server or Enterprise CDN)
· Host name of the webpage on which the font types are downloaded
· The time which the web browser requires to download the font types
· The time from the downloading of the font types via the web browser to the application of the font types
· Whether an ad blocker has been installed to determine whether the ad blocker restricts the correct tracking
of the page views
Adobe uses the information from the websites of third parties which use the Typekit fonts to supply the Typekit service. The information is also used to diagnose delivery or download problems and to pay the font’s provider.
You can find additional information about Typekit by Adobe in Adobe’s privacy statement at https://www.adobe.com/de/privacy/policies/adobe-fonts.html
Google Maps API
On our website, we use Google Maps API to visually display geographic information. During the use of Google Maps, Google (Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043) also collects, processes and uses data regarding the use of the maps functions by website visitors. The legal basis is Art. 6(1) lit. f GDPR. Our legitimate interest lies in the optimisation and the commercial operation of our Internet site.
You can find detailed information regarding Google’s data processing in Google’s Privacy Guidelines at https://policies.google.com/privacy.
Linking to Social Media Sites
On our website, we have linked the social media logo of Facebook (hereinafter, “Provider”) which will guide you to the profile stored with the Provider and is supposed to enable you to follow us there.
Facebook is a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, hereinafter both referred to only as “Provider”.
Due to data protection law, we have implemented merely one link to our profile with the Provider. That means that no data are transmitted about you to the Provider as long as you do not click on the social media logo. However, as soon as you click on the link which we have placed to our profile, you will be guided to the Provider’s website which will result in data being transmitted to the Provider. We have no control over these transmissions and collections of potentially personal data to/from the Provider. We likewise have no knowledge of the individual purposes of this data processing or its scope and storage duration. Whether the Provider makes deletions, generates or assigns profiles or makes anonymisations is likewise unknown to us and is also out of our control.
As long as you are logged-in to the Provider at the same time as you click on the link to our website, the data collected by the Provider during your visit to its website will be assigned directly to your profile there.
The processing of the users’ personal data is done upon the basis of our legitimate interests in effectively providing information to users and communicating with the users in accordance with Art. 6(1) lit. f GDPR. If the Provider asks the users to grant their consent for data processing (i.e. to declare their consent, for example, by clicking on a check box or confirming by clicking on a button), the legal basis for the processing is Art. 6(1) lit. a, Art. 7 GDPR.
You can find additional information regarding the purpose and the scope of data collection and data processing by the Provider in the Provider’s privacy statement. There, you will also find additional information regarding your rights and setting options for protecting your privacy:
Opt-out: https://www.facebook.com/settings?tab=ads and youronlinechoices.com/de/,
Through the certification in accordance with the EU-US Privacy Shield
Facebook guarantees that the EU’s Data Protection Guidelines are also fulfilled during the processing of data in the USA.
Integration of Services and Content from Third Parties
It may occur that third-party content, e.g. videos from YouTube, map materials from Google Maps, RSS feeds or graphics from other websites have been integrated into our webpages. This is done upon the basis of our legitimate interests (interest in the analysis, optimisation and commercial operation of our online website in accordance with Art. 6(1) lit. f GDPR). This always requires that the providers of this content (hereinafter referred to as “Third-Party Providers”) use the IP address of the users because, without the IP address, they could not send the content to the respective user’s browser.
The IP address is thus required to display this content. We endeavour to use only such content whose respective providers use the IP address merely in order to deliver the content. However, we have no control over whether the Third-Party Providers store the IP address for statistical purposes, for example. Insofar as this is known to us, we will inform the users of this use.
Publication of Job Advertisements / Online Job Applications
Your application data will be electronically stored and processed by us for the purpose of carrying out the job application process. If your job application results in the conclusion of an employment contract, then your data which you have provided may be stored by us in your personnel file for the purpose of the customary organisational and administrative processes subject to the fulfilment of the relevant legal guidelines. The data protection law permits, in accordance with Sec. 26(1) Clause 1 “BDSG-neu” in conjunction with Art. 88(1) GDPR, the collection of the data which are required for the substantiation of the employment relationship. If you voluntarily provide us with information which exceeds the required information, this will be done with your consent in accordance with Art. 6(1) Clause 1 lit. a GDPR. During the processing, your data may be provided to persons within our company as well as service providers who have been obligated contractually and are subject to a confidentiality obligation and who are responsible for the fulfilment of data processing sub-tasks.
In case that your job application is rejected, the data that you have provided will be erased within three months after the rejection of your application has been communicated to you. This does not apply if, in accordance with the statutory requirements (e.g. the documentation obligation in accordance with the German General Equal Opportunity Act [allgemeines Gleichbehandlungsgesetz]), a longer storage is required or if you have expressly approved a longer storage timeframe in our job applicant database.
Data Subjects’ Rights
· In accordance with Art. 15 GDPR, you have the right to demand access to your personal data which we have processed. In particular, you may demand access regarding the processing purposes, the category of the personal data, the categories of recipients to whom your data have been or are being disclosed, the planned storage timeframe, the existence of a right of rectification, erasure, restriction of the processing or to object, the existence of a right to file a complaint, the origin of your data insofar as they have not been collected by us as well as the existence of automated decision-making processes including profiling and, as required, detailed information in this regard;
· In accordance with Art. 16 GDPR, you have the right to demand the prompt rectification of your incorrect or incomplete personal data which we have stored;
· In accordance with Art. 17 GDPR, you have the right to demand the erasure of your personal data which we have stored insofar as the processing is not required for the exercising of the right of free expression and provision of information, in order to fulfil a legal obligation, for public interest reasons or in order to assert, exercise or ward off legal claims;
· In accordance with Art. 18 GDPR, you have the right to demand the restriction of the processing of your personal data insofar as you are disputing the correctness of the data, the processing is illegal, but you reject their erasure and we no longer need the data, but you nonetheless require these data in order to assert, exercise or ward off legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
· In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, standard and machine-readable format or to demand those data be transmitted to another controller.
· In accordance with Art. 7(3) GDPR you have the right to revoke any consent declaration at any time, which you may have given to us before. This has the consequence that we may no longer continue with the data processing based on this consent in the future; and
· In accordance with Art. 77 GDPR, you have the right to file a complaint with a supervisory authority. As a rule, to do so, you may contact the supervisory authority that is competent for your customary place of residence, work location or our commercial residence.
Right to Object
Insofar as your personal data are processed upon the basis of legitimate interests in accordance with Art. 6(1) Clause 1 lit. f GDPR, you have the right to object against the processing of your personal data in accordance with Art. 21 GDPR if reasons exist which are based upon your special situation or the objection is filed against direct advertising. In the latter case, you have a general right to object which we will implement without your being required to specify a special situation.
If you would like to exercise your right to object or your right of opt out, an e-mail to email@example.com suffices.
You have the right to receive your personal data which you have provided to the controller. Upon your explicit request, we will provide these data in a machine-readable and structured format.
To receive these data, the documentation of your identity is required.
Erasure and Blocking of Personal Data
The erasure and blocking of your personal data will be done after the designated purpose for their collection is no longer applicable insofar as they are no longer required for the purposes of the contractual fulfilment or the contractual negotiations subject to the fulfilment of the retention timeframes prescribed by the laws and/or tax codes.
During the website visit, we use encryption. We safeguard our website and other systems by using technical and organisational measures against loss, destruction, access, alteration or modification of your data by unauthorised persons. The access to your customer account is possible only after entering your personal password. You should always confidentially handle your access information and close the browser window if you have ended the communication with us – particularly if you use a public computer or the computer jointly with other persons.
Currentness of and Changes to This Privacy Statement
This privacy statement is currently valid as amended in November 2018.
As the result of the continued development of our website and offerings on it or owing to amended statutory provisions, it may become necessary to modify this privacy statement.
You can retrieve and print out the currently-valid privacy statement at any time.