Data Protection Regulation
Personal data is any information relating to an identified or identifiable natural person.
DATA PROTECTION REGULATION
I. Name ans contact details of the responsible party
The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states is the website operator:
DTS Systemoberflächen Ltd.
Am Schornacker 66
46485 Wesel, Germany
You can find the contact details of the website operator in the imprint of this website.
II. Contact details of the data protection officer
You can reach our data protection officer as follows:
dostani IT GmbH
III. General information on data processing
1. Scope of the processing of personal data
As a matter of principle, we only process personal data of our users insofar as this is necessary for the provision of a functional website as well as our contents and services. The processing of personal data of our users regularly takes place only after the consent of the user. An exception applies in those cases where obtaining prior consent is not possible for factual reasons and the processing of the data is required by legal regulations.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) lit. a GDPR serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) lit. f c GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage ceases to apply. In addition, storage may take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the conclusion or fulfilment of a contract.
IV. Right of the data subject
If your personal data as a user is processed, you are considered a data subject in accordance to the GDPR. Data subjects have the following rights vis-à-vis the controller:
1. Right to confirmation and information
Under the conditions of the Article 15 GDPR, your have the right to request confirmation as to whether personal data relating to you is being processed and to obtain at any time from the controller, free of charge, information about your stored personal data and a copy of said information.
2. Right to rectification
Pursuant to Art. 16 GDPR, you have the right of rectification and/or completion vis-à-vis the controller if the personal data processed concerning you is inaccurate or incomplete. The person responsible shall make the correction without delay.
3. Right of deletion
Pursuant to Art. 17 GDPR, you may request the controller to erase the personal data concerning you without delay and the controller is obliged to erase such data without delay if one of the following reasons applies:
a) Obligation to delete
- The personal data concerning you are no linger necessary for the purpose for which they were collected or otherwise processed.
- You revoke your consent on which the processing pursuant to Art. 16 (1) lit. f a or (9) 2 lit. a GDPR and there is no other legal basis for processing.
- You object to the processing pursuant to Art. 21 Abs. GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant Art. 21 Abs. GDPR.
- The personal data concerning you has been processed unlawfully.
- The deletion of the personal data concerning you is necessary for compliance with legal obligation under European Union or Member State law to which th controller is subject.
b) Information to third parties
If the controller has made the personal data relating to you public and is required to do so in accordance with the law, the controller is entitled to withdraw the data according to 17 (1) GDPR, it shall take reasonable steps, including technical measures, having regards to the available technology and the cost of implementation, to inform data controllers which process the personal data that you, as data subject, have requested that they erase all links ti, or copies or replications of, that personal data.
The right to deletion does not exist insofar as the processing is necessary
- for the exercise of the right ti freedom of expression and information;
- for the compliance with legal obligations which requires precessing under European Union or Member State law to which the controller is subjected, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
- for the establishment, exercise or defence of legal claims.
4. Right to restrict processing
Under the following conditions, you may request the restriction of the processing of the personal data concerning you in accordance with Art. 18 GDPR:
- if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify h accuracy of the personal data;
- the processing is unlawful and you object ti the erasure of the personal data and request instead the restriction of the use of the personal data;
- th controller no longer needs the personal data fir the purposes of the processing but you need them for the establishment, exercise or defence of the legal claims; or
- if you have objected to the processing according to the Art. 21 (1) GDPR and it is not yet clear whether the controller’s legitimate ground override your grounds.
If the processing if the personal data relating to you has been restricted, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or fir the protection or the rights of another natural or legal person or for the reasons of important public interest of th European Union or Member State.
If the processing of personal data relating to you has been restricted in accordance with the conditions above, you will be informed by the controller before the restriction is lifted.
5. Right to data transferability
Under the conditions of Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent according to 16 (1) lit. f a GDPR or Art. 9 2 lit. a GDPR or on a contract according to 16 (1) lit. f and the processing is carried out with the aid of automated procedures.
In exercising this right, you also have the right to have the have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. This must not affect the freedoms and right of other people.
The right to data transferability does not apply to th processing of the personal data necessary for the performance of the task carried out in t the public interest or in the exercise of official authority vested in the controller.
6. Right to revoke consent
You have the right to revoke a consent given to us for the processing of you personal data at any time with immediate effect for all future actions. Please address the revocation to the contact details given above.
7. Right of appeal
According to Art 21 GDPR, you have the right to object at any time to the processing of personal data relating to you. If the conditions for an effective appeal are met, processing by the controller may no longer take place.
The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims.
8. Right to be informed
In accordance with Art. 19 GDPR, if you have the right to rectification, erasure or restriction of processing asserted against the controller, the controller is obliged to communicate this rectification or erasure of the data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves a disproportionate effort. Translated with www.DeepL.com/Translator (free version)
You have the right to be informed of these recipients by the controller.
9. Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial authority, you have the right to submit a complaint to a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the requirements of the GDPR.
10. Automated decision-making in individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
V. Collection and storage of personal data and the type and purpose of their use
1. During visiting our website
When you visit our website for purely informational purposes, i.e. if you do not send us any other information, we only collect the personal data that your browser sends us. These are:
- Your system’s IP-address
- Date and time (incl. time zone)
- Type, content and protocol version of your request (specific page view),
- Access status (HTTP status code) of our server,
- Size of our server response in bytes,
- Website from which the request comes
- Your user agent (type, version, operating system used) and
- the domain you are accessing.
We will save your log-in data, as well.
The aforementioned data is technically necessary for us to display our website, to ensure stability and security and to optimise our offer. The legal basis is (1) lit. f whereby our legitimate interest results from the above-mentioned purposes. We will delete this data after seven days at the latest. Any further storage only takes place if the personal data has been deleted or anonymised accordingly; in the case of IP addresses, for example, this is done by shortening them in accordance with the GDPR.
In no case do we use the collected data for the purpose of drawing conclusions about your person.
2. Use of the contact form
When using our contact form, we collect and store the name and email address for the purpose of answering your enquiry. If you send us a contact request by e-mail, we collect and store the e-mail address and the data contained in the e-mail. The legal basis is (1) lit. f GDPR, as you consent to the above-mentioned processing if your data when using the form and sending an email. In addition, the legal basis also result from Art. 6 (1) lit. f GDPR, as the storage if the data is necessary fir the fulfilment of the pre-contracual or possible later contractual relationship.
The deletion of the data takes place when the purpose of the storage has ceased to exist, i.e. after answering your e-mail/contact form enquiry or when the matter connected with the enquiry has been conclusively clarified.
You have the right to revoke your consent at any time without affecting the lawfulness of the processing based on your consent.
You can find information on the right to erasure and information in the section “Rights of data subjects”.
3. Customer acquisition, customer management and order processing
In the context of customer acquisition, customer administration and order processing, we process personal data in addition to company-related data. The protection of your personal data is of particular concern to us. Your personal data is therefore processed exclusively on the basis of the legal provisions of the European General Data Protection Regulation and in accordance with the applicable country-specific data protection regulations. With the following transparency declaration, we inform you about the most important aspects of the data processing of your personal data in our company.The following categories of personal data are processed by us:
- Personal master data and contact data such as: Surname and first name, address, telephone, e-mail address.
- Product interest and product name
- Offer documents
- Order data such as: Customer number and order number.
- Contractual documents
- Invoice data
The personal data comes from the following source:
The personal data stored by us originates on the one hand from direct collection through contact on your part with our company, where you provide us with your data in the context of an enquiry, placing an order, for order processing, invoicing, etc..
On the other hand, the data stored by us may also originate from industry directories or publicly accessible directories.
Furthermore, the aforementioned data stored by us may originate from the collection via sales partners who provide us with the aforementioned data, provided that there is an interest in the product on your part.
The aforementioned data is processed by us for the following purposes:
- Customer management
- Order processing and handling
- Customer acquisition
- Enquiry processing
- Quotation preparation
- Contacting for contract fulfilment
- Contacting for contract fulfilment
Duration for which we store your personal data:
Your data will only be stored and processed for the above-mentioned purposes. As soon as the purpose is no longer given, your personal data will be deleted immediately, provided that there are no retention obligations to the contrary. If your personal data is processed for another purpose, we will inform you immediately about this change of purpose.
The processing of your personal data takes place on the following legal basis:
a) The legal basis for processing your personal data is Art. 6 para. (1) b in the performance of a contract (order processing, order handling, etc.) or pursuant to Art. 6 paragraph (1) b in the performance of pre-contractual measures (e.g. transmission of offers).
b) The legal basis for processing also exists on the basis of a legitimate interest in processing pursuant to Art. 6 (1) c GDPR. We have a legitimate interest in processing your personal data to determine the needs of interested parties, to carry out advertising measures to inform potentially interested parties about the product portfolio and to initiate business in order to maintain and expand business activities and thus secure jobs.
c) The legal basis for processing your personal data can also be based on your consent in accordance with Art. 6 para. (1) a GDPR exist insofar as you have given us consent to process your personal data for specific purposes.
If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive the newsletter. No further is collected, or only on a voluntary basis. We use the data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 (1) lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have provided us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
5. Application process
We process your applicant data exclusively for the purpose of and within the scope of the application procedure in accordance with the legal requirements. The processing of applicant data is carried out in order to fulfil the our (pre-)contractual ob,igations within the scope ot the apllicant selecteion procedure accoring to Art 6 (1) lit. f GDPR as well as Art. 26 BDSG, inforfar as the data processing becomes necessary for us, e.g within the scope of legal procedures.
The application procedure requires applicants to provide us with their application documents. The required applicant data results from the job offers. In principle, this includes personal details, address and contact data as well as the documents belonging to the application, e.g. cover letter, CV and certificates. In addition, applicants can voluntarily provide us with additional information. In principle, this includes personal details, address and contact data as well as the documents belonging to the application, e.g. cover letter, CV and certificates. In addition, applicants can voluntarily provide us with additional information.
Insofar as special categories of personal data collection concerning the application process according Art. 9 (1) GDPR are voluntary provided, their processing shall additionally be carried out in accordance with Art. 9 2 lit. GDPR (e.g. health data, severely disabled status or ethnic origin). As far as special categories of personal data according to the Art. 9 (1) GDPR are requested from applicants in the context of the application procedure, their processing is additionally carried out according to Art. 9 2 lit. GDPR (e.g. health data if necessary for exercise of the profession).
The data provided by applicants may be further processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job offer is not successful, the data will be deleted or destroyed.
Subject to a justified revocation by the applicants, the deletion or destruction will take place after the expiry of a period of six months after the conclusion of the selection procedure in order to be able to meet our obligations to provide evidence under the Equal Treatment Act.
Applications that you send to us without regard to a specific advertised position (unsolicited application) can be considered for every possible position. If this is not the case, your data will be deleted or destroyed immediately. To the extent that your application is considered, the information given above will apply.
Automated decision-making including profiling
No automated decision-making takes place and no profiling measures are carried out.
VI. Disclosure of data
We do not transfer your personal data to third parties for purposes other than those listed below. We only pass on your personal data to third parties if: We will only share your personal information with third parties if:
- Art. 6 (1) 1 lit. GDPR
- the disclosure is necessary for the assertion, exercise, or defence of legal claims in accordance with Art. 6 (1) f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data, (1) 1 lit. Art. 6 (1) 1 lit. f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
- in the event that there is a (1) 1 lit. 6 (1) 1 lit. c GDPR, as well as
- this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 (1) 1 lit. b GDPR. contractual relationships with you in accordance with Art. 6 (1) 1 lit. b GDPR.
VIII. Analysis tools
The tracking measures listed below and used by us are carried out based on Art. 6 (1) 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the ongoing optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned regulation. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
We integrate the maps of the “Google Maps” service of the provider Google. The data processed may include, in particular, IP addresses and location data of the users, which, however, are not collected without their consent (usually executed in the context of the settings of their mobile devices); service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: https://cloud.google.com/maps-platform
(Opt-Out): Opt-Out-Plugin: https://tools.google.com/dlpage/gaoptout?hl=de,
Settings for the display of advertisements: https://adssettings.google.com/authenticated
IX. Social Media
Our website uses social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are recognisable by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
When a user calls up a website of this offer that contains such a plugin, his browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which then integrates it into the website. The provider therefore has no influence on the scope of the data that Facebook collects with the help of this plugin and therefore informs users according to its level of knowledge:
By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the offer. If the user is logged in to Facebook, Facebook can assign the visit to his or her Facebook account. If users interact with the plugins, for example by clicking the Like button or posting a comment, the corresponding information is transmitted directly from their browser to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and store his or her IP address. According to Facebook, only an anonymised IP address is stored in Germany.
Wenn ein Nutzer Facebook-Mitglied ist und nicht möchte, dass Facebook über dieses Angebot Daten über ihn sammelt und mit seinen bei Facebook gespeicherten Mitgliedsdaten verknüpft, muss er sich vor dem Besuch des Internetauftritts bei Facebook ausloggen.
We use components of the LinkedIn network on our website. LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. With each individual call-up of our website that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the component from LinkedIn.
This process informs LinkedIn which specific page of our website is currently being visited. If you click the LinkedIn “Recommend Button” while you are logged into your LinkedIn account, you can link the content of our pages to your LinkedIn profile. This enables LinkedIn to assign the visit to our pages to your LinkedIn user account.
We have no influence on the data that LinkedIn collects through this, nor on the scope of this data collected by LinkedIn. We also have no knowledge of the content of the data transmitted to LinkedIn. Details on data collection by LinkedIn as well as your rights and setting options can be found in LinkedIn’s data protection information. You can find this information at http://w.ww.linkedin.com/legal/privacy-policy.
This website contains at least one plugin from YouTube, which belongs to Google Inc. and is based in San Bruno/California, USA.
We use the YouTube function No-Cookies, i.e., we have activated Extended Data Protection, videos are not accessed via youtube.com, but via youtube-nocookie.com.
YouTube itself provides this and thus ensures that YouTube does not initially save any cookies on your device. However, when the relevant pages are called up, the IP address and the other data mentioned in section 4 are transmitted and thus, in particular, information is provided as to which of our Internet pages you have visited. This information cannot be assigned to you if you are permanently logged in to YouTube or another Google service when you access the page.
As soon as you start the playback of an embedded video by clicking on it, YouTube only saves cookies on your device through the extended data protection mode, which do not contain any personally identifiable data, unless you are currently logged in to a Google service. These cookies can be prevented by appropriate browser settings and extensions.
We also use so-called social plugins (“plugins”) from Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA; hereinafter “Instagram”) on our website. You can recognise the plugins by the Instagram logo, for example in the form of an “Instagram camera”. Your browser establishes a direct connection to the Instagram servers when you call up a page of our website with such a plugin. Instagram directly transmits the content of the plugin to your browser, where it is integrated into the page. In this way, Instagram is informed that your browser has called up the corresponding page of our website. This also applies if you do not have an Instagram profile or are not currently logged in to Instagram.
Your browser sends this information together with your IP address directly to an Instagram server in the USA, where it is stored. If you log in to Instagram, your visit to our website can be directly assigned to your Instagram account by Instagram. If you work with the plugins, for example by clicking the “Instagram” button, Instagram also sends this information directly to a company-owned server where it is stored.
Furthermore, Instagram publishes this information on your Instagram account and shows it to your contacts there. You can prevent Instagram from directly assigning the data collected via our website to your Instagram account. To do this, you must log out of Instagram before visiting our website.
X. Data security
We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest level of encryption supported by your browser when visiting our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
The data protection regulation has been updated October 2021.