INFORMATION FOR INTERESTED PARTIES (WEBSITE)

concerning the processing of personal data according to Article 13 of the General Data Protection Regulation (GDPR)

(Data Protection Policy)

As at: June 2023 

Welcome to SCHOTTEL Industries GmbH!

Thank you for your interest in our website. Protecting your personal data and your privacy is very important to us. As a result, we would like to provide you with information concerning data protection at our company. We comply with the legal regulations of the European General Data Protection Regulation (GDPR), the German Data Protection Act (BDSG), Telecommunications Digital Services Data Protection Act (TDDDG) and other statutory provisions related to data protection.

Please note the explanations/definitions of terms at the end of the text.

You can visit our website anonymously at any time. We respect the freedom of the individual to decide when, and for what purpose, he or she wishes to provide personal information. We do not employ any techniques to identify you or to create personal profiles!

We collect a minimum of personal data and only those which are required to:

  • Perform our services,
  • Implement contracts (including the initiation, conclusion, fulfilment and completion of a contract),
  • Process and respond to inquiries,
  • Ensure the security of our operations,
  • Improve our offerings,
  • Prevent, detect and investigate potentially unauthorized or illegal activities, and to enforce our general terms and conditions.

To ensure that you are fully aware of how we process personal data on our websites, we have compiled this information in a comprehensive and readily understandable form. We would like to assure you that we take all necessary technological and organizational steps to protect your data.

 

1. Controller

Controller responsible for the processing of personal data: 

 

SCHOTTEL Industries GmbH 

Mainzer Strasse 99 

56322 Spay/Rhine 

Germany 

 

Tel.: +49 2628 / 61 0 

e-mail: info(at)schottel-industries.de 

 

Further information: see Imprint

 

2. Data protection officer

To serve as data protection officer, we have commissioned: 

 

Verimax GmbH,

Warndtstrasse 115, 66127 Saarbrücken, Germany

 

Mr. Michael Grein 

 

Phone: +49 89 800 6578 25 (extension) 

Fax: +49 89 800 6578 29 

e-mail: dsb-schottel(at)verimax.de 

 

Address for reporting actual or suspected data protection violations: 

e-mail: datenschutz(at)schottel.de

 

3. Data types and data subjects

When you access our websites, we automatically process data of a general nature. These data, which may be saved in so-called server log files, include the following: 

  • Your browser* (type/version)
  • Operating system of the accessing computer*
  • The domain name of your Internet provider (IP address)
  • Time of access to the website
  • Referrer URL* (the site visited previously)
  • And other similar general data (e.g. size of your browser window)

*If necessary, you can suppress these data by selecting the appropriate settings in your system.

These data are used in accordance with Article 6 (1) b) GDPR to provide the websites and display them correctly for you; they are called up every time the Internet is used. 

Furthermore, the data are temporarily stored in accordance with Article 6 (1) f) GDPR for the purposes of fraud prevention and for investigating attacks on our website if our system detects such attacks. If there is no such suspicious case, the respective IP address of the page accesses is only stored permanently in anonymized form.

The remaining – non-personal – data may be processed further for statistical purposes. 

As a visitor to our website, you are a ‘data subject’ as defined in the General Data Protection Regulation. 

 

4. Cookies

“Cookies” are small information packages that are stored on your computer by a domain (in this case: schottel-industries.de) and can only be processed again by this domain. Cookies cannot contain or spread malicious code, nor can they start programs.

We use neither cookies nor web analysis tools on our website.

 

5. Purposeful use of data

We follow the principle of purposeful use of data and process your personal data only for those purposes for which you have provided them to us. Your personal data will not be disclosed to third parties without your express consent, unless this is necessary for provision of services or performance of a contract. Even transmission to state institutions and authorities entitled to receive information will occur only in accordance with legal disclosure requirements or if a court order obliges us to such disclosure.

We also take data protection within the company very seriously. Our employees and our contracted service providers are obliged to secrecy and to compliance with legal data protection requirements. 

 

6. Third country

A deliberate transfer of personal data to third countries or international organizations does not take place and is not planned. However, when you visit our website, we cannot guarantee that the data will remain within the EU/EEA. Due to the way the Internet works, it may be technically possible that a request on the way from you to us or a response on the way back is routed via a server in an insecure third country. This cannot be prevented. However, since we encrypt the data traffic between your browser and our server (see point 7 below), there is no particular risk here.

 

7. Data minimization, data economy, data security

Generally, it is not necessary for you to enter personal data to use our website. However, we may need your personal information in order to provide our services. This applies to the mailing of informational materials or ordered goods as well as to responses to individual inquiries. 

If you request us to provide services or to send goods in connection with such services, we process your personal information in accordance with Article 6 (1) b) GDPR and only to the extent required for provision of the services or performance of the contract. It may be necessary to pass on your personal information to companies we use in providing the services or executing the contract. These are, for example, transportation companies or other service providers. If we should need to process your personal data with your consent (and in accordance with Article 6 (1) a) GDPR) for particular activities or services, we will request your express consent in the relevant area of our website.

We secure our website and other systems by means of technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.

 

8. Establishing contact

We provide you with the opportunity of contacting us via various channels. 

For example, you can send us an e-mail to one of the addresses published on the website. In this case, the personal data transmitted with the e-mail will be saved.

If your inquiry relates to a service provided by us, we will process your data on the basis of Article 6 (1) b) GDPR. All further inquiries will be made exclusively on the basis of your consent (Article 6 (1) a) GDPR).

Third country

In the case of e-mail communication, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the manner in which the Internet operates, it may be technically possible for an e-mail being sent from us to you or vice versa to pass via a server in a non-secure third country. If you want to send information confidentially, send it by post or encrypt the information/files separately (e.g. encrypted ZIP archive) and send the key via a different channel (e.g. SMS).

 

9. Storage duration

Your processed personal data will only be stored for as long as is necessary for fulfilment of its intended purpose. Once this purpose has been completed, the data will be deleted, provided this does not conflict with mandatory retention periods. In this case, processing of the data will be restricted in such a way that they can only be processed for the purpose necessitating their retention (e.g. tax audit). Once these retention periods have expired, these data will also be deleted.

 

10. Profiling and automated decision-making

If we have access to the relevant information, a customer or prospective customer profile may be created in order to be able to offer you optimal advice.

For this purpose, we use the following information in particular:

  • Your contact data from registrations, inquiries and orders

SCHOTTEL does not use automated decision-making including profiling* with your personal data. However, we use so-called spam or junk filters in electronic communication to protect our systems. This involves the use of sender, time, content, character set and origin, among other things, to automatically sort out unwanted e-mails. If you feel that your e-mails have not arrived or are being rejected, please contact us via another communication channel (telephone, fax or letter).

* Merging individual data to gain insights into key aspects of personality.

 

11. Rights of data subjects

You have the following rights, possibly subject to certain conditions or with certain restrictions:

Right of access:

You generally have the right to request information, free of charge, on

  • the data processed by us,
  • the purposes of the processing,
  • the categories of personal data processed and, if applicable, the (categories of) recipient(s) to whom the personal data have been or will be disclosed (including, if applicable, appropriate safeguards if the personal data are transferred outside the EU), and
  • – where possible – the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration,
  • and, if applicable, the origin of the data.

Moreover, you also have a right to rectification, erasure, restriction of processing, a right to data portability and a right to object as well as the right to revoke consent at any time. The lawfulness of the processing up to the moment of a revocation/objection is not affected by this. You will not incur any costs, other than those of the basic rates, for the declaration of a revocation/objection. If any costs are incurred in exercising the other rights, we will inform you of this in advance. You can exercise your rights against us via a designated channel (e.g. unsubscribe link) or any other communication channel (see “Controller” above or under Imprint).

 

12. Queries regarding data protection and right of complaint

Should you have any further questions about data processing on our website or about our processes, please contact the above-mentioned controller or our data protection officer. You can also contact this person confidentially at dsb-schottel(at)verimax.de if you think you have grounds for complaint or if you discover a data protection violation. Thank you for your support.

You also have the right to complain to a supervisory authority. The supervisory authority responsible for the data controller is the State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, Postfach 30 40, 55020 Mainz, Germany, e-mail: Poststelle(at)datenschutz.rlp.de, Internet: https://www.datenschutz.rlp.de

 

13. Terms of use

Please also note our terms of use. These govern the conditions of use for this website.

 

14. Amendment of the privacy policy

Our data protection policy may be adapted at irregular intervals so that it complies with current legal requirements or for the purpose of implementing changes to our services, e.g. for the incorporation of new offerings. The new data protection policy then automatically applies upon your next visit. 

 

Terms

GDPR:
Regulation (EU) 2016/79 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data (General Data Protection Regulation).

EU:
European union

EEA:
European Economic Area: EU, Iceland, Liechtenstein and Norway

Personal data:
any information relating to an identified or identifiable natural person [...]; (Article 4(1) of the GDPR

Controller:
the [...] legal person [...] which alone or jointly with others determines the purposes and means of the processing of personal data [...]; (Article 4.7. of the GDPR)

The terms used here, as far asas they are determined in Article 4 of the GDPR, are used according to the definition there.