Privacy policy

Privacy policy

The privacy policy has a particularly high priority for our company and our group. As a rule, you can use the website without providing any personal information. However, if a data subject wishes to use special services offered online by our company, processing of personal data could become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we will, as a rule, obtain the data subject’s consent.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject shall always be conducted pursuant to the Federal Data Protection Act (BDSG), the EU General Data Protection Regulation (GDPR) in force since 25 May 2018 and other applicable laws. The purpose of this privacy policy is to inform about the nature, scope and purpose of the personal data we process and the rights of data subjects.

Our company has implemented several technical and organisational measures to ensure the fullest possible protection of the personal data we process. Nevertheless, security gaps may occur in the transmission of data over the Internet, so that absolute protection cannot be guaranteed.

DEFINITIONS

Our company’s privacy policy is based on the GDPR and has been designed to be easy to read and understand. For this purpose, firstly we explain the terms used:

1.1 Personal details

Personal data are: all information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person (Article 4(1) GDPR).

1.2 The data subject

A data subject is any identified or identifiable natural person whose personal data are processed by the controller.

1.3 Processing

Processing is any process carried out with or without the assistance of automated procedures or any such series of processes in relation to personal data, such as collection, recording, storage, adaptation or alteration, reading, querying, use, disclosure by transmission, dissemination or other form of sharing, comparison or combination, restriction, erasure or destruction.

1.4 Restriction of processing

Restriction of processing is the marking of stored personal data to restrict its future processing.

1.5 Pseudonymisation

Pseudonymisation means the processing of personal data in such a way that they can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is covered by technical and organisational measures which make it impossible to attribute it to an identified or identifiable natural person.

1.6 Controller

The controller is the natural or legal person, public authority, entity or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

1.7 Processor

A processor is a natural or legal person, authority, body or other body which processes personal data on behalf of the controller.

1.8 Recipient

A recipient is a natural or legal person, public authority, individual or any other body to whom personal data are disclosed, regardless of whether it is a third party. However, public authorities which may receive personal data in the context of a particular proceeding in accordance with Union or Member State law shall not be considered as recipients.

1.9 Third party

A third party is a natural or legal person, public authority, entity or body other than the data subject, controller, processor or persons who, under the authority of the controller or processor, may process personal data.

1.10 Consent

The data subject’s consent shall mean any freely given specific, informed and unequivocal indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to him or her being processed.

2 NAME AND ADDRESS OF THE CONTROLLER

The controller within the meaning of the GDPR is:
R & S Edelstahl und Technik GmbH
In der Wöste 15
59073 Hamm

Tel +49 (0) 2381 / 544 76-0
E-mail: info@rs-edelstahl.de

4 COOKIES

Our company’s websites use cookies. Cookies are text files that are placed and saved on your computer system via your web browser.

Numerous websites and servers use cookies. Many cookies contain what is known as a cookie identifier. A cookie ID is a unique identifier for a cookie. It consists of a string with which websites and servers can be assigned to the specific web browser that stored the cookie. This enables the visited websites and servers to distinguish the individual browser of the data subject from other web browsers that contain other cookies. A particular web browser can be recognised and identified by a unique cookie identifier. Through the use of cookies, users of this website can obtain more user-friendly services that would not be possible without the cookie setting.

Through the use of cookies, the information and offers on our website can be optimised for you. As already mentioned, cookies enable us to recognise users of our website. The purpose of such recognition is to facilitate the use of our website by users. For example, a user of a website that uses cookies does not have to re-enter their login details each time they visit the website, as this is done by the website and the cookie stored on the user’s computer system.

The data subject may prevent the placement of cookies by our website at any time by means of an appropriate setting in the Internet browser used, and thus permanently object to the placement of cookies. Furthermore, cookies that have already been placed can be deleted at any time using a web browser or other software. This is possible in all popular internet browsers. If the data subject disables the cookie setting in the Internet browser used, not all functions of our website can be used to their full extent.

By continuing to use the site, you agree to the use of cookies.

5 CONTACT US VIA THE WEBSITE

Due to legal regulations, information is provided on our website to enable quick electronic contact with our company and direct communication with us, including a general address of the so-called electronic mail (e-mail address). If the data subject contacts the controller via e-mail or the contact form, the personal data provided by the data subject will be automatically stored. Such personal data voluntarily provided to the controller by the data subject shall be stored for the purpose of processing or contacting the data subject. This personal data shall not be forwarded to third parties.

6 DATA SUBJECT RIGHTS

6.1 Right to confirmation

Every data subject shall be entitled to obtain from the controller confirmation as to whether or not personal data relating to them are being processed. If a person wishes to exercise this right of confirmation, they may at any time contact our Data Protection Officer or another employee of the controller.

6.2 Right to information

Any person whose personal data is processed has the right to be informed, free of charge, by the controller about the personal data stored about him/her and a copy of this information together with the information listed below:

• processing purposes
• the categories of personal data that are processed;
• the recipients or categories of recipients to whom the personal data have been or are still disclosed, in particular recipients in third countries or international organisations
• where possible, the intended period for which the personal data will be stored or, if this is not possible, the criteria for determining that period
• the existence of the right to rectification or erasure of personal data concerning that person or restriction of processing by the controller or the right to object to such processing
• the right to lodge a complaint with a supervisory authority;
• if the personal data are not collected from the data subject: All available information about the origin of the data
• Furthermore, the data subject is entitled to be informed whether personal data have been transferred to a third country or an international organisation. In this case, the data subject shall also have the right to be informed of the relevant guarantees relating to the transfer.

If the data subject wishes to exercise this right to information, he or she may at any time contact our Data Protection Officer.

6.3 Right of rectification

Every data subject whose personal data is being processed has the right to request that inaccurate personal data concerning him or her be rectified without delay. Furthermore, the data subject shall have the right, having regard to the purposes of the processing, to request the completion of incomplete personal data (also by way of a supplementary declaration).

If the data subject wishes to exercise this right to rectification, he or she may contact our Data Protection Officer at any time.

6.4 Other issues

Due to the GDPR, you are welcome to contact us free of charge if you have any questions about the collection, processing or use of your personal data and about correcting, blocking, deleting or withdrawing consent. Please note that you have the right to have incorrect data corrected or personal data deleted if this claim is not opposed by a statutory retention requirement.

7 PRIVACY POLICY FOR APPLICATIONS AND RECRUITMENT

The controller collects and processes candidates’ personal data in order to handle the recruitment process. The processing may also be carried out electronically. This applies in particular when a candidate sends relevant application documents to our company electronically, for example by e-mail or via a web form on the website. If our company enters into an employment contract with the candidate, the data provided will be stored for the purpose of the employment relationship in accordance with statutory provisions. If our company does not conclude a contract of employment with the candidate, the application documents will be automatically deleted six months after notification of the rejection, provided that the deletion does not conflict with any other legitimate interests of the administrator. Another legitimate interest in this sense is, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).

8 AMENDMENTS TO THE PRIVACY POLICY

We reserve the right to amend our security and data protection regulations as necessary due to technical developments. In such cases, we will also adapt our data protection information accordingly. Please note the current version of our privacy policy.

As of 28 May 2018.