PRIVACY POLICY

1. Privacy at a glance

General information

The following information provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our Privacy Policy below.

Data collection on our website

Who is responsible for collecting data on this website?

Data is processed on this website by the website operator. You can find the contact details in the Legal Notice of this website.

How do we collect your data?

One way your data are collected is when you provide them to us.  This can, for example, be data that you enter in a contact form.

Another way your data are automatically recorded is  by our IT systems when you visit the website.  There is mainly technical data (e.g. Internet browser, operating system or time the page was viewed).  This data are collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data are collected in order to ensure that the website is error-free.  Other data can be used to analyse your user behaviour.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time.  You also have the right to request the correction, blocking or deletion of this data.  You can contact us at any time at the address provided in the Legal Notice should you have any further questions on this and other questions regarding privacy.  You also have the right to lodge a complaint with the competent supervisory authority.

Analysis tools and third-party tools

When you visit our website, your surfing behaviour can be statistically evaluated.  This is done primarily with cookies and analysis programs.  Your surfing behaviour is usually analysed anonymously; surfing behaviour cannot be traced back to you.  You can object to this analysis or prevent it by not using certain tools. You can find detailed information on this in the following Privacy Policy.

You can object to this analysis.  We will inform you about your options to object in this Privacy Policy.

2. General information and mandatory information

Privacy

The operators of this website take the protection of your personal data very seriously.  We treat your personal data with the utmost confidentiality and according to statutory data protection regulations as well as this Privacy Policy.

When you use this website, various personal data are collected.  Personal data is any data by which you can be personally identified. This Privacy Policy explains which data we collect and what we use it for.  It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. Complete protection of data from access by third parties is not possible.

Information on the responsible body

The responsible body for data processing on this website is:

L.W. Cretschmar GmbH & Co.KG
Reisholzer Bahnstraße 33
40599 Düsseldorf, Germany

Telefon: +49 (0)211 7401 1000
email: mail@cretschmar.de

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Revoking your consent to your data being processed

Many data processing operations are only possible with your express consent.  You can revoke your consent at any time.  To do so, simply send us an email. The legality of the data processing carried out before the revocation shall remain unaffected by said revocation.

Right to lodge a complaint with the competent supervisory authority

In the event of violations of privacy laws, the person concerned has the right to lodge a complaint with the competent supervisory authority.  The competent supervisory authority for privacy issues is the state data protection officer of the federal state in Germany in which our company is based.  A list of data protection officers and their contact details can be found at the following link:  https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we process automatically based on your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format.  If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator, this site uses SSL or TLS encryption.  You can recognise an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Information, blocking, deletion

Under current legal provisions, you have the right to receive free information about personal data stored on your person, their origin and recipient and the purpose of the data processing and if applicable, a the right to correct, block or delete this data at any time. You can contact us at any time at the address provided in the Legal Notice should you have any further questions on this and other questions regarding personal data.

Objection to advertising mail

We hereby object to the use of contact data published within the scope of the obligation as regards the Legal Notice or sending unsolicited advertising and information materials. The operators of the website expressly reserve the right to take legal action in the event of unsolicited advertising information such as spam emails.

3. Data protection officer

Statutory data protection officer

We have appointed a data protection officer for our company.

Sven Heinz
VVWL e. V.
Haferlandweg 8
48155 Münster, Germany

Telefon: +49 (0)251 6061 444
email: datenschutz@vvwl.de

4. Data collection on our website

Cookies

Some internet sites use cookies.  Cookies do not cause any damage on your computer and contain no viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them.  These cookies enable us to recognise your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and enable the automatic deletion of cookies when you close the browser.  If cookies are disabled, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored according to Art. 6 (1) lit. f of the GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services.  If other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these will be treated separately in this Privacy Policy.

Server log files

The provider of the pages automatically collects and stores information in server log files, which your browser automatically sends to us. These include:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of the server request
  • IP address

This data will not be merged with other data sources.

The basis for processing data is Art. 6 (1) lit. f of the GDPR., which allows the processing of data for fulfilling a contract or pre-contractual measures.

Information concerning data protection laws on the processing of applicant data

Preliminary remarks

Personal data is all information that concerns you as a person.  We process the personal data provided by you in the context of your application and transmitted to us, which usually includes:

  • first and surname, salutation and title
  • Your contact details: Contact information such as address, telephone number, fax number, email address and, if applicable, professional position,
  • your application data, consisting of your covering letter, curriculum vitae and the usual documentation and employment references.

The responsible body according to Art. 4 (7) of the GDPR for data processing operations carried out in the course of your application process is:
L.W. Cretschmar GmbH & Co.KG, Reisholzer Bahnstraße 33, 40599 Düsseldorf, Germany

For all data protection-related concerns, please feel free to contact our data protection officer at any time, whose name and contact details will always be published on our company’s website.

General information on the processing of applicant data

In order for us to be able to involve you in the application process for a specific position, the usual application documents are required, through which you can inform us about your personality profile and your qualifications.

We only use your application documents to decide on filling the position for which you have expressly applied.  During the application process, additional personal data may be collected from you personally, from generally accessible sources or from former employers and trainers for this information purpose.  The legal basis for data processing is Art. 6 (1) 2 b in conjunction with Art. 28 of the GDPR, Section 26 Paragraph 1 of the BDSG (German Federal Data Protection Act).  If the application process does not result in your being hired, we will regularly delete and destroy your applicant data as soon as a period of six months has expired after the application process has been completed for the position in question.

However, if you submit an unsolicited application that does not refer to a specific position, we can consult your application documents in the context of filling decisions about all possible positions.  We will make the applicant data available to selected decision-makers in our company in automated searches so that they can find out about your personality profile and your qualifications.  The legal basis for data processing in this case is also Art. 6 (1) 2 b in conjunction with Art. 28 of the GDPR, Section 26 Paragraph 1 of the BDSG (German Federal Data Protection Act). We will delete and destroy your applicant data after a period of six months from receipt of your application but not before all application procedures, for which your application documents were used up to that point, have been completed and a period of six months has passed since then.

In order to get an overview of our range of applicants, we can statistically evaluate information on the applications we receive.  For this purpose, we can retain anonymised data that does not allow any conclusions to be drawn about your person even after deleting your application documents.

Data processing after hiring

Should an application process lead to a recruitment, we will include your application documents on the basis of Art. 6 (1) 2 b of the GDPR, Section 26 of the BDSG (German Federal Data Protection Act) in your personnel file for the purpose of maintaining the employment relationship about your personality profile and your qualifications.  In this case, we will inform you in a separate Privacy Policy about the further processing purposes and the relevant deletion periods.

Data protection rights

If we process your personal data, you have various data protection rights you may exercise.  You have the right

  • to request information about the data stored about you and its origin, the processing purpose and the recipients or categories of recipients of the data (Art. 15 of the GDPR, Section 34 of the BDSG),
  • to request correction, blocking (restriction of processing) or deletion of your personal data from us under certain conditions (Art. 16–18 of the GCPR, Section 35 of the BDSG),
  • to request the transfer of your data to another responsible body (Art. 20 of the GDPR) and to lodge a complaint with us or a competent data protection authority about data processing (Art. 77 of the GDPR).

We fulfil all of your rights free of charge and immediately.  If you have any further questions, please contact us directly or our data protection officer using the contact details provided above.

5. Analysis tools and advertising

Matomo (formlerly Piwik)

This website uses the open source web analysis service Matomo.  Matomo uses “cookies”. Cookies are text files placed on your computer to help the website analyse how users use the site. For this purpose, the information generated by the cookie about the use of this website is stored on our server.  The IP address is anonymised before it is saved.

Matomo cookies remain, on your device until you delete them.

The Storage of Matomo cookies is based on Art. 6 (1) lit f of the GDPR. The website operator has a justified interest in the anonymous analysis of user behaviour in order to optimise both their website and advertising.

The information generated by the cookie about the use of this website will not be passed on to third parties.  You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that by doing so, you may not be able to use all the features of this website to the fullest extent possible.

If you do not agree to the storage and use of your data, you can disable the storage and use here.  In this case, an opt-out cookie is stored in your browser, which prevents Matomo from storing usage data.  If you delete your cookies, this means that the Matomo opt-out cookie will also be deleted.  The opt-out must be enabled when you visit our site again.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites.  The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of reCAPTCHA is to check whether data is entered on our website (e.g. in a contact form) by a person or by an automated program.  To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics.  This analysis begins automatically as soon as the website visitor enters the website.  For the analysis, reCAPTCHA evaluates various information (e.g. IP address, length of stay of the website visitor on the website or mouse movements made by the user).  The data collected during the analysis are forwarded to Google.

The reCAPTCHA analyses run entirely in the background.  Website visitors are not informed that an analysis is taking place.

The data is processed is based on Art. 6 (1) lit f of the GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.

Further information on Google reCAPTCHA and Google’s data protection declaration can be found in the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

6. Our social media presence

Data processing through social media networks

We maintain publicly accessible profiles on social media networks.  The individual social networks we use can be found below.

Social networks such as Facebook, Google+ etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners).  Visiting our social media presence triggers numerous data protection-related processing operations.  Specifically:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can match this visit to your user account.  Under certain circumstances, your personal data can also be collected if you are not logged in or do not have an account with the respective social media portal.  In this case, these data are collected, for example, via cookies that are stored on your terminal device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored.  In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence.  If you have an account with the respective social network, the interest-related advertising can be displayed on all devices on which you are or were logged in to.

Please also note that we cannot retrace all processing processes on the social media platforms.  Depending on the provider, further processing operations can therefore be carried out by the operators of the social media platforms.  For details, please refer to the terms of use and privacy policies of the respective social media portals.

Legal basis

Our social media sites are intended to ensure the widest possible presence on the Internet.  This constitutes a legitimate interest within the meaning of Art. 6 (1) lit f of the GDPR. The analysis processes initiated by the social media networks may be based on different legal bases, which must be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a of the GDPR).

Responsible party and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we and the operator of the social media platform are responsible for data processing operations triggered during this visit.  In principle, you can exercise your rights (information, correction, deletion, restriction of processing, data portability and complaint) against us as well as claim against the operator of the respective social media platform (e.g. against Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals.  Our options are largely based on the company policy of the respective provider.

Storage period

The data collected directly by us via the social media site will be deleted from our systems as soon as the purpose for their storage no longer applies, you ask us to delete them, revoke your consent to storage, or the purpose for data storage no longer applies.  Saved cookies remain on your device until you delete them.  Mandatory statutory provisions, in particular retention periods, shall remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes.  For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Social networks in detail

Facebook

We have a profile on Facebook.  The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.  According to Facebook, the data collected will also be transferred to the USA and other third countries.

You can adjust your advertising settings yourself in your user account.  To do this, click on the following link and log in:  https://www.facebook.com/settings?tab=ads.

Details can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Instagram

We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. Details on how they handle your personal data can be found in Instagram’s privacy policy: https://help.instagram.com/519522125107875.

XING

We have a profile on XING. The provider is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany.  Details on how they handle your personal data can be found in XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.