General Data Privacy Statement for Schüco International KG


1.    Collection of personal data

We are delighted that you are interested in Schüco International KG (Schüco). The protection of your personal data is important to us. For this reason, this website contains information about what personal data we collect from you when you use this site, for example. Personal data refers to all data that relates to you personally, e.g. your name, address, email address and user behaviour.
Our website uses SSL and/or TLS encryption when transmitting confidential content.

This document can be downloaded and archived in the form of a PDF: General Data Privacy Statement for Schüco International KG (pdf). The free programme Adobe Reader, or a similar programme which exports PDF formats, is required in order to open the PDF file. The document can also be printed.  


2.    Responsible authority for the collection and processing of data

According to Art. 4 para. 7 of the GDPR, the responsible party is

Schüco International KG
Karolinenstraße 1-15
33609 Bielefeld
Germany
Tel.: 0521 783-0
Email: info@schueco.com
Website: www.schueco.com

The contact details of the privacy officer are as follows:

Schüco International KG
Bereich Datenschutz
Karolinenstraße 1-15
33609 Bielefeld
Germany

If you have any questions and suggestions relating to data protection, please send an email to:

datenschutz@schueco.com


3.    Your rights

(1) You may assert the following rights against us with regard to any personal data that relates to you:

a)    Right to information
b)    Right to correction
c)    Right to deletion (right to be forgotten)
d)    Right to limitation of processing
e)    Right to data portability
f)    Right to objection
g)    Right to revoke data protection consent

(2) You also have the right to make a complaint to a data protection authority regarding the processing of your personal data by us.


4.    Collection of personal data during visits to our website

(1) When using the website for purely informational purposes, i.e. if you do not register or if you transmit information by other means, we will only collect the personal data that your browser transmits to our server. All collection and processing of data takes place for specific purposes. These may arise from technical requirements, contractual conditions or your explicit request. If you make use of specific services on our website, we shall obtain your consent regarding the collection and processing of the data.

When our website is viewed, we collect the following data, which is technically necessary in order to display our website and ensure stability and security. The data is also used to correct website errors. The legal basis for the processing of data is therefore Art. 6 para. 1 lit. f) of the GDPR:

-    IP address
-    Date and time of request
-    Time zone difference to Greenwich Mean Time (GMT)
-    Content of the request (specific page)
-    Access status/HTTP status code
-    Quantity of data transmitted in each case
-    Website from which the request comes
-    Browser
-    Operating system and its interface language and version of browser software

(2) Cookies
In addition to the data mentioned above, cookies are also stored on your computer when using our website. Cookies are small text files which are assigned to and stored on your hard drive by the browser you are using and which supply specific information to the authority which sets the cookie (us in this instance). Cookies cannot run any programmes or transmit viruses to your computer. They are used to make the internet service more effective and user-friendly on the whole.

Use of cookies:
a) This website uses the following types of cookies, for which the scope and mode of operation is explained below:

–    Transient/session cookies (refer to b)
–    Persistent cookies (refer to c).

b) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID which allows various requests from your browser to be allocated to the overall session. As a result, your computer can be recognised once again if you return to our website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies (such as the “stay signed in on this computer” function) remain on your end device and are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

5.    Deletion and blocking of personal data

Your data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. If the website is used purely for informational purposes, the IP address will be deleted from all systems used in connection with the operation of this website after 7 days at the latest. We will no longer be able to establish a reference to a person from the remaining data.

If other services of our website are used, your data will typically be stored in our systems for purposes of user management. These are checked on a regular basis to see whether data can be deleted. If, within the context of a customer relationship or relationship with an interested party, data is no longer necessary or it overrides a conflicting interest, we shall delete the data in question, provided that there are no statutory retention requirements.

Your data shall also be deleted if its storage is inadmissible (e.g. if the data is incorrect and correction is not possible). If there are legal or factual obstacles (such as particular retention requirements) preventing deletion, then blocking shall take place instead.

6.    Data transfer to third parties

Data provided by you to us shall not be disclosed to third parties. In particular, data shall not be disclosed to third parties for their promotional purposes.

However, we may use service providers, such as those that provide maintenance services or services related to the expansion of our website, for the operation of this website or for other products of ours. They are carefully selected and commissioned by us, bound by our instructions and inspected at regular intervals.

7.    Data privacy statement on the use and application of YouTube

Components from YouTube have been integrated into our website. YouTube is an online video portal which enables video publishers to upload videos free of charge, and enables other users to watch, rate and comment on these videos, also free of charge. YouTube allows all types of videos to be published, which is why both complete films and television programmes, as well as also music videos, trailers or videos made by the users themselves, can be accessed via the online portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the individual pages of this website, which is operated by us and which has an integrated YouTube component (YouTube video), is visited, the respective YouTube component automatically prompts the internet browser on your IT system to download a representation of the corresponding YouTube component from YouTube. Additional information about YouTube can be accessed at www.youtube.com/yt/about/de/. Within the framework of this technical process, YouTube and Google receive information about which specific sub-pages from our website are visited by you.

If you are logged into YouTube at the same time, then when a sub-page containing a YouTube video is visited YouTube is able to recognise which specific sub-page from our website you are visiting. This information is collected by YouTube and Google and allocated to your YouTube account.

If you are simultaneously logged into YouTube when you visit our website, then YouTube and Google always receive information via the YouTube component that you have visited our website. This takes place regardless of whether or not you click on the YouTube component. If you do not wish this information to be transmitted to YouTube and Google in this way, you can prevent the transmission by logging out of your YouTube account before visiting our website.

The data privacy statements published by YouTube, which are accessible at www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.

8.    Integration of Google Maps

The Google Maps service is used on this website. As a result, we are able to directly show you interactive maps within the website and make it easy for you to use the maps function.
The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

When visiting the website, Google will be informed that you have visited the corresponding sub-page on our website and your IP address will be stored. This takes place regardless of whether Google provides a user account with which you are logged in, or whether no user account exists. If you are logged into Google, your data is directly allocated to your account. If you do not want this allocation to take place with your Google profile, then you must log out before activating the button. Google stores your data as a user profile and uses it for the purpose of advertising, market research and/or the requirement-oriented design of its website. Such an analysis takes place (even for users who are not logged in) in order to provide requirement-oriented advertising and to inform other users of the social network about your activities on our website, in particular. You are entitled to object to the creation of this user profile, whereby you are required to contact Google in order to exercise this right.

Further information about the purpose and scope of data collection and the processing of data by the plug-in provider can be found in the data privacy statements from the provider. There, you can also obtain additional information about your rights in respect of this and about the configuration options for the protection of your privacy: www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has subscribed to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.


9.    Legal basis for processing

Art. 6 I lit. a of the GDPR serves as Schüco's legal basis for the processing procedures, during which consent is obtained for a particular processing purpose (e.g. newsletters, My Workplace, careers page). If the processing of personal data is required for the fulfilment of a contract for which the contracting party is the person concerned, as, for example, is the case during the processing procedures required for a delivery of goods or the provision of another service or return service, then the processing shall be subject to Art. 6 I lit. b) of the GDPR. The same applies to any processing operations that are necessary for the implementation of pre-contractual measures. For example, in the event of an inquiry about our products or services, we are subject to a legal obligation which requires the processing of personal data, such as for the fulfilment of tax obligations, and the processing shall be based on Art. 6 I lit. c) of the GDPR. In rare cases, the processing of personal data could be necessary in order to protect vital interests of the person concerned, or to protect another individual. For example, this would be the case if a visitor was injured and consequently had to pass on details about their name, age, health insurance funds or other vital information to a doctor, hospital or other third party. In this instance, the processing is based on Art. 6 I lit. d) of the GDPR. Ultimately, processing procedures could be based on Art. 6 I lit. f) of the GDPR. Processing procedures which are not covered by any of the aforementioned legal foundations are based on this legal foundation if the processing is required to safeguard our legitimate interest or that of a third party, unless the interests, legal foundations and fundamental freedoms of the person concerned take precedence. In particular, we are authorised to carry out such processing procedures as they have been specifically referred to by the European legislator. In this respect, the legislator took the view that a legitimate interest could be accepted if the person concerned is a client of the responsible party (recital 47 sentence 2 of the German General Data Protection Regulation - GDPR).

Status as of: July 2019