Privacy policy for Rollex Förderelemente GmbH & Co. KG

Thank you for visiting our homepage. The protection of your personal data is an important matter for us.

In general you can use our homepage without stating your personal data. But the processing of personal data could be necessary if a person wants to make use of the services of our company. When the processing of personal data is necessary and there is no statutory basis regarding the processing, we always ask for the permission of the data subject.

The processing of personal data (e.g. name, address, email address or phone number of a data subject), always happens consistent with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and in conformance with the applicable national data protection provisions.

As we are responsible for the data processing, we implemented different technical and organisational matters to make the data processing of personal data on our homepage as safe as possible.

Please note that data transfers using the internet can be generally subject to security gaps, so we cannot ensure absolute protection.

We ask you to read the following information, so that you are fully informed about the collection and use of personal data on our homepage.

The homepage is not intended for children and we do not intentionally collect personal data of children.

1. Definitions

This data privacy statement uses the terms as used by the European Parliament and the Council of the European Union in Article 4 GDPR. This data privacy statement should be comprehensible for every person. Therefore we first define the terms that are used in the data privacy statement. Fort he purposes of this statement:

(1) ‘personal data’
means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

(2) ‘processing’
means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

(3) ‘restriction of processing’
means the marking of stored personal data with the aim of limiting their processing in the future;

(4) ‘profiling’
means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

(5) ‘controller’
means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

(6) ‘processor’
means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

(7) ‘recipient’
means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

(8) ‘third party’
means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;

(9) ‘consent’
of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Contact details of the controller

Controller for the purpose of the GDPR is:
Rollex Förderelemente GmbH & Co. KG
Represented by the directors Mr. Hans Rolf Lambeck, Mr. Patrick Lambeck & Mr. Olliver Mierau
Gewerbehof 22
59368 Werne (Germany)
Telephone: +49 (0) 2389 / 98970
Telefax: +49 (0) 2389 – 96866
Email: info@rollex-group.com

Data protection officer:
Sebastian Katzorke
SkySytems Datenschutz UG
Neumarkt 1
58642 Iserlohn (Germany)
Email: kunden@skysystems.biz

3. Collection and storage of personal data as well as nature and purpose of their use

a) When visiting the website:
The use of our website for informational purposes is generally possible without stating your personal data.

We collect a limited amount of our visitors data and use this information to improve the navigation on our website and to control our services. The following bits of information will be collected without your cooperation and will be stored until their automated erasure:

Technical data, as Internet Protocal (IP) Address, login data, type and version of your browser, time zone setting and location, browser plug-in types and versions, operating system and platform as well as other technology on the device, which is used to visit our website.

The legal basis for the data processing is Art. 6 (1) (f) (1st sentence) GDPR. The purposes, as stated above, form our legitimate interests. Under no circumstances we use the collected data to draw conclusions as to your person.

Furthermore, we use cookies and analytical services, about which you find more information in this data privacy statement.

b) When using the points of contact:
In the course of contacting us personal data will be collected. Those data will only be used and stored for contact purposes.

The legal basis for the data processing is our legitimate interest to handle your request, see Art. 6 (1) (f) (1st sentence) GDPR. If the objective to contact us, is to perform a contract or to take steps prior to entering into a contract (e.g. conclusion or negotiation of a contract), an additional legal basis is Art. 6 (1) (b) GDPR.

Subsequent to the processing of your request, your data will be erased. This is the case, when it appears that the matter is completely clarified and when no legal obligation to store the data exists.

c) When submitting application documents:
In the course of submitting application documents via email personal data will be collected.

The following personal data can be collected from the application documents:

  • Your identity (your full name, possible former names, confirmation of name changes, gender, date of birth and marital status)
  • Proof of your work entitlement, which can entail a photograph of yours, as well as your nationality, place of birth, drivers license etc. (in accordance with the legal provisions);
  • Your contact details, including your email address, your home address and your phone number;
  • Your criteria, preferences and expectations during your job search;
  • Your qualifications, skills, experience and education;
  • Your current compensation (salary and fringe benefits):
  • Your education;
  • Your professional career;
  • Details about references (previous employers or references from your education);
  • Letter of reference;
  • Additional information contained in your curriculum vitae or additional information provided by you.

These data will only be stored and used for the purposes of personnel placement.

The legal basis for the processing of the data is, according to Art. 6 (1) (a) GDPR, your consent to process your personal data for one or more specific purposes.

Your personal application data will generally be erased three month after conclusion of the application procedure. This deadline does not apply, if legal obligation contradict the erasure, if further storage for purposes of proof is necessary or if you have given explicit consent to further storage.

If there is currently no position for you, but we think that your application could be interesting for future vacancies, we store your personal application data for twelve month, when you have given explicit consent to such storage and use.

Furthermore, erasure occures prior to reaching the stated deadline, if you tell us to do so via mail or email.

4. Use of cookies

In order to make a visit to our website more attractive and to allow the use of certain functions, we use cookies on different pages. Cookies are small amounts of data, which are stored by the operator of the website on your computer. For the realization of some functions of our website data are stored in cookies (e.g. the navigation). Temporary cookies will be erased automatically when you close your browser. They only contain an identification number (Session ID), which allows the server to assign subsequent inquiries of the browser to the same user. Temporary cookies are used by a lot of servers. They do not pose a security risk.

If individual cookies also process personal data, the processing occurs in accordance with Art. 6 (1) (b) GDPR either for the performance of a contract or in accordance with Art. 6 (1) (f) GDPR for the purpose of the legitimate interests to provide the best functionality possible of our website, as well as to provide a customer-friendly visit and an effective arrangement of the website.

You have the choice whether you want to accept these cookies or decline them. You can decline these cookies, by modifying the setting in your browser. You can choose to accept all cookies, to get a notification when a cookie is set or to decline all cookies.

Every browser varies in how it manages the cookie-settings. The help menu of every browser describes how you can change the cookie-settings. You can find more information on how to change the cookie-settings of your browser under the the following links:

Internet Explorer:
http://windows.microsoft.com/de

Firefox:
https://support.mozilla.org/de

Chrome:
http://support.google.com/chrome

Safari:
https://support.apple.com/kb

Opera:
http://help.opera.com/Windows/de

If you decide to decline our cookies, it is possible that the functionality of our website decreases and that some functions cannot be used. We apologize for the inconvenience.

5. Transfer of personal data to third parties

In order to manage your request as efficient as possible we may transfer your personal data, in accordance with the national provisions, for different purposes and via several ways to the following recipients:

  • External service providers, who perform services on our behalf (e.g. external consultants, business partners and professional consultants such as lawyers or accountants, technical support and IT-consultants)
  • Tax authorities, audit authorities or other authorities, when we are in good faith convinced, that we are legally obliged to transfer those data (e.g. if there is a request of a tax authority or a request connected to an anticipated lawsuit
  • Credit companies regarding a credit assessment
  • Service providers of printed items and advertising partners
  • Marketing technology platforms and suppliers
  • Logistics companies
  • Host Europe GmbH Köln (concerning the hosting of the website; your IP–adress and the time of your visit is transferred)

If we transfer your personal data to third parties, the amount of the transferred data is restricted to the necessary minimum.

We only transfer your personal data to third parties, if:

  • You have given your explicit consent to do so, according to Art. 6 (1) (a) GDPR,
  • The transfer is, under Art. 6 (1) (f) GDPR, necessary for the enforcement, the exercise or the defence of legal claims and if there is no reason to believe that you have an overriding and legitimate interest in preventing the data to be transferred,
  • There is a legal obligation, as referred to in Art. 6 (1) (c) GDPR,
  • The transfer is necessary for the performance of a contract to which you, as data subject, are party, see Art. 6 (1) (b) GDPR

6. Data protection

To transfer data we use the so-called SSL (Secury Socket Layer) security system with 256 bit encoding. The encoded datatransfer is identifiable through the closed padlock, which you can see on the left side of the browser bar.

7. Google Maps

Our website is using the map service Google Maps, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA via an API (application programming interface). To use the functions of Google Maps it is necessary to process your IP address. Normally, this information is transferred to a server from Google located in the United States of America and is stored there. We have no influence on this data transfer. When you access a page that includes Google Maps, your browser connects directly with the Google servers.

By using Google Maps we pursue an attractive display of our website and services. Furthermore we have an interest in an easy findability of our displayed agencies.

The previously named interests form our legitimate interests, in the sense of Art. 6 (1) (f) GDPR.

Further details about data processing by Google can be found in the Google Privacy Policy:
https://policies.google.com/en.

8. Use of video content

On our website we display videos from YouTube, a service provided by YouTube, LLC, 901 Cherry Avw, San Bruno, CA 94066, USA. If you access a website that has an embedded video, a connection tot he YouTube servers is established by your browser. The video content is transmitted directly to your browser by YouTube and embedded into the website. We have no influence on the scope and use of data that YouTube collects during this process. Further details about data processing by YouTube can be found in the privacy guidelines of YouTube: https://support.google.com/youtube

We have embedded our videos using the extensive data protection mode. As a result the number processed data is kept as low as possible.

By using YouTubes service we pursue an attractive display of our website and services. Furthermore we have an interest in informing our clients about the newest developments.

The previously named interests form our legitimate interests, in the sense of Art. 6 (1) (f) GDPR.

9. Rights of the data subject

a) Right of access (Art. 15 GDPR)
As data subject, you have access to your personal data processed by us. Furthermore, you have access to the information on the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; the right to lodge a complaint with a supervisory authority; where the personal data are not collected from the data subject, any available information as to their source; the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject. Where personal data are transferred to a third country or to an international organisation, you shall have the right to be informed of the appropriate safeguards pursuant to Article 46 relating to the transfer.

b) Right to rectification (Art. 16 GDPR)
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning yourself and you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

c) Right to erasure (Art. 17 GDPR)
You have the right to obtain from us the erasure of personal data concerning yourself without undue delay. The right can however not be exercised, if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest in the area of public health, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes or for the establishment, exercise or defence of legal claims.

d) Right to restriction of processing (Art. 18 GDPR):
You have the right to obtain from us restriction of processing where the accuracy of your personal data is contested by yourself, for a period enabling us to verify the accuracy of your personal data; the processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead; we no longer need your personal data for the purposes of the processing, but they are required by yourself for the establishment, exercise or defence of legal claims; or where you have objected to processing pursuant to grounds relating to your particular situation, pending the verification whether our legitimate grounds override yours.

e) Right to be informed (Art. 19 GDPR)
We shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18 to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. We shall inform you about those recipients if you request it.

f) Right to data portability (Art. 20 GDPR)
You have the right to receive the personal data concerning yourself, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us where the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR, and where the processing is carried out by automated means.

g) Right to withdraw your consent (Art. 7 (3) GDPR)
You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, you shall be informed thereof. It shall be as easy to withdraw as to give consent. In case of withdrawing your consent, we will erase the concerned data immediately, provided that further processing cannot be based on a legal basis for data processing without consent.

h) Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
If you consider that the processing of personal data relating to yourself infringes the GDPR, you have the right to lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint can be exercised without prejudice to any other administrative or judicial remedy.

For the State of Nordrhein-Westfalen in Germany the supervisory authority is the „Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen“. For more information you can visit its website (https://www.ldi.nrw.de/index).

10. Links to websites of third parties

The links which are published on our website are researched and put together by us with the utmost caution. However, we have no influence on the current and future composition of the linked websites. We are not responsible for its content and we explicitly do not make the content our own. It is the provider of the website, which is linked, only, who is liable for illegal, incorrect or incomplete content and damages, whic occur as a result of the use or disuse of those infomations. The liability of the one, who only indicates the publishing by providing the link to the website is excluded. We are only liable for external informations, that includes also possible illegal or criminal content, as long as we have positive knowledge of them, have the technical possibility and it is reasonable to prevent their use.

11. Right to object

At any time you can use your right to object the processing of your personal data by sending us a written statement via email (info@rollex-group.com) or via mail. Please note, that the objection will only have effect for the future. If you use your right to object, we will terminate the processing of the concerned data.

12. Duration of storage of personal data

The duration of the storage of personal data will be calculated according to the applicable period of retention. After the deadline has expired, the concerned data will be erased routinely, provided that they are no longer necessary to perform a contract or to take steps prior to entering into a contract, respectively we have no further interest in retaining your personal data.

13. Timeliness and modification of this data privacy statement

This data privacy statement is currently valid and is made as of June 2018. In the course of the development of our website and our services or because of changes of legal or official requirements it can be necessary to modify this data privacy statement.