3.4 Google Web Fonts
Google Fonts are used on these internet pages in order to display content correctly and in a graphically appealing way on all browsers. This is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland (registration number: 368047), whose registered office is at Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
The integration of these web fonts is carried out via an external Google server request. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Google’s servers. This allows Google to know that your IP address has been used to access this website. If your browser does not support web fonts, a default font will be used by your computer.
Purposes of data processing | legal basis | further information
The fonts are integrated on the basis of Art. 6(1)(f) GDPR. The legitimate interest is to ensure the demand-oriented as well as appealing, cross-device and uniform presentation and the continuous improvement of our website, for search engine optimisation and to shorten loading times.
Information about Google Web Fonts https://developers.google.com/fonts/faq
3.5 Integration of Google Maps
This website displays maps from the Google Maps service. This is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland (registration number: 368047), whose registered office is at Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
When you visit one of our pages with Google Maps, your browser establishes a direct connection to Google’s servers and retrieves a map there in order to display it. To use the functions of Google Maps, it is necessary to process your IP address and information about your possible use of the map. This information is transmitted from your internet browser to a Google server in the USA and processed there by Google. The provider of this site has no influence on this data transmission. When Google Maps is enabled, Google may use Google Web Fonts for the purpose of displaying fonts in a consistent manner. When you call up Google Maps, your browser loads the necessary web fonts into your browser cache in order to display texts and fonts correctly.
Purposes of data processing | legal basis | further information
The legal basis for temporarily storing your data can be found in Art. 6(1)(f) GDPR. The balancing of interests is based on our legitimate and overriding interest in presenting directions to you as well as making it easy for you to find our partners.
4 Further functions and services of our website
In addition to the purely informative use of our website, we offer various services that you can use if you are interested in them. For this purpose, you will usually have to provide further personal data which we use to provide the respective service and to which the aforementioned data processing principles apply.
4.1 Request by email, telephone or fax
We offer you the options of contacting us by email, telephone or fax, the use of which involves the storage and processing of the user’s personal data (e.g. name, enquiry). The data is used exclusively for further conversation and for the purpose of processing your request and will not be passed on to third parties without your consent. For the processing of data, which are transmitted in the course of contacting us, there is a legitimate interest in the effective processing of the inquiries directed to us according to Art. 6(1)(f) GDPR.
If the contact is for the purpose of concluding a contract, the legal basis for the processing according to Art. 6(1)(b) GDPR must also include the implementation of pre-contractual measures and any subsequent processing for the fulfilment of a contract. In all other cases, the processing is based on our legitimate interest in the effective handling of the requests addressed to us (Art. 6(1)(f) GDPR).
Personal data processed by us in the context of a general contact enquiry by email, telephone or fax are only stored by us until the respective correspondence has ended. The conversation is terminated when it is clear from the circumstances that the matter in question has been conclusively clarified. Mandatory legal provisions – in particular retention periods – remain unaffected.
In the case of email contact with us, you can of course also object to the storage of your personal data at any time. However, in this case, the conversation cannot be continued.
4.2 Use of the contact form
A contact form is also available on our website, which can be used to contact us electronically. The data entered by the user is transmitted to us and stored. This includes your first and last name and your email address as mandatory fields, all other information is voluntary and goes beyond what is necessary. Your consent forms the legal basis for the processing of data when using the contact form in accordance with Art. 6(1)(a) GDPR.
If the contact is for the purpose of concluding a contract, the legal basis for the processing according to Art. 6(1)(b) GDPR must also include the implementation of pre-contractual measures and any subsequent processing for the fulfilment of a contract.
Personal data that is processed by us in the context of a general contact inquiry via the contact form is only stored until the respective correspondence has ended.
The conversation is terminated when it is clear from the circumstances that the matter in question has been conclusively clarified. Mandatory legal provisions – in particular retention periods – remain unaffected.
If you contact us, you can of course object to the storage of your personal data at any time. However, in this case, the conversation cannot be continued.
4.3 Collection and use of personal data in the job application process
During the application process, it is important to us to ensure the highest possible level of protection for your personal data. For this reason, all personal data collected and processed by us as part of an application are protected by technical and organisational measures against unauthorised access and manipulation.
We process personal applicant data such as name, contact details, curriculum vitae etc. for the selection or recruitment process with the aim of filling positions in the company.
The legal basis for processing your personal data is the establishment, implementation and termination of a contractual relationship pursuant to Art. 6(1)(b) GDPR, the fulfilment of a legal obligation pursuant to Art. 6(1)(c) GDPR, as well as on the basis of your consent by voluntarily providing data that is not absolutely necessary for the purpose (e.g. hobbies in your curriculum vitae).
Furthermore, processing takes place on the basis of the following legitimate interests according to Art. 6(1)(f) GDPR:
- to improve our application processes,
- to ensure compliance regulations, industry standards and contractual obligations,
- for the assertion, exercise or defence of legal claims,
- as well as to avoid damage and/or liability of our company by appropriate measures.
After the respective purpose has been achieved, your data will be deleted, but before that it will be kept for as long as is necessary to defend legal claims or against any AGG accusations or claims for compensation or damages in the event of a breach of the prohibition of discrimination pursuant to Section 15 AGG (Allgemeines Gleichbehandlungsgesetz – German Act on Equal treatment). This is generally for six months. We ask particularly interesting applicants, who cannot be considered at present, for their consent to a longer-term storage (usually one year); the legal basis here is Art. 6(1)(a) GDPR. If accounting-relevant processing has been carried out, such as the reimbursement of travel expenses, the data required for this will be deleted in compliance with the statutory retention periods, which are generally 6 or 10 years.
If your application is successful and we are allowed to welcome you to our company on the basis of a contractual agreement, we will transfer the data collected during the application process to our HR files.
5 Web analysis
5.1 Integration of Google Tag Manager
We use Google Tag Manager. This is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland (registration number: 368047), whose registered office is at Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies or perform any independent analyses. It is only used for the administration and activation of the tools integrated in it. However, Google Tag Manager collects your IP address, which may also be transferred to Google’s parent company in the United States.
Purposes of data processing | legal basis | further information
The legal basis for the resulting processing of your data in this case is Art. 6(1)(a) GDPR. This can be revoked at any time by using our cookie consent tool.
Information about Google Tag Manager: https://www.google.com/intl/de/tagmanager/use-policy.html.
5.2 Use of Google Analytics
This website uses Google Analytics for web analysis. This is a service provided by Google Ireland Limited, a company incorporated and operated under the laws of Ireland (registration number: 368047), whose registered office is at Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
Google Analytics uses technologies that enable the recognition of users for the purpose of analysing their user behaviour, such as cookies or device fingerprinting. These enable the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, duration of visit, operating systems used and the location of the user. This data may be summarised by Google in a profile that is assigned to the respective user or their terminal device.
The information generated about the use of this website is usually transferred to a Google server in the USA and stored there.
However, if IP anonymisation is enabled on this website, Google will previously truncate your IP address within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.
Demographic characteristics in Google Analytics
This website uses the “demographic characteristics” feature of Google Analytics to display appropriate advertisements to website visitors within the Google advertising network. This allows reports to be generated that include statements about the age, gender and interests of site visitors. This data comes from Google’s interest-based advertising and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the point “Objection to data collection”.
Purposes of data processing | legal basis | further information
We use Google Analytics to analyse and continually improve the use of our website. The statistics obtained enable us to improve our services and make it more interesting for you as a user.
The legal basis for the data processing associated with this is Art. 6(1)(a) GDPR in conjunction with your consent. This can be revoked at any time by using our cookie consent tool. This can be revoked at any time by using our cookie consent tool.
The data stored by Google at user and event level, which are linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID, etc.), are anonymised or deleted after 2 months. Details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=de.
Of course, we have concluded a data processing contract with Google and fully implement the strict specifications when using Google Analytics.
User terms and conditions: http://www.google.com/analytics/terms/de.html
6 Our social media presence
6.1 General information
We appreciate your interest in our social media presence. The protection of your personal data on the occasion of your visit to one of our social media pages is particularly important for the management of HMT – Häseler Metall Technik GmbH. With the following information we give you an overview of how we process your personal data and your rights with regard to data protection. Personal data is information that can be used to identify you personally, such as your name, address, email address, user behaviour.
Controller responsible for data processing
Pursuant to Art. 4(7) of the EU General Data Protection Regulation (GDPR) and the applicable country-specific data protection provisions, the responsible controller is partly us:
HMT – Häseler Metall Technik GmbH
Industriestraße 5 | D-78112 St. Georgen
+49 (0) 77 24 / 885-0 | firstname.lastname@example.org
We operate the following social media channels:
In addition to our company, the respective operators of the social media platforms are partly responsible for data processing on the respective platform. For certain processing operations, we and the platform operators act as joint controllers within the meaning of Art. 26 GDPR.
Please refer to chapter 6.6 for the contact details of the respective social media platform.
6.2 Purpose of data processing on social media sites
We maintain publicly accessible profiles on social networks. The individual social networks used by us can be found below. The purpose of such social media presence is public relations, i.e. to offer our customers information about offers, products, competitions, news and, of course, to interact with our visitors on the various platforms on all these topics, including answering corresponding queries. The user can visit our social media pages purely for informative reasons without personal data actively being supplied or collected. In addition, the social media platforms offer the opportunity to leave a wide variety of content such as videos, images, public messages and comments (posts) on our company profiles. In the case of unlawful or inappropriate posts and content on our pages (this includes, among other things, posts, images or videos that violate or infringe the law, hate comments, lewd comments, explicitly sexual content, or violations of copyrights, personal rights or criminal laws), we are jointly responsible with the operator of the platform for their erasure. In the case of communication addressed directly to us (personal private message, letter or email), the operator has no opportunity to intervene.
Social media platforms can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media sites may trigger numerous processing operations relevant to data protection. These include, for example:
- If you are logged into your social media account and visit our social media page, the operator of the social media platform can assign this visit to your user account. Your personal data may also be collected if you are not logged in or do not have an account with the respective social media platform. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or due to the technically required collection of various data and information, such as your IP address, in so-called log files or server log files.
- With the help of the data collected in this way, the operators of the social media platforms can create user profiles in which your preferences and interests are stored. In this way, you may be shown interest-based advertising within and outside of the respective social media profile. If you have an account with the relevant social network, the interest-based advertising may be displayed on all devices that you are logged into or have been logged into.
Where we are given the opportunity, we take care to design our social media pages to be as data protection friendly as possible.
6.3 Legal basis
Our social media pages are part of our public relations work and are intended to ensure the broadest possible presence on the internet. In addition, we have a legitimate interest in responding to queries from our users and visitors and thus maintaining and promoting customer satisfaction. This is a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
The analysis processes initiated by the social networks may have different legal bases, which are to be specified by the operators of the social media platforms (e.g. consent within the meaning of Art. 6(1)(a) GDPR).
6.4 Recipients/categories of recipients
Unless otherwise stipulated in the detailed descriptions, only the departments in our company that need access to your data to fulfil our contractual and legal obligations or to implement our legitimate interests will have access to it. We will only pass on information about you to parties outside the company if this is permitted or required by legal or official notification obligations, if the transfer is necessary for the processing and thus the fulfilment of the contract or, at your request, for the implementation of pre-contractual measures, if we have your consent or if we are authorised to provide information.
If we use contracted service providers for individual functions of our services, these have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored. Your personal data will then be processed on the basis of data processing contracts in accordance with Art. 28 GDPR and we will ensure that the processing of personal data is carried out in accordance with the provisions of the GDPR.
6.5 Storage period
The data collected directly by us via social media pages will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection policy, see below). Other cookies remain on your terminal device until you delete them.
Public posts by you on any of our social media pages will generally remain in place indefinitely. Of course, you do have the opportunity to erase the post independently. As already described above, we reserve the right to delete unlawful or inappropriate posts and content on our social media pages.
In the event of the erasure of your data or content by the social media platform operator, we have no means of intervention. In addition, the data protection provisions of the respective platform operators apply.
6.6 Social networks in detail
- Facebook: We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected is also transferred to the US and other countries, according to Facebook.
You can adjust your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
- Instagram: We have a profile on Instagram. The provider is Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
- XING: We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.
7 Changes to our Data Protection Policy
We reserve the right to adapt this Data Protection Policy to ensure that it always corresponds to current legal requirements, or to enter changes to our services in the Data Protection Policy, e.g. when introducing new services. Subsequent visits to our website will then be subject to the new Data Protection Policy.