Privacy

Privacy policy of
Bieler+Lang GmbH

Status: 08.03.2021

We are very pleased about your interest in our company. Data protection is of a particularly high priority for the management of the Bieler+Lang GmbH. The use of the Internet pages of the Bieler+Lang GmbH is possible without any indication of personal data. However, if a data subject wants to use special services of our enterprise via our website, processing of personal data could become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation, and in accordance with the country-specific data protection regulations applicable to the Bieler+Lang GmbH. By means of this data protection declaration, our company would like to inform the public about the nature, scope and purpose of the personal data we collect, use and process. Furthermore, by means of this data protection declaration, data subjects are informed about the rights to which they are entitled.

Definitions

The privacy policy of Bieler+Lang GmbH should be understandable for our customers and business partners and all terms used therein should leave no questions unanswered. The terms originate from the General Data Protection Regulation (DS-GVO), which was used by the European Directive and Regulation Maker when it was enacted. Below we have explained all the terms used.

We use the following terms, among others, in this Privacy Policy:

a)      personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b)      Person concerned

Data subject is any identified or identifiable natural person whose personal data are processed by the controller.

c)      Processing

“Processing” constitutes any operation related to personal data performed with or without the aid of automated procedures. This includes the collection, recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.

d)      Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e)      Profiling

Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person’s job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

f)       Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g)      Controller or person responsible for the processing

The controller or controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

h)      Processor

Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.

i)       Recipient

A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients.

j)       Third

Third parties are natural or legal persons, public authorities, bodies or entities other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

k)      Consent

Consent shall mean any freely given indication of the data subject’s wishes for the specific case in an informed and unambiguous manner in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.

The legal basis

The General Data Protection Regulation (GDPR) protects personal data of natural persons. Data of legal persons are not subject to this protection. Personal data is individual information about personal or factual circumstances that can be attributed to your person (for example, your name in connection with your telephone number or your e-mail address). Information that cannot be directly linked to your actual identity (such as the items displayed to you on a website) is not covered.

Scope

This privacy policy informs users about the nature, scope and purposes of the collection and use of personal data by the responsible provider Bieler+Lang GmbH, Von-Drais-Straße 31, 77855 Achern, Germany on this website (hereinafter referred to as the “Offer”).

Your data will be protected

Personal data is information about your identity. This includes, for example, information such as name, address, telephone number, e-mail address. It is not necessary for you to disclose personal data in order to use our website. In certain cases, however, we need your name and e-mail address and other information so that we can provide the requested services.

The same applies, for example, to the sending of information material or to answering individual questions. If this is necessary, we will point this out to you accordingly.

If you make use of services, only such data is collected that we require for the provision of the respective service. This data is processed solely for the purpose of fulfilling the requested services.

As far as we ask you for further data, this is voluntary information.

Your personal information will not be disclosed to third parties without your necessary consent.

Non-personal data collected automatically

When you use our Internet pages, the following data is stored for organizational and technical reasons: the names of the pages accessed, the browser and operating system used, the date and time of access, search engines used, names of downloaded files and your IP address.

We evaluate this technical data anonymously and only for statistical purposes, in order to be able to constantly optimize our Internet presence and make our Internet offers even more attractive. This anonymous data is stored separately from personal information on secure systems and does not allow any conclusions to be drawn about an individual person. Your personal data and your privacy are therefore protected at all times.

Privacy Policy Google Maps

Our website integrates features from the provider Google Maps to visually display geographic information.

This Google Maps, a map service of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google Maps). When calling up our website, which is equipped with a map, the website causes the browser used by the data subject to load a corresponding map display. When Google Maps is used, data on the use of the Maps functions by visitors to the websites is also collected, processed and used. More information about the data processing by Google can be found in Google’s privacy policy https://policies.google.com/privacy?hl=de.

Cookies

We use so-called “cookies” in various places on our website. Cookies are small text files that are stored by the web browser on your computer or mobile device. Cookies do not harm your computer or contain viruses and are automatically deleted when they expire. Some cookies expire when you end your Internet session, while others are stored for a specified amount of time.

The cookies on our Internet pages do not collect any personal data as a matter of principle. We use cookies to make it easier for you to visit our website and to tailor it to your needs. Of course, you can also view our website without cookies. You can use your browser settings to disable cookies from being stored on your computer. You can also delete existing cookies via the browser settings. In this case, however, it is possible that it comes to functional restrictions of our website.

Children

Persons under the age of 18 should not submit personal information to us without the consent of their parent or guardian. We do not request, collect, or disclose personal information from children and adolescents to third parties.

Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected. We use this data exclusively for sending the requested information.

You can revoke your consent to the storage of data, e-mail address and their use for sending the newsletter at any time. To do so, select the “unsubscribe” link in the newsletter.

The processing of the data entered in the newsletter registration form is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

This website uses SendinBlue to send newsletters. The provider is SendinBlue SAS, 55 rue d’Amsterdam, 75008 Paris, France. SendinBlue is a service that organizes and analyzes the sending of newsletters. The data you enter for the purpose of receiving newsletters (for example, e-mail address) will be stored on SendinBlue’s servers.

Our newsletters sent with SendinBlue allow us to analyze the behavior of newsletter recipients. Among other things, this allows us to analyze how many recipients opened the newsletter message and how often which link in the newsletter was clicked. All links in the email are so-called tracking links, with which your clicks can be counted.

If you do not want analysis by SendinBlue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also revoke your consent at any time with effect for the future by sending an e-mail to the address given in our imprint.

The data you have deposited with us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and the servers of SendinBlue after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the members’ area) remains unaffected by this.

For more detailed information, please refer to SendinBlue’s privacy policy at: https://de.sendinblue.com/legal/privacypolicy/.

We have entered into a contract with SendinBlue in which we require SendinBlue to protect our customers’ data and not share it with third parties.

Privacy in applications and during the application process

We also collect and process personal data of applicants within application procedures electronically, if an applicant sends his or her application documents to us by e-mail. If we conclude an employment contract with the applicant after the application process, the transmitted data will be stored for the purpose of the employment relationship in compliance with the statutory provisions. If we do not conclude an employment contract with the applicant, we will delete the application documents after two months after notification of rejection, provided that no other legitimate interests for our company oppose deletion, such as evidence in proceedings under the General Equal Treatment Act (AGG).

Safety

We have taken technical and organizational security measures to protect your personal data from loss, destruction, manipulation and unauthorized access. All of our employees and all third parties involved in data processing are obligated to comply with the Federal Data Protection Act and to handle personal data confidentially.

In the case of collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in accordance with technological developments.

Change to our privacy policy

We reserve the right to change our security and privacy practices as necessary due to technological developments. In these cases, we will also adjust our privacy notices accordingly. Therefore, please refer to the latest version of our privacy policy.

Links

When you use external links provided as part of our web pages, this privacy policy does not extend to those links. When we provide links, we strive to ensure that they also comply with our privacy and security standards. However, we have no influence on other providers’ compliance with data protection and security regulations. Therefore, please also inform yourself on the websites of the other providers about the data protection declarations provided there.

Legal basis of processing

Art. 6 I lit. a DS-GVO serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DS-GVO. Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, Sentence 2 DS-GVO).

Rightful interests in the processing pursued by the controller or a third party

Where the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is the conduct of our business for the benefit of the well-being of all our employees and our shareholders.

Duration of storage of personal data

For the storage of personal data, respective statutory retention periods apply. After expiry of the period, the corresponding data will be deleted, provided that they are no longer required for the fulfillment of the contract or the initiation of the contract. This includes legal or contractual requirements to provide the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing

We inform you that the provision of personal data is sometimes required by law (for example, tax regulations) or may also result from contractual provisions (for example, information about the contractual partner). In order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.

Existence of automated decision making

Our website does not use profiling or automated decision making.

Right of access, deletion, blocking as well as right of objection

According to Art. 15 to 18 DS-GVO, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing, as well as a right to correct, block or delete this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint. Furthermore, you can revoke your consent to the collection and storage of your personal data at any time. In all cases, please contact:

Bieler+Lang GmbH
Von-Drais-Straße 31
77855 Achern

Tel.: +49-7841-6937-0
Fax: +49-7841-6937-90

or send an e-Mail to:
E-Mail: datenschutz@bieler-lang.de