We are very pleased about your interest in our company. Data protection is of a particularly high priority for the management of the Bieler+Lang GmbH. The use of the Internet pages of the Bieler+Lang GmbH is possible without any indication of personal data. However, if a data subject wants to use special services of our enterprise via our website, processing of personal data could become necessary. If processing of personal data is necessary and there is no legal basis for such processing, we will generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation, and in accordance with the country-specific data protection regulations applicable to the Bieler+Lang GmbH. By means of this data protection declaration, our company would like to inform the public about the nature, scope and purpose of the personal data we collect, use and process. Furthermore, by means of this data protection declaration, data subjects are informed about the rights to which they are entitled.
a) personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Person concerned
Data subject is any identified or identifiable natural person whose personal data are processed by the controller.
“Processing” constitutes any operation related to personal data performed with or without the aid of automated procedures. This includes the collection, recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person’s job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
g) Controller or person responsible for the processing
The controller or controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.
A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients.
Third parties are natural or legal persons, public authorities, bodies or entities other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
Consent shall mean any freely given indication of the data subject’s wishes for the specific case in an informed and unambiguous manner in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.
The legal basis
The General Data Protection Regulation (GDPR) protects personal data of natural persons. Data of legal persons are not subject to this protection. Personal data is individual information about personal or factual circumstances that can be attributed to your person (for example, your name in connection with your telephone number or your e-mail address). Information that cannot be directly linked to your actual identity (such as the items displayed to you on a website) is not covered.
Your data will be protected
Personal data is information about your identity. This includes, for example, information such as name, address, telephone number, e-mail address. It is not necessary for you to disclose personal data in order to use our website. In certain cases, however, we need your name and e-mail address and other information so that we can provide the requested services.
The same applies, for example, to the sending of information material or to answering individual questions. If this is necessary, we will point this out to you accordingly.
If you make use of services, only such data is collected that we require for the provision of the respective service. This data is processed solely for the purpose of fulfilling the requested services.
As far as we ask you for further data, this is voluntary information.
Your personal information will not be disclosed to third parties without your necessary consent.
Non-personal data collected automatically
When you use our Internet pages, the following data is stored for organizational and technical reasons: the names of the pages accessed, the browser and operating system used, the date and time of access, search engines used, names of downloaded files and your IP address.
We evaluate this technical data anonymously and only for statistical purposes, in order to be able to constantly optimize our Internet presence and make our Internet offers even more attractive. This anonymous data is stored separately from personal information on secure systems and does not allow any conclusions to be drawn about an individual person. Your personal data and your privacy are therefore protected at all times.
Our website integrates features from the provider Google Maps to visually display geographic information.
We use so-called “cookies” in various places on our website. Cookies are small text files that are stored by the web browser on your computer or mobile device. Cookies do not harm your computer or contain viruses and are automatically deleted when they expire. Some cookies expire when you end your Internet session, while others are stored for a specified amount of time.
Persons under the age of 18 should not submit personal information to us without the consent of their parent or guardian. We do not request, collect, or disclose personal information from children and adolescents to third parties.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected. We use this data exclusively for sending the requested information.
You can revoke your consent to the storage of data, e-mail address and their use for sending the newsletter at any time. To do so, select the “unsubscribe” link in the newsletter.
The processing of the data entered in the newsletter registration form is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
This website uses SendinBlue to send newsletters. The provider is SendinBlue SAS, 55 rue d’Amsterdam, 75008 Paris, France. SendinBlue is a service that organizes and analyzes the sending of newsletters. The data you enter for the purpose of receiving newsletters (for example, e-mail address) will be stored on SendinBlue’s servers.
Our newsletters sent with SendinBlue allow us to analyze the behavior of newsletter recipients. Among other things, this allows us to analyze how many recipients opened the newsletter message and how often which link in the newsletter was clicked. All links in the email are so-called tracking links, with which your clicks can be counted.
If you do not want analysis by SendinBlue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also revoke your consent at any time with effect for the future by sending an e-mail to the address given in our imprint.
The data you have deposited with us for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and the servers of SendinBlue after you unsubscribe from the newsletter. Data that has been stored by us for other purposes (e.g. e-mail addresses for the members’ area) remains unaffected by this.
We have entered into a contract with SendinBlue in which we require SendinBlue to protect our customers’ data and not share it with third parties.
Privacy in applications and during the application process
We also collect and process personal data of applicants within application procedures electronically, if an applicant sends his or her application documents to us by e-mail. If we conclude an employment contract with the applicant after the application process, the transmitted data will be stored for the purpose of the employment relationship in compliance with the statutory provisions. If we do not conclude an employment contract with the applicant, we will delete the application documents after two months after notification of rejection, provided that no other legitimate interests for our company oppose deletion, such as evidence in proceedings under the General Equal Treatment Act (AGG).
We have taken technical and organizational security measures to protect your personal data from loss, destruction, manipulation and unauthorized access. All of our employees and all third parties involved in data processing are obligated to comply with the Federal Data Protection Act and to handle personal data confidentially.
In the case of collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in accordance with technological developments.
Legal basis of processing
Art. 6 I lit. a DS-GVO serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. b DS-GVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DS-GVO. Finally, processing operations could be based on Art. 6 I lit. f DS-GVO. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, Sentence 2 DS-GVO).
Rightful interests in the processing pursued by the controller or a third party
Where the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is the conduct of our business for the benefit of the well-being of all our employees and our shareholders.
Duration of storage of personal data
For the storage of personal data, respective statutory retention periods apply. After expiry of the period, the corresponding data will be deleted, provided that they are no longer required for the fulfillment of the contract or the initiation of the contract. This includes legal or contractual requirements to provide the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing
We inform you that the provision of personal data is sometimes required by law (for example, tax regulations) or may also result from contractual provisions (for example, information about the contractual partner). In order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.
Existence of automated decision making
Our website does not use profiling or automated decision making.
Right of access, deletion, blocking as well as right of objection
According to Art. 15 to 18 DS-GVO, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing, as well as a right to correct, block or delete this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint. Furthermore, you can revoke your consent to the collection and storage of your personal data at any time. In all cases, please contact:
or send an e-Mail to: