Datenschutzerklärung
Personenbezogene Daten sind solche Daten, welche die Bestimmung ihrer Person ermöglichen. Dabei kommt es nicht darauf an, ob die Bestimmung aufgrund einer einzelnen Information gewonnen werden kann. Je mehr Informationen und Daten zusammengeführt werden können desto genauer ist die Person bestimmbar. Zu den personenbezogenen Daten gehören z.B. der Name, die Anschrift, das Alter, die E-Mail-Adresse und die Telefonnummer einer Person.
1. Erhebung, Verarbeitung und Speicherung personenbezogener Daten durch MAPAL
MAPAL erhebt, verarbeitet und speichert Ihre personenbezogenen Daten nur dann, wenn dies aufgrund gesetzlicher Vorschriften erlaubt ist oder Sie Ihre Einwilligung dazu gegeben haben. Diese Daten erhalten wir auf zwei Wegen: Entweder Sie haben uns die Daten mitgeteilt oder wir erheben sie bei der Nutzung unserer Dienste.
Die Bereitstellung von personenbezogenen Daten im Rahmen dieser Website ist weder gesetzlich oder vertraglich vorgeschrieben, noch ist sie für einen Vertragsabschluss erforderlich. Allerdings können Sie einzelne Dienste dieser Website bzw. unseres Angebots nicht nutzen, wenn Sie keine Daten bereitstellen.
1.1. Daten, die Sie uns mitteilen
In der Regel können Sie unsere Webseite nutzen, ohne dass Sie uns personenbezogene Informationen direkt mitteilen. Für einige Dienste werden wir von Ihnen personenbezogene Informationen erfragen, um den jeweiligen Dienst schnell und nutzerfreundlich abwickeln zu können oder den Service überhaupt anbieten zu können. Detaillierte Informationen zu allen Diensten, die von MAPAL auf dieser Webseite angeboten werden, finden Sie unter dem Punkt „Einzelne Dienste“ (siehe unten, Ziffer 3).1.2. Daten, die wir durch Ihre Nutzung unserer Dienste erhalten
Einige Daten fallen automatisch und aus technischen Gründen bereits dann an, wenn Sie unsere Webseite besuchen. Folgende Informationen werden dabei ohne Ihr Zutun erfasst und bis zur automatisierten Löschung gespeichert:- IP Adresse,
- verwendeter Webbrowser inklusive Sprache und Version der Browsersoftware,
- verwendetes Betriebssystem und dessen Oberfläche,
- Webseite, über die der Zugriff erfolgt (Referrer-URL),
- Datum und Uhrzeit des Zugriffs.
- Gewährleistung eines reibungslosen Verbindungsaufbaus der Website,
- Gewährleistung einer komfortablen Nutzung unserer Website,
- Auswertung der Systemsicherheit und –stabilität,
- statistische Auswertungen.
Darüber hinaus setzen wir beim Besuch unserer Website Cookies ein. Nähere Erläuterungen dazu erhalten Sie unter der Ziffer 2 dieser Datenschutzerklärung.
1.3. Weitergabe von Daten
Grundsätzlich werden personenbezogene Daten von uns nicht an Dritte übermittelt. Sofern im Einzelfall eine Übermittlung an Dritte stattfindet, erfolgt dies auf der Grundlage geeigneter Vereinbarungen.In Einzelfällen kann es – etwa zur Durchführung von Verträgen – erforderlich sein, dass wir Informationen an Empfänger in sog. „Drittländern“ übermitteln müssen. „Drittländer“ sind Länder außerhalb der Europäischen Union oder des Abkommens über den Europäischen Wirtschaftsraum, in denen ohne Weiteres nicht von einem Datenschutzniveau ausgegangen werden kann, das mit dem in der Europäischen Union vergleichbar ist. Sofern die übermittelten Informationen auch personenbezogene Daten umfassen, stellen wir vor einer solchen Übermittlung sicher, dass in dem jeweiligen Drittland oder bei dem Empfänger in dem Drittland das erforderliche angemessene Datenschutzniveau gewährleistet ist. Dies kann sich insbesondere aus einem sog. „Angemessenheitsbeschluss“ der Europäischen Kommission ergeben, mit der ein angemessenes Datenschutzniveau für ein bestimmtes Drittland insgesamt festgestellt wird. Alternativ können wir die Datenübermittlung auch auf die mit einem Empfänger vereinbarten sog. „EU Standardvertragsklauseln“ stützen. Weitere Informationen zu den geeigneten und angemessenen Garantien zur Einhaltung eines angemessenen Datenschutzniveaus stellen wir Ihnen gerne auf Anfrage zur Verfügung.
Weitere Informationen zu den sog. EU Standardvertragsklauseln finden Sie (in Englisch) unter https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en und Informationen zu den Angemessenheitsbeschlüssen (in Englisch) unter https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.
Wir stellen durch entsprechende Maßnahmen und regelmäßige Kontrollen sicher, dass die von uns erhobenen Daten nicht durch Unbefugte von außen eingesehen oder abgegriffen werden können.
2. Verwendung von Cookies
2.1. Begriffserklärung
Bei „Cookies“ handelt es sich um kleine Dateien, die Ihr Browser automatisch erstellt und die auf Ihrem Endgerät (Laptop, Tablet, Smartphone, etc.) gespeichert werden.In Cookies werden Informationen abgelegt, die sich jeweils im Zusammenhang mit dem spezifisch eingesetzten Endgerät ergeben. Dies bedeutet nicht, dass wir dadurch unmittelbar Kenntnis von Ihrer Identität erhalten. Der Einsatz von Cookies dient dazu, die Nutzung unseres Angebots für Sie angenehmer zu gestalten. Dabei lassen sich folgende Arten von Cookies unterscheiden.
Unbedingt notwendige Cookies werden für den Betrieb einer Webseite benötigt und sind unerlässlich, um auf dieser zu navigieren und deren Funktionen zu nutzen. Diese Cookies werden nicht dauerhaft auf Ihrem Computer oder Gerät gespeichert und werden gelöscht, wenn Sie den Browser schließen (Sitzungs-Cookies).
Statistische, analytische und Performance-Cookies ermöglichen es, die Anzahl der Besucher und Traffic-Quellen zu erfassen und zu zählen, um die Leistung der Website zu messen und zu verbessern. Sie dienen auch dazu herauszufinden, ob bei bestimmten Seiten Probleme oder Fehler auftreten, welche Seiten am beliebtesten sind und wie Besucher auf der Website navigieren. Analytische / Performance-Cookies nach einer definierten Vorhaltezeit gelöscht.
Tracking-Cookies werden dazu benutzt die Besuche und einzelne Aktivitäten auf Webseiten nachverfolgen. Sie dienen dazu, die Nutzung von Webseiten statistisch zu erfassen und auszuwerten. Diese Cookies werden nach einer jeweils definierten Zeit automatisch gelöscht.
2.2. Einsatz bei MAPAL
In your browser you can display the cookies on your computer, delete the cookies or set up the configuration such that not all of the cookies or no cookies are saved any longer. Please note that some functions may not work or may not work correctly if you deactivate the usage of cookies.
3. Individual services
3.2. Email newsletter
If you register for the MAPAL Newsletter, you provide your express consent. For this purpose we will need your e-mail address. You can receive a more personalised newsletter by providing us with further information about your company, as well as name and contact information.
Individual links in the newsletter are personalised so that we can recognise which content is of particular interest to readers and so we can improve our range of services on this basis.To be able to answer your query quickly and specifically, you should provide us with further information on your company, as well as your name and contact data.
By means of a tracking pixel in the newsletter, we may also receive information on whether the newsletter has been opened. You can prevent this in your e-mail system by not allowing any external images.
Your data will be used only for the purpose of sending the newsletter as per art. 6 para. 1 lit. a GDPR. For this purpose we use a tool from a service provider; the service provider receives your data within the statutorily permitted, contractually regulated framework. You can view, change or delete your data at any time.
3.3. Online Shop
The data that we collect about you in our online shop is used exclusively to ensure a trouble-free ordering process. It is necessary to register and create a customer account before you can place an order in our online shop. To create a customer account, you will need to provide us with personal data such as your name, address, telephone number and e-mail address. We process your personal data in connection with the customer account, so that we can provide our services and protect our legitimate interests based on Art. 6 (1)(b) and (f) GDPR. We have a legitimate interest in being able to offer the service to our users and to avoid interruptions and attempted fraud.We will delete your data stored within the customer account, at the latest when you inform us that we should delete your profile, unless applicable law obliges or entitles us to retain the data longer.
In the case of parcel deliveries and freight forwarding deliveries, we pass on your name, address and telephone number to our contractually bound service providers so that they can process the delivery and communicate with you if necessary to announce and coordinate the delivery. The legal basis for the associated data processing is Art. 6 Para. 1 b) GDPR, i.e. the processing of your data is necessary for the fulfilment of the purchase contracts and delivery agreements.
We use the same tracking functions in the online shop as on our website. The purpose of this is to optimise the online shop. Please see the relevant chapter of this data privacy policy for more information.
3.4. Catalogue mailing
To mail our catalogues we need your name, your address as well as how to contact you if you are absent. For this purpose we collect your telephone number as well as your e-mail address. These data are processed based on art. 6 para. 1 sentence 1 lit. f GDPR.We use these data once for mailing the catalogues and brochures required. A service provider undertakes the picking and mailing of print media for us. This service provider uses your data once within the statutorily permitted, contractually regulated framework to safeguard the provision and mailing of catalogues and brochures. Your data will then be deleted without delay.
3.5. Google Analytics
We use Google Analytics on our website, which is a web analysis service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). This function is only activated if you grant us your consent in accordance with Point a) of Art. 6(1) GDPR or Point a) of Art. 49(1). Google Analytics uses “cookies”. These are text files that are placed on your computer to help the website analyse how users use the site. The information that is generated by the cookie regarding your use of the website is usually transferred to a Google server in the US where it is stored. We have activated IP shortening on this website so that your IP address is shortened in advance by Google within member states of the European Union, or in other co-contracting countries to the agreement on the European Economic Area.
It is only in exceptional cases that your full IP address will be transferred to a Google server in the US and shortened there. Google will use this information on our behalf in order to evaluate your use of the website, to compile reports regarding website activities, and to provide us with further services that are related to website and internet usage. The IP address that your browser transmits within the framework of Google Analytics is not combined with other data from Google.
Any of your personal data that is collected in connection with Google Analytics will be deleted or anonymised after 14 months.
It is possible to stop cookies being saved on your computer by adjusting your browser software accordingly; however, it is important to note that if you choose to do this, you may not be able to use all the functionalities of the website to their full extent.
3.6. Google DoubleClick
Doubleclick by Google is a service by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).This function is only activated if you grant us your consent in accordance with Point a) of Art. 6(1) GDPR or Point a) of Art. 49(1).
Doubleclick by Google uses cookies to show you adverts that are relevant for you. It assigns your browser a pseudonymous identification number (ID) to check which adverts have been displayed in your browser and which adverts have been loaded. The cookies do not contain any personal information.
The use of DoubleClick cookies merely allows Google and its partner websites to display adverts on the basis of previous visits to our website or other websites. The information generated by the cookies will be transmitted to and stored by Google on a server in the USA for analysis. Data are transmitted by Google to third parties solely for compliance with legal stipulations or as part of contract data processing. In no event will Google compile your data with other data recorded by Google.
3.7. Google Tag Manager
Google Tag Manager is used on this website. Google Tag Manager makes it possible to manage website tags via an interface. The tag manager tool itself (which implements the tags) is a cookieless domain and does not contain any personal data. The tool makes it possible to trigger other tags, which may in turn record data. Google Tag Manager does not access these data. If deactivation takes place on domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
This function is only activated if you grant us your consent in accordance with Point a) of Art. 6(1) GDPR or Point a) of Art. 49(1).
3.8. Careers portal
Please do not send your application via e-mail; please use our encrypted career portal instead.When using our online recruitment portal, it is important to us that your personal data is protected to the greatest extent possible. All personal data that we collect and process as part of an application is protected against unauthorised access and manipulation through technical and organisational measures.
The legal basis for data processing with regard to your application is Art. 88 GDPR in connection with Section 26(1) Federal Data Protection Act (BDSG) as well as, where applicable, your consent to data processing.
The data controller – in the event of an application for a specifically
advertised position – is the company advertising, and their address details can be found in the advert in question. When applying for a specific position, your data will only be provided to other recruiters within the MAPAL corporate group if you consent to this when your data is recorded.
If you do not provide the necessary personal data, you cannot participate in the application process.
When you set up your general application profile on our platform, MAPAL Dr. Kress SE & Co. KG shall be the data controller in this respect. If you use an automatic CV reader from a third-party provider (such as XING or LinkedIn) and use it to transfer your details to the application management system, your personal data will also be collected, processed and used by third parties for the purpose of the application process. Before using automatic CV reading, separate consent to the processing of your personal data must be granted.
When you submit an application, it is ensured that your data are automatically erased from our systems as soon as the purpose for which we collected your data has been fulfilled. Routines are put in place to ensure that data are erased after the purpose for collection or the underlying storage period has expired. The following erasure deadlines are planned for this purpose:
- Application data for a specific position will be erased six months after a negative decision.
- If you have created a general profile on our platform, we will erase it automatically after twelve months if you do not update your profile yourself.
- In addition to automatic erasure, you have the option to delete your profile yourself at any time.
3.9. Social media
On our pages in social media (YouTube, Twitter, LinkedIn, Xing, kununu, Instagram, Facebook) we offer you, based on art. 6 para. 1 sentence 1 lit. f GDPR, comprehensive personal support and the possibility of remaining in contact with us. These media services collect, in certain circumstances, personal data, e.g. via the profile you have saved there.It cannot be excluded that data on every visitor to these pages will be collected by the companies listed above. For information on the purpose and scope of the collection of data and the further processing and utilisation of the data by these companies, as well as your related rights and the settings you can make to protect your privacy, please refer to the data privacy notices issued by:
- YouTube: https://www.google.de/intl/de/policies/privacy/
- Twitter: https://twitter.com/de/privacy
- LinkedIn: https://www.linkedin.com/static?key=privacy_policy
- Xing: https://www.xing.com/privacy
- kununu: https://privacy.xing.com/de/datenschutzerklaerung
- Instagram: https://www.instagram.com/legal/privacy/
- Facebook: https://de-de.facebook.com/privacy/explanation/
4. Your rights
Of course, you retain control over all the personal data you make available to us on visiting the website and using our services. The following rights are available to you; you can make use of these rights free of charge.4.1. Right to access
You have the right at any time to receive information, free of charge, about any of your personal data that we retain. This includes information regarding how long and for which purpose we process the data, where it comes from, and to which recipients or categories of recipients we transfer it. You can also obtain a copy of this data from us.4.2. Right to revoke consent granted
You have the right to revoke consent you have granted to process personal data at any time with effect for the future. If you revoke your consent, we will delete the related data without delay, provided further processing cannot be allowed on a legal basis for processing. The revocation of your consent does not affect the legality of processing undertaken up until revocation.4.3. Right to object
If we process your personal data in the context of a weighing of interests in our legitimate interest, you have at any time the right, for reasons based on your specific situation, to object to this processing with effect for the future.If you make use of your right to object, we will cease the processing of the related data. The right to continue processing is retained, however, if we can demonstrate compelling, legitimate reasons for the processing that outweigh your interests, fundamental rights and fundamental freedoms, or if processing is for the purpose of the assertion, exercise or defence of legal claims.
If we process your personal data for direct advertising, you have the right to appeal against the processing of your personal data for the purpose of such advertising.
4.4. Right to data portability
You have the right to request for your personal data to be transferred from us to another entity. Art. 20 GDPR sets out the relevant details and restrictions. The exercise of this right is without prejudice to your right of deletion.4.5. Right to rectification, deletion or restriction of the processing
You have the right to correct, delete or restrict the processing of your personal data.4.6. Right to lodge a complaint
You have the right to complain to a supervisory authority or our company if you should have a reason for complaint. To make use of rights in relation to our company, please contact the persons listed at the end of the data privacy statement.5. Retention period
Generally speaking, we retain personal data for as long as it is necessary for the purposes of processing, or we have a legitimate interest in such retention and your interests in not retaining the data do not outweigh our own. This means that we only retain your data for as long as this is necessary for the provision of our website and associated services, or for as long as we are legally obliged to retain your data. As soon as personal data is no longer required for the purposes of processing, or retention of this data is not legally permissible, we will delete any personal data without the data subject needing to intervene.Personal data that we are required to retain in order to fulfil our retention obligations will be retained until the end of the respective retention requirement. If we retain personal data exclusively for the fulfilment of retention requirements, any processing in this respect is generally restricted, so that the data can only be accessed if this should be necessary in relation to the legal obligation to retain data.
6. Automated decision making
In connection with the processing of your personal data as described in this data protection policy, we do not, as a matter of principle, use automated decision making (including profiling) in terms of Art. 22 GDPR. If we make use of such procedures in individual cases, we will naturally inform you of this separately.
7. Data security
We use the widespread SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. You can see whether an individual page from our website is transmitted encrypted by the closed depiction of the key or lock symbol in the status bar in your browser.We also make use of suitable technical and organisational measures to protect your data against accidental or wilful manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with the state-of-the-art.
8. Responsible for data collection
The Data Protection Office is responsible for the processing of personal data (in terms of Art. 4 (7) GDPR) and therefore responsible for any questions, requests for information, applications, complaints or criticism regarding our data protection:MAPAL Dr. Kress SE & Co. KG
Data protection department
Obere Bahnstraße 13
73431 Aalen
Germany
Data protection officer
The correct implementation of data protection in our organisation is undertaken by a data protection officer. If you have issues in relation to the processing of your personal data, you can also contact this officer directly:
datenschutz@mapal.com