Data security

Data Privacy Statement

We would like to inform about the collection of personal data when using our website. Personal data are all data that are personally identifiable to you, e.g. name, address, e-mail addresses, user behaviour. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

1 Responsible for data processing
Responsible according to art. 4 para. 7 EU General Data Protection Regulation (GDPR)
GFR - Gesellschaft für Regelungstechnik und Energieeinsparung mbH
Kapellenweg 42
33415 Verl
E-mail: datenschutz@gfr.de

 

2 Contact option of the data protection officer
You can contact our data protection officer at datenschutz@gfr.de or at our postal address with the addition "the data protection officer".

 

3 Your rights
You have the following rights towards us with regard to your personal data:
3.1 General rights
You have a right of access, rectification, cancellation, restriction of processing, objection to processing and data portability. If processing is based on your consent, you have the right to revoke this consent with effect for the future.
3.2 Rights in data processing according to legitimate interest
Pursuant to art. 21 para.1 GDPR, you have the right to object to the processing of your personal data at any time based on art. 6 para.1 e GDPR (data processing in the public interest) or Article 6 para.1 f GDPR (data processing to safeguard a legitimate interest) for reasons arising from your particular situation; this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
3.3 Rights in direct advertising
If we process your personal data for direct marketing purposes, you will have the right pursuant to art. 21 para. 2 GDPR to object at any time to the processing of your personal data for the purpose of such advertising, this also applies to profiling insofar as it is associated with such direct marketing.
In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
3.4 Right of appeal to a supervisory authority
You also have the right to complain to a competent data protection supervisory authority about our processing of your personal data.

 

4 Collection of personal data when visiting our website
When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is art. 6 para. 1 f GDPR:
The IP address, the date and time of the request, the time zone difference to Greenwich Mean Time (GMT), the content of the request (specific page), the access status/HTTP status code, the amount of data transmitted in each case, the website from which the request comes, the browser, the operating system and its interface, the language and version of the browser software.

 

5 Contact via e-mail or contact form
When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, if applicable your name and your telephone number) will be stored by us in order to answer your questions. If we use our contact form to request information that is not required to establish contact, we have always marked it as optional. These details serve us to concretise your inquiry and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, according to art. 6 para.1 a GDPR. If this involves information on communication channels (e.g. e-mail address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your request. You can of course revoke this consent at any time in the future. We delete the produced data arising in this context after the storage is no longer necessary, or limit the processing if statutory retention obligations exist.

 

6 Newsletter
6.1 General Information
With your consent according to art. 6 para. 1 a GDPR you can subscribe to our newsletter, with which we inform you about our current offers.
To subscribe to the newsletter offered on our website, you can register via our form. We use the so-called double opt-in procedure. A confirmation e-mail will be sent to your e-mail address with the request for confirmation. The registration only becomes effective when you click on the activation link contained in the confirmation e-mail. We use the data you transmitted to us exclusively for sending the newsletter, which may contain information or offers.
We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. It is forbidden for rapidmail GmbH to use your data for other purposes than for sending the newsletter. A passing on or a sale of your data is not permitted to rapidmail GmbH. Rapidmail is a German, certified newsletter software provider, which was carefully selected according to the requirements of the GDPR and the BDSG.
You can revoke your consent to the storage of the data and its use for sending the newsletter at any time, e.g. via the unsubscribe link in the newsletter.
6.2 Newsletter Tracking
We would like to point out that we evaluate your user behaviour when sending the newsletter. For this analysis, the e-mails sent contain so-called web beacons or tracking pixels, which are stored on our website. For evaluation purposes, we link the above data and web beacons to your e-mail address and an individual ID. Links received in the newsletter also contain this ID.
With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. While you are reading our newsletters, we record which links you click on and deduce your personal interests. We link this data to actions taken by you on our website.
The information is stored for as long as you have subscribed to the newsletter. We only store the data statistically and anonymously after a cancellation.
Such tracking is not possible either if you have deactivated the display of images in your e-mail program by default. In this case the newsletter will not be displayed completely and you may not be able to use all functions. If you display the images manually, the above mentioned tracking takes place.

 

7 Registration and use of the portal
You have the possibility to register with us and create a customer account. For registration we collect and store the following data from you:
•    Gender
•    First name
•    Surname
•    Company
•    E-Mail
•    Password

We use the so-called double opt-in procedure for registration, i.e. your registration is not complete until you have previously confirmed your registration via a confirmation e-mail sent to you for this purpose by clicking on the link contained therein. It is obligatory to provide the aforementioned data; all further information can be provided voluntarily by using our portal.
After your registration you will receive a personal, password-protected access. Registration is voluntary, but may be a prerequisite for using our services.
If you use our portal, we will store the data required to fulfil the contract until you finally delete your account. Furthermore, we store the data you provided voluntarily as long as you use the portal.

 

8 Online order service
When you place an online order on our website, we collect the data required for the order, which is immediately deleted from the online order service system after it has been recorded in our online merchandise management system.

 

9 Applications
You can apply to our company electronically, in particular via e-mail or web forms. Your details will of course only be used to process your application.
Your personal data will be deleted immediately after completion of the application process or after a maximum of 6 months, unless you have expressly given us your consent for a longer storage of your data.
Please note that unencrypted e-mails are not transmitted with access protection.
You can also apply online to our company via our application portal. Your online application will be forwarded directly to the HR department via an encrypted connection and will of course be treated confidentially. Your details will of course only be used to process your application. For the applicant management we use the software Umantis, Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg, to manage applications.
Further information on data processing in the context of the application procedure can be found in the data protection declaration of our application portal, at recruitingapp-5234.de.umantis.com/Vacancies/231/DataProtection/1.
Further information on data processing in the context of the application procedure can be found in the data protection declaration of our application portal.
If you have applied for a specific position and it has already been filled or if we consider you suitable for another position, we would be happy to forward your application within the company. Please let us know if you do not agree to a forwarding.
Your personal data will be deleted immediately after completion of the application process or after a maximum of 6 months, unless you have expressly given us your consent for a longer storage of your data or a contract has been concluded. The legal basis of this provision is art. 6 para. 1 a, b and f GDPR and § 26 BDSG.

 

10 Use of Cookies
When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard disk in the browser you use and through which certain information flows to the place that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They serve to make the internet services more user-friendly and effective.
This website uses the following types of cookies, whose scope and functionality are explained below.
10.1 Transient Cookies
These cookies are automatically deleted when you close your browser. This includes in particular the session cookies. These store a so-called session ID with which different requests of your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
10.2 Persistent Cookies
These cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies in the security settings of your browser at any time.
10.3 Prevention of cookies
You can configure your browser settings according to your wishes and refuse the acceptance of third party cookies or all cookies, for example. Please note that you may not be able to use all functions of this website then.

11    Website analysis
For the purpose of analysing and optimizing our websites, we use services described below. For example, we can analyze how many users visit our site, which information is most in demand or how users find the offer. Among other things, we collect data about the website from which a person has accessed a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. This helps us to design and improve our offers in a user-friendly way. The collected data is not used to personally identify individual users. Anonymous or at most pseudonymous data is collected. The legal basis for this is art. 6 para. 1 f GDPR.

11.1    Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The use includes the Universal Analytics mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyse a user's activities across devices. Google Analytics uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will shorten your IP address within member states of the European Union or in other countries of the agreement on the European Economic Area beforehand. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and internet use. Our legitimate interest in data processing also lies in these purposes. The legal basis for the use of Google Analytics is § 15 para. 3 TMG and Art. 6 para. 1 f GDPR. The data sent by us and linked with cookies, user IDs (e.g. user ID) or advertising IDs will be automatically deleted after the shortest possible storage period of 14 months. Data whose retention period has been reached is automatically deleted once a month. For more information on terms of use and data protection, please visit https://www.google.com/analytics/terms/gb.html or https://policies.google.com/?hl=en. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the https://tools.google.com/dlpage/gaoptout?hl=en. Opt-out cookies prevent the future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt-out on all used systems. If you click here, the opt-out cookie will be set: Disable Google Analytics

11.2    Google Tag Manager
For reasons of transparency, we would like to point out that we use the Google Tag Manager. The Google Tag Manager itself does not collect any personal data. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements used, among other things, to measure traffic and visitor behavior, to measure the impact of online advertising and social channels, to set up remarketing and targeting, and to test and optimise websites. We use the Tag Manager for Google Analytics. If you have made a deactivation, this deactivation will be considered by Google Tag Manager. For more information about the Google Tag Manager see: https://www.google.com/intl/de/tagmanager/use-policy.html.

12 Use of Google Maps
This website uses Google Maps API, a map service of Google Inc. "("Google"), to display an interactive map and to create route maps. Google Maps is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
By using Google Maps, information about your use of this website (including your IP address) may be transmitted to and stored by Google on servers in the United States. Google may transfer the information obtained through Maps to third parties.
Google will not associate your IP address with other Google data. Nevertheless, it would be technically possible for Google to identify individual users on the basis of the data received. It would also be possible that personal data and personality profiles of users of the Google website could be processed for other purposes over which we have neither any influence nor we could affect. You can disable the Google Maps service to prevent data transfer to Google by disabling JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display on our pages.
The Google Maps terms of use can be found under www.google.com/help/legalnotices_maps.html

 

13 Data transfer
A transfer of your data to third parties does not take place, unless we are legally obliged to do so, or the transfer of data is necessary for the execution of the contractual relationship, or you have previously expressly consented to the transfer of your data.
External service providers and partner companies such as online payment providers or the shipping company commissioned with the delivery will only receive your data if this is necessary to process your order. In these cases, however, the scope of the transmitted data is limited to the required minimum. As far as our service providers come into contact with your personal data, we ensure within the scope of the order processing according to art. 28 GDPR that these comply with the regulations of the data protection laws in the same way. Please also note the respective data protection provisions of the providers. The respective service provider is responsible for the content of external services, whereby we check the compliance of the services with the legal requirements within the scope of reasonableness.
It is important to us to process your data within the EU/EEA. However, we may use service providers who process data outside the EU/EEA. In these cases, we ensure that an appropriate level of data protection is established at the recipient prior to the transfer of your personal data. This means that a data protection level comparable to the standards within the EU is achieved via EU standard contracts or an adequacy decision, such as the EU Privacy Shield.

 

14 Data security
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

 

As of May 2018

Privacy Policy on our Facebook Fan Page

 

When you visit our Facebook fan page, we are jointly responsible with Facebook for the processing of your personal data. In the following, we will inform you about the associated data processing on our fan page, which does not affect Facebook's Terms of use:

 

1. Contact details of those in charge and joint responsibility in accord-ance with article 26 of the General Data Protection Regulation (GDPR)

Joint data controllers
GFR - Gesellschaft für Regelungstechnik und Energieeinsparung mbH
Kapellenweg 42
33415 Verl
E-Mail: datenschutz@gfr.de

and

Facebook Ireland Ltd.
4 Grand Canal Square , Grand Canal Harbour ,
D2 Dublin
Ireland

 

According to the European Court of Justice (ECJ), we are responsible for the processing of your personal data jointly with Facebook. The decision of the European Court of Justice of 05 June 2018 can be found here.

 

2. Appearance on the Facebook fan page

2.1 Scope of data collection and storage

  • User interactions (Postings, Likes, etc.);

  • Facebook cookies*;

  • Demographic data (e.g. based on age, place of residence, language or gender)

  • Statistical data on user interactions in aggregated form, i.e. without personal references (e.g. page activities, page views, page previews, likes, recommendations, contributions, videos, page subscriptions incl. origin, times of day)

You do not have to be a Facebook member to view the content on our Facebook fan page. However, Facebook processes data each time you visit our site.

When you visit our fan page, your browser connects to a Facebook server and, if applicable, transfers data to countries outside the European Union. In any case, regardless of whether you are registered on Facebook or not, your IP address will be transferred and cookies will be set. Further information on cookies and how you can prevent cookies from being set can be found in section 4.

According to Facebook, the cookies used by Facebook are used for authentication, security, website and product integrity, advertising and measurements, website functions and services, performance, analysis and research. Details about the cookies used by Facebook (e.g. names of cookies, function duration, recorded content and purpose) can be viewed here by following the links: https://www.facebook.com/policies/cookies/.

The use of your personal data for advertising purposes is particularly important for Facebook. We use the statistics function to find out more about the visitors to our fan page. Using this function enables us to tailor our content to the respective target group. We also use demographic information such as the age and origin of users in this way, although we are not able to identify any personal data here.

Facebook usually stores cookies on the user's device in order to provide the social media service in the form of our Facebook fan page and to use the Insight function.

These include session cookies, which are deleted when the browser is closed, and permanent cookies, which remain on the device until they elapse or are deleted by the user.

A cookie is a tiny text file that allows a website to recognise a browser. As a user, you can decide yourself via your browser settings whether and which cookies you want to allow, block or delete.

The cookies used by Facebook serve the purposes of authentication, security, website and product integrity, advertising and measurements, website functions and services, performance as well as analysis and research according to information provided by Facebook. Details on the cookies used by Facebook (e.g. names of cookies, function duration, collected content and purpose) can be seen by following the links: https://www.facebook.com/policies/cookies/. There you will also find the function to deactivate the cookies used by Facebook. You can also change the settings for your advertising preferences.

Additionally, but also at any time with effect for the future, the collection and storage of data through the use of the above-mentioned Facebook cookies can be objected to via the following opt-out link: http://www.youronlinechoices.com/de/praferenzmanagement/.

The preference management is cookie-based. If you delete all browser cookies, the preferences that have been set with the preference manager will also be removed.

 

2.2    Note on Facebook Insights

We use the Facebook Insights function for statistical evaluation purposes. In this context, we receive anonymous data on the users of our Facebook fan page. It is not possible for us to draw any conclusions about you as a person. Facebook Ireland Limited ("Facebook Ireland") has agreed to assume primary responsibility under the GDPR for the processing of Insights data and to comply with all obligations under the GDPR with respect to the processing of Insights data (inter alia articles 12 and 13 GDBR, articles 15 to 22 GDBR and articles 32 to 34 GDBR). Facebook Ireland will have sole authority to determine how Insights data will be processed and will perform its obligations under this Supplement to the Insights website. As the operator of the fan pages, the WIEDEMANN Group has no influence on how the data are processed.

 

2.3    Legitimate interests pursued, provided that the legal basis is art. 6 par.1 lit. f) GDPR

We see our legitimate interest in data processing in the presentation of our company and services to your information and in the provision of contemporary communication possibilities for and with our customers as well as the optimisation of our online offer.

 

2.4    Disclosure and use of personal data

Recipients or categories of recipients

Facebook

If you interact with Facebook, Facebook will of course also have access to your data. In particular, it is possible that Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA, may have access to your data. Facebook is located in an insecure third country where the level of data protection is lower. Facebook is subject to the EU/U.S. Privacy Shield to ensure an adequate level of data protection according to European standards.

You can view existing EU/US Privacy Shield certifications at https://www.privacyshield.gov/list. With the Implementation decision (EU) 2016/1250 of the EU Commission of 12 July 2016, the level of protection of the EU/US Privacy Shield is recognised as equivalent to the level of protection of the European Union in substance.

 

3. Your Rights

In particular with the effectiveness of the General Data Protection Regulation on May 25, 2018, you are entitled to the following rights, provided that the requirements specified in the law are met:

Right of access GDPR

Art. 15

Right to rectification

Art. 16

Right to erasure

Art. 17

Right to restriction of processing

Art. 18

Right to object

Art. 21

Right to data portability

Art. 20

Right to lodge a complaint with a supervisory authority

Art. 77

Right to withdraw with effect for the future, if consent has been given

Art. 7 par. 3

 

Pursuant to Art. 21 GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data which takes place on the basis of Article 6(1)(e) or (f) of GDPR. As a precaution, we would like to point out that this also applies to profiling based on these provisions.

If personal data are processed for the purpose of direct marketing, you have the right to object to the processing of your personal data for the purpose of such advertising at any time; this also applies to profiling insofar as it is connected with such direct marketing.

 

To exercise your aforementioned rights, please contact us by mail at the address below:

GFR - Gesellschaft für Regelungstechnik und Energieeinsparung mbH
Kapellenweg 42
33415 Verl
E-Mail: datenschutz@gfr.de

 

You can reach our data protection officer at datenschutz@gfr.de or our postal address with the addition "the data protection officer".

The exercise of your above rights is free of charge for you.

Choose target group