1. Data protection and data collection at Breuers Verpackungen GmbH
Who is responsible for the collection of data on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the legal disclaimer of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This can be data, for example, which you enter in a contact form.
Other data may be collected automatically or after obtaining your consent by our IT systems when you visit the website. This is especially the case for technical data (e.g. internet browser, operating system or time of the page view). This data is automatically collected each time you visit this website.
What do we use your data for?
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.
Which are your rights concerning your data?
You are at all times entitled to receive information on source, recipient and purpose of your stored personal data at no charge. You are also entitled to demand correction or deletion of this data. If you have given your consent for the data to be processed, you may revoke such consent at any time for future processing. You are also entitled to demand a restriction of the processing of your personal data under certain circumstances. In addition, you have a right of appeal before the competent supervisory authority.
Please feel free to contact us at the address specified in the legal disclaimer, if you have any questions on this or other aspects of data protection.
2. Hosting and Content Delivery Networks (CDN)
This website is provided by an external service provider (hosting service). The personal data collected on this website is stored on the servers of the hosting service. This data may include, but is not limited to, IP addresses, contact requests, metadata, communications data, contract data, contact details, names, website visits and other data generated through a website.
The hosting service is used for the purpose of fulfillment of our contracts with potential and existing customers (art. 6 sect. 1 lit. b GDPR) and for the sake of a secure, swift and efficient deployment of our online offering through a professional service provider (art. 6 sect. 1 lit. f GDPR).
The hosting service will limit the processing of your data to the extent required for the fulfillment of his service obligations and will follow our instructions concerning this data.
Conclusion of a contract for order processing
In order to ensure compliance with data processing regulations, we have concluded a contract for order processing with the hosting service provider.
3. General and mandatory information
We hereby expressly point out that the transmission of data via the Internet (e.g. by email) can be subject to security vulnerabilities. It is therefore impossible to safeguard the data completely against access by third parties.
Details of the responsible entity
The responsible entity for the processing of data on this website is:
Breuers Verpackungen GmbH
Phone: +49 2104 17110-0
“Responsible entity” means the natural or legal person which alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses etc.).
Withdrawal of your consent to data processing
Many data processing operations require your explicit consent. You may withdraw your previously granted consent at any time. The lawfulness of the data processing carried out prior to the withdrawal shall remain unaffected by such withdrawal.
Right to object to data collection under specific circumstances and to direct marketing (art. 21 GDPR)
If your personal data is processed for direct marketing purposes, you shall have the right to object to the processing of your personal data for the purpose of such marketing at any time. The same shall apply to profiling as long as it is connected to such direct marketing. If you object to the processing, your personal data will no longer be used for the purpose of direct marketing (objection under art. 21 sect. 2 GDPR).
Right of appeal to the relevant regulatory authority
In cases of breaches of the GDPR, the data subjects shall have a right of appeal to a regulatory authority, especially in the member state of their habitual residence, their workplace or the place of the suspected breach. The right of appeal shall apply without prejudice to other administrative or judicial remedies.
Right of data portability
You shall have the right to request the submission of data we process automatically based on your consent or for the performance of a contract to you or a third party in a common machine-readable format. If you request direct transfer of data to another responsible entity, the transfer will only be carried out as far as it is technically possible.
For reasons of security and for the protection of the transmission of confidential content, e.g. orders or requests you send us as the operator, this website uses a SSL/TLS encryption. You will recognize an encrypted connection when the address bar of the browser changes from “http://” to “https://” and shows an additional lock icon.
If SSL/TLS encryption is enabled, third parties are unable to read any data you submit to us.
Information, deletion and rectification
Within the limits of the applicable legal provisions, you are at any time entitled to request information on your stored personal data, its source and recipients as well as the purpose of the data processing at no charge and, where applicable, to request rectification or deletion of this data. Please feel free to contact us at the address specified in the legal disclaimer, if you have any questions on this or other aspects of personal data.
Right to restrict processing
You shall have the right to demand the limitation of the processing of your personal data. Please feel free to contact us at the address specified in the legal disclaimer, if you have any questions on this. The right to restrict processing shall aplly in the following cases:
- If you challenge the accuracy of personal data stored with us, we generally need some time to verify this. You shall have the right to demand the limitation of the processing of your personal data for the duration of this verification.
- If the processing of your personal data was or is unlawful, you shall have the right to demand the limitation of the data processing instead of deletion.
- If we no longer need your personal data, but you need it to execute, defend or raise legal claims, you shall be entitled to demand the limitation of the processing of your personal data instead of its deletion.
- If you have raised an objection in accordance with art. 21 sect. 1 GDPR, a balancing between your interests and our interests will be required. As long as it has not been determined whose interests shall prevail, you shall have the right to demand the limitation of the processing of your personal data.
Once you have restricted the processing of your personal data, this data can - besides its storage - only be processed following your consent or to raise, execute or defend legal claims or to safeguard another natural or legal person‘s rights or for reasons of substantial public interest of the European Union or a Member State.
4. Data collection on this website
Our website uses so called “cookies”. Cookies are small text files that do not cause any damage to your terminal device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your terminal device. Session cookies are deleted automatically at the end of your visit. Persistent cookies will be stored on your terminal device until you delete them or automatic deletion is carried out by your web browser.
Sometimes third-party companies can also store cookies on your terminal device when you visit our website (third-party cookies). This allows us or you the use of certain services that are provided by the third-party company (e.g. cookies for the purpose of providing payment services).
Cookies may serve different functions. Many cookies are technically necessary as certain website features could not be used without them (e.g. the shopping cart function or the displaying of videos). Other cookies serve the purpose of evaluating user behavior or displaying advertising.
Cookies required for the electronic communication process (necessary cookies) or for the deployment of certain features you may use (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies used for measuring the number of visitors) are stored in accordance with art. 6 sect. 1 lit. f GDPR, as long as no different legal basis is specified. The operator of the website has a legitimate interest in the storage of cookies to ensure the optimized deployment of their services without any technical errors. If consent to the storage of cookies was requested, the storage of the cookies concerned will be carried out exclusively based on this consent (art. 6 sect. 1 lit. a GDPR). The consent can be revoked at any time.
You can configure your browser to receive a notification when cookies are placed and accept cookies only in particular cases, reject the acceptance of cookies for certain cases or generally and activate automatic deletion of cookies when closing the browser. Disabling cookies may restrict the functionality of this website.
Cookie consent with CookieHint and Consent
Our website makes use of the cookie consent technology provided by CookieHint and Consent in order to request your consent to the storage of certain cookies on your terminal device. This technology is provided by reDim GmbH, Nußallee 7 F, D-63450 Hanau.
Server log files
The provider of the web pages automatically collects and stores information in so called “server log files” that your browser automatically submits to us. These are:
- browser type and version
- operating system used
- referrer URL
- host name of the accessing computer
- time of the server request
- IP address
This data will not be merged with data from other sources.
The collection of this data is based on art. 6 sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the error-free technical visualization and optimization of his website, which requires the collection of server log files.
Requests by contact form, email, phone or fax
If you contact us by our contact form, email, phone or fax, your request including all personal contact details arising from this contact (e.g. name, request etc.) will be stored with us and processed for the purpose of solving your request. We will not disclose this data without your consent.
The processing of this data is based on art. 6 sect. 1 lit. b GDPR, whenever your request relates to the performance of a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the efficient processing of the requests we receive (art. 6 sect. 1 lit. f GDPR) or on your consent (art. 6 sect. 1 lit. a GDPR), if it has been requested.
The data you submit to us in the course of contact requests remains with us until you request its deletion, revoke your consent to its storage or the purpose of the data storage ceases to exist (e.g. upon completion of the processing of your concern). Mandatory legal provisions, in particular legal retention periods, shall remain unaffected.
5. Plug-ins and tools
Google Web Fonts (local hosting)
This website uses so-called “web fonts” provided by Google in order to enable uniform display of fonts. Google Fonts are installed locally. No connection to Google servers will be established.
6. Audio and video conferencing
Our communication with customers includes the use of online conferencing tools. For details of the tools we use, please refer to the list below. If you communicate with us via online audio or video conferencing, your personal data will be collected and processed both by us and by the provider of the conferencing tool we use.
The conferencing tools will collect all the data you provide/use when using the tools (your email address and/or phone number). The conferencing tools will also process the duration of the conference, start and end (time) of the participation in the conference, number of participants and other “contextual information” associated with the communication process (metadata).
Furthermore, the provider of the tool will process all technical data required to facilitate the online communication activity. This includes in particular IP addresses, MAC addresses, device IDs, device types, operating system types and versions, client versions, camera types, microphones or loudspeakers and types of connection.
If content is shared, uploaded or otherwise made available within the tool, this content will also be stored on the tool provider‘s servers. Such content includes in particular cloud records, chat or instant messages, voice mails, uploaded pictures and videos, files, whiteboards and other information shared while using the service.
Please note that our control of the data processing operations of the tools used is subject to certain restrictions. Such control depends largely on the enterprise policy of the providers. You will find further information about the data processing of conference tools in the privacy policies of the tools used below this text.
Purpose and legal basis
Conferencing tools are used in order to communicate with potential or existing contractual partners or to offer certain services to our clients (art. 6 sect. 1 s. 1 lit. b GDPR). Furthermore, the tools are used to generally simplify and speed up communication with us and our company (legitimate interest within the meaning of art. 6 sect. 1 lit. f GDPR). If consent has been requested, the use of the tools is based on this consent. Your consent may be revoked at any time with future effect.
Storage period for conferencing tools
Data directly collected by us through video and conferencing tools will be deleted from our systems, if you demand its deletion, revoke your consent to the storage or the purpose of the data storage ceases to exist. Any stored cookies will remain on your terminal device until you delete them. Mandatory legal retention periods shall remain unaffected.
The storage periods for your data stored by providers of conferencing tools for their own purposes are beyond our control. Please contact the conferencing tool providers for further details.
7. Our own services
Handling of applicant data
In the following we will provide information about the scope, purpose and use of your personal data collected during the application process. We hereby confirm that we collect, process and use your data in accordance with applicable data protection law and all further legal provisions and that your data will be treated as strictly confidential.
Scope and purpose of the collection of data
If you provide us with your application, we will process your personal data associated with it (e.g. contact details and communications data, application files, notes associated with job interviews etc.) as required to take an employment decision. This is based on sect. 26 BDSG-neu (new German Federal Data Protection Act, on the initiation of an employment relationship), art. 6 sect. 1 lit. b GDPR (general initiation of contracts) and, if you have given your consent, art. 6 sect. 1 lit. a GDPR. Your consent may be revoked at any time. Within our company, your personal data shall not be shared with persons other than those involved in the processing of your application.
If your application is successful, the data you provided will be stored for the purpose of establishing employment in accordance with sect. 26 BDSG-neu and art. 6 sect. 1 lit. b GDPR in our data processing systems.
Data retention period
If we are unable to provide a job offer, or if you reject a job offer or withdraw your application, we reserve the right to store the data you provided based on our legitimate interest (art. 6 sect. 1 lit. f GDPR) for a period of up to 6 months after termination of the application procedure (rejection or withdrawal of the application). After this period, the data will be deleted and all physical documentation will be destroyed. This retention is in particular required for future reference in the event of disputes. If it is apparent that the data will be required after the expiration of the 6 month period (e.g. due to a possible or pending legal dispute), it will not be deleted until the purpose for the extended retention ceases to exist.
The retention can also be extended if you have given your consent (art. 6 sect. 1 lit. a GDPR) or if legal retention requirements impede the deletion.
8. Disclosure of data to third parties
- Suppliers and subcontractors
- Individual service providers (including processors), e.g. banks, IT providers etc.
- Business partners, especially external consultants, experts etc.
- Authorities and courts, if required
These third parties are usually based in the EU. However, in certain circumstances data may also be transferred to other countries/third countries outside the EU/EEA. Such processing is based on our legitimate interest, your consent or the performance of contracts.
Where necessary, we have concluded appropriate processing contracts in accordance with article 28 GDPR. The data processors undertake to comply with data protection and data security provisions in these contracts. They also grant us comprehensive audit and monitoring rights, rights of access and rectification and deletion rights.
Information on disclosure of data to the US