Verarbeitung personenbezogener Daten
Responsible for data processing is
Owner: Rembert Winnecken e.K.
Steinfurter road 374
Phone: +49 (0) 251 / 144270
Provision of data
Data transfer to third countries
Automated decision making
If we use automated decision-making including profiling, we will inform you in this privacy statement about this circumstance, about the logic involved and the scope and intended effects of such processing. Otherwise, automated decision-making does not take place.
Processing for other purposes
As a matter of principle, data is only processed for the purposes for which it was collected. If, exceptionally, they are to be further processed for other purposes, we will inform about these other purposes prior to such further processing and provide all other relevant information (Art. 13 (3) DSGVO).
Each time our website is called up, the user’s browser transmits various data. For the duration of the visit to the website, the following data is processed and stored in log files even after the end of the connection:
- Browser type and version used
- Operating system
- Retrieved pages and files
- Amount of data transferred
- Date and time of retrieval
- Provider of the user
- IP address in anonymized form
- Referrer URL
The processing of this data is necessary to deliver the website to the user and to optimize it for his terminal device. The storage in log files serves to improve the security of our website (e.g. protection against DDOS attacks).
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to provide the website and improve website security. Log files are automatically deleted after 30 days.
Cookies, tracking pixels and mobile identifiers
On our website, we use technologies to recognize the end device used. These can be cookies, tracking pixels and/or mobile identifiers.
For a better understanding, we explain below in general how cookies, tracking pixels and mobile identifiers work:
Cookies are small text files that contain certain information and are stored on the user’s terminal device. In most cases, this is an identification number that is assigned to a terminal device (cookie ID).
A tracking pixel is a transparent graphic file that is embedded on a page and enables log file analysis.
A mobile identifier is a unique number (mobile ID) that is stored on a mobile device and can be read by a website.
Cookies may be necessary for our website to function properly. The legal basis for the use of such cookies is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to provide the functions of our website.
To obtain and manage consent from our users, we use Borlabs Cookie. It is a plugin for WordPress that does not transmit any personal data to a third-party provider. The following link can be used to change settings regarding the storage of cookies on our site: Change cookie settings
In the event of contact, we process the user’s details, date and time for the purpose of processing the inquiry, including any queries.
The legal basis for data processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to respond to the requests of our users. Additional legal basis is Art. 6 para. 1 UAbs. 1 letter b) DSGVO, if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.
The data will be deleted as soon as the request, including any queries, has been answered. We check at regular intervals, but at least every two years, whether any data accrued in connection with contacts is to be deleted.
Users have the option to sign up for newsletters on our site. In doing so, we process the data entered during registration in order to be able to send a confirmation email to the user’s email address. After confirmation, we process the data to be able to send newsletters. For the purpose of personalization, we may also process the user’s name if the user has provided it.
With the registration date and time as well as the IP address of the user are stored to be able to prove an entry. We continue to process this data for verification purposes after deregistration and delete it after three years at the end of the year.
To improve our content, we measure how successful our newsletters are, for example, how often users open them and which links are clicked. For this purpose, e-mails contain a tracking pixel. We do not track the activities of individual users.
The legal basis for the processing is the consent of the user according to Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, the processing is carried out according to Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Legitimate interests on our part are the sending of newsletters, the personalized addressing of the user and the proof that the user has registered for the newsletter.
We use Cleverreach to send out newsletters. Provider: CleverReach GmbH & Co KG, CRASH Building, Schafjückenweg 2, 26180 Rastede.
When users apply for a job, we process personal data for the purpose of the application process. In addition to the data submitted by the user, we process other data that is generated in the course of the application process (e.g., during an interview). Should we include data in an applicant pool, this will only be done on the basis of the user’s prior consent. In this case, the data will be processed beyond the conclusion of the application process so that contact can be made in the event of suitable job offers.
Applicant data is deleted three months after completion of the application process. In the case of inclusion in an applicant pool, the data is retained for a maximum of two years unless the consent given is revoked beforehand.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter b) DSGVO. In the case of consent given for inclusion in an applicant pool, the processing is based on Art. 6 para. 1 UAbs. 1 lit. a) GDPR. After termination of the application process, the processing is carried out on the basis of Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the defense against possible claims under the General Equal Treatment Act.
Other third party services
To analyze the use of our website, we use Google Analytics. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
In order to track the user’s activities on the website, a cookie is set on the end device. We use Google Analytics with the anonymize IP extension. The user’s IP address is automatically shortened before it is transmitted to servers in the USA. Among other things, the approximate geographic location, terminal device, screen resolution, browser, and pages visited, including the time spent on them, are evaluated.
Insofar as we obtain the consent of the user, the processing of data is based on the legal basis of Art. 6 para. 1 UAbs. 1 letter a) DSGVO. For the rest, it is based on Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is the optimization of our website, the improvement of our offers and online marketing.
The data collected by Google Analytics is automatically deleted after 14 months.
Google Hosted Libraries
To improve the speed of our website, we use Google Hosted Libraries. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
To establish a connection with the Google server, it is technically necessary to transfer the user’s IP address to Google. Google Hosted Libraries only sets cookies that are necessary to ensure security and prevent misuse.
The legal basis of the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Legitimate interest on our part is to shorten the loading times of our website.
We use the content delivery network (CDN) Cloudflare CDN. Provider: Cloudflare Inc, 101 Townsend Street, San Francisco, California 94107.
Content is loaded from servers of the CDN. In order for a connection to be established, it is technically necessary to transmit the user’s IP address.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to improve the speed and availability of our website.
To increase the security and availability of our website, we use the service reCAPTCHA. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
We use queries to ensure that actions on our site are not triggered by bots. For this purpose, it is technically necessary to transfer the user’s IP address to Google.
The legal basis for the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to ensure website security and protection from spam and abuse.
Google Tag Manager
We use Google Tag Manager to manage our website tags. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
The Tag Manager is a cookieless domain that triggers tags from various providers, which in turn collect data. Google Tag Manager does not access this data. In order to trigger tags, it is technically necessary to transmit the user’s IP address to Google.
The Google Tag Manager is used on the legal basis of Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest is to simplify the management of third-party services we use.
On our website we use Google Fonts. Provider: Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Fonts are loaded from the Google server. In order to establish a connection to the server, it is technically necessary to transmit the user’s IP address.
The legal basis of the processing is Art. 6 para. 1 UAbs. 1 letter f) DSGVO. Our legitimate interest lies in the reduction of loading times and a uniform presentation on different end devices.
Profiles in social networks
We are present in one or more social networks. Specifically, these are: Facebook or Instagram. When contacting us, we process personal data as described above under contact.
The providers of social networks process data in accordance with their privacy policies, which can be accessed here:
If a user is logged in with his account, the activities on our profile in the respective social network may be assigned to him. This can be done across devices and, if necessary, without a login, for example, using cookies or mobile identifiers. The providers of social networks use the collected data to create pseudonymized user profiles, which they can use in particular to play out personalized advertising.
Rights of data subjects
If personal data of the user is processed, he is a data subject in the sense of the GDPR. Data subjects are entitled to the following rights:
Right of access: The data subject has the right to obtain confirmation as to whether personal data concerning him or her are being processed. If personal data are processed, the data subject shall have the right to obtain free of charge information as well as a copy of the personal data that are the subject of the processing.
Right to rectification: The data subject has the right to request that inaccurate or incomplete personal data be corrected without undue delay.
Right to erasure: The data subject has the right to request immediate erasure of personal data concerning him or her in accordance with the law.
Right to restriction of processing: The data subject has the right to request restriction of the processing of personal data concerning him or her in accordance with the law.
Right to data portability: The data subject has the right to obtain the personal data concerning him or her in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.
Right to object: The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her which is carried out on the basis of Art. 6 para. 1 UAbs. 1 lit. e) or f) DSGVO; this also applies to profiling based on these provisions. If personal data are processed for the purposes of direct marketing, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing; this shall also apply to profiling insofar as it is related to such direct marketing.
Right of withdrawal: The data subject has the right to withdraw his or her given consent at any time.
Right to complain: The data subject has the right to complain to a supervisory authority.
prepared in cooperation with PRIGGE Recht.