Privacy Statement

Table of contents

  1. General information about data protection
  2. Privacy policy for website
  3. Information for applicants
  4. Information for business partners

1. General information about data protection


1.1 Information about the responsible party:

WS Warmsener Spezialitäten GmbH
Bohnhorster Straße 17
31606 Warmsen

Protecting your personal data is particularly important to us. Your personal data is processed under the data protection regulations, in particular the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG - new).

The following information provides an overview of the nature, extent and purpose of the collection, processing and transmission of personal data and the security measures used to protect this data.

Personal data is individual information about personal or factual circumstances of an identified or identifiable natural person, such as your name, address, telephone number, date of birth, and email and IP address.

1.2 Legal bases for processing personal data

  • Art. 6(1)(a) EU GDPR is the legal basis for the processing of personal data, provided we obtain the consent of the data subject. In accordance with Art. 7(3) EU GDPR, you can withdraw your consent to the processing of your personal data at any time for the future.
  • Art. 6(1)(b) EU GDPR is the legal basis for the processing of personal data that is required for the performance of a contract or for the implementation of pre-contractual measures.
  • Art. 6 (1)(c) EU GDPR is the legal basis when the processing of personal data is necessary to fulfil a legal obligation to which our company is subject.
  • Art. 6 (1)(f) EU GDPR is the legal basis when the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. In this case you have the right to object under Art. 21 EU GDPR.

1.3 Data erasure and storage period

Personal data will be deleted as soon as the purpose of storage ceases to apply. Your personal data may be stored beyond this if our company has to abide by legally prescribed retention obligations.

1.4 Your rights

Upon written request, we will inform you in accordance with Art. 15 EU GDPR and our legal obligation under Art. 12 EU GDPR whether and which of your personal data is processed or stored by us. Furthermore, you have the right to rectification of incorrect data under Art. 16 EU GDPR, right to data portability under Art. 20 EU GDPR, right to erasure of your personal data under Art. 17 EU GDPR – provided that there are no legal retention obligations to the contrary – as well as the right to restriction of processing under Art. 18 EU GDPR. Furthermore, you have the right to lodge a complaint with the competent supervisory authority under Art. 77 EU GDPR.

You also have the right to object under Art. 21 EU GDPR.

Of course, you have the option to withdraw your consent at any time with future effect under Art. 7(3) EU GDPR. To do so, please contact us at the contact address provided below.

If you have any questions regarding the processing of your personal data, you can contact our data protection officer, who is also available in the event of requests for information, suggestions, or complaints.

Data protection officer at
WS Warmsener Spezialitäten GmbH
Bohnhorster Straße 17
31606 Warmsen
E-Mail: datenschutz@uelzena.de

1.5 Changes to our privacy policy

To ensure that our privacy policy always complies with the current legal requirements, we reserve the right to make changes without notice. This also applies in the event that the privacy policy has to be adapted due to new or redesigned products, for example new services.

Version: 2021
 


2. Privacy policy for website


2.1 Provision of the website

Use of hosting service providers

Our website is hosted on servers located in the EU by a hosting service provider on the basis of a data processing agreement in accordance with Art. 28 EU GDPR. As part of its services, the hosting service provider may have access to personal data of our users, in particular to technical data that is generated as part of the technical communication between you and our website (e.g. server log files). The provider may not use this data for their own purposes. The use of a hosting service provider is based on our legitimate interests in accordance with Art. 6(1)(f) EU GDPR in the provision of infrastructure and platform services, computing capacity, email dispatch and security services.

Server log files

When you visit our website or use its services, the device you use to access the site automatically transmits log data (connection data) to our server. The relevant information consists of

  • type and version of the browser you are using,
  • type and version of the operating system you are using,
  • referrer URL of the page from which you arrived at our website,
  • date and time at which you accessed our website,
  • name of the sub-pages you accessed,
  • IP address of your computer system,
  • transmitted data volume.

The collected data is used exclusively for statistical evaluations for the purpose of operation, security and optimisation of the offer. For security reasons, however, we reserve the right to subsequently check the log data if there is a justified suspicion of illegal use based on concrete indications. The data will not be stored longer than necessary for this purpose. This collection is based on our legitimate interests in accordance with Art. 6(1)(f) EU GDPR.

Cookies

We use so-called cookies in several areas of the website to identify visitors' preferences and to be able to optimally design an attractive website. This enables us to offer a user-friendly website with easy navigation. Processing through cookies represents a legitimate interest under Art. 6(1)(f) EU GDPR (optimisation and economic operation of our online offer). In addition, the legal basis is Art. 6 (1)(a) EU GDPR, insofar as we require your consent for the use of cookies (including for marketing or analysis purposes).

Cookies are small text files that are automatically created by your browser and stored on your device when you visit our website. Cookies do not harm your computer and do not contain viruses. Most of the cookies we use are deleted at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer the next time you visit us (so-called persistent cookies). Thanks to these files, it is possible, for example, to have information displayed on the page that is specifically tailored to your interests.

You can set your browser to notify you when cookies are placed. This makes the use of cookies transparent for you. If you completely exclude the use of cookies, you may not be able to use some functions on this website.

Usercentrics: As a cookie consent management platform, we use the consent management service of Usercentrics. The provider is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany. The purpose of data processing is to comply with legal obligations and to store consent. The legal basis is Art. 6(1)(c) EU GDPR. The consent data (consent given and revocation of consent) is stored for three years. For more information on the processing of your data at Usercentrics, please see the data protection provisions at www.usercentrics.com/privacy-policy

Security of your data

We use technical and organisational security measures to adequately protect the data you provide against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. For example, we use SSL encryption to transmit confidential content, such as inquiries that you send to us as the site operator. You can recognise an encrypted connection by the address line of the browser changing from 'http://' to 'https://' as well as by the padlock symbol in your browser address bar. If SSL encryption is activated, the data you transmit to us cannot be read by third parties. We keep improving our security measures in line with the state of the art.

2.2 Contact

If you contact us (e.g. via contact form, email, telephone, social media), your personal data will be stored and processed by us for the purpose of handling the request and any associated follow-up questions in accordance with Art. 6(1)(b) EU GDPR (in the context of pre-contractual/contractual measures) or in accordance with Art. 6(1)(f) EU GDPR (general inquiries). We do not disclose this data without your respective consent.

The data you provide will remain with us until you request that we delete it, object to its storage, or the purpose for storing the data no longer applies (i.e. after we have completed processing your inquiry), provided that this is not in conflict with any statutory retention obligations.

2.3 Analysis tools

The analysis measures listed below and used by us are carried out on the basis of Art. 6(1)(a) EU GDPR (consent). By using these analysis measures we want to ensure the appropriate design and ongoing optimisation of our website. We use the analysis tools to record website use in a pseudonymised manner and evaluate this for the purpose of optimising our offer.

You can revoke your consent at any time with future effect.

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Google Analytics uses so-called cookies. These are text files that are stored on your computer. They make it possible to analyse your use of the website. User and event data are automatically deleted after 14 months.

  • IP anonymisation

We have activated the IP anonymisation function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google uses this information to evaluate your use of the website, to compile reports on website activity and to provide us with other services related to website and Internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

  • Browser plug-in / prevention of data collection

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that, if you do this, you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugging available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB

For more information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en

  • Data processing agreement

We have entered into a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

2.4 Third-party content and services

Links to third-party websites

Based on our legitimate interest, we may include links to other providers that complement our offer within this online offer. When calling up websites that are referred to within this website, information such as name, IP address, browser properties, etc. may be requested again. This privacy policy does not regulate the collection, disclosure or handling of personal data by third parties. In this context, please note the specific privacy statements of the individual third-party providers and service providers whose links we include in our website.

Google Tag Manager

Our website uses Google Tag Manager. Google Tag Manager is a solution from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland with which we can manage website tags via an interface. The tool itself (which implements the tags) is a cookie-less domain that does not collect any personal data. Google Tag Manager triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a user has deactivated cookies at the domain or cookie level, activation remains in place for all tracking tags implemented with Google Tag Manager. The tags used are individually named below. You can customise the settings for these tags in the privacy settings, for example, by deactivating cookies for these elements.

2.5 Social Media 

We maintain publicly accessible online presences in social networks to communicate with customers and interested parties that are active on these platforms as well as to present our services.

We would like to point out that user data may be processed outside the European Union. Furthermore, user data is usually processed for market research and advertising purposes. To the best of our knowledge, the providers also use cookies that store your user behaviour (also across different devices). This allows targeted advertising to be presented within the framework of the provider's own platform as well as on third-party sites.

The processing of the user's personal data is based on our legitimate interest to provide users with effective information and communicate with users under Art. 6(1)(f) EU GDPR. If users are asked for their consent to data processing by the respective providers of the platforms or if users voluntarily send information to our online presences, the legal basis of the processing is Art. 6(1)(a) EU GDPR in conjunction with Art. 7 EU GDPR. If this information contains contract-relevant content, Art. 6(1)(b) EU GDPR serves as the legal basis.

For a detailed description of how the respective providers process your personal data and your opt-out options, please refer to the information of the providers at the links below.

Regarding requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to users' data and can take appropriate measures and provide information directly. If you still need help, do not hesitate to contact us.

2.6 Minors

We generally address persons of legal age with our online offer. Personal information of persons who have not yet reached the age of 16 may only be made available to us with the express consent of the legal guardian (Art. 8 EU GDPR). Processing without the consent of the legal guardian is not permitted. We therefore reserve the right to delete all data relating to minors if we do not have the consent of a legal guardian.
 


3. Information for applicants


3.1 Purpose and legal basis for collection and processing

Your data will be processed by us for the purpose of processing your application in accordance with Art. 88 EU GDPR in conjunction with Art. 26 BDSG-new. If special categories of personal data within the meaning of Art. 9(1) EU GDPR are voluntarily disclosed during the application process, their processing is additionally carried out in accordance with Art. 9(2)(b) EU GDPR.

3.2 Recipients of your data

Recipients of your data are the parties involved in the human resources process (including human resources, managers and department heads) of the responsible party. Your data will be treated as strictly confidential and will not be passed on to third parties without your respective consent. There are no plans to transfer your data to third countries or international organisations.

3.3 Storing your data

Your application data will be deleted 180 days after the position has been filled. If you are also interested in future advertised positions, we require your written consent to store your application documents for a longer period of time. Under Art. 7(3) EU GDPR, you can withdraw this consent for the future at any time. To do so, please send an email with the corresponding note to the contact address given above.
 


4. Information for business partners


4.1 Purpose and legal basis for collection and processing

Primarily, data processing is used to establish, implement, and terminate the contractual relationship. The primary legal basis for this is Art. 6(1)(b) EU GDPR. Without using your data in this way, it is not possible to create a business relationship between you and us.

We also process your data on the basis of Art. 6(1)(f) EU GDPR to protect our legitimate interests or those of third parties (e.g. authorities). This may be necessary, for example, to maintain IT security and IT operations or for purposes of corporate management, internal communication and other administrative purposes. You may object to this processing by stating specific reasons in accordance with Art. 21 EU GDPR.

In addition, we process your data to fulfil legal obligations such as regulatory requirements, commercial and tax retention obligations or documentation obligations. The legal basis for this is Art. 6(1)(c) EU GDPR in conjunction with the nationally applicable laws.

In individual cases, we may also process your data on the basis of your separate consent granted to us in accordance with Art. 6(1)(a), 7 EU GDPR (e.g. as part of the registration for our newsletter or the publication of photos and videos). You are always free to decide whether you wish to give your consent. Once you have given your consent, you can withdraw it at any time with effect for the future. To do so, use the link provided in the respective action or send corresponding requests to the contact address given above.

If we process your personal data for a purpose not mentioned above, we will inform you in advance.

4.2 Recipients of your data

Within our company, your personal data is only received by those persons who need it to fulfil our contractual and legal obligations. In addition, we sometimes use different service providers to fulfil these obligations and so it may be necessary to disclose your personal data to other recipients outside the company, insofar as this is necessary to fulfil our contractual and legal obligations. These third parties may be, for example, authorities, financial institutions, suppliers etc.

We sometimes use external service providers for the technical processing of your data. We may transfer and process the data outside the country in which you reside / have your company headquarters or in one of the countries in which we operate. These may also be located outside the European Economic Area (EEA). If we transfer personal data to service providers or companies outside the EEA, your data is only transferred if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate data protection guarantees (e.g. binding corporate data protection regulations or EU standard contractual clauses) are in place. You can also request detailed information using the contact information above.

4.3 Storing your data

We only store your personal data for as long as it is required for the above-mentioned purposes. After termination of the contractual relationship, your personal data will be stored for the time period we are legally obliged to do so. This regularly results from legal record keeping and retention obligations, which are regulated, among other things, in the German Commercial Code (Handelsgesetzbuch) and the German Fiscal Code (Abgabenordnung). These obligations result in storage periods of up to ten years. In addition, personal data may be retained for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years).