Data protection policy
STRASSBURGER Filter GmbH & Co. KG appreciates your visit to our website and your interest in our company and our products.
The protection of your privacy in the processing of personal data is an important task for us, which we take into account in all our business processes. In the following, we inform you regarding the processing of personal data as to the scope, manner, and purposes of the processing as well as your rights in this regard pursuant to Art. 13, 14 GDPR.
- General Information About Personal Data Collection
For purposes of this data protection policy, the following terms are defined as set forth below:
- “Personal data” means any information relating to an identified or identifiable natural person (“data subject”). A person is identifiable if he or she can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, an online identifier, location data or with the aid of information about his or her physical, physiological, genetic, mental, economic, cultural or social identity characteristics. The identifiability can also be given through a linkage of such information or other additional knowledge. The origin, form or embodiment of the information does not matter (even photographs, video or audio recordings may contain personal data).
- “Processing” means any operation that involves the handling of personal data, whether or not by automatic means (i.e., by technical means). This includes, in particular, the collection (i.e., acquisition), recording, organization, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or provision otherwise, alignment, combination, restriction, erasure or destruction of personal data, as well as the change of a purpose or intended purpose on which a data processing was originally based.
- “Controller” means the natural or legal person, public authority, agency or other body that alone or jointly with others determines the purposes and means of the processing of personal data.
- “Third party” means any natural or legal person, public authority, agency or other body other than the data subject, controller, processor, and persons who, under the direct responsibility of the controller or processor, are authorized to process the personal data; this also includes other group-affiliated legal entities.
- “Processor” means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller, in particular in accordance with the controller’s instructions (e.g., an IT service provider). In particular, a processor is not a third party in the sense of data protection law.
Contact details of the responsible party
The responsible party pursuant to Article 4 (7) of the EU General Data Protection Regulation (GDPR) is
STRASSBURGER Filter GmbH & Co. KG
represented by the Managing Director Ms. Julia Schnitzler
Osthofener Landstraße 14
67593 Westhofen/Rheinhessen, Germany
Phone: +49 (0) 6244 908000
III. Contact details of the data protection officer
The data protection officer of the responsible person is:
Name: Britta Barth
Address: STRASSBURGER FILTER GmbH + Co KG, Osthofener Landstrasse 14, 67593 Westhofen, Germany
Phone: +49 (0) 6244 9080012
Email: b.barth@strassburger filter.de
IV. Legal basis for data processing
In principle, any processing of personal data is prohibited by law and is only permitted if the data processing falls under one of the following justification statuses:
- 6 (1) lit. a GDPR (“consent”): If the data subject has voluntarily, in an informed manner, and unambiguously indicated by a statement or other unambiguous confirmatory act that he or she consents to the processing of personal data concerning him or her for one or more specific purposes;
- 6 (1) lit. b GDPR: If the processing is necessary for the performance of a contract to which the data subject is party, or for the performance of pre-contractual measures taken at the request of the data subject;
- 6 (1) lit. c GDPR: If the processing is necessary for compliance with a legal obligation to which the controller is subject (e.g., a legal obligation to keep records);
- 6 (1) lit. d GDPR: If the processing is necessary to protect the vital interests of the data subject or another natural person;
- 6 (1) lit. e GDPR: If the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or
- 6 (1) lit. f GDPR (“Legitimate Interests”): If the processing is necessary to protect legitimate (in particular legal or economic) interests of the controller or a third party, unless the conflicting interests or rights of the data subject override (in particular if the data subject is a minor).
For the processing operations carried out by us, we indicate below the applicable legal basis in each case. Processing may also be based on several legal bases; it is then lawful until the last of these legal bases is no longer fulfilled.
Data deletion and storage period
For the processing operations carried out by us, we indicate below in each case how long we will store the data and when it will be deleted or blocked. Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose of or legal basis for the storage no longer applies. Your data will only be stored on our servers in Germany.
However, storage may take place beyond the specified time period in the event of a (threatened) legal dispute with you or other legal proceedings or if storage is provided for by legal regulations to which we are subject as the responsible party (e.g., § 257 HGB, § 147 AO). If the storage period prescribed by legal regulations expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for it.
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
VII. Conditions for the transfer of personal data to third parties
In the context of our customer and business relationships, your personal data may be transferred or disclosed to third party companies. This is particularly the case if you give us your written consent or if we separately and expressly inform you that we will transfer your data to our sales partners. As a matter of principle, the data is only transmitted on an ad hoc basis. You can revoke your consent at any time without giving specific reasons.
Without consent, such processing will only take place to fulfill contractual and business obligations and to maintain your business relationship with STRASSBURGER Filter GmbH & Co. KG (legal basis is Art. 6 (1) lit. b or lit. f, in each case in conjunction with Art. 44 ff. GDPR).
The European Commission certifies data protection comparable to the EEA standard for some third countries by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be obtained here: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.html). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection, due to a lack of legal provisions. This applies in particular to the transfer of data to the USA. If this is the case, we always obtain your consent before transferring data (Art. 49 No. 1 lit. b GDPR). In addition, we ensure that data protection is guaranteed to the greatest extent possible. This is possible via binding company regulations, standard contractual clauses of the European Commission for the protection of personal data, certificates or recognized codes of conduct. Please contact our contact person for data protection if you would like to receive more detailed information on this.
VIII. Up-to-dateness of and changes to this data protection policy
This data protection policy is currently valid and has the status of February 19, 2021. Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this data protection policy. You can access the current data protection policy at any time on the website www.strassburger-filter.de/datenschutz/ and print it out.
- Collection and processing of personal data when visiting our website
- Informational use of our website
When using our website merely for informational purposes, i.e., if you do not register in a contact form or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 (1) sent. 1 lit. b) GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request came
- Operating system and its interface
- Language and version of the browser software.
II. Further functions and offers of our website/contact by email
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you will usually have to provide additional personal data that we use to provide the respective service and to which the aforementioned data processing principles apply. Only personal data such as your name, address, telephone number or email address that you voluntarily provide in our contact form for the execution of a contract or a request for information will be collected.
(2) When you contact us by email or via a contact form, the data you provide (your email address, if applicable your name, company, address, and your telephone number and fax number) will be stored by us in order to answer your questions or to process the contract concluded with you. We delete the data accruing in this context after storage is no longer required or restrict the processing if there are statutory retention obligations.
(3) Our websites may contain links to websites of other providers to which this data protection policy does not extend. This applies in particular to the inclusion of video clips on our website. Insofar as the collection, processing or use of personal data is associated with the use of the websites of other providers, please observe the data protection policy of the respective provider.
(4) In some cases, we use external service providers to process your data. They have been carefully selected and commissioned by us, are bound by our instructions, and are regularly inspected.
(5) Insofar as our service providers or partners have their registered office in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
Cookies, plug-ins, and other services on our website
(1) In addition to the previously mentioned data, cookies are stored on your computer when you use our website to track your preferences and to be able to optimally display the website accordingly. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which the entity that sets the cookie (in this case, us) receives specific information. Cookies cannot run programs or transfer viruses to your computer. They are used to make the Internet offering as a whole more user-friendly and effective and also help us to identify particularly popular areas of our Internet offering. This allows us to tailor the content of our Internet pages more specifically to your needs and thus improve our offering for you.
(2) Cookies may contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information about certain settings that cannot be related to a specific person. However, cookies cannot directly identify a user. A distinction is made between transient cookies (which are deleted as soon as you close your browser) and persistent cookies (which are stored beyond the individual session). In terms of the function of these cookies, a distinction is made between:
- Technical cookies: These are mandatory to navigate the website, use basic functions, and ensure the security of the website; they do not collect information about you for marketing purposes, nor do they store which web pages you have visited;
- Performance cookies: These collect information about how you use our website, which pages you visit and, for example, whether errors occur during website use; they do not collect information that could identify you – all information collected is anonymous and is only used to improve our website and find out what interests our users;
- Advertising cookies, targeting cookies: These are used to offer the website user tailored advertising on the website or third-party offers and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 2 years;
- Sharing cookies: These are used to improve the interactivity of our website with other services (e.g., social networks); sharing cookies are stored for a maximum of 2 years.
In addition, we will only share your personal data processed by cookies with third parties if you have given your express consent to do so in accordance with Art. 6 (1) sent. 1 lit. a GDPR. If the third party is located in a third country, the data will only be passed on if you have additionally consented to this in accordance with Art. 49 No. 1 lit. b GDPR.
(3) Technical cookies
Your browser uses technical cookies to establish a secure connection to websites with an “https” URL; data processing is therefore based on Art. 6 (1) lit. f GDPR. There are different versions of cookies for different security levels. Currently, the following cookies are used for this purpose:
(3) Performance cookies; advertising and targeting cookies
To improve the function of our website, we use the performance cookies listed below. In addition, we use the advertising and targeting cookies listed below for marketing and optimization purposes on our website.
You can object to the processing of your data by the cookies listed below at any time. Please use one of the following options to do so:
- You inform us that you wish to revoke your consent regarding individual or all cookies.
- Where available, you will use the options specified under the respective services.
Google Analytics (performance cookie)
We create pseudonymous usage profiles with the help of Google Analytics to tailor our web pages to your needs. Google Analytics uses targeting cookies that are stored on your end device and can be read by us. This enables us to recognize and count returning visitors as such and to learn how often our web pages have been accessed by different users. Data processing is based on Art. 6 (1) lit. a GDPR (consent).
The information generated by the cookie about your use of our website is usually transferred to a Google server in the USA and stored there. However, since we have activated IP anonymization on our website, your IP address will be shortened by Google beforehand within member states of the European Union. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and initially shortened there (for more information on the purpose and scope of data collection see, for example, www.google.de/intl/de/policies/privacy. We have concluded an order processing contract with Google LLC (USA) in accordance with Art. 28 GDPR. Accordingly, Google will use all information strictly for the purpose of evaluating the use of our web pages for us and compiling reports on website activity. Since the USA is considered a third country in the sense of the GDPR, data processing only takes place with your additional consent pursuant to Art. 49 No. 1 lit. b GDPR.
In particular, Google sets the following cookies if you agree to the use of Google Analytics and visit our websites
This helps us to count how many people visit our Internet presentation after you have already visited it.
This helps us to count how many people visit our Internet presentation after you have already visited it.
Used by Google Analytics to limit the request rate
Note: This list does not claim to be complete, as Google is constantly changing the cookies it uses. For a current list of cookies used, please visit https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.
You can also prevent the collection of data generated by the cookie and related to your use of our web pages (including your IP address) by Google and its processing by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
LXP (marketing cookie)
For marketing purposes and to optimize our range of services, we use products and services of 711media websolutions GmbH (https://www.711media.de/impressum.html). LXP records visitors by their fixed IP with the help of Matomo. Data processing is based on Art. 6 (1) lit. a GDPR (consent).
In doing so, we collect data that we and 711media process on our behalf.
The information generated by the cookie about your use of our website is transmitted to 711media websolutions GmbH (“711media”). This data is transmitted via Matomo. Since we have activated IP anonymization on our website, your IP address is shortened. We have concluded an order processing contract with 711media in accordance with Art. 28 GDPR. Accordingly, 711media will use all information strictly for the purpose of being able to record visitors to our website with a fixed IP.
In particular, LXP sets the following cookies when you agree to use LXP and visit our websites.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletters, we use newsletter service providers, which are described below.
This website uses the services of Mailchimp to send out its newsletters. The provider is the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. Among other things, Mailchimp is a service that can be deployed to organize and analyze the sending of newsletters. Whenever you enter data for the purpose of subscribing to a newsletter (e.g. your e-mail address), the information is stored on Mailchimp servers in the United States. With the assistance of the Mailchimp tool, we can analyze the performance of our newsletter campaigns. If you open an e-mail that has been sent through the Mailchimp tool, a file that has been integrated into the e-mail (a so-called web beacon) connects to Mailchimp’s servers in the United States. As a result, it can be determined whether a newsletter message has been opened and which links the recipient possibly clicked on. Technical information is also recorded at that time (e.g. time of access, IP address, type of browser and operating system). This information cannot be allocated to the respective newsletter recipient. Their sole purpose is the performance of statistical analyses of newsletter campaigns. The results of such analyses can be used to tailor future newsletters to the interests of their recipients more effectively. If you do not want to permit an analysis by Mailchimp, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. The data is processed based on your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation. The data deposited with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Collection/processing of personal data in business relationships
We process personal data received from you in the course of our business relationship in accordance with the following principles:
Scope/description of data processing
(1) In addition to the data provided by you in the course of our business relationship, we also process, insofar as it is necessary for the fulfillment of our contractual obligations or the provision of our service, personal data that we have permissibly received from third parties on the basis of consent granted by you or in order to safeguard our legitimate interests.
(2) If necessary, we process personal data that we have permissibly obtained from publicly accessible sources (in particular debtor lists, land registers, commercial and association registers, press, media) and are permitted to process.
(3) The personal data collected in the course of business relations are in detail the following data: Name, address, Email, fax, phone number. In addition, this may also include order data, data from the fulfillment of our contractual obligations, advertising and sales data, documentation data (in particular consulting or repair and service logs), register data, data regarding your use of our offered telemedia (in particular the time of accessing our websites or newsletters, clicked pages from us or entries).
(4) Personal data shall only be passed on to third parties if this is necessary for the performance of our contracts with you and the execution of your orders as well as all activities required in connection therewith and also pre-contractual measures (Art. 6 (1) sent. 1 lit. b) GDPR). Beyond that, we do not transfer your personal data to third parties for purposes other than those listed below. We only share your personal data with third parties if:
• You have given your express consent in accordance with Art. 6 (1) sent. 1 lit. a) GDPR,
• The transfer in accordance with Art. 6 (1) sent. 1 lit. f) GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in the non-disclosure of your data, and
• In the event that there is a legal obligation for the transfer in accordance with Art. 6 (1) sent. 1 lit. c) GDPR.
(5) Data will only be transferred to third countries (countries outside the European Economic Area – EEA) if this is necessary for the execution of your orders, is required by law or if you have given us your consent.
II. Purpose/legal basis for the collection of personal data in the context of business relationships
Personal data is processed in accordance with the requirements of GDPR and the German Federal Data Protection Act (BDSG):
(1) Your personal data is processed for the purpose of implementing our contracts with you and executing your orders as well as all activities required in connection therewith and also pre-contractual measures. The purposes of data processing are primarily determined by the specific content of the contract. The legal basis for data processing is Art. 6 (1) lit. b) GDPR.
(2) Insofar as necessary, we process your data beyond the actual fulfillment of the contract on the basis of Art. 6 (1) lit. f) GDPR for the protection of our legitimate interests or those of third parties. These are in particular:
• Testing and optimizing procedures for demand analysis and direct customer contact;
• Advertising or market and opinion research, insofar as you have not objected to the use of your data in this respect;
• Assertion of legal claims and defense in the event of legal disputes;
• Ensuring IT security;
• Measures for business management and further development of services and products.
(3) Insofar as you have given us your consent to process personal data for specific purposes (in particular, transfer of data and evaluation of data for marketing purposes), the data will be processed on the basis of Art. 6 (1a) GDPR
III. Duration of storage
We store your personal data only for the duration of the business relationship, including the initiation and processing of the business relationship and as long as it is necessary for the fulfillment of legal storage and documentation obligations. Finally, the storage period is also assessed according to the statutory limitation periods, which are generally three years, but in certain cases can be up to thirty years.
Collection/processing of personal data as part of our application process
If you apply to us in writing (by email, by postal mail), we process the data you provide, in particular:
- Surname and first name, address, email address, telephone and/or mobile phone number
- Curriculum vitae, marital status if applicable, religion if applicable, photo if applicable
- Qualification data, activities, assessments, disabilities if applicable
Purpose/legal basis for collecting/processing personal data as part of the application process
(1) We collect and process your personal data only for the purposes of your application for an employment relationship, to the extent that this is necessary for the decision on the establishment of an employment relationship with us and for purposes arising from possible future employment with STRASSBURGER Filter GmbH & Co. KG. The legal basis for this is § 26 of the German Data Protection Act (BDSG).
(2) Furthermore, we may process personal data about you insofar as this is necessary to defend asserted legal claims against us arising from the application process. The legal basis for this is Art. 6 (1) lit. f) GDPR; the legitimate interest is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
(3) Insofar as an employment relationship arises between you and us, we may, in accordance with § 26 (1) of the German Federal Data Protection Act (BDSG), further process the personal data already received from you for the purposes of the employment relationship if this is necessary for the performance or termination of the employment relationship or for the exercise or fulfillment of the rights and obligations of the employee representative body resulting from a law or a collective bargaining agreement, a works agreement or a service agreement (collective agreement).
II. Description of data processing
(1) Your data will be viewed by the HR department after receipt of your application. Suitable applications are then forwarded internally to the supervisors of the departments concerned.
(2) In the case of written applications (by email or post), your data will be entered into our password-protected applicant management system. Documents submitted as part of the application will be scanned. Internal forwarding to the responsible supervisor in the specialist department takes place either physically or by encrypted email.
(3) Your data will not be forwarded to third parties.
III. Duration of storage
(1) We store your personal data as long as it is necessary for the realization of the processing purposes and/or for the fulfillment of legal retention obligations.
(2) If you have not been selected for the position for which you have applied, we will delete your data 6 months after completion of the application process.
(3) In the event that an employment contract is concluded between you and us, your application documents will be included in the personnel file and stored at least for the duration of the employment relationship.
Objection to or revocation of the processing of your data
(1) If you have given your consent to the processing of your data, you may revoke this consent at any time. Such revocation will affect the permissibility of processing your personal data after you have expressed it to us.
(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will review the merits of the case and either discontinue or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
(3) Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your advertising objection using the following contact details: STRASSBURGER Filter GmbH & Co. KG, represented by the Managing Director Mrs. Julia Schnitzler, Osthofener Landstraße 14, 67593 Westhofen/Rheinhessen, Germany, Phone: +49 (0) 6244 908000, Email: firstname.lastname@example.org; see our legal information.
(4) You may object to the processing pursuant to Art. 21 GDPR, provided that the processing is based on Art. 6 (1) lit. e or lit. f GDPR. This is particularly the case if the processing is not necessary for the performance of a contract with you. Unless it is an objection to direct marketing, when you exercise such an objection, we ask you to explain why you do not want us to process your data as we have done. In the event of your justified objection, we will examine the merits of the case and either discontinue or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing;
II. Your rights as a data subject
In addition, you have the right to request
- information about your personal data processed by us pursuant to Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling and, if applicable, meaningful information about its details;
- pursuant to Art. 16 GDPR, to request the correction of inaccurate or incomplete personal data stored by us without undue delay;
- pursuant to Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
- pursuant to Art. 18 GDPR, to restrict the processing of your personal data if the accuracy of the data is disputed by you (the restriction then applies for the duration of the review), if the processing is unlawful and you refuse erasure, and if we no longer need the personal data but you need it to assert, exercise or defend legal claims;
- pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller; and
- pursuant to Art. 77 GDPR, to lodge a complaint with a supervisory authority. Usually, you can contact the supervisory authority for your usual place of residence or workplace or our registered office for this purpose, such as the data protection supervisory authority responsible for us: The State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate, Germany, currently: Prof. Dr. Dieter Kugelmann, P.O. Box 30 40, 55020 Mainz, Germany, Email: email@example.com.