Privacy policy

 

 

We are very pleased about your interest in our company. Data protection is a particularly high priority for the management of Maschinenbau Scholz GmbH & Co. KG. The Maschinenbau Scholz GmbH & Co. KG website can be used without providing any personal data. However, if a person concerned wishes to make use of special services offered by our company via our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for such processing, we generally ask for the agreement of the person concerned.

 

The processing of personal data, e.g. the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the general data protection regulation and in compliance with the country-specific data protection regulations applicable to Maschinenbau Scholz GmbH & Co. KG. By means of this data protection declaration, our company wishes to inform the public about the nature, scope and purpose of the personal data collected, used and processed by us. In addition, this data protection declaration is intended to inform affected persons of their legal rights.

 

As the responsible person for processing, Maschinenbau Scholz GmbH & Co. KG has implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions may in principle have security gaps, so that absolute protection cannot be guaranteed. For this reason, every affected person is free to transmit personal data to us by alternative means, such as fax or letter.

 

 

 

Responsible Body

 

Responsible party within the meaning of the General Data Protection Regulation (GDPR) (hereinafter: "we/us"):

 

Maschinenbau Scholz GmbH & Co. KG

Rottkamp 11

48653 Coesfeld / Germany

Tel. +49 2541 / 745 - 0

Fax +49 2541 / 82741

E-Mail: info@scholz-mb.de

 

 

 

Data Protection Officer

 

If you have any questions regarding the processing of your personal data or this privacy policy, please contact our data protection officer:

 

DSB Münster GmbH

Martin-Luther-King-Weg 42 – 44

48155 Münster

E-Mail: datenschutz@scholz-mb.de

Telefon: 0251 / 71879-0

 

 

 

§ 1 Information on the collection of personal data

 

(1) Following we provide information about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses.

 

(2) When you contact us by e-mail, the data you provide (your e-mail address, your name and telephone number if applicable) will be stored by us in order to answer your questions. We delete the data arising in this connection after storage is no longer necessary or restrict processing if there are legal obligations to retain data.

 

(3) If we use commissioned service providers for individual functions of our offer, we will inform you in detail about the respective processes below. In doing so, we will also state the specified criteria for the storage period.

 

 

 

§ 2 Privacy policy for business users

 

(1) Purposes for which the personal data is processed as well as the legal basis for the processing:

 

We process data in order to carry out business relations for the fulfilment of a contract or for the implementation of pre-contractual measures (Art. 6 Para. 1 letter b GDPR, e.g. in connection with the execution and administration of orders), to fulfil a legal obligation (Art. 6 Para. 1 letter c GDPR, e.g. commercial and tax law obligations to retain data in accordance with § 257 HGB and § 147 AO), to safeguard the legitimate interests of the person responsible or a third party (Art. 6 (1) lit. f GDPR, e.g. storage of data for a period of time appropriate to acquisition efforts or for the assertion of legal claims and defence in the event of legal disputes), and on the basis of the consent of the persons concerned (Art. 6 (1) lit. a GDPR, e.g. transfer of data to third parties).

 

(2) Sources and categories of personal data processed

 

We process personal data that we receive from you or from public sources such as directories, registers and credit or economic information agencies within the scope of our business relationship, in the main personal data, contact data (e.g. telephone number, e-mail address), area of activity or position, contract data, payment data, bank and creditworthiness data and sales data.

 

(3) Recipients or categories of recipients of personal data:

 

Within the company, access to the data is granted to those bodies, which need it to fulfil their contractual and legal obligations. Contract processors employed by us in accordance with Art. 28 GDPR may also process data for these purposes, e.g. IT or telecommunications service providers, cloud providers.

 

Outside the company, data may be passed on to companies in the logistics sector, service providers, suppliers, subcontractors, authorities, tax consultants, credit institutions, credit agencies, debt collection agencies, lawyers.

 

(4) Transfer to a third country (outside EU / EEA) or to an international organisation:

 

The transfer of personal data to a third country in the context of project implementation is generally based on an EU adequacy decision and the signature of standard data protection clauses, taking into account technical and organisational measures to comply with the EU data protection level. If the data is transferred to a third country that does not meet the above criteria, this is done in exceptional cases on the basis of a legal obligation or consent by the data subject(s).

 

(5) The duration of storage of personal data and the criteria for determination of duration:

 

The required personal data will be stored for the duration of the existence of warranty and guarantee claims. In addition, the personal data will be stored in accordance with the periods prescribed by law. Corresponding proof and storage obligations result from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods of retention and documentation specified there are six and ten years respectively. If the data is no longer required for the fulfilment of contractual or legal obligations, it is regularly deleted.

 

 

 

§ 3 Privacy policy for applicants

 

(1) The purposes for which the personal data is processed and the legal basis for the processing:

 

We process the data that you have sent us in connection with your application in order to check your suitability for the position (or other open positions in our companies, if applicable) and to carry out the application procedure.

 

The legal basis for processing your personal data in this application procedure is primarily § 26 BDSG. This allows the processing of data required in connection with the decision to establish an employment relationship.

 

Furthermore, we may process personal data about you to the extent that this is necessary to defend against legal claims asserted against us in the application process. The legal basis for this is Art. 6 para. 1 lit. f GDPR; the legitimate interest is, for example, a duty of proof in proceedings under the General Equal Treatment Act (AGG). Should there be any need for a longer-term storage (e.g. for further vacant positions or positions that become vacant), this will be done on the basis of your consent in writing (pursuant to Art. 6 para. 1 letter a GDPR).

 

Insofar as special categories of personal data within the meaning of Art. 9 Para. 1 DS-GVO are voluntarily communicated as part of the application procedure, their processing is additionally carried out in accordance with Art. 9 Para. 2 letter b DS-GVO (e.g. health data, such as severely disabled status or ethnic origin). If special categories of personal data within the meaning of Art. 9 (1) DS-GVO are requested from applicants as part of the application procedure, their processing is also carried out in accordance with Art. 9 (2) letter a DS-GVO (e.g. health data if this is necessary for the exercise of the profession).

 

(2) Sources and categories of personal data processed

 

We process personal data that we receive from you or recruiters in the course of the application process, such as in particular personal details (name, address and other contact details, date and place of birth, nationality), bank details (for the purpose of travel expense reimbursement), qualification documents (e.g. certificates, assessments and other evidence of training) and photographs.

 

(3) Recipients or categories of recipients of personal data:

 

Applicants who send us their applications by e-mail. Please note, however, that e-mails are generally not sent in encrypted form and that the applicants themselves must ensure that they are encrypted. We can therefore accept no responsibility for the transmission path of the application between the sender and the receipt on our server and therefore recommend that you use postal dispatch.

 

Your data will be sighted by the Human Resources department after receipt of your application. Suitable applications will then be forwarded internally to the responsible person for the vacant position in question, if necessary also to the works council. Within the company, access to your data is only granted to those persons who need it for the proper processing of our application procedure.

 

Otherwise, personal data is processed on our behalf on the basis of contracts in accordance with Art. 28 DS-GVO (order processing), this applies in particular to host providers or providers of applicant management systems. Within the framework of the application procedure, recruitment agencies may also be commissioned if necessary.

 

(4) Transmission to a third country (outside EU/EEA) or to an international organisation:

 

A submission to a third country does not take place and is not intended.

 

(5) The duration of storage of personal data and the criteria for determination of duration:

 

If no employment relationship is established following your application, we will retain applicant data for a maximum of six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act. This does not apply if legal provisions prevent deletion (e.g. archiving of travel expense reimbursements in accordance with tax regulations), if further storage is necessary for the purpose of providing evidence or if you have expressly agreed to longer storage. In the event that you have given your consent to further storage of your personal data, we will transfer your data to our pool of applicants. There the data will be deleted after one year.

 

Should you receive the acceptance of a position within the application procedure, the data will be transferred from the applicant data system to our personnel data system.

 

 

 

§ 4 Data protection information for online meetings with "Cisco WebEx Telekom

 

In the following we inform you about the processing of personal data in connection with the execution of online meetings using the video conference tool of "Cisco WebEx Telekom".

 

(1) Responsible person:

 

The person responsible for data processing in direct connection with the holding of "online meetings" is Maschinenbau Scholz GmbH & Co.KG.

 

Note: If you access the "Cisco WebEx Telekom" website, the provider of "Cisco WebEx Telekom" is responsible for data processing. However, you only need to call up the Internet site to use "Cisco WebEx Telekom" in order to download the software for use.

 

If you do not want to or cannot use the "Cisco WebEx Telekom" application, you can also use "CISCO WebEx Telekom" via your browser. The service will then also be provided via the "Cisco WebEx Telekom" website.

 

(2) the purpose of the processing:

 

We use the "Cisco WebEx Telekom" tool to conduct telephone conferences, video conferences and webinars (hereinafter: "online meetings"). "Cisco WebEx Telekom" is a service of Cisco Systems, Inc.

 

(3) Legal basis for data processing:

 

If personal employee data is processed by Maschinenbau Scholz GmbH & Co KG, § 26 BDSG is the legal basis for data processing. If, in connection with the use of "Cisco WebEx Telekom", personal data is not required for the establishment, execution or termination of the employment relationship, but is nevertheless an elementary component in the use of "Cisco WebEx Telekom", Art. 6 Paragraph 1 letter f of the DS-GVO is the legal basis for data processing. In these cases, we are interested in the effective implementation of "online meetings".

 

Insofar as the processing of personal data within the framework of the online meetings is necessary for the performance of a contract to which you are a party or is required for the implementation of pre-contractual measures taken in response to your request, Art. 6 Paragraph 1 letter b) DS-GVO serves as the legal basis for the processing of personal data.

 

If no contractual relationship exists, the legal basis is Art. 6 (1) lit. f) DS-GVO. Here too, we are interested in the effective implementation of "online meetings".

 

Should video and sound recordings be necessary in exceptional cases, this will be done exclusively on the basis of the consent you have given us in accordance with Art.6 Paragraph 1 lit. a) DS-GVO.

 

(4) Type and scope of data processing:

 

We use "Cisco WebEx Telekom" to conduct "online meetings". If we want to record "online meetings", we will inform you transparently in advance and - if necessary - ask for your consent. If it is necessary for the purposes of recording the results of an online meeting, we will log the chat content. However, this will generally not be the case.

 

Automated decision-making within the meaning of Art. 22 DS-GVO is not used.

 

The following personal data is processed when using "Cisco WebEx Telekom", whereby the scope of the data also depends on the information you provide before or during participation in an "online meeting":

 

User details (registration information): e.g. user name, activation and conference codes, e-mail address, first and last name, company, organisation ID, participant IP, profile picture (optional)

 

Configuration and communication data: e.g. device name, IP address, geodata, time zone, activity logs, hardware type

 

Conference information: e.g. date, time, duration, number of participants, dial-in method, diagnostic information

 

Text, audio and video data: You may be able to use the chat function in an "online meeting". To this extent, the text entries you make are processed in order to display them in the "online meeting". In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the "Cisco WebEx Telekom" applications.

 

(5) Receiver / transmission of data:

 

With regard to the processing of personal data in connection with participation in "online meetings", there is generally no transfer of data to third parties, unless the data is specifically intended for transfer. Please note that content from "online meetings" as well as personal meetings often serves the purpose of communicating information with customers, interested parties or third parties and is therefore intended to be passed on.

 

Other recipients are Telekom Deutschland GmbH on the basis of a contract processing agreement pursuant to Art. 28 DS-GVO and Cisco Systems Inc. as subcontractor.

 

(6) Data processing outside the European Union:

 

Cisco Systems, Inc. has its headquarters in the USA. Part of the processing of personal data collected when using WebEx therefore takes place in the USA. Telekom Deutschland GmbH has agreed standard contractual clauses with Cisco Systems, Inc. through which suitable guarantees are provided in principle in accordance with Art. 46 DS-GVO. In addition, the data is encrypted during transport via the Internet and is therefore protected against unauthorised access by third parties.

 

(7) Storage duration:

 

Your personal data that we process within the scope of your use of "Cisco WebEx Telekom" is generally deleted as soon as it is no longer required for the purposes for which it was collected. A requirement for storage may exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of the statutory storage obligations of 6 years under commercial law or 10 years under tax law, deletion only comes into consideration after the expiry of the respective storage obligation. If and insofar as the processing is based on your consent, the data will only be stored until you revoke your consent, unless there is also another legal basis for the processing.

 

 

 

§ 5 Rights of the data subject

 

(1) Towards us you have the following rights regarding the personal data concerning you:

 

  • Right to information:

In accordance with Art. 15 GDPR, you have a right to information whether we process personal data about you, the purposes for which we process the data, the categories of personal data we process about you, to whom the data may have been forwarded, how long the data may be stored and what rights you are entitled to.

 

  • Right of correction:

In accordance with Art.16 of the GDPR, you have the right to request without delay the correction of incorrect or incomplete personal data stored by us.

 

  • Right of deletion:

You have the right to demand, in accordance with Article 17 GDPR, the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

 

  • Right of restriction of processing:

You have the right to demand, in accordance with Art. 18 GDPR, the restriction of the processing of your personal data, if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or if you have lodged an objection to the processing in accordance with Art. 21 GDPR.

 

  •  Right of contradiction of the processing:

You have the right to revoke your consent to us at any time in accordance with Art. 7 Para. 3 GDPR. As a result, we may no longer continue to process the data, which was based on this consent in the future.

 

(2) You have the right to appeal to the supervisory authorities with a complaint regarding data protection. The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia.

 

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Cavalry St. 2-4

40213 Düsseldorf

Phone: 0211/38424-0

fax: 0211/38424-10

e-mail: poststelle@ldi.nrw.de

 

 

 

§ 6 Collection of personal data when visiting our website

 

(1) Our website is hosted by Jimdo GmbH, Stresemannstr. 375, 22761 Hamburg, Germany. If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f GDPR):

 

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access status/HTTP status code
  • Amount of data transmitted in each case
  • Website from which the request comes
  • Browser type
  • Operating system and its interface
  • Language and version of the browser software.

 

(2) In addition to the a.m. data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive in relation to the browser you are using and through which certain information is passed to the party that sets the cookie (in this case us). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

 

(3) Use of cookies:

 

a) This website uses the following types of cookies, the scope and function of which are explained below:

 

  • Transient cookies (in addition b)
  • Persistent cookies (c)

 

b) Transient cookies are automatically deleted when you close the browser. This includes in particular session cookies. These store a so-called session ID, which allows to assign different requests of your browser to the common session. This enables to recognise your computer when you return to our website. The session cookies are deleted when you log out or close the browser.

 

c) Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

 

d) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all the features of this website.

 

e) The Flash cookies used are not registered by your browser, but by your Flash plug-in. We also use HTML5 storage objects, which are stored on your end device. These objects store the required data independently of the browser you use and do not have an automatic expiry date. If you do not want Flash cookies to be processed, you must install a corresponding add-on, e.g. "Better Privacy" for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer cookie for Google Chrome. You can prevent the use of HTML5 storage objects by setting your browser to private mode. We also recommend that you regularly delete your cookies and browser history manually.

 

 

 

§ 7 Use of YouTube videos

 

(1) On our website we have integrated YouTube videos which are stored on http://www.youtube.com and can be played directly from our website. YouTube is a service provided by Google Ireland Limited, having its registered office at Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

 

These videos are embedded in "enhanced privacy mode", which means that no information about you will be transferred to YouTube if you do not play the videos. Only when you play the Videos will the data referred to in paragraph 2 be transmitted. We have no influence on this data transfer.

 

(2) By visiting the website, YouTube receives the information that you have called up the corresponding subpage of our website. In addition, the data mentioned in paragraph III. of this declaration is transmitted to YouTube. This takes place regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in at Google, your data will be assigned directly to your account. If you do not wish to be associated with your YouTube profile, you must log out before activating a video.

 

YouTube uses cookies, stores your data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide advertising that is tailored to your needs and to inform other users of the social network about your activities on our website. Irrespective of any reproduction of the embedded videos, every time one of our websites with YouTube videos is called up, a connection to the Google network "DoubleClick" is established, which triggers further data processing processes by Google, which we cannot influence.

 

You have a right of objection to the creation of these user profiles, and to exercise this right you must contact YouTube directly.

 

(3) The legal basis for the use of YouTube videos is Art. 6 (1) sentence 1 lit. a DS-GVO. Further information on the purpose and scope of data collection and its processing by Google can be found in Google's privacy policy: http://www.google.de/intl/de/policies/privacy.

 

There you will also find further information on your rights in this regard and setting options to protect your privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

 

 

 

§ 8 Integration of Gstatic

 

On our website a web service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Gstatic) is loaded.

 

We use this data to ensure the full functionality of our website. In this context your browser may transmit personal data to Gstatic. Legal basis for the data processing is art. 6 para. 1 lit. f DSGVO. The legitimate interest consists in an error-free function of the website. Google Ireland Limited has certified itself in the context of the EU-US-Privacy-Shield-Agreement (see https://www.privacyshield.gov/list). The data will be deleted as soon as the purpose of their collection has been fulfilled. Further information about the handling of the transferred data can be found in the privacy policy of Gstatic: https://policies.google.com/privacy

 

You can prevent the collection as well as the processing of your data by Gstatic by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find this for example at www.noscript.net or www.ghostery.com).

 

 

 

§ 9 Existence of an automated decision making process

 

As a responsible company, we avoid automatic decision making or profiling