The task of safeguarding your privacy is of immense importance to us. Accordingly, we proceed according to the statutory regulations of European and German data protection law regarding all data protection activities (e.g. collecting, processing and transmission).
The following statement provides you with an overview as to which of your data are requested on our websites, in what way such data are used and forwarded, in which ways and means you can obtain information on the information made available to us and what security measures we adopt to protect your data.
1. Who is your contact (“controller”) regarding your data protection activities?
The controller as contemplated by the regulations under data protection law for all data processing activities carried out via our websites is:
SCHENCK RoTec GmbH, Landwehrstraße 55, 64293 Darmstadt, +49 (0) 6151 – 32 2311, firstname.lastname@example.org.
In accordance with the statutory parameters, we have appointed a Data Protection Officer.
You will reach him at SCHENCK RoTec GmbH, Landwehrstraße 55, 64293 Darmstadt, +49 (0) 6151 – 32 2311, Data Protection Officer or under email@example.com.
Please address any inquiries you may have on the subject of data protection and the assertion of rights of data subjects (cf. below) to the previously specified address for the attention of our Data Protection Officer.
2. What data do we need for you for the use of our websites? What data are collected and stored in the course of their usage?
Personal data are all information referred to an identified or identifiable natural person (“data subject”), such as your name, your address, your telephone number, your date of birth as well as your IP address.
As a matter of principle, we collect and use personal data of our users only to the extent this is necessary to provide a functioning website as well as our content and services. The collection and use of personal data of our users regularly take place only after users have given their consent. An exception applies in those cases in which obtaining prior consent is not possible for factual reasons and the processing of data is permissible on the basis of statutory regulations.
When using our websites, the following data are recorded, with such storage serving exclusively for internal, system-related and statistical purposes, referred to as usage data:
- Information on the type and version of the browser used
- The user’s operating system
- The user’s Internet service provider
- The IP address (and/or network domain) of the user
- Date and time of access
- Websites from which the user’s system accesses our website
- Websites accessed by the user’s system via our website
- Duration of sessions
- Playback of media content on our website
- Adding the website to Favorites
- Sharing content on the relevant page via social media platforms
The data are likewise stored in the logfiles of our systems. Storage of such data along with other personal user data does not take place.
The legal foundations for temporary storage of data and logfiles are defined in Art. 6 (1) letter f GDPR.
The temporary storage of the IP address by the system is necessary to facilitate delivery of the website to the user’s computer. To this end, the IP address of the user must remain in storage for the duration of the session.
The storage of data beyond this, namely in logfiles, is carried out to ensure the functionality of the website. In addition, the data allow us to optimize the website and to ensure security of our information technology systems. An evaluation of data for marketing purposes does not take place in this context.
These purposes also reflect our legitimate interest in data processing pursuant to Art. 6 (1) letter f GDPR.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. In the case of data being recorded to make the website available, this happens when the relevant session has come to an end.
In cases where data are saved in logfiles, the IP addresses of the users are erased or pseudonomized so that any assignment reflecting the identity of the user making access is no longer possible.
The recording of data to make the website available and the storage of the relevant data in logfiles is of crucial importance to operating the website. Accordingly, there is no option for any user objections in this regard.
On our website, for certain content of our websites (e.g. download center, B2B workshop) we offer you the option of logging on with a user name and password. Registration for such services does not take place via the websites but is only possible after personal contact with our employees.
The legal foundations for data processing in such cases are Art. 6 (1) letter b GDPR for contractual transactions carried out in the B2B webshop and Art. 6 (1) letter f GFPR for the provision of information via our download center.
The legitimate interest in processing data pursuant to Art. 6 (1) letter F GDPR is reflected in the fact that confidential and internal corporate information may be made available via our information portals.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection.
This is the case for the data collected during the registration process, if the registration on our website is cancelled or modified.
This will also be the case for performance under an agreement or for the execution of pre-contractual measures if the data for execution of the agreement are no longer needed. Even after concluding the agreement, it may be necessary to store personal data of the contracting partner in order to comply with contractual or statutory obligations.
As a user, you may cancel the registration at any time. You can have your data in storage modified at any time. To do so for the B2B Webshop, please send an email message to firstname.lastname@example.org.
If the data are necessary for performance under an agreement or the execution of pre-contractual measures, premature erasure of data will be necessary only if this is not precluded by contractual or statutory obligations.
On some of our websites, we keep contact forms available for you, allowing you to conveniently contact us online and address your request to us.
On our websites, the following data are collected via the relevant contact forms:
Contact form on SCHENCK websites
- First name and surname:
- Email address
- Telephone number
Service request on SCHENCK websites:
- Customer information
- Contact person of the customer
- Street address
- Email address
- Telephone number
Online job application on SCHENCK websites:
- First name and surname:
- Street address
- Email address
- Telephone number
- Personal information in a resumé (curriculum vitae)
- Personal information in application letter
- Personal information in testimonials/certificates/other annexes
Turbobalancer Shop on SCHENCK websites
- First name and surname:
- Email address
- Street address
- Telephone number
- Schenk Customer No. (SAP)
- Fax number (optional)
Moreover, at the time of sending the message, the data and time of dispatch of the contact form will be stored:
For processing data, reference is made to this data protection statement when sending the relevant data.
Alternatively, on some websites it is possible to use the email address provided to make contact. In this case, the personal data of the user sent with the email message are stored.
We use your data solely to process your request and can contact you for this purpose under the contact data provided. Any use of such data for advertising purposes or any forwarding to third parties will occur only once you have explicitly agreed to such use.
The legal basis for processing data via the contact form or in the course of sending an email message is Art 6 (1) letter f GDPR. If the aim of making contact is to enter into an agreement, then the additional legal basis for processing is Art. 6 (1) letter b GDPR. In those cases in which the data are to be used for a job application process, the legal basis is Section 26 (1) of the [German] Federal Data Protection Act (BDSG neu).
The processing of personal data derived from the input screens enables us to process the contact details alone. In the event of contact being made by email, this is also based on the necessary legitimate interest in the processing of data.
The other personal data processed serve to prevent misuse of the contact form and to safeguard the security of our information technology systems.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. For the personal data derived from the input screens of the contact forms and those sent by email, this will be the case if the relevant conversation with you has come to an end. The conversation will end when it can be assumed in the circumstances that the factual situation in question has been finalized.
The personal data additionally collected during the dispatch process will be erased no later than seven days.
Right to object
You have the right to object to the processing or your personal data at any time. To this end, please contact our Data Protection Officer under the email address specified above. In such a case, the conversation cannot be continued.
All personal data saved in the course of the contact dialog will be erased in this case.
3. How are my data used and possibly transmitted to third parties, and for what purpose is this done?
We will use the personal data made available to you for answering your questions, making services available and for processing your order.
Any disclosure, sale or any other transmission of your personal data to third parties will take place only if such forwarding is necessary for contractual processing or for settlement purposes or collection of remuneration (e.g. forwarding agency or payment service providers) or if you have explicitly given your consent.
The legal basis for transmitting the data to third parties for contractual processing or for settlement purposes is Art. 6 (1) letter b GDPR.
Disclosure in cases ordered by law
We wish to advise that we are authorized by order of the competent public authority in each specific case to provide information on data to the extent that this is necessary for the purposes of criminal prosecution, for aversion of dangers by the police authorities of the federal states, in performance of the statutory tasks imposed by the federal and state constitutional protection authorities, the Federal Intelligence Service (Bundesnachrichtendienst) or Federal Counter-Intelligence (Militärischer Abschirmdienst) or for the enforcement of intellectual property rights.
4. Integration and use of social networks
Some of our websites feature links to the social media platforms Facebook, YouTube, Twitter, XING and LinkedIn. This is done via the relevant icon on our websites bearing the logo of each social media platform with a link to our social media page in question. Social plugins (such as the Facebook “Like” button) are not integrated in these cases.
Our links to the social media services do not cause any of your data to be transmitted to these services. These are normal hyperlinks, via which generally no data transmission takes place. Clicking on the link will take you directly to our social media presence with the respective social media service. Data transmission only takes place if you are logged onto your user account of the social media service in question. You can then link or share content from our websites directly with the social media service or, in the case of YouTube, you can watch the videos on our YouTube channels. In certain circumstances the social media services may find out what content you viewed while on our websites.
The entities responsible for the social media services linked to us exclusively are as follows:
- for YouTube and its website: YouTube, LLC, 901 Cherry Ave., St. Bruno, CA 94066, USA;
- for Twitter and its website: Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA;
- For XING , Kununu and its website: XING AG, Gänsemarkt 43, 20354 Hamburg, Deutschland.
- for LinkedIn, Slideshare and its website: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
You can obtain further information on the purpose and extent of data collection and the further processing and use of your data by the relevant social media service from the data protection provisions of the service in question. These can be retrieved from Internet under the following URLs:
- Vimeo: https://vimeo.com/privacy
- Twitter: https://twitter.com/privacy
- XING, Kununu: https://privacy.xing.com/de/datenschutzerklaerung
- LinkedIn, Slideshare: https://www.linkedin.com/legal/privacy-policy
Under the links mentioned, you will also find e.g. information on optional settings to protect your privacy and on your farther-reaching rights relating to the collection, processing and use of your data by the relevant social media service.
You yourself are responsible for data transmission to the above-mentioned social network services because by logging onto your social network account and following the link in question, you become actively involved as well, subsequently initiating the data processing by the relevant social network service.
For the purposes of Art. 26 GDPR, the Dürr Group operates a fanpage along with Facebook as joint controllers.
Whenever our fanpage is visited, some of the user’s personal data is collected (by using cookies, for example). This data is collected primarily by Facebook. Even visitors to this fanpage who are not logged in through Facebook are recorded. You will find information about data collection and other processing through Facebook in Facebook’s data privacy notice.
In individual cases, Dürr can see only the information which you have made public on your profile. You can decide in your Facebook settings which information to specify. You also have the option in your Facebook settings (https://www.facebook.com/settings?tab=privacy) to actively hide your “Likes” or stop following the fanpage. If you do so, your profile will no longer appear in the list of fans of this fanpage.
Dürr has no direct access to the data collected by Facebook. Instead, Facebook gives us only highly summarised (i.e., anonymous) evaluations, such as:
- Followers: Number of people following Dürr, including growth and development over a defined timeframe.
- Coverage: Number of people who see a specific post. Number of interactions on a post. And this indicates which content would be better received by the community, for example.
- Ad performance: How many people have seen an ad?
- Demographics: Average age of visitors, gender, residence, language.
We use these statistics (which cannot be traced to any particular user) to constantly improve our online services on Facebook and to better meet our users’ needs. The legal basis for these usage statistics is Art. 6(1)(f) GDPR.
We cannot connect the statistical data to any of our fans’ profile data. You can go to your Facebook settings to choose how targeted ads will be shown to you.
Dürr receives specific personal data through Facebook only if you have actively communicated them to us using a personal message on Facebook. We will then use your data (such as your first and last names) to answer your request in our customer support. Your data will be stored in our CRM system for this purpose. The legal basis for that storage will be Art. 6(1)(f) GDPR. The same applies if you send us your request through a Facebook form.
Since a fanpage has two controllers for the purposes of Art. 26 GDPR—the fanpage operator and Facebook—we have concluded an agreement with Facebook to that end:
Facebook Page Controller Addendum https://www.facebook.com/legal/terms/page_controller_addendum
We hereby inform you of how you can assert your rights as a data subject in this special case:
- If you have questions about the specific data which Facebook collects, please contact Facebook: Facebook’s Data Policy
- If you have questions or concerns about the Insight Data processed by Dürr, please contact our data protection officer. (refer to 1. Who is your contact (“controller”) regarding your data protection activities?); regarding your other rights as a data subject please refer to section 10. Rights of data subjects.
5.What security measures have we taken to protect your data?
We have adopted a large number of security measures to adequately protect personal data to the appropriate extent.
Our databases are protected by physical and technical measures as well as procedural measures that restrict access to information to specially authorized persons in conformity with this Data Protection Statement. Our information system is protected by a software firewall in order to prevent access from other networks connected to the Internet. Only employees who need the information to perform a certain task receive access to personal information. Our employees are trained in the field of security and data protection practices.
When collecting and transmitting data via our websites, we deploy the standardized SSL encryption technology. Personal data are protected within the scope of the order process via SSL encryption, identifiable by the padlock icon and the prefix “https.//” in the URL bar.
If a password is necessary for access to our websites, you should never allow third parties access to it and change it regularly. In addition, when accessing our websites you should not use the same password that you also use on other websites for password-protected access (email account, online banking, etc.). When you have left our pages, you should confirm the logout and close your browser to avoid unauthorized persons from obtaining access to your user account.
When communicating by email, we cannot guarantee full-scale data security.
6. Advertising messages by email (e.g. email newsletters)
In order to make additional information on our offering available to you, we offer newsletters on some of our websites. For processing of data in the newsletter mentioned below, your consent is obtained as part of the registration process and reference is made to this Data Protection Statement.
In connection with data processing for the purpose of sending information via our information services, no data are passed on to any third parties. The data will be used exclusively for sending the newsletter.
The legal basis for the processing of data after registration for these services by you is Art.6 para.1 letter a GDPR.
The purpose of collecting your e-mail address is to send you the newsletter.
The collection of other personal data as part of the registration process serves to prevent misuse of the services or of the email address used.
The data are erased as soon as they are no longer necessary to achieve the purpose of their collection. Your email address will be stored as long as the subscription to the information service is active.
You can cancel your subscription to the services at any time. To this end, each newsletter contains a corresponding notice.
This also makes it possible to revoke the consent to storage of personal data collected during the registration process.
Contact forms on SCHENCK websites
The contact forms provided by SCHENCK give you the opportunity to register for the SCHENCK mailing newsletter. For dispatch of the newsletter, the email address given by you in the respective contact form is used (cf. 2).
In addition, the following data are collected on registration for all services:
- Date and time of registration
7. Newsletter tracking
In some of our email messages we use a process known as newsletter tracking This results in an evaluation of the opening rate of the e-mails and a click evaluation within the newsletter. We use this technology to determine the degree of interest in specific topics and to measure the effectiveness of our communication measures. This also reflects our legitimate interest pursuant to Art. 6 (1) letter f GDPR. The relevant data are segmented and stored in anonymized format. We do not share such data with anyone and we do not attempt to link click-throughs to individual email addresses. The individual user data will be erased after creation of the anonymized overall evaluation – no later than 3 months.
Right to object
By exercising your right to object to the receipt of the newsletter (see link above), you can also object to the processing of your data for tracking purposes.
8. When visiting our websites, a cookie is stored on your computer. What does that mean?
We use so-called cookies on our websites. Cookies are small amounts of data in the form of text information that the web server sends to your browser. These cookies are only stored on your hard disk. Cookies can only be read by the server that previously stored them and receive information about what you have viewed on a website and when. Cookies themselves only identify the IP address of your computer and do not store any personal information, such as your name. The data stored in the cookies are not linked to your personal data (name, address, etc.).
The following data are stored and transmitted in the cookies:
- Browser settings regarding cookies (whether they are activated or not)
- Language settings of the user
- Log-in information
In this way, the following data can be transmitted, for example:
- Search terms entered
- Frequency of page views
- Duration of stay on individual pages
- Customer history
- Use of website functions
The user data collected in this way are pseudonymized by technical precautions. Therefore it is no longer possible to assign the data to the calling user. The relevant data will not be stored together with other personal data of the users.
You can decide yourself whether you want to accept cookies or not. Firstly, by changing your browser settings (usually under “Option” or “Settings” in the browser menus), you have the choice of accepting all cookies, being informed when a cookie is set or rejecting all cookies.
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para.1 letter GDPR.
The user data collected by technically necessary cookies are not used to create user profiles.
The analysis cookies are used to improve the quality of our website and its content. The analysis cookies enable us to learn how the website is used and can thus continuously optimize our offering.
These purposes also reflect our legitimate interest in the processing of personal data pursuant to Art. 6 (1) letter f GDPR.
Some of our services also use tracking bugs or tracking pixels. These are usually code snippets measuring only 1×1 pixels, which are able to identify and recognize your browser ID – the individual fingerprint of your browser. This allows the service provider to see when and how many users have accessed the pixel, or whether and when an e-mail was opened or a website visited.
To prevent web bugs on our websites, you can use tools such as webwasher, bugnosys or AdBlock. To prevent web bugs in our newsletter, please set your mail program so that no HTML is displayed in messages. Web bugs are also prevented when you read your emails offline. Without your explicit consent, we will not use web bugs to collect personal information about you or to transmit such information to third parties and marketing platforms without your knowledge.
9. Rights of data subjects
If your personal data are processed, you are a data subject as contemplated by the GDPR and you have the following rights in relation to the controller:
Information, rectification, limitation of processing and erasure
You have the right to free information about your personal data stored by us, their origin and recipients as well as the purpose of data processing via our websites at any time. Furthermore, you have the right to rectification, erasure and limitation of processing of your personal data, provided that the statutory requirements for this are met.
Right to data portability
You have the right to receive the personal data concerning you that you have provided to us as data controller in a structured, common and machine-readable format. We can fulfill this right by providing a csv export file of the customer data processed concerning you.
Right to information
If you have exercised your right to have the data controller rectify, erase or limit data processing, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of such rectification, erasure or limitation of processing unless this proves impossible or involves disproportionate effort.
You have the right in relation to the controller to be informed of such recipients.
Right to object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which may be processed in accordance with Art. 6 para.1 letter e or f GDPR; this also applies to profiling based on these provisions.
The controller no longer processes the personal data concerning you unless he or she can prove compelling reasons worthy of protection for the processing that override your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such marketing; this also applies to profiling, to the extent that it is associated with such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
You have the option to exercise your right of objection in connection with the use of information society services by means of automated procedures using technical specifications, notwithstanding the provisions of Directive 2002/58/EC.
Revocability of declarations of consent under data protection law
In addition, you may revoke your instances of consent being given at any time, with effect for the future, by contacting us at the contact details given above.
Automated decision-making in individual cases, including profiling
You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has legal effect against you or significantly impairs you in a similar manner. This does not apply if the decision
- is necessary for the conclusion of, or performance under, a contract between you and the controller,
- is admissible by law of the Union or of the Member States to which the person responsible is subject and such legal regulations contain appropriate measures to safeguard your rights, freedoms and legitimate interests, or
- is given with your explicit consent.
However, these decisions must not be based on special categories of personal data according to Art. 9 (1) GDPR unless Art. 9 (2) letter a or g GDPR is applies and appropriate measures have been taken to safeguard your rights, freedoms and legitimate interests.
In the cases referred to in (1) and (3), the controller must take reasonable measures to safeguard your rights, freedoms and legitimate interests, including at least the right to intervention by a person on behalf of the controller, to state your own position and to challenge the decision taken.
Right to object to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to object to a supervisory authority, in particular in the Member State in which you are resident, working or in which the alleged violation occurred, if you believe that the processing of personal data concerning you violates the EU Data Protection Regulation.
The supervisory authority to which the complaint has been lodged will inform the complainant of the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
10. Amendments to this data protection (privacy) statement
We reserve the right to amend this data protection statement for any reason and without prior notice. Accordingly, please inform yourself regularly on this page about possible changes to this data protection statement.