General Data Protection Regulation (GDPR)

DAMBACH Lagersysteme respects your privacy

DAMBACH Lagersysteme GmbH & Co. KG (“DAMBACH Lagersysteme”) thanks you for visiting our internet site and for your interest in our company and products.

 

(Last revision: October 2019)

 

We value the protection of personal data and have made it part of our corporate policy. This data privacy statement will inform you, as a visitor to our internet presence, about what data will be collected, processed and used when you use our websites.

 

1. Controller for the data processing

The controller in charge of legally collecting, processing and using your data is:

DAMBACH Lagersysteme GmbH & Co. KG

Hardrain 1

76476 Bischweier, Germany

Tel. +49 (0) 72 22 9660-0

Fax.: +49 (0) 72 22 9660-109

Email: info(at)dambach-lagersysteme.de

 

2. Processed data and purpose of processing

2.1. During a website visit

When our website is called up, the browser used on your end device automatically sends information to our internet site’s server. This includes the name of the sites you have retrieved, the type of browser and operating system you use, the website from which our internet site was accessed, the date and time of access, the Internet Protocol address (IP address), the internet service provider, and other comparable data.

We process these data to ensure the website has smooth connections, troubleshoot technical problems, and prevent and track misuse of our services.

The legal basis for this data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest arises from the aforementioned purposes for data collection. We will never use the collected data to identify you personally.

Moreover, we use cookies and analysis services when our internet site is visited. You can find more detailed explanations of this under items 4 and 5 of this data privacy statement.

 

2.2 When using our contact form

If you have questions about our company and products, we offer you the chance to contact us quickly by using a form provided on the website. To do so, you must provide your name and a valid email address so we can handle your inquiry properly. You are also free to provide additional information voluntarily. The personal data transmitted to us in this context will be used exclusively to process your request. Your request will also be forwarded to our server via https in encrypted form.

The data processing for the purposes of establishing contact with us takes place under Art. 6 (1) (1) (a) GDPR, based on your freely granted consent.

The personal data we collect so the contact form can be used will be erased automatically after your request has been handled. Regarding your rights in the matter, including the possibility of withdrawing your consent, please see the statements under item 9 of this data privacy statement.

 

2.3 When using our newsletter

We offer you the opportunity to subscribe to our newsletter so we can keep you up to date on innovations and new developments. To do so, you must provide your email address to which we can send the newsletter. You can also disclose other information voluntarily, which we will use to optimize the newsletter. After that, we will send you a notification email and ask you to click on the link it contains to confirm that you wish to receive our newsletter at this email address.

The data processing for purposes of receiving our newsletter takes place under Art. 6 (1) (1) (a) GDPR, based on your freely granted consent.

We will use your email address only to send you the newsletter.

If you should later decide to unsubscribe to our newsletter, you can revoke your consent to receive it at any time. To do so, please use the cancellation link provided in the newsletter, or send an appropriate email to our company’s data protection officer (datenschutzbeauftragter(at)dambach-lagersysteme.de). Regarding rights beyond this, please see item 9 of this data privacy statement.

 

2.4 When using our download services

On our website, we’ve given you the opportunity to download informational material about our company and products. To register for our download services, you must provide only your email address. You may provide additional information voluntarily. After you’ve registered successfully, you’ll receive a registration confirmation by email. From that point on, you’ll have access to our download services for one month without having to register again. After that period, we’ll erase your personal data automatically.

The legal basis for this data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest lies in processing publication orders, avoiding spam, and the general security of the website.

 

2.5. When applying by email

You can check our website to learn about training opportunities and internships in our company. You can then simply send us your application by email. We will process the personal data you include in your application (such as your name, contact information, description of your education and abilities) and documents (such as credentials) exclusively to handle your application. As a general principle, your data will be forwarded only to our company’s in-house offices and departments responsible for the specific application procedure. Your application data will not be used beyond that or forwarded to third parties.

If we cannot offer you a position, we’ll keep the transmitted data up to six months so we can answer questions related to your application or its rejection. After this period expires, we’ll erase your data from our applicant bank, unless you’ve agreed to have the data stored for longer.

Data processing for these purposes is based on Art. 6 (1) (1) (b) GDPR or, if you agree to have your data stored for longer, on Art. 6 (1) (1) GDPR.

Naturally, you may at any time revoke your consent to have your personal data processed as part of the application procedure, thereby withdrawing your application. To do so, please send an email to that effect to: datenschutzbeauftragter(at)dambach-lagersysteme.de. Please note that the law prevents us from immediately erasing all the data regarding your application, since we must retain certain data for a prescribed period to comply with statutory regulations. Your rights in this matter are discussed in greater detail under item 9 of this data privacy statement.

 

2.6. When implementing contractual relationships with customers, suppliers and other business partners

If you enter contractual relationships with us, we will collect information such as your title, first and last names, contact data (address, telephone number and email address) and information necessary to execute and process the contractual relationship, especially to identify you as our business partner, exchange information and services as part of the contractual relationship, correspond with you, and issue invoices.

The data processing is necessary under Art. 6 (1) (1) (b) GDPR for the purposes mentioned, to execute and develop the contractual relationship, and for the reciprocal fulfillment of obligations arising from the contractual relationship.

The personal data we collect to execute the contract will be stored by us, and erased after the contractual relationship has been processed, unless we are obligated to store them longer under Art. 6 (1) (1) (c) GDPR due to statutory retention and documentation obligations (especially those under tax and commercial law) or you have granted your consent to longer storage under Art. 6 (1) (1) (a) GDPR.

 

3. Forwarding of data

Your personal data will not be forwarded to third parties for purposes other than those listed in the following.

We will forward your personal data to third parties only if:

- you have expressly consented to such forwarding under Art. 6 (1) (1) (a) GDPR,

- forwarding under Art. 6 (1) (1) (f) GDPR is necessary to assert, exercise or defend against legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being forwarded,

- a legal obligation exists to forward under Art. 6 (1) (1) (c) GDPR, and

- such forwarding is legally permitted and necessary under Art. 6 (1) (1) (b) GDPR to develop contractual relationships with you.

 

4. Cookies

Our websites use cookies. These are small text files that are stored on your end device and exchange certain settings and data with our systems through your browser.

Using session cookies helps us design our website to be more convenient for you. Those cookies recognize that you have already visited individual pages of our internet presence; they will be deleted after you leave our internet site.

We use temporary cookies that are stored on your end device for a predetermined period to optimize user-friendliness. If you visit our website again, the website will automatically recognize you as a repeat visitor, and will remember which information you provided and which settings you activated, so you won’t have to do so again.

We also use cookies to record statistics about how our website is used, and to evaluate those statistics to optimize our services for you. These cookies allow us to automatically recognize you as a repeat visitor if you visit our website again. The cookies will be deleted automatically after a specified period. This is discussed in greater detail under item 5 of this data privacy statement.

The data processed through cookies are necessary for the aforementioned purposes, to protect our legitimate interests and those of third parties under Art. 6 (1) (1) (f) GDPR.

Most browsers accept cookies automatically. However, you can configure your browser to prevent cookies from being stored on your computer or to always display a message before a new cookie is placed. But if you deactivate cookies completely, you might not be able to use all of our website’s functions.

 

5. Analysis tools

We use the following analysis tools on our website. The service provider residing in the USA has subjected itself to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

 

5.1 Google Analytics

Our internet site uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). Google Analytics also uses cookies (see item 4 of this data privacy statement). The information these cookies generate about the use of our website is normally transmitted to a Google server in the USA and stored there.

Our website uses Google Analytics with the extension “anonymize IP.” This means that the IP address collected by the Google Analytics cookie will be truncated within member states of the European Union or other contracting states to the Agreement on the European Economic Area before that address is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

Google uses this information on our behalf to evaluate your use of our website, compile reports about website activities, and render additional services for us which are connected with website use and internet use. The IP address that your browser has transmitted as part of Google Analytics will not be combined with other Google data.

You can prevent Google from recording or processing the data the cookie generates which relates to your use of the website (including your IP address) by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en. However, we point out that if you do, you might not be able to use all of our website’s functions to their full extent.

You can also prevent Google Analytics from recording the data by clicking the following link (https://www.google.com/analytics/terms/us.html). In this case, an opt-out cookie will be placed that prevents your data from being recorded when you visit our website in the future.

You can find additional information about data protection in connection with Google Analytics in “Google Analytics Help” under: https://support.google.com/analytics/answer/6004245?hl=en.

 

5.2 Google AdWords conversion tracking

We also use Google AdWords conversion tracking. This is also an analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

During this process, a cookie (see item 4 of this data privacy statement) is placed by Google AdWords on your computer, if you have arrived at our website via a Google ad.

After 30 days, these cookies will become invalid and unable to identify anyone personally. If you visit certain pages of our website and the cookie has not yet expired, we and Google can recognize that you have clicked on the ad and been redirected to this site.

Every Google AdWords customer receives a different cookie. This make it impossible to track cookies via those customers’ websites. The information obtained with the help of a conversion cookie serves to create conversion statistics for us. We learn the total number of users that have clicked on our ad and been redirected to a page which has been given a conversion tracking tag. But we receive no information with which we can identify you personally.

If you don’t wish to participate in the tracking procedure, you can also reject the placement of cookies which is required for that procedure—by changing your browser settings, for example, which deactivates the automatic placement of cookies in general. You will find additional information, and Google’s data protection notice regarding conversion tracking, under services.google.com/sitestats/en.html

 

6. Social media plugins

We currently use the following plugins. We use plugins to enable you to interact with social networks and other users so we can improve our services and make them more interesting for you to use. We also use these plugins to make our company more well known on social networks and send you additional information as a user.

The data processing for these purposes is based on Art. 6 (1) (1) (f) GDPR.

The service providers residing in the USA have subjected themselves to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

 

6.1 LinkedIn

To make our internet presence more personalized for you, we use the social media plugins of the network LinkedIn offered by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”).

If you retrieve a page of our internet presence that contains a LinkedIn “Share” button, this plugin will be initially deactivated. Only when you click on the “Share” button provided will this plugin be activated. By activating this plugin, you are establishing a connection to LinkedIn and agree that your data will be transmitted to LinkedIn. If you are logged into LinkedIn, LinkedIn can assign the visit to your account there. If you activate the “Share” button, the appropriate information will be transmitted from your browser directly to LinkedIn and stored there.

We also use an additional LinkedIn button which will redirect you to our services on LinkedIn so you can follow us there (provided you’re logged into your LinkedIn user account). By clicking the plugin, a connection will be established between your browser and the LinkedIn server. This informs LinkedIn that you have visited our website with your IP address. Moreover, LinkedIn can then assign your visit on our website to you and your LinkedIn user account (provided you are logged into that account).

Please refer to LinkedIn’s data protection notice to learn the scope and purpose of the data collection, and how LinkedIn will process and use the data, your rights in the matter, and how to change settings to protect your privacy, under: https://www.linkedin.com/legal/privacy-policy.

If you don’t want LinkedIn to collect data about you via our internet presence, you must log out of LinkedIn before visiting our internet presence.

 

6.2 XING

Our websites contain social media plugins of the social network XING.com, operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany (“XING”), to help us individualize our internet site.

If you retrieve a page of our internet presence that contains a XING “Share” button, this plugin will be initially deactivated. Only when you click on the “Share” button provided will this plugin be activated. By activating that plugin, you are establishing a connection with XING and agreeing that data will be transmitted to XING. If you are logged into XING, XING can assign the visit to your account there. If you activate the respective button, the appropriate information will be transmitted from your browser directly to XING and stored there.

Please refer to XING’s data protection notice to learn the scope and purpose of the data collection, and how XING will process and use the data, your rights in the matter, and how to change settings to protect your privacy, under: https://privacy.xing.com/en/privacy-policy.

If you don’t want XING to collect data about you via our internet presence, you must log out of XING before visiting our internet presence.

 

6.3 Facebook

On our internet site, we use social media plugins from the social network Facebook.com, operated by Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (“Facebook”), to make your use of our website more individualized. To do so, we use the respective “Share” button.

If you retrieve a page of our internet presence which contains such plugins, those plugins will initially be deactivated. Only if you click the “Share” button provided will the plugins be activated. By activating that plugin, you are establishing a connection with Facebook and agreeing that data will be transmitted to Facebook. If you are logged into Facebook, Facebook can assign the visit to our internet site directly to your Facebook account. If you interact with the plugins—by activating the “Share” button, for example—the appropriate information will also be transmitted directly to a Facebook server and stored there.

Please refer to Facebook’s data protection notice to learn the scope and purpose of the data collection, and how Facebook will process and use the data, your rights in the matter, and how to change settings to protect your privacy, under: https://www.facebook.com/privacy/explanation

If you don’t want Facebook to collect data about you via our internet presence, you must log out of Facebook before visiting our internet presence.

 

6.4 Twitter

Plugins of the short-message company Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (“Twitter”), are integrated into our websites. We use the “Tweet” button to personalize our internet presence for you.

If you retrieve a page of our online presence which contains such plugins, those plugins will initially be deactivated. Only if you click the button provided will the plugins be activated. By activating that plugin, you are establishing a connection with Twitter and agreeing that data will be transmitted to Twitter. If you are logged into Twitter, Twitter can assign the visit to your account there. If you activate the respective button, the appropriate information will be transmitted from your browser directly to Twitter and stored there.

Please refer to Twitter’s data protection notice to learn the scope and purpose of the data collection, and how Twitter will process and use the data, your rights in the matter, and how to change settings to protect your privacy, under: https://twitter.com/en/privacy

If you don’t want Twitter to collect data about you via our internet presence, you must log out of Twitter before visiting our internet presence.

 

6.5 WhatsApp

Our internet sites use “Share” buttons of the instant-messaging service WhatsApp, of WhatsApp Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (“WhatsApp”), so we can individualize our internet presence.

With this button, you can share content from our internet site as a personal message using your end device. If you use the WhatsApp “Share” button, WhatsApp learns what content has been shared and that the “Share” button has been used on our website.

Please refer to WhatsApp’s data protection notice to learn the scope and purpose of the data collection, and how WhatsApp will process and use the data, your rights in the matter, and how to change settings to protect your privacy, under: https://www.whatsapp.com/legal/#privacy-policy.

 

6.6 YouTube

Our internet site uses the video platform YouTube, operated by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066, USA (“YouTube”). YouTube is a platform which makes it possible to reproduce audio and video files.

A few of our internet sites contain embeddings of videos on YouTube. If you retrieve these websites, the incorporated YouTube player will establish a connection to YouTube to ensure the technical transmission of the video or audio file. When the connection to YouTube is established, data is transmitted to YouTube. If you are logged into YouTube, YouTube can assign the visit to your account there.

Please refer to YouTube’s data protection notice to learn the scope and purpose of the data collection, and how YouTube will process and use the data, your rights in the matter, and how to change settings to protect your privacy, under: https://policies.google.com/privacy?hl=en and https://support.google.com/youtube/answer/7671399?hl=en&ref_topic=2803240.

If you don’t want YouTube to collect data about you via our internet presence, you must log out of YouTube before visiting our internet presence.

 

7. Google Maps

This site uses the map service Google Maps through an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). For you to use Google Maps’ functions, we will need to store your IP address. This information is normally transmitted to a Google server in the USA and stored there. We have no influence on this data transmission.

When you visit one of our website’s sub-pages, Google is informed of that visit. If you are logged in with Google, your data will be assigned directly to your account. If you don’t want Google to make that assignment to your profile, you must log out before using the service.

Google Maps is used in the interest of an attractive presentation of our online services and to make it easier to find the locations we specify on the website. This constitutes a legitimate interest as defined by Art. 6 (1) (f) GDPR.

You can consult Google’s data privacy statement (https://policies.google.com/privacy?hl=en) to learn more about how user data is handled. Google also processes your personal data in the USA and has subjected itself to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).

 

8. Google reCAPTCHA

To protect the inquiries you make via our contact form, we use Google reCAPTCHA, a CAPTCHA service of Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). By using the service, we can determine whether input was entered by a natural person or automated machine processing. In so doing, your IP address will be forwarded to Google, possibly along with other data Google needs for the service. Google will truncate your IP address, however, within the member states of the European Union or other contracting states to the Treaty on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on our behalf to evaluate your use of this service.

The legal basis is Art. 6 (1) (1) (f) GDPR. The legitimate interest lies in defending against attacks by automated and machine processing, and in the website’s general security.

The IP address that your browser has transmitted as part of reCAPTCHA will not be combined with other Google data. For those data, the deviating data protection provisions of Google will apply. You can find further information about Google’s data privacy guidelines under https://policies.google.com/privacy?hl=en and https://www.google.com/recaptcha/intro/android.html.

 

9. Links to third-party websites

Our internet sites contain links to third-party websites whose providers are not associated with us. We are not responsible for the confidential treatment of your personal data by the providers of other websites, since, once a link to those sites has been clicked, we no longer have any influence on the collection, storage or processing of any personal data transmitted to the third parties by clicking of the link.

So you should learn about the data privacy statements of other providers which are included on their internet sites.

 

10. Rights of the data subject and contact person for data protection

You have the following rights:

 

10.1 Right to access and confirmation

Under Art. 15 GDPR, you may at any time demand information or confirmation about the personal data concerning you which we are processing. In particular, you may demand information about the purpose of processing, the categories of personal data, the categories of recipients to whom your data were or will be disclosed, the intended storage period, the existence of rights to rectification, erasure, restriction of processing, objection, the existence of a right to lodge a complaint, the origin of your data (if we did not collect those data from you), and the existence of an automatic decision-making procedure, including profiling, and possibly meaningful information about their details.

You may also demand information about whether your personal data have been transmitted to a third country or an international organization, and which suitable guarantees exist for that transmission.

 

10.2 Right to rectification

Under Art. 16 GDPR, you may demand that inaccurate or incomplete personal data we are storing about you be corrected or completed.

 

10.3 Right to erasure

Under Art. 17 GDPR, you may demand that your personal data we are storing be erased, provided one of the following reasons applies and the processing is not required for the purposes of Art. 17 GDPR.

- The personal data was collected or otherwise processed for purposes for which they are no longer needed.

- You withdraw your consent on which the processing under Art. 6 (1) (1) (a) GDPR or Art. 9 (2) (a) GDPR is based, and there is no other legal basis for the processing.

- You lodge an objection against the processing under Art. 21 (1) GDPR, and no overriding legitimate grounds for the processing exist, or you lodge an objection against the processing under Art. 21 (2) GDPR.

- The personal data were illegally processed.

- The personal data must be deleted to fulfil a legal obligation under the legislation of the European Union or the laws of the member states to which the controller is subject.

- The personal data were collected in connection with offered services of the information society under Art. 8 (1) GDPR.

If we have made personal data public and are obligated to erase those data under Art. 17 GDPR, we will take reasonable measures to inform other controllers who process the published personal data that you have requested the erasure of all links to, or copies or replications of, those personal data.

 

10.4 Right to restriction of processing

Under Art. 18 GDPR, you may demand the restriction of the processing of your personal data if (1) you contest the accuracy of the personal data for a period enabling us to verify their accuracy, (2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead, (3) we no longer need those data, but you need them to assert, exercise or defend against legal claims, or (4) you have objected to processing pursuant to Art. 21 GDPR, provided it has not been established whether our company’s legitimate grounds override yours.

 

10.5 Right to data portability

Under Art. 20 GDPR, you may receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, or demand that those data be transmitted to another controller, provided the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR, and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

 

10.6 Right to withdrawal

Under Art. 7 (3) GDPR, you may at any time withdraw a consent you have granted to us. If you do so, from that point on we may no longer continue any data processing based on that consent.

 

10.7 Right to lodge a complaint

Under Art. 77 GDPR, you may lodge a complaint with a supervisory authority. To do so, you may normally turn to the supervisory authority of your normal abode or workplace or our branch.

 

10.8 Contact information of the data protection officer

To exercise the rights named in this item, and to register questions or complaints about the use of your personal data, you can contact our data protection officer:

Data protection officer for DAMBACH Lagersysteme GmbH & Co. KG

Hardrain 1

76476 Bischweier, Germany

Email: datenschutzbeauftragter(at)dambach-lagersysteme.de

 

11. Right to object

If your personal data are being processed based on legitimate interests under Art. 6 (1) (1) (f) GDPR, you may object to that processing pursuant to Art. 21 GDPR, if grounds exist that relate to your particular situation or if the objection is directed at processing for direct marketing purposes. In the latter case, you have a general right to object that we will implement without requiring information about a particular situation from you.

If you wish to assert your right of withdrawal or right to object, it is enough to send an email to datenschutzbeauftragter(at)dambach-lagersysteme.de.

 

12. Storage period

Your personal data will be erased if knowledge of them is no longer necessary for the purposes described in this data privacy statement, unless statutory provisions stipulate longer storage.

 

13. Data security

While you are visiting our website, we use the widespread SSL procedure (Secure Socket Layer) in combination with the highest encryption level that your browser supports. This is normally 256-bit encryption. If your browser does not support 256-bit encryption, we rely on 128-Bit v3 technology instead. To determine whether an individual site of our internet presence is transmitted in encrypted form, look for the closed lock symbol shown in your browser’s status bar.

Otherwise, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, and unauthorized access by third parties. Our security measures are continually improved to keep up with technological advancements.

 

14. Last revision of this data privacy statement; Amendments

This data privacy statement is currently valid and was last revised in July 2018.

Amendments to this data privacy statement may be necessitated by the further development of our internet sites and offers made through them, or due to amended statutory or official requirements. You may retrieve and print out the current data privacy statement on our website at any time, under www.dambach-lagersysteme.de/en/data-protection.html.