Privacy is a special concern of Gyptech GmbH. Our efforts, in particular to meet the requirements of the European Data Protection Regulation (DSV) and the Federal Data Protection Act in its new version, are primarily aimed at respecting your privacy and privacy.
Today, the use of electronic data processing systems (EDP) is indispensable for modern companies such as Gyptech GmbH. In this case, of course, a maximum is laid out to observe the legal regulations.
A use of the internet pages of Gyptech GmbH is basically possible without any indication of personal data. However, if a data subject wishes to use our company’s special services through our website, personal data processing may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.
1. General / Definitions
a) personal data
personal data are all information that relates to an identified or identifiable natural person (hereinafter “data subject”). A natural person is considered to be identifiable who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.
(b) Affected person / Affected person
Affected person means any identified or identifiable natural person whose personal data are processed by the controller.
processing means any process or series of operations performed with or without the aid of automated procedures in relation to personal data such as the collection, collection, organization, ordering, storage, adaptation or modification, reading out, querying, the use, disclosure by transmission, dissemination or other form of provision, matching or linking, restriction, erasure or destruction.
d) Restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
profiling is any type of automated processing of personal data which involves the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, Health, personal preferences, interests, reliability, behavior, whereabouts, or location of that natural person to analyze or predict.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that: the personal data are not assigned to an identified or identifiable natural person.
person is the natural or legal person, public authority, institution or other body that decides, alone or together with others, on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
h) Contractor / Order Processor
Contractor / Contract Data Processor shall mean a natural or legal person, public authority, agency or body that processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or other entity to whom personal data are disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered to be beneficiaries.
j) a thirdthird
partyparty is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or processor to process the personal data.
Consent is any expression of will voluntarily given by the data subject in an informed and unambiguous manner in the form of a statement or other unambiguous confirmatory act by which the data subject indicates that they are involved in the processing of the person concerned personal data.
2. Information about the collection of personal data
(1) In the following we inform about the collection of personal data when using our website. Personal data is all data that is personally available to you, eg. Name, address, e-mail addresses, user behavior, etc.
(2) Responsible acc. Art. 4 para. 7 of the EUData Protection Regulation (DS-GVO) is
GeneralGyptech GmbH, represented by the Managing Director Wolfgang Theel
86633 Neuburg an der Donau
Tel .: 08431 5387-0
(3) Our data protection officer is:
Mr. Attorney at Law Sascha Weller, IDR – Institute for Data Protection Law
Tel .: 0841 – 885 167 15
Web : www.idr-datenschutz.de
(4) When you contact us by e-mail or via a contact form, the data provided by you (your e-mail address, if applicable, your name and telephone number) will be automatically saved by us , to answer your questions. Such personal information provided on a voluntary basis by an individual to the controller is stored solely for the purpose of processing or contacting the data subject. We delete the data that arises in this context after the storage is no longer required, or limit the processing if there are statutory retention requirements.
(5) If we rely on commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective transactions. In doing so, we also name the specified criteria for the storage duration.
(6) We as the controller have implemented a large number of technical and organizational measures to ensure the most complete protection possible for personal data processed through this website. Nevertheless, Internet-based data transmissions can in principle have security gaps so that absolute protection can not be guaranteed. For this reason, every person concerned is free to submit personal data to us by alternative means, for example by telephone.
(7) As a responsible company, we refrain from automatic decision-making or profiling.
3. Your rights
(1) You have the following rights with respect to the personal data concerning you:conferred
– Right of access:right
Any person affected by the processing of personal data has theby the GDPR at any time by the controller receive free information about the personal data stored about him and a copy of this information. In addition, the European Di- rective and Regulatory Authority has granted thefollowing information:
a) the processing
data subject thepurposes
b) the categories of personal data being processed
c) the recipients or categories of recipients to whom the personal data have been disclosed or not be disclosed, especially in recipients in third countries or international organizations
d) if possible the planned duration for which the personal data are stored, or, if this is not possible, the criteria for determining such duration
e) the existence of a right to Correction or erasure of personal data concerning them or restriction of processing by the controller or a right to object to such processing
f) the existence of a right to complain to a supervisory authority
g) if the personal data are not included in the data (
h) the existence of automated decision-making including profiling in accordance with Article 22 (1) and (4) of the GDPR and – at least in these cases – meaningful information on the logic involved and the implications and consequences; the intended impact of such processing on the
data subject In addition, the data subject has a right of access as to whether personal data has been transferred to a third country or to an international organization. If this is the case, then the data subject has the right to obtain information about the appropriate guarantees in connection with the transfer.
If a data subject wishes to avail himself of this right to information, he may, at any time, contact an employee of the controller.
– Right to revoke a data protection consent:
Any person affected by the processing of personal data has the right to withdraw consent to the processing of personal data at any time.
If an interested party wishes to exercise this right to withdraw consent, they may, at any time and by any means of communication, contact an employee of the controller.
– Right to rectification:
The data subject has the right to demand from the person responsible without delay the correction of incorrect personal data concerning him. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.
If a data subject wishes to avail himself of this right to information, he may, at any time, contact an employee of the controller.
– Right to be deleted / right to be forgotten:
The data subject has the right to ask the person responsible to delete the personal data concerning him or her immediately, and the person responsible is obliged to delete personal data immediately, if one of the following reasons applies:
(a) the personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
(b) the data subject withdraws the consent on which the processing referred to in Article 6 (1) (a) or 9 (2) (a) was based and lacks any other legal basis for the processing.
(c) the data subject objects to the processing in accordance with Article 21 (1) and there are no high-level legitimate grounds for the processing or the data subject objects to the processing in accordance with Article 21 (2).
d) the personal data were processed unlawfully.
(e) the deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(f) the personal data have been collected in relation to information society services offered in accordance with Article 8 (1).
If an interested party wishes to claim this right to be forgotten, they may contact an employee of the controller at any time.
If we have made the personal data public and if we are required to delete it in accordance with Article 17 (1) of the GDPR, we shall take appropriate measures, including technical ones, to inform data controllers, who are responsible for the data processing and the implementation costs personal information, to inform you that an affected person has requested that you delete all links to such personal data or copies or replications of such personal data. Our employees will take the necessary measures.
– Right to restriction of processing:
Thehas the right to require the controller to restrict the processing if one of the following conditions is met: (
data subjecta) the data subject is correct for the data subject The length of time it allows the controller to verify the accuracy of the personal data; (
b) the processing is unlawful and the data subject refuses to delete the personal data and instead requests that the personal data be restricted;
(c) the controller no longer needs the personal data for processing purposes, but the data subject requires them to assert, pursue or defend legal claims; or (data
d) thesubject has objected to the processing referred to in Article 21 (1), as long as It is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned.
If an interested party wishes to exercise this right to restriction of processing, they may, at any time, contact an employee of the controller.
– Right of opposition to processing:
Any person concerned by the processing of personal data has the right granted by the GDPR at any time, for reasons arising from its particular situation, against the processing of personal data relating to it under Art 6 (1) (e) or (f) of the GDPR, opposition is sought. This also applies to profiling based on these provisions.
In the event of an objection, we will no longer process personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of asserting, exercising or defending legal claims ,
If we process personal data in order to operate direct mail, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to the profiling, as far as it is associated with such direct mail. If the data subject objects to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, the data subject has the right, for reasons that arise from their particular situation, against the processing of personal data relating to them, which we carry out for scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) DS-BER To object, unless such processing is necessary to fulfill a public interest task.
In order to exercise the right of opposition, the data subject may directly contact any employee. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58 / EC, to exercise his right of opposition by means of automated procedures using technical specifications.
– Data transferability: the data
subject has the right to receive the personal data relating to him / her provided to a controller in a structured, common and machine-readable format, and has the right to transfer that data to another person without hindrance (the person responsible for providing the personal data;
a) the processing is based on a consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or a contract pursuant to Article 6 (1) (b); and (
b)the processing is done by automated methods.
In exercising their right to data portability under Article 20 (1) of the GDPR, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another, where technically feasible and the rights and privacy of the data subject Freedoms of others are not affected.
If an interested party wishes to exercise this right to data portability, they may contact an employee of the controller at any time.
– Automated decision on a case-by-case basis, including profiling
Each person concerned by the processing of personal data has the right conferred by the GDPR not to be subject to a decision based solely on automated processing, including profiling, which has legal effect on it or if so similarly severely affected, unless the decision
(1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or
(2) permitted by Union or Member State legislation to which the controller is subject and that such legislation contains appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, ordata subject
(3) with the express consent of the.
If the decision to conclude or execute a contract between the data subject and the controller is necessary or with the express consent of the data subject, we will take reasonable steps to safeguard the rights and freedoms and legitimate interests of the data subject at least the right to obtain the intervention of a person by the person responsible, to express his / her own position and to challenge the decision.
If the data subject wishes to rely on automated decision-making rights, they may, at any time, contact an employee of the controller.
(2) You also have the right to complain to us about the processing of your personal data by a data protection supervisory authority. The supervisory authority responsible for our company is as follows:
Bavarian State Office for Data Protection Supervision
Tel .: 0981 – 53 1300
4. Collection of personal data when visiting our website / Cookies
(1) If you only use our website for informational purposes, ie if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to show you our website and to ensure the stability and security (legal basis is Art. 6 (1) sentence 1 DS-GVO ):
– IP address
– Date and time of the request
– Greenwich mean time (GMT) time zone difference
system Internet service providers
– Content of the request (concrete page)
– Access- Access status / HTTP status code
– Amount of data transferred
– Website that the request comes from (Referrer)
– Operating system and its interfacesoftware
– Language and version of the browser.
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and by which the body that sets the cookie (here through us) receives certain information. Cookies can not run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
a) This website uses the following types of cookies, the scope and mode of operation of which are explained below:
– Transient cookies (see b)
– Persistent cookies (c)
– Flash cookies (see f).
b) Transient cookies are automatically deleted when you close the browser. These include, in particular, the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser setting according to your wishes. B. decline the acceptance of third-party cookies or all cookies. Please be aware that you may not be able to use all features of this site.
f) The Flash cookies used are not detected by your browser, but by your Flash plug-in.
5. Other functions and offers of our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal information that we use to provide the service and for which the aforementioned data processing principles apply.
(2) In part, we use to process your data from external service providers. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.
(3) The hosting services we use are for the purpose of providing the following services: infrastructure and platform services, computing capacity, storage and database services, security and technical maintenance services we use to operate this online service.
Here we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer acc. Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 GDPR.
(4) Furthermore, we may disclose your personal data to third parties, if action participations, competitions, contracts or similar services are offered by us together with partners. For more information, please refer to your personal data or below in the description of the offer.
(5) Insofar as our service providers or partners have their seat in a country outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.
6. Data protection for applicationsdata
Thecontroller collects and processes the personal data of applicants for the purpose of processing the application process. The processing can also be done electronically. This is particularly the case if an applicant submits corresponding application documents to the controller by electronic means, for example by e-mail or via a contact form on the website. If the controller concludes an employment contract with an applicant, the data transferred will be stored for the purpose of executing the employment contract in accordance with the legal requirements. If no employment contract is concluded with the candidate by the controller, the application documents will be automatically deleted unless deletion precludes other legitimate interests of the controller. Other legitimate interest in this sense, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).
The processing of the applicant data takes place in order to fulfill our (pre-) contractual obligations in the context of the application process within the meaning of Art. 6 para. 1 lit. b. DSGVO Art. 6 para. 1 lit. f. DSGVO insofar as the processing of data is necessary for us eg in the context of legal procedures (in Germany additionally § 26 BDSG applies).
7. Objection or revocation against the processing of your data
(1) If you have given your consent to the processing of your data, you can revoke it at any time and by any means of communication. Such revocation affects the admissibility of the processing of your personal data after you have given it to us.
(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we present in the following description of the functions. In the event of any such disagreement, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.
(3) Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You may contact us about your advertising conflict at the address indicated in section 2. (2).
8. Legal or contractual provisions for the provision of personal data / Necessity for concluding a contract / Consequences of non-provision / deletion
(1) We would like to inform you that the provision of personal data is partially required by law. However, it may also be possible for an affected person to provide us with personal information in order for a contract to be conducted. A non-provision would mean that the contract could not be closed. Our staff are happy to answer any questions related to a specific case.
(2) The data processed by us are deleted or limited in their processing in accordance with Articles 17 and 18 GDPR. Unless explicitly stated in this privacy statement, the data stored by us will be deleted as soon as they are no longer necessary for their intended purpose and the deletion does not conflict with any statutory storage requirements. Unless the data is deleted because it is required for other and legally permitted purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons.
According to legal requirements, the storage takes place in particular for 10 years according to §§ 147 Abs. 1 AO, 257 Abs. 1 Nr. 1 and 4, Abs. 4 HGB (books, records, situation reports, accounting documents, trading books, documents relevant for taxation, etc .) and 6 years in accordance with § 257 para. 1 no. 2 and 3, para. 4 HGB (commercial letters).
9. Web Analytics
1. Use of 1 & 1 Web Analytics
This website uses 1 & 1 Web Analytics, a web analytics service of 1 & 1 Internet SE, Elgendorfer Strasse 57, 56410 Montabaur (1 & 1). 1 & 1 Web Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website.
The information generated by the cookie about your use of this website (including your IP address) is transmitted to a server of 1 & 1 and stored there. 1 & 1 will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services related to website activity and internet usage. Also 1 & 1 will transfer this information to third parties if required by law or if third parties process this data on behalf of 1 & 1.
1 & 1 will in no case connect your IP address with other 1 & 1 data. You can prevent the installation of cookies by setting your browser software accordingly; However, please be aware that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by 1 & 1 in the manner described above and for the purpose stated above.
10. Integration of Google Maps
1. Integration of Google Maps
(1) On this website we use the offer of Google Maps. This allows us to show you interactive maps directly in the website and allow you to conveniently use the map feature.
(2) By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data referred to in point 4 of this declaration will be transmitted. This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you’re logged in to Google, your data will be assigned directly to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and / or tailor-made website design. Such an evaluation is carried out in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about their activities on our website. You have a right to object to the formation of these user profiles, and you must comply with this to Google.
11. Plugins and Tools
1. Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to correctly display texts and fonts. To do this, the browser you use must connect to Google’s servers. As a result, Google learns that our website has been accessed via your IP address. The use of Google WebFonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
If your browser does not support web fonts, a standard font will be used by your computer.
2. Using ajax.googleapis.com and jQuery
On this page, we use Ajax and jQuery technologies to optimize loading speed. In this regard, program libraries are accessed by Google servers. It uses Google’s Content Delivery Network (CDN). If you previously used jQuery on another page of the Google CDN, your browser will fall back on the cached copy. If this is not true, it will require downloading, with data from your browser sent to Google! Inc. (“Google”). Your data will be transmitted to the USA. You can find out more on the websites of the providers.
The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f DS-GMO.