Privacy Policy

Privacy policy

Thank you for visiting our website. In the following, we would like to inform you which personal data we collect, for which purposes we process your personal data and which rights you are entitled to.

Definition

According to Article 4 (1) GDPR (General Data Protection Regulation), personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

According to Article 4 (2) GDPR, "processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Responsible

ANEST IWATA Europe GmbH

Am Stahlbügel 2

D-74206 Bad Wimpfen

Phone: +49 7063 9336714

Fax: +49 7063 9336719

Email: info@anest-iwataat.com

Data Protection Officer

We have appointed a data protection officer. The contact details are:

mail@ra-schuetzle.de

Types of data processed

Personal data (name, address, etc.)

Contact information (email, phone number, etc.).

Meta data/communication data/usage data (IP address, operating system, etc.).

Data subjects‘ rights

Right of access (Article 15 GDPR)

You have the right to request confirmation from us as to whether we are processing personal data about you. If this is the case, you have a right to information about this personal data and to the information referred to in Article 15 (1) GDPR.

Right of rectification (Article 16 GDPR)

If we process incorrect personal data about you, you have the right to request correction of this incorrect data. In addition, you have the right to request the completion of incomplete personal data.

Right to erasure (Article 17 GDPR)

If one of the reasons listed in Article 17 (1) of the GDPR applies, you have the right to demand the immediate deletion of your personal data. This does not apply if one of the reasons mentioned in Article 17 (3) GDPR applies.

Right to restriction of processing (Article 18 GDPR)

As far as one of the conditions mentioned in Article 18 (1) GDPR exists, you have the right to demand the restriction of the processing of your data.

Right to object to processing (Article 21 GDPR)

If we process personal data of you on the basis of Article 6 (1) e) or f) GDPR, you have the right under Article 21 (1) GDPR to object to this processing for reasons arising from your particular situation.

Right to data portability (Article 20 GDPR)

You have the right, if the conditions according to Article 20 (1) GDPR are met, to receive the personal data concerning you that you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transfer this data to another controller without hindrance from us.

Right to withdraw consent at any time (Article 7 (3) GDPR)

You have the right to withdraw your consent at any time. The lawfulness of the processing carried out on the basis of the consent until its withdrawal is not affected by this.

Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

You can also contact a data protection supervisory authority with any complaints about the processing of your personal data. Responsible for ANEST IWATA Europe GmbH, as the responsible party, is the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg.

Contact details: Lautenschlagerstraße 20, 70173 Stuttgart, Germany

Phone: 0711 / 61 55 41 - 0

Fax: 0711 / 61 55 41 - 15

Email: poststelle@lfdi.bwl.de

However, you can generally address your complaint to any data protection supervisory authority, in particular also to the supervisory authority of your own place of residence or work or the place of the alleged violation.

Existence of automated decision making including profiling (Article 13 para. 2 f), Article 22 para. 1, 4 GDPR)

An automated decision-making including profiling (Article 13 para. 2 f), Article 22 para. 1, 4 GDPR) does not take place with us.

Processing operations

Personal data are processed in the following operations:

Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and allow us to recognize your browser the next time you visit (so-called persistent cookies).

You can set your browser so that you are informed about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the functionality of our website may be limited.

The purpose of the processing is therefore the optimal use and functioning of our website and the provision of necessary services. The legal basis for technically unnecessary cookies is your consent pursuant to Article 6 para. 1 lit. a GDPR, which we obtain via our so-called "cookie banner".

Google Analytics (and Google Tag Manager)

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), and the Google Tag Manager provided by Google to facilitate the implementation of Google Analytics on our website. The parent company of Google Ireland is the US-based company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how visitors use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymization is activated on this website, your IP address will be shortened by Google beforehand. IP anonymization is active on this website. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. However, it cannot be ruled out and is even likely that Google may also use the data collected via our website for its own purposes. We have no influence on the use of your data by Google for its own purposes.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. Google Analytics is used to measure the reach of our website, as well as for retargeting and other marketing measures. The legal basis is your consent in accordance with Article 6 (1) a) GDPR and Article 49 (1) a) GDPR.

Since personal data may be transferred to the USA when Google Analytics is used and the parent company of Google Ireland is a US company, data transfer to third countries takes place (Article 44 et seq. GDPR), or at least cannot be ruled out. The USA is an unsafe third country from a data protection perspective. For the USA, there is currently neither an EU adequacy decision nor other suitable guarantees. In the USA there is currently no level of data protection equivalent to that in the EU, which is why your personal data is less well protected and there is therefore a risk to your rights and freedoms. In particular, due to the legal situation in the USA, it cannot be ruled out that government agencies may gain access to data transmitted to the USA or to data processed/stored by US companies. One such legal basis for US authorities is Section 702 of the Foreign Intelligence Surveillance Act ("FISA", Foreign Intelligence Surveillance Act, a law that regulates foreign intelligence and counterintelligence of the United States).

In addition to this legal regulation, US companies from the telecommunications sector and "remote computing services" (cloud providers in particular fall under this) are subject to the so-called "Cloud Act" (Clarifying Lawful Overseas Use of Data Act). This is a legal clarification according to which the access rights of US authorities to personal data also apply if this data is processed outside the USA, provided that the data is controlled by US companies.

If US authorities gain access to your data on the basis of this legal situation currently applicable in the USA, you as an EU citizen have no effective legal protection. The risk with this processing therefore lies in particular in the lack of enforceable rights and effective legal remedies against access and processing by US authorities.

If you give us your consent, you do so with knowledge of the risks just described. Your consent is the legal basis for the transfer of data to a third country in accordance with Art. 49 (1) a) GDPR.

MapTiler

On our website we use the map service MapTiler of the Swiss company MapTiler AG, Höfnerstrasse 98, Unterägeri, Zug 6314 ("MapTiler").

We have integrated the map data provided by MapTiler on our site via an API. It is possible that your data (especially meta data such as your IP address) will also be transmitted to MapTiler. However, your data will only be used by MapTiler for the purpose of displaying the map function and for temporarily storing the selected settings. The servers through which the service is provided are located in the EU or Switzerland. Switzerland is a so-called third country within the meaning of the GDPR. For Switzerland, however, a so-called adequacy decision was taken by the EU with the consequence that personal data may be transferred to Switzerland in accordance with Article 45 of the GDPR.

The legal basis for this processing is Article 6 (1) f) GDPR. Our legitimate interest lies in improving the user experience and making our website more attractive.

Google Ads

This website uses the offer "Google Ads", a service of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The parent company of Google Ireland is the US-based company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can also find more information about Google Ads and the GDPR at the following link: https://ads.google.com/intl/de_de/home/faq/gdpr/

With the help of Google Ads, we can draw attention to our offer through advertising measures (especially ads) on external websites. With the data provided by Google Ads, we can determine how successful our individual advertising campaigns are. With the help of Google Ads, we can track whether website visitors who reach our website via our external advertising measures perform the actions we hoped for with the advertising campaign. For this purpose, the website visitors are tracked accordingly. The data obtained from this enables us to determine how well or how poorly our campaign is received by the website visitors, whether there are improvements or deteriorations, and can thereby optimize our advertising measures. Data that is measured when using this service is, for example, the display of ads or clicks by users. For this purpose, corresponding cookies are set. Among other things, these store a unique ID of the website visitor, with the help of which the individual visitors can be identified. With the help of this cookie, it can be determined, for example, whether the corresponding visitor has clicked on an advertisement. If you are logged into a Google service, Google can link this data to your account. It is not excluded and even probable that Google also uses the data collected via our website for its own purposes. We have no influence on the use of your data by Google for its own purposes.

Since personal data may be transferred to the USA when using Google Ads and the parent company of Google Ireland is a US company, data transfer to third countries takes place (Article 44 et seq. GDPR), or at least cannot be ruled out. The USA is an unsafe third country from a data protection perspective. For the USA, there is currently neither an EU adequacy decision nor other suitable guarantees. In the USA there is currently no level of data protection equivalent to that in the EU, which is why your personal data is less well protected and there is therefore a risk to your rights and freedoms. In particular, due to the legal situation in the USA, it cannot be ruled out that government agencies may gain access to data transmitted to the USA or processed/stored by US companies. One such legal basis for US authorities is Section 702 of the Foreign Intelligence Surveillance Act ("FISA", Foreign Intelligence Surveillance Act, a law that regulates foreign intelligence and counterintelligence of the United States).

If you give us your consent, you do so with knowledge of the risks just described. Your consent is the legal basis for the transfer of data to a third country in accordance with Article 49 (1) a) GDPR.

Applications

If you apply to us and have submitted your application data to us for this reason, we will process the data you have submitted to us in order to decide whether to enter into an employment relationship with you. The legal basis for this processing is in particular § 26 para. 1 BDSG (BSDG: Federal Data Protection Act) (decision on the establishment of an employment relationship), Article 6 para. 1 lit. a GDPR (your consent), Article 6 para. 1 lit. b GDPR. If your application contains information about special categories of personal data (e.g. health data, religious beliefs or ethnic origin), the legal basis for this processing is Section 26 (3) BDSG (BDSG: Federal Data Protection Act), Article 9 (2) b, h GDPR, as well as our legal obligations. The purpose of processing your application data is to decide whether or not we offer you a job. In this context, your data will only be passed on to the persons in the company (recipients) who decide whether we offer you a job ("need-to-know principle"), these are usually the responsible personnel managers and the management. If we are aware of other positions for which you have not explicitly applied, but you could be considered for the other position due to your qualifications, we may forward your applicant data, but only after you have given us your prior consent to do so.

We will only use your contact details to contact you as part of the application process, in particular to inform you about the progress of your application. Other application data from your application will only be used by us to decide on the establishment of an employment relationship.

If you have given us consent as part of your application, you can revoke this at any time. You can object to the processing of your personal data at any time. In particular, you have the option to withdraw your application at any time.

It may be that you submit your application via the "join.com" platform. This is an applicant platform of the company JOIN Solutions AG, Landsgemeindeplatz 6, 9043 Trogen, Switzerland (hereinafter: "Join"), which we use as a service provider. We have concluded a corresponding order processing agreement. Information on data processing via Join can be found at: https://join.com/de/datenschutz/.

For Switzerland, the EU has taken a so-called adequacy decision, this is the basis for the transfer of data to Switzerland (Article 45 (1) GDPR).

Join helps us with applicant management, which is also our legitimate interest (Article 6 para. 1 lit. f GDPR).

We use the software solution of HRworks GmbH, Waldkircher Str. 28, 79106 Freiburg (https://www.hrworks.de/unternehmen/impressum/) (hereinafter: "HRworks") for the administration of our job offers and for the applications received via these job offers. We have concluded a corresponding order processing agreement with HRworks.

Your applicant data will be deleted no later than 6 months after rejection. We only store your data for a longer period if you have given us your consent to do so. This is the case, for example, if we have to reject you for a current position, but your application is of interest for future positions yet to be filled. Longer storage is also possible, for example, if this is necessary for the defense of legal claims

Newsletter

You can subscribe to our newsletter via our website. To do this, you must enter your e-mail address in the appropriate form. For the registration to the newsletter we use the so-called double opt-in procedure. After entering your e-mail address, you will receive a confirmation e-mail. If you click the link from the confirmation mail, your e-mail address will be stored in our newsletter database. Your e-mail address will then be processed in order to send you our newsletter. The newsletter contains advertising and information about our company. This is also the purpose of this processing of your personal data (your e-mail address). The legal basis for this processing is your consent in accordance with Article 6 para. 1 lit. a GDPR. You can unsubscribe from the newsletter or revoke your consent at any time by contacting the aforementioned responsible person or by clicking on the corresponding link in our newsletter e-mail. In this case, your e-mail address will be deleted from our newsletter database.

For our e-mail marketing we use the service of Mailjet. Mailjet is a provider with headquarters in France: 13-13 bis, rue de l'Aubrac, 75012 Paris, France, and a registered office in Germany: Mailjet GmbH, Alt-Moabit 2, 10557 Berlin. In the context of e-mail marketing, we process in particular your e-mail address. The use of Mailjet enables us to track the success of our newsletter more accurately, e.g. by determining whether the contents of our newsletter are clicked on. The purpose of this is to optimize our e-mail marketing measures.