1) General information

The protection of your personal data is a very serious matter for OWIS GmbH. All information about you, such as your name, address, telephone number, e-mail address, account number, etc., as well as all information that can be traced back to you, is referred to as personal data. We want you to know when we collect which data and how we use it. We have taken technical and organizational measures to ensure that the regulations on data protection are observed both by us and by possible external service providers. Your data will be protected within the framework of the legal regulations. Automated personal data is collected on this website only to the extent technically necessary.

2) Responsible persons

2.1 Responsible

OWIS GmbH
Im Gaisgraben 7
79219 Staufen im Breisgau (Germany)
info@owis.eu
+49 7633 9504-0

Executive management:
Rüdiger Ruh

2.2 Data Protection Officer

The data protection officer can be contacted at the above postal address, for the attention of the data protection officer, or by e-mail: datenschutz@owis.eu

3) Rights of the data subjects

You have the following rights with respect to us regarding personal data concerning you:

• Right to information
• Right of access
• Right to rectification or deletion
• Right to restriction of processing
• Right to object to processing
• Right to data portability

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

For Baden-Württemberg, this is the State Commissioner for Data Protection and Freedom of Information BW, Königstrasse 10 a, 70173 Stuttgart, P.O. Box 10 29 32, 70025 Stuttgart, Tel.: 0711/615541-0, FAX: 0711/615541-15, e-mail: poststelle@lfdi.bwl.de.

If you wish to exercise your data protection rights, simply send an e-mail to datenschutz@owis.eu. Proof of identification may be requested.

4) Data processing

4.1 Website usage

In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO):

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request comes
• browser
• Operating system and its interface
• Language and version of the browser software

4.2 Cookies

The Internet pages use so-called cookies in several places. A cookie is a data element that a website sends to your browser to store on your system as an identifier that identifies your system. Cookies are often used only to measure the usage (number of visitors and duration of a visit) and effectiveness (topics in which the visitor is most interested) of a website and to facilitate navigation or use, and as such are not linked to personal data. However, they can also be used to personalize the website experience of a known visitor. Here, a user reference can then be established by associating profile information or user settings. Over time, this information provides valuable insights that help us improve the user experience on a website.

Cookies are usually divided into session cookies and persistent cookies. Session cookies allow you to navigate the website in an efficient manner, with cookies logging your path through each web page so that you are not prompted to enter information that you have already entered shortly before during the same visit to that website. Session cookies are stored in temporary memory and deleted as soon as the web browser is closed. Permanent cookies, on the other hand, store user settings for the current visit as well as for future visits to the website. They are stored on your hard drive and are still valid when you restart the browser. For example, we use persistent cookies to record your language selection and country information.

Since necessary (most basic functions of the website) and functional (analysis of website usage to improve performance) cookies enable you to use some of the functions of our website in the first place, we would like to recommend that you do not generally disable them in your browser settings. If your browser allows the exclusion of third-party cookies (so-called marketing cookies or targeting cookies to display advertising and track your path on the Internet), this does not affect the functionality of our website.

4.2.1 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google, Inc ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

<a href="javascript:gaOptout()">Google Analytics deaktivieren</a>

More information on terms of use and data protection can be found here or here. We would like to point out that on this website Google Analytics has been extended by the code "gat._anonymizeIp();" to ensure anonymized collection of IP addresses (so-called IP masking).

 

4.2.1.1 Java Skript „gaOptout“

<script>
var gaProperty = 'UA-XXXXXXX-X';
var disableStr = 'ga-disable-' + gaProperty;
if (document.cookie.indexOf(disableStr + '=true') > -1) {
  window[disableStr] = true;
}
function gaOptout() {
  document.cookie = disableStr + '=true; expires=Thu, 31 Dec 2099 23:59:59 UTC; path=/';
  window[disableStr] = true;
}
</script>
 

4.2.1.2 Anonymization scripts

 

4.2.1.2.1 Privacy-compliant tracking code for Universal Analytics

<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-XXXXXXX-X', 'website.de');
ga('set', 'anonymizeIp', true);
ga('send', 'pageview');
</script>

 

4.2.1.2.2 Privacy-compliant tracking code for Classical Analytics

<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-XXXXXXX-X']);
_gaq.push(['_gat._anonymizeIp']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

4.3 Webshop

If you would like to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need for the processing of your order. Mandatory data required for the processing of contracts are marked separately, other information is voluntary. We process the data you provide to process your order. For this purpose, we may pass on your payment data to our house bank. The legal basis for this is Art. 6 para. 1 p. 1 lit. b DS-GVO.

You can voluntarily create a customer account, through which we can store your data for future purchases. When you create a user account under "myOWIS", the data you provide will be stored revocably. To have your data changed or deleted, please contact marketing@owis.eu. We may also process the data you provide to inform you about other interesting products from our portfolio or to send you e-mails with technical information.

We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, we restrict processing after two years, i.e. your data is only used to comply with legal obligations.

To prevent unauthorized access by third parties to your personal data, especially financial data, the ordering process is encrypted using TLS technology.

4.4 Contact form

When contacting us via our website, we collect various personal data from you using the contact forms. Mandatory fields, in order to enable a meaningful processing with your minimum necessary data for us, are name, e-mail address and the actual message. All other information such as salutation, telephone or fax are voluntary and go beyond what is necessary. Nevertheless, we ask you to provide the telephone number for easier contact.

With these data provided by you, an unencrypted e-mail is generated directly - without intermediate storage - to the department responsible for your request at OWIS GmbH, which you transmit to us by sending it. If necessary, we will forward this internally to the department concerned. Please note that the e-mail is not encrypted. So please take care not to provide any confidential data or information in this way. By submitting your personal data to us, you consent to the collection, processing and use of your data in accordance with this privacy policy.

4.5 Newsletter / Catalogs / Price lists / Product information

With your consent, you can receive our newsletters, catalogs, price lists or product information. The advertised goods and services are named in the declaration of consent.

For the registration to our newsletter we use the so-called "double opt-in" procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your respective IP addresses used and times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

Mandatory information is marked with an asterisk. This information is necessary because our offer is explicitly not directed at private individuals. We would like to reserve the right not to send such information to private individuals. The provision of further, separately marked data is voluntary and will be used to address you personally.

After your confirmation, we store your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 p. 1 lit. a DS-GVO.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in each newsletter email, by e-mail to marketing@owis.eu or by sending a message to the contact details provided in the imprint.

4.6 Links to other websites

Our websites may contain links to other websites for convenience and further information. These websites may be operated independently of us. Linked websites may have their own privacy statements or policies, which you should review. If linked websites are not owned or managed by us, we are not responsible for the content of those websites, their use, or their privacy practices, even if you access those websites directly from our website.

4.7 As a business partner, e.g. customer or supplier

We process your contact, bank, master and contract data. The processing is essentially carried out in the context of the performance of contracts to which you are a party or at your request to carry out pre-contractual measures. If you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent. The purposes of the data processing depend on the respective contract documents and contract contents.

Only to the extent necessary, we process your data to protect legitimate interests of us or third parties. Our legitimate interest is given in particular for management and control measures, marketing purposes, to improve our business relationship, assertion of legal claims and defense in legal disputes.
We process your data in our systems, programs and applications, which are generally operated on our servers on site. Only in exceptional cases do we use so-called cloud services, and only if it is guaranteed that your data can be handled by the processors used in accordance with the requirements of the GDPR.

4.8 As a visitor at our locations

We process your contact data and, in exceptional cases on official order, also health data when you visit us on site. However, the processing is essentially carried out in the context of the performance of contracts to which you are a party or at your request to carry out pre-contractual measures. If you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent, Art. 6 (1) lit a DSGVO. The purposes of the data processing depend on the respective contract documents and contract contents, or the circumstances of your visit to us on site.

Only to the extent necessary, we process your data to protect legitimate interests of us or third parties. Our legitimate interests are in particular for management and control measures, marketing purposes, to improve our business relationship, assert legal claims and defense in legal disputes.
The type and purposes of data processing are generally the recording of your visit for the purposes of our visitor management (e.g. calendar entry, notice on information board).

4.9 As an applicant

In the course of your application, we will collect and process the following personal application data from you:

• Salutation
• Name, first name
• Your address
• Telephone number/mobile number
• E-mail address
• Application documents (cover letter, resume, references, certificates, etc.)

If your application contains special categories of personal data (e.g. information on marital status that may provide information about your sex life or sexual orientation; information on health; a photo that allows conclusions to be drawn about ethnic origin and/or religion and, if applicable, eyesight; similarly sensitive data within the meaning of Art. 9 DS-GVO), we will assume that you have given your consent to the processing. This consent serves exclusively to be able to consider the application in its present form in the first place. The information will not be taken into account in the application process unless - especially in the case of severely disabled persons - there is a legal obligation to do so. You can also submit an application that has been cleansed of the special categories of personal data without this having any effect on your chances in the application process.

The information you send us must be truthful, not violate any third party rights, public law regulations or morality. Please also note that you will indemnify us against any and all claims that we may incur as a result of information with inadmissible content that you have provided to us.

Your personal application data will be collected and processed exclusively for the purpose of filling vacancies within our company. As a matter of principle, your data will only be forwarded to the internal departments and specialist departments responsible for the specific application procedure, unless you give us your express consent to further use.

Please note that the data you provide may be used to compile statistics on the application process. These statistics are compiled exclusively for our own purposes and are never personalized, but rather anonymized.

The collection/processing of your data is carried out in accordance with § 26 BDSG, or with your consent in accordance with Art. 6 (1) lit a DS-GVO.

Your personal application data will generally be deleted a maximum of six months after completion of the application process. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence, or if you have expressly consented to longer storage.

If we are unable to offer you a current vacancy, but believe on the basis of your profile that your application may be of interest for future vacancies, we will store your personal application data for a maximum of 2 years, provided you expressly consent to such storage and use. With your consent, we will compare your documents with our job offers and contact you if we find a suitable offer.

In order to improve the data protection-compliant handling of your application within our company, we use digital application tools, illustrated in our applicant portal. This portal is also used if you send us your application by e-mail or post. All information submitted is then subsequently recorded in the portal's database. The services of the portal are selected, used and configured in such a way that neither profiling takes place nor automated case decisions are made or prepared.

We are entitled to discontinue these services at any time and to delete all or part of your data therein without giving any reason. We do not guarantee that these services will be available at certain times. We cannot rule out disruptions, interruptions or a possible failure of the online services. However, if data is transmitted - in whatever form - we recommend that you make backup copies. We reserve the right to change, expand, limit or completely discontinue this service at any time. Any liability on our part for deleted data or data loss is therefore excluded.

4.10 As a user of our offers in social media

We use so-called "social plugins" of various social networks in our online offer. These are described individually in this section. When using the plugins on our websites, your internet browser establishes a direct connection to the servers of the respective social network. This provides the respective provider with the information that your internet browser has accessed the corresponding page of our online offer, even if you do not have a user account with the provider or are not currently logged in to it. Log files (including the IP address) are transmitted by your Internet browser directly to a server of the respective provider and may be stored there. The provider or its server may be located outside the EU or the EEA (e.g. in the USA). The plugins represent independent extensions of the social network providers. We therefore have no influence on the scope of the data collected and stored by the providers of the social networks via the plugins.

For the purpose and scope of the collection, further processing and use of the data by the social network, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy of the respective social network.
If you do not want the providers of the social networks to receive and possibly store or further use data about this online offer, you should not use the respective plugins.

The use of these services is not necessary to contact us or to receive our information. We therefore point out that you use the service offered there and its functionalities on your own responsibility. This applies in particular to the use of interactive functions, such as sharing.

The data collected about you when using the services will be processed by the respective provider and may be transmitted to countries outside the European Union in the process. We have no influence on the type and scope of the data processed by the providers, the type of processing and use or the transfer of this data to third parties, in particular to countries outside the European Union.

Please note that the providers also receive data from you if you have not created an account with the service itself, but visit third-party websites and apps that use the providers' services or with which the providers offer services together. This includes, for example, information about the websites and apps you visit or interactions with advertisers.

Through the use of cookies and similar technologies, it is also possible to record your visits to these websites and assign them to your profile. Based on this data, content or advertising can be offered tailored to you.

For more information about interest-based ads or to opt-out of having your web browsing information used for behavioral advertising purposes, click here.

You can also set your browser to block all cookies, including the provider's cookies, or to display a message as soon as a cookie is set by the provider. Furthermore, you can restrict the service's access to contact and calendar data, photos, location data, etc. on mobile devices in the settings options there. However, this depends on the operating system used.

4.10.1 LinkedIn Marketing Solutions

On this website we use the service "LinkedIn Marketing Solutions" of LinkedIn Ireland Unlimited Company (Wilton Plaza, Wilton Place, Dublin 2, Ireland; hereinafter referred to as: "LinkedIn"). The use of LinkedIn Marketing Solutions serves marketing and optimization purposes based on your consent according to Art. 6 para. 1 p. 1 a).

Furthermore, we use Marketing Solutions for marketing and optimization purposes, to analyze the use of our websites and to continuously improve individual functions. The statistical evaluation of user behavior serves to improve our offers. This is also our legitimate interest in the processing of the above data by the third-party provider. The legal basis is Art. 6 para. 1 p. 1 lit. f) DSGVO.

The LinkedIn Insight tags are used for a targeted display of our offers for LinkedIn users who have previously visited our homepage. Furthermore, to check redirections of users to our website, provided that a LinkedIn ad has been clicked. For correct functioning, LinkedIn uses cookies, among other things.

For registered and logged in users, LinkedIn notes this visit in the user account. The data collected about the users is anonymous for us and does not allow any conclusions to be drawn about individual persons.

We have no influence on how much data is collected and further used by LinkedIn with the use of Insight Tag. To our knowledge, LinkedIn receives information about subpages of our website visited by users and about clicks on our LinkedIn ads. In addition, the processing of the user IP address and possibly other identifiers by LinkedIn cannot be excluded if the users have not logged in with their LinkedIn account or do not have a LinkedIn user account.

The privacy policy of LinkedIn can be found here.

4.10.2 Xing

Our websites contain programs (plugins) of the social network xing.com. These are operated by New Work SE, Am Strandkai 1, 20457 Hamburg (formerly Xing AG). The plugins are visible on our website by the Xing logo. When you visit our website, which contains such a plugin, your browser establishes a direct connection with the servers of Xing, which in turn transmits the content of the plugin to your browser, which then integrates it into the displayed website. As a result, the information that you have visited our website is forwarded to Xing. If you are logged in to Xing via your personal user account while visiting our website, Xing can assign the website visit to this account. By interacting with plugins, e.g. by pressing the Xing button, the corresponding information is transmitted from your browser directly to Xing and stored there. The purpose and scope of the data collection and the further processing and use of the data by Xing, as well as your rights in this regard and setting options for protecting your privacy, can be found in the Xing privacy policy.

4.10.3 X (formerly Twitter)

Our website uses a function of the short message network X (formerly Twitter). If you use the X-Share function, you will be redirected to a separate browser window and, if you are logged into your user account at X, you can share the electronic publication deposited on our website by adding a comment. This function establishes a direct connection between your browser and the X server. X thereby receives the information that you have visited our website with your IP address. In addition, it is then possible for X to assign your visit to our website to you and your user account. We would like to point out that we have no knowledge of the content of the transmitted (personal) data or of how X uses it. If you do not want X to be able to associate your visit to our website with your X user account, you must log out of X before visiting our website.

If you live in the European Union, EFTA countries or the United Kingdom, Twitter International Unlimited Company is responsible for your personal data (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland). If you live in the United States or another country outside the European Union, EFTA countries or the United Kingdom, X Corp is responsible for your personal data (1355 Market Street, Suite 900, San Francisco, CA 94103, USA). For more information, please see the privacy policy of X Corp or Twitter.

4.10.4 WhatsApp

Our portal uses buttons of the messenger service WhatsApp. The provider is WhatsApp Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (within the EU) or WhatsApp LLC (outside the EU). These buttons allow you, the user, to share a post or page using WhatsApp. When you activate the WhatsApp button by clicking on it, the browser establishes a direct connection with the servers of WhatsApp. We have no influence on the scope of the data that WhatsApp collects and/or transmits using this plugin. For more information, please refer to the privacy policy of WhatsApp.

4.11 As a participant in video calls or online conferences

When using so-called video conferencing or collaboration tools, personal data is processed. We use various applications as part of internal and external communication, which in turn serve to maintain our business operations and stay in contact with you.

Personal data is typically your contact information, such as first name, last name, email address, company affiliation, etc. It is conceivable that we may also download lists of participants during events in order to process them later. If you dial in via so-called web clients, you can also provide some of the information pseudonymously. If you dial in by phone, your phone number and the IP address of your device will be recorded.

During the meeting, you have the opportunity to post comments and questions in the chat, for example. Audio and video signals are also processed for the transmission. You have the option to turn off the camera and microphone yourself at any time. You can also blur the background depending on the application and dial-in, so that only you and not the room you are in is visible.

4.12 YouTube

We have decided to use the YouTube video platform on these Internet pages. This enables us to provide users and visitors to our website with moving image material relating to our offerings and, at the same time, to pursue our interest in drawing users' attention to our moving image offering on youtube.com.

We use the YouTube video platform on our website, which is operated by Google Ireland Limited (Google Building Gordon House, Barrow St, Dublin 4, Ireland). YouTube is a platform through which the playback of audio and video files is enabled. When you access a page of our website, the YouTube player embedded there establishes a connection to YouTube to ensure the technical transmission of the video or audio file. When establishing the connection to YouTube, data is transmitted to YouTube. We would like to point out that we do not receive any knowledge of the content of the transmitted data as well as its use by YouTube. Please inform yourself on the YouTube website about the handling of your data by YouTube as well as your rights and settings options in this regard to protect your privacy.

The service transfers personal data to the USA. The EU Commission has decided that this country offers an adequate level of data protection (EU-U.S. DPF). The service has submitted to this. Google is certified in accordance with the EU-U.S. Data Privacy Framework. The legal basis is Art. 6 para. 1 p. 1 lit. a) DSGVO (consent). You can find YouTube's privacy policy here.

5) Safety notice

We make every effort to store your personal data in such a way that it is not accessible to third parties by taking all technical and organizational measures. When communicating via an unencrypted e-mail, we cannot guarantee complete data security, so we recommend that you send confidential information by post.

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

6) Data storage / deletion

If this is not otherwise regulated in the detailed descriptions of the offers, we process and store your personal data as long as it is necessary for the fulfillment of our contractual and legal obligations.

As a rule, your personal data will be deleted or blocked when it is no longer required for the fulfillment of contractual or legal obligations, you have exercised your right of deletion, all mutual claims have been satisfied and there are no other legal retention obligations or legal justification bases for storage.