1. general information
The protection of your personal data is a serious matter for the OWIS GmbH. All personal information, like your name, address, telephone number, email address, bank account number, etc. as well as all information that relegates to you, is called personal data. We want to make sure that you know when we gather information, what kind of information we collect and how we use it. We have taken technical and organizational measures, which ensure, that the regulations will be observed by us as well as other external service providers. Your personal data will be protected within the framework of the legal regulations. Exclusively due to technical necessities personal data will be collected automatically on this website.
2. responsible party / data protection officer
2.1 responsible party
Im Gaisgraben 7
79219 Staufen im Breisgau (Germany)
2.2 data protection officer
The data protection officer can be contacted at the above mentioned address (attention: data protection officer) or per e-mail at firstname.lastname@example.org
3. rights of the affected party
You have the following rights in regard to our use of your personal data:
- right to be informed
- right to receive information
- right to correction and deletion
- right to restrict information processing
- right to reject information processing
- right to data transmission
You also have the right to complain about the processing of your personal data at the data protection agency. For the state of Baden-Württemberg it is the Landesbeauftragter für Datenschutz und Informationsfreiheit BW, Königstrasse 10 a, 70173 Stuttgart, Postfach 10 29 32, 70025 Stuttgart, Phone: +49(0)711/615541-0, FAX: +49(0)711/615541-15, E-Mail: email@example.com
If you would like to make use of your rights as the affected party, an email to firstname.lastname@example.org is sufficient. A proof of identification may be requested in regard to that matter.
4. data processing
4.1 use of the website
If you exclusively use our website for informational purposes, which means, you don’t register or transfer information to us in another way, we only process the personal data, which your browser transfers to our server. If you would like to access our website, we acquire the following data, which are required for technical purposes in order to present our website to you and to ensure stability and safety. (The legal basis is: Art. 6 Sec. 1 P. 1 lit. f GDPR):
- date and time of request
- time zone difference to Greenwich Mean Time (GMT)
- content of the request (specific site)
- access status/HTTP-status code
- respectively transferred amount of data
- website from which the request derives
- operation system and its interface
- language and version of the browser Software
The websites use so-called cookies at several locations. A cookie is a data element, which a website sends to your browser. Thus, it gets saved on your system as a code, which your system identifies. Cookies are frequently used to measure the use (number of visitors and length of use) and effectiveness (themes in which the visitor is most interested) of a website und to simplify the navigation or use. Thus, they are not connected to personal data. But they can also be used to personalize the website-experience of a known visitor. In this case a referral to the user is made by assigning profile information and user settings to him. Over time this information delivers valuable insights which help us to improve the user experience on a website.
Cookies are generally divided in session cookies and permanent cookies. With session cookies you can navigate efficiently throughout the website. They track your pathway through individual websites, so that you’re not required to put-in information that you have entered shortly before during the same visit of the respective website. Session cookies are placed in temporary storage and are deleted as soon as the web-browser gets closed. However, permanent cookies save user settings for the current visit as well as future visits of the website. They are saved on your hard drive and continue to be valid if you to start up your browser again. For example we use permanent cookies to record your language selection and your country specification.
Since required (foundational functions of the website) and functional (analysis of the website used to improve the performance) cookies facilitate the use of some functions on our website, we would like to recommend you not to generally deactivate them in your browser settings. If your browser allows the restriction of cookies from third parties (so-called marketing cookies or targeting cookies to present ads and track your web use), the functionality of our website is not affected.
- name of the cookie: fe_typo3_user
- description: contains Typo3-specific data about the current user session
- processing company: OWIS
- data processing purposes: provision of the website
- technologies used: cookies
- data collected: No personal data is collected by the cookie. The cookie is used only to identify the user with the server-side session.
- processing location: Germany
- storage period: lifetime of the cookie is bound to the browser session
- data recipient: OWIS
- transfer to third countries: no
4.3 integration of Google Maps
On this website we use features of Google Maps. Thus, we are able to present you with interactive maps within this website and can offer you a comfortable use of the map feature.
When visiting our website Google receives information that you have accessed the respective sub-page. Additionally, data mentioned under paragraph 4.1 of this declaration gets transmitted. This happens regardless of Google offering a user account that you‘re logged into or no user account at all. If you‘re logged into your Google account your data gets directly referred to your account. If you prefer no referral to your Google profile, you have to log out before activating the button. Google saves your data as application profiles and uses them for purposes of advertising, market research and/or a user-friendly design of its website. Such an analysis takes place specifically to provide customized advertising and in order to inform other users of the social network about your activities on our website. You have the right to reject the creation of such user profiles, but you have to contact Google in order make use of it.
In the data protection declaration of the provider you can find further information in regard to purpose and extent of data acquisition and its dissemination by the plug-in provider. There you can also find further information in regard to your rights to this effect and your setting options for the protection of your privacy: policies.google.com/privacy. Google reviews your personal data also in the US and complies with the EU-US Privacy Shield. www.privacyshield.gov/EU-US-Framework.
4.4 use of Google reCAPCHA
In order to protect your orders made through internet forms OWIS uses the service of reCAPTCHA of the company Google Inc. (Google). The review has the purpose to distinguish between an entry made by a human or improperly by automatic, mechanical processing. The review includes the forwarding of the IP-address to Google and possibly additional data needed by Google for the reCAPTCHA service. For this purpose your input gets transferred to Google where it is processed. By using reCAPTCHA you agree that the identification executed by you is incorporated in the digitization of older works. In case of activating the IP-anonymization on this website your IP-address is shortened by Google within the member states of the European Union or the other contractual states of the agreement about the European economical region. Only in exceptional cases the IP-address is sent to a server of Google in the USA and shortened there. By request of the operator of this website Google will be using this information in order to analyze your use of this service.
The IP-address transferred from your browser within the framework of reCAPCHA is not combined with other data from Google. For this data the differing data protection regulations of the company Google are valid. Further information in regard to the data protection regulations of Google you can find at: policies.google.com/privacy.
4.5 online shop
If you would like to place an order in our online shop it is required to indicate your personal data for the completion of the contract. We need the data for the processing of your order. Mandatory specifications necessary for the processing of your contract are marked specifically, additional details are voluntary. We use the data provided by you to process your order. For this purpose we may provide your payment information to our main bank. For that, the legal basis is Art. 6 Sec. 1 P. 1 lit. b GDPR.
You may set up a customer account voluntarily, which we can use to save your data for future purchases. When setting up an account under "my account" your data will be saved revocably. All further data, your user account included, you may delete in the client area at all times. We may also process the data provided by you in order to inform you about further products of interest from our portfolio or to send you emails with technical information. We are required to save your address, payment and order data for a period of ten years due to legal trade and tax regulations. However after two years we restrict the processing, which means that your data is only used for compliance with legal regulations.
In order to avoid unauthorized access to your personal data, especially financial data, the order process is encoded by TLS-technology.
4.6 contact form
When contacting us through our website we process a variety of personal data from you by using the contact form. In order to facilitate a meaningful interaction with you using a minimum of necessary data, the mandatory specifications are listed as follows: title, first name, family name, email address and your actual message. Additional specifications are voluntary and exceed the necessary data. We still ask you to indicate your phone number in order to facilitate contacting you.
With the data provided by you an uncoded email is - without interim storage – directly set-up to email@example.com, which you transfer to us by hitting the send-button. In-house we forward it to the respective representative if necessary. Please note, that the email is not encoded. Thus, please do not forward confidential data or information this way. By sending your personal data to us you accept the acquisition, processing and use of your data according to the data protection regulation at hand.
4.7 newsletters / catalogs / price lists / product information
With your agreement you can receive our newsletters, price lists or product information. The advertised products and services are mentioned in the agreement declaration.
For the newsletter enrollment we use the so-called "double-opt-in" system. That means that after your enrollment we send an email to the email address provided by you. In that email we ask you to confirm that you wish to receive the newsletter. If you do not confirm your enrollment within 24 hours your information will be locked and after a month it will be automatically deleted. Furthermore, we both save your used IP-addresses and the time of enrollment and confirmation. The purpose of this process is to prove your enrollment and to possibly clarify a potential abuse of your personal data.
Mandatory information is marked with a star. These specifications are necessary, since our offer is not explicitly directed to private citizens. We would like to reserve ourselves not to send such information to private citizens. The provision of further, separately marked data is voluntary and used to address you personally. After your confirmation we save your email address for the purpose of sending out the newsletter. Legal basis is Art. 6 Sec. 1 P. 1 lit. a GDPR.
You can revoke your agreement to receive the newsletter at any time and unsubscribe it. You may declare the revocation by clicking on the link provided in each newsletter email, through this form of the website, per email to firstname.lastname@example.org or by sending a message to the contact information provided within the website credits.
4.8 links to other websites
Our websites can contain links to other websites for further information or practical reasons. These websites can be run independently from us. Linked websites can have their own data protection declarations or regulations which you should definitely check out. Should linked websites not be owned or run by us we are not responsible for content, use or data protection measures of these websites, even if you can directly reach these websites from our website.
4.9 As a business partner, e.g. customer or supplier
We process your contact, bank, master and contract data. The processing is essentially carried out in the context of the performance of contracts to which you are a party or at your request to carry out pre-contractual measures.
If you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent.
The purposes of data processing depend on the respective contract documents and contract contents.
Only to the extent necessary, we process your data to protect legitimate interests of us or third parties. Our legitimate interest is given in particular for management and control measures, marketing purposes, to improve our business relationship, assertion of legal claims and defense in legal disputes.
We process your data in our systems, programs and applications, which are generally operated on our servers on site. Only in exceptional cases do we use so-called cloud services, and only if it is guaranteed that your data can be handled by the processors used in accordance with the requirements of the GDPR.
4.10 As a visitor at our sites
We process your contact data and, in exceptional cases on official order, also health data when you visit us on site. However, the processing is essentially carried out in the context of the performance of contracts to which you are a party or at your request to carry out pre-contractual measures.
If you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent, Art. 6 (1) lit a DSGVO.
The purposes of the data processing depend on the respective contract documents and contract contents, or the circumstances of your visit to us on site.
Only to the extent necessary, we process your data to protect legitimate interests of us or third parties. Our legitimate interests include, in particular, management and control measures, marketing purposes, improvement of our business relationship, assertion of legal claims and defense in legal disputes.
The nature and purposes of data processing are usually the recording of your visit in our visitor books and calendars.
4.11 As an applicant
In the course of your application, we will collect and process the following personal application data from you:
- name, first name
- telephone number / mobile number
- application documents (cover letter, resume, references, certificates, etc.)
If your application contains special categories of personal data (e.g. information on marital status that may provide information about your sex life or sexual orientation; information on health; a photo that allows conclusions to be drawn about ethnic origin and/or religion and possibly eyesight; similarly sensitive data within the meaning of Article 9 of the GDPR), we will assume that you have given your consent to the processing. This consent serves exclusively to be able to consider the application in its present form in the first place. The information will not be taken into account in the application process unless - especially in the case of severely disabled persons - there is a legal obligation to do so.
You may also submit an application that has been cleansed of the special categories of personal data without this having any effect on your chances in the application process.
The information you submit to us must be truthful, not violate any third-party rights, public law regulations or morality. Please also note that you will indemnify us against any claims that we may incur as a result of information with inadmissible content that you have provided to us.
Your personal application data will be collected and processed exclusively for the purpose of filling vacancies within our company. As a matter of principle, your data will only be forwarded to the internal and specialist departments responsible for the specific application procedure, unless you give us your express consent to further use.
Please note that the data you provide may be used to compile statistics on the application process. These statistics are compiled exclusively for our own purposes and are not personalized in any case, but are anonymized.
The collection/processing of your data is carried out in accordance with § 26 BDSG, or with your consent in accordance with Art. 6 (1) lit a DS-GVO (GDPR).
Your personal application data will generally be deleted a maximum of six months after completion of the application process. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence, or if you have expressly consented to longer storage.
If we are unable to offer you a current vacancy, but believe on the basis of your profile that your application may be of interest for future vacancies, we will store your personal application data for a maximum of 1 year, provided you expressly consent to such storage and use. With your consent, we will compare your documents with our job offers and contact you if a suitable offer is made.
In order to improve the data protection-compliant handling of your application within our company, we use digital application tools, illustrated in our applicant portal. This portal is also used if you send us your application by e-mail or by post. All information submitted is then subsequently entered into the portal's database. The services of the portal are selected, used and configured in such a way that neither profiling takes place nor automated case decisions are made or prepared.
We are entitled to discontinue these services at any time and to delete your data from them in whole or in part without giving any reason. We do not guarantee that these services will be available at certain times. We cannot exclude disturbances, interruptions or a possible failure of the online services. However, if data is transmitted - in whatever form - we recommend that you make backup copies. We reserve the right to change, expand, limit or completely discontinue this service at any time. Any liability on our part for deleted data or data loss is therefore excluded.
4.12 As a user of our offers in social media
We use so-called social plugins of various social networks in our online offer; these are described individually in this section.
When using the plugins on our websites, your internet browser establishes a direct connection to the servers of the respective social network. This provides the respective provider with the information that your internet browser has accessed the corresponding page of our online offer, even if you do not have a user account with the provider or are not currently logged in to it. Log files (including the IP address) are transmitted by your internet browser directly to a server of the respective provider and may be stored there. The provider or its server may be located outside the EU or EEA (e.g. in the USA).
The plugins represent independent extensions of the social network providers. We therefore have no influence on the scope of the data collected and stored by the providers of the social networks via the plugins.
If you do not want the providers of the social networks to receive and possibly store or further use data about this online offer, you should not use the respective plugins.
The use of these services is not necessary to contact us or to receive our information. We therefore point out that you use the service offered there and its functionalities on your own responsibility. This applies in particular to the use of interactive functions, such as sharing.
The data collected about you when using the services will be processed by the respective provider and may be transferred to countries outside the European Union. We have no influence on the type and scope of the data processed by the providers, the type of processing and use or the transfer of this data to third parties, in particular to countries outside the European Union.
Please note that the providers also receive data from you if you have not created an account with the service itself, but visit third-party websites and apps that use the providers' services or with which the providers offer services together. This includes, for example, information about the websites and apps you visit or interactions with advertisers.
For more information about interest-based ads or to opt-out of having your web browsing information used for behavioral advertising purposes, the following link can be used: www.aboutads.info/choices
You can also set your browser to block all cookies, including the provider's cookies, or to display a message as soon as a cookie is set by the provider. Furthermore, on mobile devices you can restrict the service's access to contact and calendar data, photos, location data, etc. in the settings options there. However, this depends on the operating system used.
Our websites contain programs (plugins) of the social network LinkedIn.com. LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA ("LinkedIn"). An overview of LinkedIn's plugins and their appearance can be found here: developer.linkedin.com/plugins; information on data protection at LinkedIn can be found here.
4.13 As a participant in video calls or online conferences
When using so-called video conferencing or collaboration tools, personal data is processed. We use different applications as part of internal and external communication, which in turn serves to maintain our business operations and to stay in contact with you. Personal data is usually your contact details, such as first name, last name, email address, company affiliation, etc. It is conceivable that we may also download lists of participants during events in order to process them later.
If you log in via so-called web clients, you can also provide some of the information pseudonymously. If you dial in by telephone, your phone number and the IP address of your device will be recorded. During the meeting, you have the opportunity to post comments and questions in the chat, for example. Audio and video signals are also processed for the transmission. You have the option to turn off the camera and microphone yourself at any time. You can also blur the background depending on the application and dial-in, so that only you and not the room you are in is visible.
5. note on safety
By referencing all technical and organizational measures we make an effort to saving your personal data in a way that third parties cannot access them. When communicating through uncoded email a total data security cannot be guaranteed by us. Thus, concerning confidential information we recommend the delivery by mail. For safety reasons and in order to protect the transmission of confidential contents such as orders or requests, which you send to us, the website operators, this site uses SSL- or TLS-encoding. An encoded connection you can recognize by the change of your browser address line from "http://" to "https://" and the lock symbol in your browser line. When the SSL- or TLS-encoding is activated, the data that you send to us cannot be read by a third party.
6. data storage / deletion
If it is not mentioned within the detailed descriptions of the offers otherwise, we process and save your personal data as long as it is required for the execution of our contractual and legal duties. Your personal data gets deleted and locked regularly, if it is no longer needed for the execution of contractual or legal duties, if you have used your right of deletion and if all mutual claims are fulfilled and no other legal storage obligations or other legal justification for the storage exists.
This online data protection declaration may be updated from time to time without informing you beforehand how our handling of personal data will change. We will publish the updated version on our websites and above the declaration it will be indicated when it was last updated.