Definition of terms (according to GDPR)
To ensure the requirement for an easily understandable and legible form of the data protection declaration, we refer to the generally applicable term standards of the GDPR, which we reproduce below in accordance with the wording of the GDPR:
Personal data refers to all information relating to an identified or identifiable natural person (also “data subject”); a natural person is regarded as identifiable, if he/she can be directly or indirectly identified, especially by means of association with an identifier such as a name, with an identification number, with location data, with an online ID or with one or several special features reflecting the physical, physiological, genetic, psychic, economic, cultural or social identity of that natural person.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing means marking stored personal data to restrict its future processing.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that this additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not an identified or an identifiable natural person.
The data collector is a natural or legal person, public authority, agency or other body, which either alone or with others, determines purposes and means of processing of personal data; where purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by EU or Member State law
The processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The recipient is a person, public authority, agency or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under EU law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing.
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
The data subject's agreement will be voluntary each time for the particular case, in an informed and unequivocal manner, in the form of a statement or other clear affirmative act indicating the data subject's consent to the processing of personal data concerning him/her.
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
General information and mandatory information
The party responsible for processing data on this website is:
Fliesen Glahe GmbH & Co. KG
Phone: +49 0 59 21 / 40 55
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to object to data collection in special cases and direct mail (Article 21 GDPR)
If your personal data is processed to operate direct mail, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail. If you object, your personal data will then no longer be used for the purpose of direct advertising.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases: If you deny the accuracy of your personal information stored with us, we usually need time to verify this. For the duration of the audit you have the right to request the restriction of the processing of your personal data. If the processing of your personal data is unlawful, you may request the restriction of data processing instead of deletion. If we no longer need your personal information, but you need it to exercise, defend or enforce legal claims, you have the right to demand that your personal information will be restricted instead of being deleted.
If you have filed an objection pursuant to Art. 21 (1) GDPR, a balance must be made between your interests and ours. As long as it is not clear whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data may be – except for their storage – only with your consent or for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest.
Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
Cortina Consult GmbH
Phone: +49 (0)251 - 29 79 47 42
Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
· Browser type and browser version
· Operating system used
· Referrer URL
· Host name of the accessing computer
· Time of the server request
· IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
To ensure quick and uncomplicated contact, we provide you with an appropriate form; alternatively, you can also contact us via the e-mail addresses provided on our website. Personal data is only collected if you voluntarily provide it to us within the framework of your e-mail or form contact. We use the data you provide without your express permission solely to fulfil and process your contact inquiry. This is not passed on to third parties or only takes place on the basis of your inquiry.
Data protection in job applications and in the application procedure
On our website, we offer you the convenient opportunity to apply to us for correspondingly advertised positions using the provided e-mail address. We use the personal data collected about you exclusively for the purpose of processing the application procedure. If, at the end of the application process, we take you on as an employee, the purpose for processing the data concerned will change: in this case, it will in future be used to carry out and maintain the employment relationship. The personal data of applicants that we do not employ will be kept for possible legal claims (e.g. according to the General Equal Treatment Act (Allgemeinen Gleichbehandlungsgesetz – AGG)) for the necessary period (maximum 6 months) and subsequently destroyed or deleted immediately.
Information on data security
We secure our website and other systems via technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. However, despite regular checks, complete protection against all risks is not possible.
Legal basis for processing
We process personal data according to the specifications of the GDPR, depending on the type and purpose of processing, as follows:
Where allowed by law
Specification of the GDPR
Art. 6 para. 1(a)
In performance of a contract
Art. 6 para. 1(b)
Implementation of pre-contractual measures
Art. 6 para. 1(b)
Fulfilment of legal obligations
Art. 6 para. 1(c)
Protection of vital interests
Art. 6 para. 1(d)
Safeguarding our legitimate interest
Art. 6 para. 1(f)
Our legitimate interest
Our legitimate interest, as defined in Article 6 para. 1(f) GDPR, is based on the performance of our business activities to maintain our operability and to safeguard the employment of our employees.
The duration of the storage of personal data depends on the respective legal retention period after the purpose ceases to apply. After expiry of this period, we will delete the corresponding data if it is no longer necessary for the fulfilment or initiation of the contract.
Obligation to provide personal data
Under certain conditions (e.g. due to legal or contractual regulations) you are obliged to provide us with your personal data. Examples of such processing are as follows:
Nature and purpose of the processing
Conclusion of a sales contract (e.g. your address)
Fulfilment of the contractual obligation (e.g. delivery of the goods to your address)
In the context of employees (e.g. transmission of data to the tax office)
Compliance with legal requirements (e.g. tax regulations)
A violation (i.e. the failure to provide the required data) would mean that the respective data processing and consequently the corresponding contract could not be concluded with you. Upon request, we will inform you in individual cases before collecting your data as to whether the provision is required by law or contract, or necessary for concluding the contract, and what consequences this may have for you.
Existence of automated decision-making
We do not make use of automatic decision making and do not use any techniques to carry out profiling measures.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic data collection by Google Analytics
This website uses Google Analytics’ demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section “Refusal of data collection”.
Plugins and tools
Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
You can set the ad impressions here: adssettings.google.com/authenticated
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
To secure this site and optimize load times, CloudFlare is used as the Content Delivery Network (CDN) of CloudFlare Inc, Inc 665 3rd St. 200, San Francisco, CA 94107, USA. Therefore, all requests are forcibly routed through their servers and consolidated into non-deactivatable statistics. The collected raw data will be deleted within 4 hours, at the latest after 3 days. The legal basis for data processing is Article 6 (1) (f) GDPR. Our interest lies in the maintenance, protection and improvement of the operation of our online offer. For more information, see this link: https://www.cloudflare.com/gdpr/introduction/ .