Política de privacidad
Privacy Statement
1. Overview of Data Privacy
General information
The following information provide a simple overview of what happens to your personal data when you visit this website. Personal data are any data which enable your personal identification. For detailed information on the subject of data protection, please refer to our Privacy Statement below this text.
Data collection on this website
Who is responsible for the data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section “Information on the Data Controller” in this data protection declaration.
How are your data collected?
On the one hand, your data are collected when you provide them to us. This may refer to data, for example, which you enter in a contact form.
Other data are collected automatically or after you have given your consent by our IT systems when you visit the website. These mainly refer to technical data (e.g. internet browser, operating system or time of page view). Such data are collected automatically as soon as you enter this website.
What are your data used for?
Part of the data is collected to ensure an error-free provision of the website. Other data may be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have a right to request the correction or deletion of these data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data in certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time if you have any further questions on this and on the subject of data privacy.
Analysis tools and other tools from third parties
When you visit this website, your surfing behaviour can be statistically evaluated. This is mainly done using so-called analysis programs.
Detailed information on these analysis programs can be found in the following Privacy Statement.
2. Hosting
We host the content of our website with the following provider:
DomainFactory
The provider is DomainFactory GmbH, c/o WeWork, Neuturmstraße 5, 80331 Munich (hereinafter referred to as DomainFactory). When you visit our website, DomainFactory records various log files including your IP addresses.
Details can be found in DomainFactory’s privacy policy: https://www.df.eu/de/datenschutz/.
The use of DomainFactory is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably as possible. If a consent has been requested, the processing is carried out exclusively on the grounds of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. for device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
Order processing
We have concluded an order processing agreement for the use of the above-mentioned service. This is an agreement prescribed by data protection legislation, which ensures that the data controller processes the personal data of the visitors to our website exclusively in accordance with our instructions and in compliance with the GDPR.
3. General Notes and Mandatory Information
Data privacy
The protection of your personal data is taken very seriously by the operators of these pages. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this Privacy Statement.
When you use this website, various personal data are collected. Personal data are data that enable your personal identification. This Privacy Statement explains which data are collected by us and what these data are used for. It also explains how and for what purpose this is done. We would like to point out that data transmission on the Internet (e.g. communication by e-mail) may exhibit security gaps. A complete protection of the data against access by third parties is not possible.
Information on the data controller
The data controller for this website is:
Scharfenberger GmbH & Co. KG
Philipp-Krämer-Ring 30
D-67098 Bad Dürkheim
Phone: 0049 – (0) 6322 – 60 02 -0
E-mail: info@scharfenberger.de
The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).
Storage period
Unless a more specific storage period is stated within this Privacy Statement, your personal data will remain with us until the purpose for processing the data is no longer applicable. If you assert a justified request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.
General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the grounds of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, insofar as special categories of data are processed in accordance with Art. 9 para. 1 GDPR. In the event of an express consent to the transfer of personal data to third countries, data processing is also carried out on the grounds of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information in your end device (e.g. via device fingerprinting), the data processing is also carried out on the grounds of Section 25 para. 1 TDDDG. The consent can be revoked at any time. If your data is required for the fulfilment of the contract or for the implementation of pre-contractual measures, we process your data on the grounds of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if this is necessary to fulfil a legal obligation on the grounds of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the grounds of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Information on the relevant legal bases in each individual case is provided in the following paragraphs of this Privacy Statement.
Recipients of personal data
As part of our business activities, we cooperate with various external organisations. In some cases, it is also necessary to transfer personal data to these external bodies. We only pass on personal data to external bodies if this is necessary for the fulfilment of a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in passing on data in accordance with Art. 6 para. 1 lit. f GDPR or if another legal basis permits the passing on of data. When using processors, we only pass on our customers‘ personal data on the grounds of a valid contract for order processing. In the case of joint processing, a joint processing agreement is concluded.
Withdrawal of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can withdraw your consent, which you have already given, at any time. The legality of the data processing carried out until such withdrawal remains unaffected by the withdrawal.
Right to object to the collection of data in specific cases and to direct marketing (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY STATEMENT. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).
Right of appeal to the competent supervisory authority
In the event of breaches of the GDPR, data subjects shall have a right of appeal to a supervisory authority, particularly in the Member State of their habitual residence, place of work or the place of the alleged breach. The right of appeal is without prejudice to any other administrative or judicial remedy.
Right to data transferability
You have the right to have data that we process automatically based on your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another data controller, this will only be done insofar as it is technically feasible.
Information, correction and deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of the data processing and, if applicable, a right to correction or deletion of such data. You can contact us at any time about this and any other questions you may have on the subject of personal data.
Right to restrict data processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restrict processing exists in the following cases:
- If you dispute the accuracy of your personal data held by us, we will usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data has occurred/is occurring unlawfully, you can request the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
- If you have lodged an objection pursuant to Art. 21 para. 1 GDPR, a balancing of your and our interests must be carried out. As long as it has not been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from „https://“ to „https://“ and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
4. Data collection on this website
Cookies
Our internet pages use so-called “cookies”. Cookies are small data packages and do not cause any damage to your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to analyse the user behaviour or for advertising purposes.
Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the grounds of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the grounds of this consent (Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG); the consent can be revoked at any time.
You can set your browser in such a way that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
This Privacy Statement sets out which cookies and services are used on this website.
Consent with Borlabs Cookie
Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies, and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs).
When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given, or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.
The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
5. Analysis tools and advertising
Matomo
This website uses the open-source web analysis service Matomo.
With the help of Matomo, we are able to collect and analyse data about the use of our website by visitors. This allows us to find out, among other things, when which pages were accessed and from which region. We also record various log files (e.g. IP address, referrer, browser and operating system used), and we are able to measure whether visitors to our website perform certain actions (e.g. clicks, purchases, etc.).
This analysis tool is used on the grounds of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour to optimise both its website and its advertising. If a corresponding consent has been requested, the processing is carried out exclusively on the grounds of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
IP anonymisation
We use IP anonymisation for the analysis with Matomo. Your IP address is shortened before it is analysed so that it can no longer be clearly assigned to you.
Cookieless analysis
We have configured Matomo so that Matomo does not store any cookies in your browser.
Hosting
We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.
6. eCommerce and payment providers
Processing of customer and contract data
We collect, process and use personal customer and contract data to establish, organise the content of and amend our contractual relationships. We collect, process and use personal data about the use of this website (usage data) only insofar as this is necessary to enable the user to utilise the service or to bill the user. The legal basis for this is Art. 6 para. 1 lit. b GDPR.
The customer data collected will be deleted after completion of the order or termination of the business relationship and expiry of any existing statutory retention periods. Statutory retention periods remain unaffected.
7. Own services
Handling data of applicants
We offer you the opportunity to apply to us (e.g. by e-mail, post or online application form). Below, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated strictly confidential.
Scope and purpose of data collection
If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary for the decision regarding the establishing of an employment relationship. The legal basis for this is Section 26 BDSG under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the grounds of Section 26 BDSG (German Data Protection Act) and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship.
Data retention period
If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the grounds of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted, and the physical application documents are destroyed. The stored data serves particularly as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies.
Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion.
Admission to the applicant pool
If we do not make you a job offer, you may have the opportunity to join our applicant pool. If you are accepted, all documents and details from your application will be transferred to the applicant pool so that you can be contacted in the event of suitable vacancies.
Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 para. 1 lit. a GDPR). The submission of consent is voluntary and is not related to the current application process.
The data subject may withdraw their consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, provided there are no legal grounds for retention.
The data from the applicant pool will be irrevocably deleted no later than two years after consent has been granted.