Name and address of the controller responsible for processing data
The controller as defined by the General Data Protection Regulation, other data protection laws of member states of the European Union as well as other provisions relevant to data protection is:
Tel.: +49 7071 97060
Link to the legal notice
Name and address of the Data Protection Officer
You can reach the controller’s Data Protection Officer at:
Digital DSB GmbH
Any data subject can approach our Data Protection Officer directly at any time with any questions or suggestions on the subject of data protection.
Zeutschel GmbH, hereinafter Zeutschel, is delighted by your interest in the company. Data protection enjoys a particularly high status with the management of Zeutschel GmbH. As a general rule, the web pages of Zeutschel GmbH can be used without divulging any personal data. If a data subject would like to make use of special services offered by our company through our Internet site, it might be necessary to process their personal data. If it is necessary to process personal data and there is no legal basis for such processing, we generally obtain the data subject’s consent.
A data subject’s personal data, e.g. name, address, email address or telephone number are always processed in conformity with the General Data Protection Regulation and in compliance with the specific national data protection provisions applicable to Zeutschel. Our company would like to use this privacy notice to inform the public of the way in which we collect, process and use personal data, the extent to which we do so, and our underlying purpose. This privacy notice also informs data subjects of their rights.
As the controller responsible for the processing, Zeutschel has taken numerous technical and organizational steps to ensure that the personal data processed through this website are as comprehensively protected as possible. Nevertheless, data transmission via the Internet can be subject to security loopholes by the very nature of things, with the result that no absolute protection can be guaranteed. For this reason, any data subject is free to also send us personal data by alternative means, e.g. by telephone.
Definition of terms
a) Personal data
All information relating to identified or identifiable natural persons (hereinafter “data subject”) constitutes personal data. A natural person is seen as identifiable if they can be directly or indirectly identified, especially by linking them with an ID such as a name, an ID number, location data, an online ID or with one or more special characteristics which are the expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data are processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not linked to an identified or identifiable natural person.
g) Controller or controller responsible for processing data
The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Commissioned processors
A commissioned processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The receiver is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data as part of a particular inquiry in accordance with Union or Member State law are not regarded as receivers.
j) Third party
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, commissioned processor and persons who, under the direct authority of the controller or processor, are authorized to process the personal data.
Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signal agreement to the processing of personal data relating to them.
Use of personal data and earmarking
Your personal data will only be processed for purposes of customer administration and for your inquiries (Art. 6 of the General Data Protection Regulation) to the extent required in each case.
Our employees and service companies commissioned are obliged to maintain confidentiality and to adhere to the provisions of the General Data Protection Regulation and the Federal Data Protection Act.
Furthermore, all the technical and organizational measures required to maintain data protection are guaranteed.
By using cookies, Zeutschel GmbH is able to provide users of this website with more user-friendly services which would not be possible without installing the cookie.
The data subject can at any time prevent our website from placing cookies by means of a corresponding setting in their Internet browser, thereby permanently rejecting the installation of cookies. Any cookies already installed can also be deleted at any time via the Internet browser or other software programs. This operation can be performed in all conventional Internet browsers. If the data subject deactivates the placement of cookies in the Internet browser used, this may mean that not all functions of our website can be used to their full extent.
Registration of general data and information
As part of processing on our behalf, a third-party provider will provide the services for hosting and displaying the website for us. All data collected in the course of using this website, as described below, are processed on its servers. Data are only processed on other servers within the bounds explained here.
This service provider is located within a country of the European Union.
The hosting services used by us serve to provide the following services:
- Infrastructure and platform services
- Computing power
- Storage space and database services
- Security services as well as technical maintenance services
which we use for the purpose of operating this website.
In the process, we or our hosting provider only process data on the basis of our legitimate interest in the efficient, secure provision of this online offer in accordance with Art. 6 (1) f GDPR in conjunction with Art. 28 GDPR (conclusion of a commissioned processing contract).
Third-party content and services
The offering on our website may also include content, services and benefits from other providers that complement our own offering.
Calling up such services from a third-party site requires the regular transmission of your IP address. Such providers are thus able to see your user IP address and to store it. We favor the use of third-party providers who only use the IP addresses to deliver their content. However, we have no control over which third-party providers may save the IP address. Such storage may serve statistical purposes, for example. If we obtain knowledge that third-party providers are performing such storage, we will immediately draw our users’ attention to this fact.
Our website uses SSL encryption whenever the transmission of confidential or personal content belonging to our users is involved. For example, this encryption is activated when processing payment transactions as well as for inquiries which you send us via our website.
Please make sure that SSL encryption is activated at your end for any corresponding activities. It is easy to see when encryption is being used. Your browser address bar changes from “http://” to “https://”. SSL encrypted data cannot be read by third parties. Only transmit confidential information if SSL encryption is activated, and contact us if you have any doubts.
Every time Zeutschel GmbH’s website is called up by a data subject or automated system, it registers a series of data and information. These general data and information are stored in the server’s log files. The following information may be registered:
(1) browser type and version used,
(2) the operating system used by the accessing system,
(3) the website from which an accessing system reaches our website (the so-called referrer),
(4) the sub-pages called up on our website by an accessing system,
(5) the date and time when the website is accessed,
(6) an Internet Protocol address (IP address),
(7) the Internet Service Provider of the accessing system, and
(8) any similar data and information that serve to defend any attacks on our information technology systems.
In using these general data and information, Zeutschel GmbH does not draw any conclusions about the data subject. Rather we need this information in order to
(1) correctly transmit content on our website,
(2) optimize the content on our website and any advertising for it,
(3) guarantee the permanent functionality of our IT systems and guarantee the technology behind our website, and
(4) provide law enforcement authorities the information they need for prosecution in the event of a cyber attack.
Zeutschel evaluates these anonymously collected data and information on the one hand for statistical purposes and on the other with the aim of enhancing the data protection and data security in our company in order ultimately to ensure an optimum level of protection for the personal data we process. The anonymous data in the server log files are stored separately from all personal data supplied by a data subject.
Working with “commissioned processors” and “third parties”
If we disclose or transmit data to other individuals and companies (“commissioned processors” or “third parties”) in the course of our processing, or otherwise grant them access to the data, this will only be done on the basis of
- legal authorization (e.g. necessity of sending data to payment service providers in accordance with Art. 6 (1) b GDPR to fulfill a contract)
- your consent
- a legal obligation or
- our legitimate interests (e.g. when using agents, web hosts, IT maintenance orders, etc.)
Insofar as we commission “third parties” to process data on the basis of a so-called “commissioned processing contract”, this is done on the basis of Art. 28 GDPR.
Transfers to third countries
Insofar as we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA) or this occurs in the course of using the services of “third parties” or disclosing or transmitting data to “third parties”, this is only done if it is necessary
- to meet our (pre)-contractual obligations
- on the basis of your consent
- due to a legal obligation or
- on the basis of our legitimate interests.
Subject to legal or contractual authorization, we only process data or have them processed in a third country if the special conditions specified in Art. 44 ff. GDPR apply. This means, for example, that the processing is carried out on the basis of special guarantees such as official recognition that the data protection level matches that of the EU or to meet special, officially recognized, contractual obligations (so-called “standard contractual clauses”).
Registration on our website
Data subjects have the option to register on the controller’s website by giving personal data. The personal data to be transmitted to the controller in the process are given by the relevant input screen used for the registration. The personal data entered by the data subject are collected and stored by the controller solely for internal use and for its own purposes. The controller can have data passed on to one or more commissioned processors, e.g. a parcel service provider, who will also only use the personal data for internal purposes attributable to the controller.
When registering on the controller’s website, the IP address assigned by the data subject’s Internet Service Provider (ISP) as well as the date and time of registration will be stored. These data are stored as this is the only way to prevent the misuse of our services and, where necessary, the data enable criminal offenses to be investigated. To this extent, these data have to be stored for the protection of the controller. As a general rule, such data will not be transferred to third parties provided there is no legal obligation to transfer them or their transfer serves the purpose of criminal prosecution.
Registration of the data subject with the voluntary disclosure of personal data enables the controller to offer the data subject content or services which by the nature of things can only be offered to registered users. Registered individuals have the option at any time to change the personal data provided on registration or to have them deleted completely from the controller’s data pool.
The controller will at any time inform each data subject of the personal data stored about them, on request. Furthermore, the controller will correct or delete personal data at the request or notification of the data subject unless this would conflict with statutory duties of retention. The controller’s entire staff are available to the data subject as a point of contact in this context.
Contact option via the website
Due to statutory requirements, Zeutschel GmbH’s website contains details enabling the user to make fast electronic contact with our company as well as facilitating direct communication; such details also include a general address for electronic post (email address). If a data subject makes contact with the controller by email or via the contact form, the personal data communicated by the data subject are automatically stored. Any such personal data sent voluntarily by a data subject to the controller are stored for the purpose of processing or making contact with the data subject. In certain circumstances, the data may be transferred to Zeutschel’s authorized dealers or to subcontractors commissioned by Zeutschel to respond to inquiries (e.g. rapidmail for the mailing of newsletters or service providers in the case of service inquiries). The data will not be passed on to any other third parties.
Zeutschel uses the tool “TeamViewer” to carry out remote maintenance, telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “online meetings”). “TeamViewer” is a tool of TeamViewer Germany GmbH.
Please take note of their data privacy notice at:
Should you have concerns regarding the protection of your data, please send us an email or call us. We will also be happy to use any alternative you propose.
Zeutschel uses the tool “GoTo Meeting” to carry out telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “online meetings”).
“GoToMeeting” is a service of GoTo Technologies Ireland Unlimited
Please take note of the data privacy notice of GoTo Technologies Ireland Unlimited Company: https://www.goto.com/de/company/legal/privacy/international#recipients
Should you have concerns regarding the protection of your data, please send us an email or call us. We will also be happy to use any alternative you propose.
If users subscribe to our company’s newsletter, the data in the relevant input screen are sent to the controller. Registration for our newsletter is made in a so-called double opt-in procedure. This means that after registration, you will receive an email in which you are asked to confirm your registration. This confirmation is required to ensure that no-one can register with an email address that does not belong to them. When registering for the newsletter, the user’s IP address is stored as well as the date and time of registration. This serves to prevent any abuse of the services or the data subject’s email address. The data will not be passed on to third parties. An exception applies if there is a legal obligation to transfer them. The data will be used exclusively for the dispatch of the newsletter. The subscription to the newsletter can by canceled at any time by the data subject. Equally, consent to the storage of personal data can be revoked at any time. You will find a corresponding link in every newsletter for this purpose. The legal basis for processing the data after the user registers for the newsletter is given by Art. 6 (1) a GDPR as long as the user’s consent has been obtained. The legal basis for sending the newsletter as a result of the sale of goods or services is set out in Sec. 7 (3) of the Unfair Competition Act (UWG).
Use of rapidmail
Description and purpose: We use rapidmail for the dispatch of newsletters. The provider is rapidmail GmbH, Wentzingerstraße, 21, 79106 Freiburg, Germany. Among other things, rapidmail is used to organize and analyze the dispatch of newsletters. The data entered by you for the purpose of receiving the newsletter are stored on rapidmail’s servers in Germany. If you do not wish any analysis by rapidmail, you must cancel the newsletter. You will find a corresponding link in every newsletter mail for this purpose. You can also cancel the newsletter directly on the website. For analysis purposes, the emails send by rapidmail contain a so-called tracking pixel which makes contact with rapidmail’s servers when the email is opened. This enables rapidmail to establish whether a newsletter mail has been opened. Furthermore, with the aid of rapidmail, we can determine whether links in the newsletter message have been clicked on and if so, which ones. All the links in the email are so-called tracking links with which your clicks can be counted. Depending on the font in which the particular newsletter is designed, a connection is established with external servers such as Google Fonts.
Legal basis: The legal basis for processing the data is set out in Art. 6 (1) a GDPR.
Receiver: The receiver of the data is rapidmail GmbH.
Transfer to third countries: Data are not transferred to third countries.
Duration: The data stored by us on you as part of your consent to the purpose of the newsletter will be stored by us until you are removed from the newsletter’s circulation and deleted both from our servers and from rapidmail’s servers after the newsletter has been canceled. Data stored by us for other purposes (e.g. email addresses for the members’ area) will not be affected.
Right of revocation: You have the option at any time to revoke your consent to the processing of your data with effect for the future. Such revocation will not affect the lawfulness of the data processing already carried out.
Further data protection information: You can find further details in rapidmail’s data security notice at https://www.rapidmail.de/datensicherheit. Your can find further details of the analysis functions of rapidmail in the following link: https://www.rapidmail.de/wissen-und-hilfe
Routine deletion and blocking of personal data
The controller will only process and store the data subject’s personal data for the time required to achieve the purpose of the storage or insofar as prescribed by European or other legislators in laws or regulations to which the controller is subject.
If the purpose for which the data have been stored, no longer applies or if a statutory storage term prescribed by European or other competent legislators expires, the personal data are routinely blocked or deleted in accordance with statutory regulations.
Rights of data subjects
a) Right of confirmation
Every data subject has the right granted by European legislators to request confirmation from the controllers as to whether personal data relating to them are being processed. If a data subject would like to make use of this right of confirmation, they can contact our data protection team or the controller at any time.
b) Right of access
Every data subject affect the processing of personal data has the right granted by European legislators at any time to obtain free information from the controller on the personal data stored about them and to receive a copy of such information. European legislators have also granted data subjects the right to the following information:
- the purposes of the processing
- the categories of personal data processed
- the receivers or categories of receivers to whom the personal data were disclosed or are still being disclosed, particularly in the case of receivers in third countries or international organizations
- if possible, the planned length of time for which the personal data will be stored, or if this is not possible, the criteria for defining this duration
- the existence of any right to rectification or erasure of the personal data relating to them, or any right to restrict processing by the controller or any right of objection to such processing
- the existence of any right of complaint to a supervisory authority
- if the personal data have not been collected from the data subject: all available information on the origin of the data
- the existence of an automated decision-making process including profiling in accordance with Article 22 (1) and (4) GDPR and — at least in these cases — meaningful information on the logic involved as well as the implications and targeted effects of any such processing for the data subject
Furthermore, the data subject has the right to request information on whether their personal data have been transferred to a third country or to an international organization. In this case, the data subject also has the right to receive information on the appropriate safeguards with respect to the transfer.
If a data subject would like to make use of this right of confirmation, they can contact one of the controller’s employees at any time.
c) Right to rectification
Every data subject has the right granted by European legislators to request the immediate rectification of incorrect personal data relating to them. Taking into account the purposes of the processing, the data subject is also entitled to have incomplete personal data completed – including by means of a supplementary statement.
If a data subject would like to make use of this right of rectification, they can contact one of the controller’s employees at any time.
d) Right of deletion (right to be forgotten)
Every data subject has the right granted by European legislators to request the controller to immediately erase any personal data relating to them if one of the following reasons applies and insofar as the processing is not necessary:
- The personal data are no longer needed for the purposes for which they were collected or otherwise processed.
- The data subject revokes their consent on which the processing was based in accordance with Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, and there is no other legal basis for the processing.
- The data subject objects to the processing in accordance with Art. 21 (1) GDPR, and there are no overriding, legitimate reasons for the processing, or the data subject objects to the processing in accordance with Art. 21 (2) GDPR.
- The personal data were illegally processed.
- Deletion of the personal data is required to meet a legal obligation in accordance with Union or Member State law to which the controller is subject.
- The personal data were collected with reference to services offered by the information society in accordance with Art. 8 (1) GDPR.
If one of the above-mentioned reasons applies and a data subject would like to effect the deletion of personal data stored at Zeutschel GmbH, they can contact one of the controller’s employees at any time. The employee of Zeutschel GmbH will ensure that the request for deletion is complied with promptly.
If the personal data have been made public by Zeutschel GmbH and our company, as the controller pursuant to Art. 17 (1) GDPR, is obliged to delete the personal data, Zeutschel GmbH will take appropriate steps, including of a technical nature, taking into account the technology available and the implementation costs, to inform other controllers who are processing the published personal data that the data subject has requested these other controllers to delete all links to these personal data or copies or duplicates of such personal data unless the processing is necessary. The employee of Zeutschel GmbH will take the steps required in each individual instance.
e) Right to restriction of processing
Every data subject has the right granted by European legislators to ask the controller to restrict the processing if one of the following conditions is met:
- The accuracy of the personal data is disputed by the data subject for a length of time which allows the controller to review the accuracy of the personal data.
- The processing is illegal, the data subject rejects the erasure of their personal data and instead requests that the use of their personal data be restricted.
- The controller has no further need of the personal data for the purposes of processing, but the data subject needs them in order to assert, exercise or defend legal interests.
- The data subject has objected to the processing pursuant to Art. 21 (1) GDPR, and it has not yet been determined whether the controller’s legitimate reasons outweigh those of the data subject.
If one of the above-mentioned conditions is met and a data subject would like to request the restriction of their personal data stored at Zeutschel GmbH, they can contact one of the controller’s employees at any time. The employee of Zeutschel GmbH will arrange for the processing to be restricted.
f) Right to data portability
Every data subject has the right granted by European legislators to receive the personal data relating to them that they have provided to a controller, in a structured, conventional, machine-readable format. They also have the right to transmit these data to another controller without being hindered in doing so by the controller to whom the personal data were provided, as long as the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR and the processing is conducted with the aid of an automated procedure unless the processing is required for performing a task which is in the public interest or is carried out in the exercise of official authority conferred on the controller.
In exercising their right of data portability pursuant to Art. 20 (1) GDPR, the data subject also has the right to have their personal data transmitted directly from one controller to another provided this is technically feasible and unless the rights and freedoms of other persons are impaired by doing so.
The data subject can contact an employee of Zeutschel GmbH at any time to assert their right to data portability.
g) Right of objection
Every data subject has the right, granted by European legislators, to object at any time to the processing of personal data relating to them carried out on the basis of Art. 6 (1) (e) or (f) GDPR for reasons stemming from their particular situation. This also applies to any profiling based on these provisions.
In the event of an objection, Zeutschel GmbH will no longer process the personal data unless we can show compelling, sensitive reasons for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal interests.
If Zeutschel GmbH processes personal data in order to conduct direct marketing, the data subject has the right to object at any time to the processing of the personal data for the purpose of such marketing. This also applies to the profiling provided it is associated with such direct marketing. If the data subject lodges an objection with Zeutschel GmbH to the processing for the purpose of direct marketing, Zeutschel GmbH will no longer process the personal data for such purposes.
The data subject also has the right, for reasons arising from their particular situation, to object to the processing of personal data relating to them carried out at Zeutschel GmbH for scientific or historical research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR, unless such processing is required to perform a task which lies in the public interest.
The data subject can contact any employee of Zeutschel GmbH directly or another employee to assert their right of objection The data subject is also free to exercise its right of objection in connection with the use of services of the information society, notwithstanding Directive 2002/58/EU, by means of automated procedures in which technical specifications are used.
h) Automated decisions in individual cases including profiling
Every data subject has the right, granted by European legislators, not to be subject to a decision based exclusively on automated processing – including profiling – which is legally binding upon them or has a significantly adverse effect on them in some other way provided (1) the decision is not necessary for the conclusion or fulfillment of a contract between the data subject and the controller, or unless (2) it is permitted due to legal regulations of the Union or Member States to which the controller is subject, and these legal regulations contain appropriate measures for preserving the right and freedoms as well as the legitimate interests of the data subject, or (3) taken with the explicit consent of the data subject.
If the decision is (1) necessary for the conclusion or fulfillment of a contract between the data subject and the controller, or (2) taken with the explicit consent of the data subject, Zeutschel GmbH will take appropriate steps to preserve the rights and freedoms as well as the legitimate interests of the data subject which at the very least includes the right to have a person intervene on the part of the controller, to set out their own viewpoint and to contest the decision.
If a data subject would like to assert rights with respect to automated decision-making, they can contact one of the controller’s employees at any time.
i) Right to revoke consent under data protection laws
Every data subject has the right granted by European legislators to revoke their consent to the processing of personal data at any time.
If a data subject would like to assert their right of revocation, they can contact one of the controller’s employees at any time.
j) Right of complaint
Under Art. 77 GDPR, you can also lodge a complaint with the competent supervisory authority:.
The Data Protection Commissioner for the State of Baden-Württemberg
Address: Post Box 10 29 32, 70025 Stuttgart; Urbanstr. 32, 70182 Stuttgart
Telephone: +49 (0)711 615541 – 0; Fax: +49 (0)711 615541– 15
Data protection in the case of applications and application procedures
The controller collects and processes the personal details of applicants for the purpose of handling the application procedure. The data may also be processed electronically. This is the case, in particular, if an applicant sends their application documentation to the controller electronically, e.g. by email or via a web form on the website. If the controller concludes a contract of employment with an applicant, the data transmitted for the purpose of processing the employment relationship will be saved, taking account of statutory regulations. If the controller does not conclude a contract of employment with the applicant, the application documents will be deleted three months after notification of rejection, provided any such deletion does not conflict with other legitimate interests of the controller. For example, another legitimate interest in this context is an obligation to provide evidence in a legal case under the General Equal Treatment Act (AGG).
Data protection provisions for the deployment and use of Facebook
The controller has placed a link to its Facebook page on this website. Facebook is a social network.
A social network is a social meeting point operated on the Internet, an online community which usually enables users to communicate with each other and interact in a virtual space. A social network can serve as a platform for the exchange of opinions and experiences or it can enable the Internet community to provide personal or company-related information. Facebook enables users of the social network, among other things, to create private profiles, upload photos and build a network through friend requests.
Facebook is operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Clicking on the Facebook link on one of the individual pages of this website operated by the controller, will open the controller’s Facebook page in a new browser window.
If the data subject is logged into Facebook at the same time, Facebook can see which specific subpage of our website the data subject visits every time they call up our website and for the entire duration of their stay on our site. This information is collected by the Facebook component and assigned to the data subject’s Facebook account by Facebook. If the data subject clicks on one of the Facebook buttons embedded in our website, e.g. the “Like” button, or if the data subject posts a comment, Facebook will assign this information to the personal Facebook user account of the data subject and it will save these personal data.
The Facebook component will then always inform Facebook that the data subject has visited our website if they are logged into Facebook at the same time as they call up our website; this happens regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not wish any such transfer of information to Facebook, they can prevent the transmission by logging out of their Facebook account before calling up our website.
The Data Guideline published by Facebook which can be called up at https://de-de.facebook.com/about/privacy/ reveals how Facebook collects, processes and uses personal data. It also explains the settings offered by Facebook to protect the privacy of the data subject. There are also various applications available which allow you to prevent the transmission of data to Facebook. Such applications can be used by the data subject to prevent data from being transmitted to Facebook.
You can call up the Facebook social media network via external links on the website. All functions in the social media network are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
If you are logged into Facebook with your own profile and you call up Zeutschel’s social media channel, Meta Platforms Ireland Ltd. is able to match your visit to your logged-in profile. If you do not want your user account to be matched with your IP address, please log out of your Facebook account before using our website.
Data protection provisions for the deployment and use of Twitter
The controller has placed Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service on which users can publish and spread so-called tweets, i.e. short messages, limited to 280 characters. These short messages can be called up by anyone, including people not logged into Twitter. However, the tweets are also shown to the so-called followers of the relevant user. Followers are other Twitter users who follow the tweets of a user. Twitter also allows you to reach a broad audience through hashtags, links or retweets.
Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Every time one of the individual pages of this website operated by the controller and on which a Twitter component (Twitter button) has been installed, is called up, the relevant Twitter component automatically causes the Internet browser on the IT system of the data subject to download a description of the corresponding Twitter component from Twitter. Further information on the Twitter buttons can be found at: https://about.twitter.com/de/resources/buttons In the course of this technical procedure, Twitter is informed of the specific subpage of our website visited by the data subject. The purpose of integrating the Twitter component is to enable our users to further disseminate the contents of this website, make this website known in the digital space and increase our visitor numbers.
If the data subject is logged into Twitter at the same time, Twitter can see which specific subpage of our website the data subject visits every time they call up our website and for the entire duration of their stay on our site. This information is collected by the Twitter component and assigned to the data subject’s Twitter account by Twitter. If the data subject clicks on one of the Twitter buttons embedded in our website, the data and information transmitted as a result are matched with the data subject’s personal Twitter user account and saved and processed by Twitter.
Twitter is always notified via the Twitter component that the data subject has visited our website if they are logged into Twitter at the same time as they call up our website; this happens regardless of whether the data subject clicks on the Twitter component or not. If the data subject does not wish any such transfer of information to Twitter, they can prevent the transmission by logging out of their Twitter account before calling up our website.
Data protection provisions for the deployment and use of Vimeo
The controller has placed Vimeo components on this website. Vimeo is an Internet video portal that enables video publishers to post video clips. For technical reasons, the integration of Vimeo videos leads to Vimeo’s servers being called up. In the process, your browser or device data are transferred to the Vimeo server. Information about which of our pages you have visited is also transmitted in the process.
330 West 34th Street, 5th Floor
New York, New York 10001, USA
Authorized representative: Michael A. Cheah (General Counsel)
Vimeo .com, Inc. is corporation set up under the laws of the US State of Delaware under Registration No. 4550462.
For the use of your browser or device data associated with playing a video, we refer to the provider’s data privacy notice. You can find further information on data processing and Vimeo’s data privacy notice at https://vimeo.com/privacy
Data protection provisions for the deployment and use of Youtube
The controller has placed a link to its Youtube channel on this website. Youtube is an Internet video portal that allows video publishers to post video clips. For technical reasons, clicking on the link leads to Youtube’s servers being called up. In the process, your browser or device data are transferred to the Youtube server. Information about which of our pages you have visited is also transmitted in the process.
Google Ireland Limited
Gordon House, Barrow Street
Telephone: Telephone: +353 1 543 1000
Authorized representative: Elizabeth M. Cunningham, David M. Sneddon
Google Ireland Limited is a corporation set up and registered under the laws of Ireland. Register No: 368047.
For the use of your browser or device data associated with playing a video, we refer to the provider’s data privacy notice. You can find further information on data processing and Youtube’s data privacy notice at https://policies.google.com/privacy
Data protection provisions for the deployment and use of LinkedIn
The controller has placed a link to its LinkedIn page on this website. LinkedIn is a social network.
A social network is a social meeting point operated on the Internet, an online community which usually enables users to communicate with each other and interact in a virtual space. A social network can serve as a platform for the exchange of opinions and experiences or it can enable the Internet community to provide personal or company-related information. LinkedIn enables users of the social network, among other things, to create private profiles, upload photos and build a network through friend requests.
LinkedIn is operated by LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.
If a data subject lives outside the USA or Canada, the controller is LinkedIn Ireland Unlimited Company
Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Clicking on the LinkedIn link on one of the individual pages of this website operated by the controller, will open the controller’s LinkedIn page in a new browser window.
If the data subject is logged into LinkedIn at the same time, LinkedIn can see which specific subpage of our website the data subject visits every time they call up our website and for the entire duration of their stay on our site. This information is collected by the LinkedIn component and assigned to the data subject’s LinkedIn account by LinkedIn. If the data subject clicks on one of the LinkedIn buttons embedded in our website, e.g. the “Follow” button, or if the data subject posts a comment, LinkedIn will assign this information to the personal LinkedIn user account of the data subject and it will save these personal data. If the data subject does not wish any such transfer of information to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before calling up our website.
The Data Guideline published by LinkedIn which can be called up at https://de.linkedin.com/legal/privacy-policy?src=li-other&veh=de.linkedin.com%7Cli-other&trk=homepage-basic_footer-about reveals how LinkedIn collects, processes and uses personal data.
Legal basis for processing
Art. 6 I a GDPR serves as the legal basis for processing in which we obtain consent for a particular processing purpose.
If personal data are required to be processed to fulfill a contract to which the data subject is a contracting party, as is the case, for example, when processing is required for a delivery of goods or for providing another service or consideration, Art. 6 I b GDPR serves as the legal basis of the processing. This also applies to processing which is required to carry out pre-contractual steps, e.g. in the case of inquiries regarding our products or services.
If our company is subject to a legal obligation which requires the processing of personal data, for example, to meet tax obligations, the processing is based on Art. 6 I c GDPR.
On rare occasions, it might be necessary to process personal data in order to protect the data subject’s vital interests or those of another natural person. This would be the case, for example, if a visitor to our plant were injured, making it necessary to pass on their name, age, health insurance data or other vital information to a doctor, hospital or other third party. In that case, the processing would be based on Art. 6 I d GDPR.
Finally, data processing could be based on Art. 6 I f GDPR. This serves as the legal basis for processing not covered by any of the above-mentioned cases if the processing is necessary to uphold a legitimate interest of our company or of a third party, provided it is not outweighed by the interests, basic rights and fundamental freedoms of the data subject. We are permitted to use such processing grounds because they were specifically mentioned by European legislators. Their view was that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).
Legitimate interests in processing pursued by the controller or a third party
If the processing of personal data is based on Art. 6 I f GDPR, our legitimate interest is the conduct of our business activities to further the prosperity of all our employees and shareholders.
Length of time for which personal data are stored
The criterion for the length of time for which personal data are stored is the statutory period of retention in each case. After this deadline expires, the corresponding data are deleted as a matter of routine provided they are no longer required to fulfill or initiate a contract.
Statutory or contractual regulations on the provision of personal data; necessity for conclusion of contract; obligation of the data subject to provide their personal data; possible consequences of non-provision
We inform you that the provision of personal data is partly prescribed in law (e.g. tax regulations) or can result from contractual obligations (e.g. details of contractual partner). Sometimes the conclusion of a contract may require a data subject to provide us with personal data which consequently have to be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with it. Any failure to provide personal data would mean that no contract could be concluded with the data subject. Before the data subject provides personal data, they must contact one of our employees. The latter will clarify for the data subject based on the individual case whether the provision of personal data is statutorily or contractually prescribed or is required to conclude the contract, whether there is any obligation to provide personal data and what the consequences would be of not providing personal data.
Existence of an automated decision-making process
As a responsible company, we refrain from automatic decision-making or profiling.