I. Details of the responsible organization
Böllinghaus Steel GmbH
Phone: +49 (0)2103 – 880 10 - 0
II. Details of the data protection officer
If you have any questions about privacy, please contact our external service provider for matters relating to data protection.
Mr. Anastasios Papadopoulos from expertplace compliance solutions GmbH
Oberländer Ufer 186, 50968 Köln, Germany
Phone: +49 (0)221 / 800 3350 0
III. Data processing via the website
Your visit to our website will be logged. In the first instance, primarily the following data are collected that your browser sends to us:
- the IP address presently being used by your PC or router
- date and time
- browser type and version
- your PC's operating system
- the pages that you view
- name and size of the file(s) requested
- and, if applicable, the URL of the referring website.
These data are collected solely for the purposes of data security, to improve our web offering and to analyze errors on the basis of Article 6 (1) (f) GDPR. Your computer's IP address is analyzed in anonymized form only (truncated to the last three digits). Apart from that it is possible to visit our website without providing any personal information. Please be aware that there may be security vulnerabilities when data are transferred over the internet (e.g. during communication by e-mail). It is not possible to protect data completely from access by third parties. You should therefore send any confidential data to us by other means, e.g. by postal mail.
We can only process job applications if they are sent to the e-mail address "firstname.lastname@example.org". If you use any other of our company e-mail addresses your application will unfortunately not be recognized by our systems and therefore will not be considered. Please remember that e-mail is not a secure medium. If your application reaches our e-mail server on the above-mentioned e-mail address, we will apply a high level of technical and organizational measures to protect your applications. We have no influence while your application is making its way to our company via the public internet and cannot guarantee the level of protection that your application receives. If your outgoing e-mail server supports STARTTLS, our e-mail server will also use STARTTLS, thereby offering encryption in transit.
Personal data (e.g. your name, address details or contact details) which you share with us voluntarily, e.g. in the course of an enquiry or in any other manner, will be stored by us and only processed in order to correspond with you and only for the purpose for which you supplied these data to us. These data are processed on the basis of Article 6 (1) (a); (6) (1) (f) GDPR.
Secure data transmission
To protect the security of your data during transfer, we use a state-of-the-art encryption method (SSL) via HTTPS.
IV. Recipients of personal data
In order to implement and handle processing procedures, we may use a service provider to process data on our behalf.
Specifically we have engaged service providers to send out our newsletter and to host our website.
The contractual relationships with our service providers are governed by the provisions of Article 28 GDPR, which includes the points required by legislation on data protection and data security.
V. Data collection by Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is typically transmitted to and stored on a Google server in the USA. The basis for data processing is Article 6 (1) (f) GDPR.
If IP anonymization is activated on this website, your IP address will, however, be truncated beforehand by Google within member states of the European Union or other parties to the agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. Please note that Google Analytics on this website has been extended to include the code "anonymizelp" in order to ensure anonymized recording of IP addresses.
Google will use this information on behalf of the operator of this website for the purpose of analyzing your use of the website in order to compile reports on website activities for the website operator and to provide it with additional services relating to website activity and internet usage. Google will not associate the IP address transmitted under Google Analytics by your browser with other data held by Google.
You may prevent the storage of cookies by selecting the appropriate settings in your browser software; however, we would point out that in this case you may not be able to use all functions offered by this website to the full extent. Moreover, you may prevent Google from recording the data (including your IP address) generated by the cookie and pertaining to your use of the website, and also the processing of such data, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
The basis for data processing is Article 6 (1) (f) GDPR.
VI. Google Maps
This website uses the map service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
In order to use the functionality of Google Maps, it is necessary to store your IP address. This information is typically transmitted to a Google server in the USA and stored there. The provider of this website has no influence over this data transmission.
The use of Google Maps occurs in the interest of presenting our online offerings appropriately and to make it easy to find the locations we have included on the website. This represents a legitimate interest pursuant to Article 6 (1) (f) GDPR.
VII. Google Tag Manager
This website uses Google Tag Manager. This service provides an interface for managing website tags. Google Tag Manager only implements tags. No cookies are placed and no personal data are captured. Google Tag Manager releases other tags which collect data where applicable. Google Tag Manager does not access this data. If this feature is deactivated at domain or cookie level, it applies to all tracking tags to the extent that these are implemented using Google Tag Manager. The following link provides more information about Google Tag Manager:
The tracking measure is performed on the basis of Article 6 (1) sentence 1 (f) GDPR.
VIII. AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising platform provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google"). As part of Google AdWords we use what is known as conversion tracking. When you click on a Google ad, a cookie is placed for the purpose of conversion tracking. Cookies are small text files which the web browser stores on the user's computer. These cookies cease to be valid after 30 days and are not used to personally identify the user. When the user visits certain pages on this website and the cookie has not yet expired, Google and we can detect that the user has clicked on the ad and been forwarded to this page.
Each Google AdWords customer receives a different cookie. The cookies cannot be backtraced across AdWords customer websites. The information obtained with the help of conversion cookies is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are informed of the total number of users who have clicked on their ad and were directed to a page with a conversion tracking tag. They do not, however, receive any information which can be used to personally identify users.
You can adjust the settings of your browser in such a way that you are informed if cookies are to be placed and only permit cookies on a case by case basis. You can also accept cookies in certain cases or generally block them, as well as activating the automatic deletion of cookies when you close your browser. If cookies are deactivated, it may restrict this website's functionality.
Some of the cookies we use are deleted as soon as your browser is closed (these are known as session cookies).
Other cookies remain on your device and enable your device to be recognized on your next visit (persistent cookies).
The data processing connected to cookies, which serve solely to ensure that our web offering is functional, is based on our legitimate interest pursuant to Article 6 (1) (f) GDPR.
If you do not wish cookies to be used, you can adjust your browser settings so that cookies are not accepted and therefore not stored. Please note that in this case, where applicable, you may not be able to use all the functions offered by our website.
X. Your rights
According to Articles 15–21 GDPR, when the conditions described therein are met you may assert the following rights in relation to the personal data we have processed.
Right to information
You have a right to information about the personal data we are processing in relation to you.
Right to correction
You can demand that incomplete or improperly and inaccurately processed personal data are corrected.
Right to deletion
You have a right to the deletion of personal data relating to you, particularly if one of the following reasons applies:
- Your personal data are no longer necessary for the purposes for which they were collected or in other ways processed.
- You revoke your consent on which the processing of your data is founded.
- You have asserted a right of objection against the processing of data.
- Your data have been processed unlawfully.
There is no right to deletion, however, to the extent that the legitimate interests of the responsible party conflict with this. This may, for example, apply if
- personal data are necessary to establish, exercise or defend legal claims.
- deletion is not possible due to retention requirements.
Where data cannot be deleted, a right to restrict (subsequent) processing may be possible.
Right to restrict processing
You have the right to demand the restriction of processing of your personal data if
- you dispute the accuracy of the data and we therefore check for correctness,
- processing is unlawful and you reject deletion and instead demand that use is restricted,
- we no longer need the data but you, however, require it to establish, exercise or defend legal claims,
- you have filed an objection to the processing of your data and have not yet determined whether our legitimate reasons outweigh your reasons.
Right to data portability
You have the right to receive the personal data which you have provided in relation to yourself in a structured, accessible and machine-readable format and you have the right to transfer these data to another responsible party without hindrance by us, provided that the processing is based on consent or a contract and we perform processing with the help of automated methods.
Right to object
The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of processing of personal data concerning him or her which is based on Article 6 (1) (e) or (f); this also applies to profiling based on these provisions. To the extent that the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
XI. Standard periods for the deletion of data
Where no statutory retention requirement applies, data are deleted or destroyed if they are no longer required to achieve the purpose of data processing. The storage of personal data is subject to various time limits, for example data relating to tax-related issues are typically retained for 10 years and other data for six years in accordance with German commercial law. Ultimately the storage period may be based on statutory periods of limitation, which in accordance with Sections 195 et seq. of the German Civil Code (BGB), for example, are typically three years, but which may in certain cases be up to thirty years.
XII. Right to lodge a complaint with a supervisory authority
Under Article 77 GDPR, every data subject has a right to lodge a complaint with a supervisory authority if they are of the view that the processing of personal data relating to them infringes the GDPR. The responsible supervisory authority for matters relating to data protection is the data protection officer for the federal state in which our company is headquartered.