schließen
Drücken Sie Enter zum Suchen oder ESC zum Schließen

Data Protection Declaration

Content:

I) General information

II) Your rights

III) Contact details

IV) Collection and storage of personal data and the nature and purpose of their use

1. Visits to the website

2. Use of our contact form

3. The application procedure

4. Newsletter tool 

5. As a business partner 

6. Video surveillance on the company premises

V) Data storage/erasure

VI) Use and disclosure of personal data

VII) Currency and amendment of this data protection declaration

 

I) General information

1. We take the protection of your personal data during collection, processing and use very seriously. All information about you, such as name, address, telephone number, email address and account number, as well as any information that may be traced back to you, is referred to as personal data, including your user behavior. We want you to know when we collect what data and how we use it. We have taken technical and organizational measures to ensure that we and any potential external service providers comply with the data protection regulations. Your data will be protected within the framework of the legal regulations. Personal data is collected automatically only to the extent technically necessary.

2. If you wish to use special services provided by our company, such as our contact form, processing of personal data may be required. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain your consent. Processing is always carried out in accordance with the EU General Data Protection Regulation (GDPR).

3. We make every effort to store your personal data in such a way that it is not accessible to third parties by taking all possible technical and organizational measures. When communicating via an unencrypted email, we cannot guarantee complete data security, so we recommend that you send confidential information by post.

 

 II) Your rights

1. You have the following rights with regard to your personal data:

  • Right to access
  • Right to rectification or erasure
  • Right to restrict processing
  • Right to object to the processing
  • Right to data portability

2. You have the right to contact your data protection supervisory authority if you believe that the processing of your personal data is contrary to the requirements of the General Data Protection Regulation. In the case of Baden-Württemberg, this is: 

The Baden-Württemberg state commissioner for data protection and freedom of information

Street address: Königstraße 10 a, 70173 Stuttgart, Germany

Postal address: P.O. Box 10 29 32, 70025 Stuttgart, Germany

Tel.: +49 (0)711/615541-0, Fax: +49 (0)711/615541-15, 

Email: poststelle@lfdi.bwl.de

3. If you wish to exercise your rights as a data subject, please simply send an e-mail to Datenschutz@Leipold.com. Proof of identity may be required.

 

III) Contact details

1.    Controller:

Carl Leipold GmbH

Schiltacher Str. 5

77709 Wolfach, Germany

Phone: +49 (0)7834 8395-0

Fax: +49 (0)7834 8395-55

info(at)leipold.com

Managing Directors: Dipl.-Ing. Pascal Schiefer, Dipl.-Betriebsw. (FH) Thomas Fees

2. The data protection officer of Carl Leipold GmbH can be contacted at the address above, at the address of the data protection officer or by emailing Datenschutz@leipold.com.

 

IV) Collection and storage of personal data and the nature and purpose of their use

1. Visits to the website

a. When you visit our website, information is automatically sent to our website server by the browser used on your device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

  • IP address
  • Date and time of request
  • Time zone difference relative to Greenwich Mean Time (GMT)
  • Content of request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

The above data will be processed by us for the following purposes:

  • Ensuring a smooth connection to the website
  • Ensuring that the website is easy to use
  • Evaluating system security and stability
  • Other administrative purposes

b. The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest is based on the data collection purposes listed above. On no account will we use the collected data for the purpose of drawing conclusions about you.
 

c. Use of web analytics programs and cookies: This website uses technologies from etracker GmbH (www.etracker.com) to collect and store data for marketing and optimization purposes. Usage profiles can be created from this data under a pseudonym. Cookies may be used for this purpose. The data collected with the etracker technologies will not be used to personally identify a visitor to this website and to combine it with personal data about the bearer of the pseudonym unless the data subject has given separate consent. You can object to the collection and storage of your data at any time with effect for the future.

The websites uses cookies in several places. These make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and by your browser. Most of the cookies we use are session cookies. They will be erased automatically at the end of your visit. Cookies do not cause any damage to your computer and do not contain viruses. You can configure your browser setting according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that in this case, you may not be able to use all the features of the website.

Some of the tracking operations listed in the cookie consent and used by us are carried out on the basis of Article 6(1)(f) GDPR. We use these tracking operations because we want to ensure needs-based design and the continuous optimization of our website. We also use them to record statistics on the use of our website and to evaluate that usage data to optimize our offer for you. These interests are regarded as legitimate within the meaning of the above-mentioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools. For other trackers or cookies, your consent is required in accordance with Article 6(1)(a). You can withdraw your consent at any time with effect for the future by deselecting the check boxes in the cookie tool.

d. SSL encryption: This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as a site operator. You can identify an encrypted connection by the fact that the address bar of the browser changes from "http://" to "https://" and by the lock icon in the address bar. If SSL encryption is enabled, the data you submit to us cannot be read by third parties.

e. Our offer contains links to external websites of third parties over whose content we have no influence. Therefore, we cannot assume any liability for this third-party content. The provider or operator of the linked pages is always responsible for their content. The linked pages were checked for possible legal violations at the time of linking. No illegal content was identifiable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a violation of the law. If we become aware of any infringements of the law, we will remove such links immediately. Please note the privacy statements of the third parties whose site the link takes you to.

f. Embedded services

Integration of Google Fonts

We use the Google Fonts service of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway Mountain View, California 94043 USA on our website. Google Fonts enables us to integrate external fonts on our website.

When you access our website, your web browser loads the required font into your browser cache. This is necessary so that your browser can display our texts in a visually improved way. If your browser does not support this function, a standard font will be used by your computer for display.

These fonts are integrated by a server call to Google. The server is informed which of our web pages you have visited. Google also stores the IP address of your device's browser.

We use Google Fonts to optimise our website for you and to make its design more user-friendly. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f) GDPR.

Google Fonts transfers personal data to the USA. The certification of the service provider under the EU-U.S. Data Privacy Framework serves as an appropriate guarantee and basis for the data transfer. You give us your consent to the use of this service and to the transfer of data to the USA via consent management when you access the website. This ensures that your rights under the General Data Protection Regulation (GDPR) are safeguarded. The legal basis for the processing of your data in this context is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. You have the right to withdraw your consent at any time. However, the withdrawal of your consent does not affect the lawfulness of processing based on your consent before its withdrawal.

Use of Google Maps

We use the map service Google Maps on our website to display interactive maps directly on the website and to enable you to use the map function conveniently.

Purpose of data processing

Google Maps is integrated in order to provide you with a geographical representation of our location and to make it easier for you to plan your journey.

Legal basis

The use of Google Maps is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Data transmission, data categories:

By using Google Maps, information about the use of our website, including your IP address, is transmitted to Google servers in the USA and stored there. Google also processes this data for its own purposes. Your data is processed by the service:

  • IP address: Google records the IP address in order to determine the user's location.

  • Device information: Google collects data about the device in order to optimise the display.

  • Location data: Google uses the precise location of the user for specific services if location services are activated.

  • Cookies

  • Google Maps uses cookies to provide the map services and to analyse usage. These cookies are stored on your end device.

Storage duration

The storage period of cookies varies and can be up to 24 months. Further information can be found in Google's privacy policy at policies.google.com/privacy.

The provider of the Google services is Google Ireland Limited, Google Building Gordon House Barrow St 4 Dublin Ireland, Tel. +353 1 543 1000, Fax +353 1 686 5660 www.google.de,

https://fonts.google.com/

Further information can be found at: https://policies.google.com/privacy.

CDN jQuery

We use the jQuery CDN service from the jQuery Foundation to ensure that our website is available quickly and easily on different devices.

Function, purposes of use, types and categories of data processed

A CDN is a network of globally distributed servers with different geographical locations that are connected via the Internet. It enables the rapid provision of content, especially large files, even when utilisation is high.

jQuery uses Java Script libraries to deliver our website content quickly. A CDN server loads the required files and records your IP address, unless it is already stored in your browser from a previous visit to the website.

Recipients of the data, third country transfer

In order to send the content to your browser, it is technically necessary to process your IP address. Your IP address is therefore transmitted to the servers of the OpenJS Foundation, Inc, 1 Letterman Drive, San Francisco, CA 94129, USA. If a user accesses the Weinblatte in a third country outside the EU, a data transfer to the user's country of residence cannot be ruled out due to the forwarding of the requested web content by the request routing system to the third country servers.

If you wish to avoid this data transfer, you can install JavaScript blockers such as https://www.ghostery.com/ or or deactivate the execution of JavaScript in your browser. Please note that this may impair the functionality of the website.

More data protection information about jQuery here:

CDN jsDelivr

CDN is a service that makes the content of our website, such as scripts, available more quickly via regionally distributed and interconnected servers. This enables more efficient and faster delivery of content to users.

Purpose of data processing

User data is processed exclusively for the following purposes:

  • Fast provision of content: By using the CDN, content on our website can be loaded more quickly, which improves user-friendliness.

  • Ensuring security: The CDN contributes to the security of our website by providing protection against DDoS attacks and other threats.

  • Maintaining functionality: The CDN helps to ensure the functionality of our website by distributing loads and minimising server outages.

Data transmission

In order to provide these services, your browser must establish a connection to the CDN servers. Your IP address is transmitted to jsDelivr. jsDelivr learns that our website has been accessed via your IP address.

Legal basis

The CDN is used on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR. These interests include the secure and efficient provision, analysis and optimisation of our online offering.

Further information on data processing by jsDelivr can be found in jsDelivr's privacy policy: https://www.jsdelivr.com/privacy-policy-jsdelivr-net/.

2. Use of our contact form

a. When you contact us via our website, we collect various personal data from you using the contact form. The minimum data we need in order to process your request appropriately is: name, company, email address and the actual message. These are therefore required fields. All other information, such as salutation, address data and telephone are voluntary and go beyond what is necessary. This data provided by you will generate an unencrypted email directly – without caching – to info@leipold.com, which you send to us by clicking the Send button. Please note that the email is unencrypted, so please be careful not to provide confidential data or information in this way.

b. The data processing for the purpose of contacting us is carried out in accordance with Article 6(1)(a) GDPR on the basis of your voluntary consent. The personal data we collect when you use the contact form will be automatically erased upon completion of your request.

3. The application procedure

a. In the course of your application, we will collect and process the personal application data listed below:

  • Salutation
  • Last name, first name
  • Address
  • Phone number/mobile number
  • Email
  • Application documents (letters of application, CV, certificates, etc.)

b. Consent for special data

  • If your application contains special categories of personal data (e.g. marital status information that may provide information about your sex life or sexual orientation; health information; a photo that allows conclusions about your ethnic origin and/or religion and, if applicable, your eyesight; similarly sensitive data within the meaning of Article 9 of the General Data Protection Regulation) we assume your consent to processing. This consent serves exclusively to enable us to take full account of the application in its present form. The information will not be taken into account in the application process unless there is a legal obligation to do so, especially in the case of severely disabled persons. Your data will not be disclosed to third parties.
  • You can also submit an application that excludes special categories of personal data without affecting your chances in the application process.

c. Purpose of data collection / disclosure

  • The collection and processing of your personal application data is exclusively for the purpose of filling positions within our company. In principle, your data will only be forwarded to the internal departments and specialist departments responsible for the specific application process, unless you give us your express consent to further use.
  • Please note that the data you provide may be used to compile statistics about the application process. These statistics are compiled exclusively for their own purposes and are never personalized, but in anonymized form.

d. Legal basis

Your data is collected/processed in accordance with Section 26 of the German Data Protection Act (BDSG) or with your consent.

e. Retention period of application data

  • In principle, your personal application data will be erased no later than six months after completion of the application process. This does not apply if longer storage for the purpose of proof is required for legal reasons, or if you have expressly consented to longer storage.
  • Storage for future vacancies
  • If we are unable to offer you a job from our current vacancies, but based on your profile, we believe that your application may be of interest for future vacancies, we will retain your personal application data for a maximum of two years, provided you expressly consent to such storage and use. With your consent, we will compare your documents with our job offers and will come to you with a suitable offer.

f. Data security

In order to protect the data collected in the course of your application against tampering and unauthorized access, we have taken various technical and organizational precautions. In particular, the transmission of your online application is encrypted in line with recognized industry standards.

4. Newsletter tool

If you are interested in a newsletter from us for information about our company, products and services, we need your salutation, first name, last name and email. After you subscribe, our system will email you an activation link that is valid for three days. You use the link to confirm your subscription. This helps us ensure that you are in fact the owner of the email address provided and that you agree to receive the newsletter. You will only receive the newsletter after providing this confirmation. If you do not confirm the activation link, your data will be automatically erased after three days.

You can withdraw consent to the storage of your email address and data in a database separated by customer, as well as their use for sending the newsletter, at any time. You will find a corresponding note with a link in the newsletter.

Subscribe/unsubscribe consent is safeguarded by the double opt-in procedure. A confirmation email will be sent to the recipient. Approval to send the newsletter is disabled until confirmation by using the activation link.

5. As a business partner

We process your contact data, customer and supplier data, and contract data. If you have given your express consent during a factory visit, we may also process photos and videos of you. This processing is essentially carried out within the scope of performance of contracts to which you are a party or, upon request, by you for the implementation of pre-contractual measures.

Insofar as you have given us consent to the processing of personal data for specific purposes, such processing is lawful based on your consent. Given consent can be withdrawn at any time. Please note that this will only take effect for the future. Processing carried out prior to withdrawal is unaffected.

The purposes of the data processing depend on the contract documents and subject matter of each contract, in this case according to the existing customer (framework) contract.

Only to the extent necessary, we process your data for the protection of our legitimate interests or those of third parties. Our legitimate interest applies in particular for international management and control measures, marketing purposes, to improve our business relationship, assertion of legal claims and defense in legal disputes.

Within our company, access will be restricted to those departments or occupations that need it under the principle of least privilege (keeping the assignment of user rights to the minimum possible) and the need-to-know principle (knowledge of data only if necessary). Service providers and vicarious agents employed by us may also receive data for these purposes if they comply with our data protection regulations and instructions. 

With regard to the transfer of data to recipients outside our company, we may only disclose your data if this is necessary, if a statutory provision requires it, if you have consented to it, or if processors we engage have committed to comply with the requirements of the GDPR and the BDSG. 

Under these conditions, recipients of personal data may be: 

  • Carl Leipold GmbH employees with a corresponding business relationship with you 
  • Leipold Group company employees with overarching management and control tasks
  • Service providers in the context of order processing

In the case of PR and marketing activities (after your prior express consent):

  • Visitors to our website
  • Readers of our print media and publications
  • Users of our social media

We have received your data from you and partly through companies engaged by us, such as credit insurance companies. We also receive data from publicly available sources such as the internet (certificates, etc.).

 

V) Data storage/erasure

Unless governed otherwise in the detailed descriptions of the offers, we process and store your personal data as long as necessary to fulfill our contractual and legal obligations.

This stored personal data is erased if you withdraw your consent to storage, if knowledge of the data is no longer necessary for the fulfillment of the purpose pursued by the storage, i.e., the process is complete and erasure is not precluded by any statutory retention periods, or if storage is inadmissible for other legal reasons. If the data cannot be erased, further processing of your data will be blocked until the statutory retention periods expire.

 

VI) Use and disclosure of personal data

Insofar as you have provided us with personal data, we will only use it to answer your requests and for technical administration.

Your personal data will only be disclosed to third parties or otherwise transmitted if this is necessary for the purpose of contract processing, in particular passing on order data to suppliers, for billing purposes, or in cases where we are legally obliged to share the data, or if you have given your prior consent. You have the right to withdraw your consent with effect for the future at any time.

 

VII) Currency and amendment of this data protection declaration

This data protection declaration is valid as of April 1, 2021. Due to the further development of our website and offers therein, or due to changes in legal or regulatory requirements, it may become necessary to amend this data protection declaration. You can access and print our latest data protection declaration on our website at any time.