Privacy policy


Data protection

We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the AKRUS GmbH & Co KG. It is generally possible to use the AKRUS GmbH & Co KG website without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to AKRUS GmbH & Co KG. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this privacy policy.

As the controller, the AKRUS GmbH & Co KG has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.


Introduction

With this privacy policy, we are fulfilling our duty to inform our visitors and users of these pages in accordance with Art. 13 of the EU General Data Protection Regulation (EU GDPR). The protection of personal data is of central importance to us. Personal data is individual information about personal or factual circumstances of an identified or identifiable natural person. This includes information such as name, address, email address and telephone number. In addition to the EU GDPR, the legal basis for data protection can also be found in the Digital Services Act (DDG) and the EU ePrivacy Regulation.


Your data protection rights as a user of this website (data subject rights)

Data protection law regards you as the data subject of the data we collect about you when you visit our website. Accordingly, the legislator provides for some data subject rights that you have as a user of this website. In detail, these are the following rights:

You have the right to free information about your stored personal data, its origin and recipients and the purpose of data processing at any time - without giving reasons. You also have the right to have this data rectified, corrected, blocked or erased. You can also restrict the processing of your data and/or object to the processing (right to object), and in principle you also have the right to data portability. If you have given us your consent to process your data, you can withdraw this at any time. You also have the right to lodge a complaint with the supervisory authority in accordance with Art. 77 EU GDPR.


Analysis tools and tools from third-party providers

When you visit this website, your surfing behavior may be statistically evaluated. This is mainly done with so-called analysis programs.

Detailed information on these analysis programs can be found in the following privacy policy.


Hosting

We host the content of our website with the following provider:

External hosting

This website is hosted externally. The personal data collected on this website is stored on the servers of the hoster(s). This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.

External hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Our host(s) will only process your data to the extent necessary to fulfill its performance obligations and follow our instructions with regard to this data.

We use the following hoster:

Backauf Computer GmbH
Steindamm 6
25337 Elmshorn
www.backauf.de

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.


Contact details: Responsible person - Data protection coordinators - Data protection officer

If you have any questions about data protection at AKRUS GmbH & Co KG that are not answered by this privacy policy or if you wish to exercise your rights as a data subject, you can contact us as follows:

The management team listed in the legal notice at www.akrus.de is responsible for data processing. However, as they deal with many other issues, we recommend that you contact our data protection coordinators by e-mail(datenschutz@akrus.de). You can also contact us by post, the address can also be found in the legal notice.

We would like to point out that you can ask any of our employees about your rights as a data subject. However, it is a great relief for us if you contact our data protection coordinators(datenschutz@akrus.de) directly with data protection inquiries.

If you wish to exercise the right to lodge a complaint in accordance with Art. 77 GDPR, please contact the competent supervisory authority.


Recipients of personal data

If you transmit personal data to us, the main recipients are the employees entrusted by AKRUS GmbH & Co KG with this task. In addition, it is possible that we may commission other companies and individuals to perform tasks for us, e.g. services that you have requested from us using the contact request (e.g. a printed product brochure). In this case, your data may be processed by the company commissioned by us for the purpose specified by you. Further details can be found in the section "Obligation of employees and external service providers" and "Cooperation with external service providers".


Transfer of personal data to a third country

We have no intention of transferring personal data outside the scope of the EU GDPR. Since we occasionally obtain web services from Google (e.g. we use "fonts.gstatic.com" for the graphic design of the fonts), IP addresses and/or so-called "referral links" or online identifiers may be passed on depending on the browser settings. Due to the combination of this data not initiated by us, it cannot be ruled out that personal data will be created and processed outside the scope of the EU GDPR. You can prevent the transfer in your browser, for more information, see the section "Use of Google Maps".


Storage duration

Personal data provided to us via our website will only be stored until the purpose for which it was entrusted to us has been fulfilled. Insofar as retention periods under commercial and tax law must be observed, the storage period for certain data may be up to ten years.


Purpose of data collection

The use of our website is generally possible without providing personal data. Different regulations may apply to the use of individual services on our website, which in this case are explained separately below and inform you in particular about the type, scope and purpose of the collection, use and processing of personal data. Nevertheless, we only process personal data insofar as this is necessary to provide a functional website and our content and services. If personal data is collected, the purpose is the technical provision of our website, for information purposes and for contractual purposes in the provision of services. Any use of your personal data will only take place for the stated purposes and to the extent necessary to achieve these purposes.

If you apply to us via the website, the purpose of the data processing is the possible initiation of an employment relationship.


Legal basis for data collection

Personal data may only be processed on the basis of a legal basis. If we process personal data as part of our website, this is generally based on the protection of the legitimate interests of the controller in accordance with Art. 6 para. 1 lit. f EU GDPR.

The protection of legitimate interests is a balancing of interests and includes both our interests as the company responsible for processing and the interests of the users of our websites. We as a company would like to inform you about our company and its products and services. As a user and potential customer, supplier, competitor, information seeker and/or applicant, you have an interest in finding out about us, our services and products in a technically accessible and convenient manner. In addition, we give our visitors the opportunity to contact us via the website. Accordingly, processing is in the interests of both parties. At the same time, the processing of personal data is reduced to a minimum, so that we come to the conclusion that the protection of legitimate interests is the legally sufficient basis for processing.

As part of the application process, we use the legal basis of the contract and the initiation of the contract (Art. 6 para. 1 lit. b EU GDPR), in particular § 26 BDSG-new (data processing for the purposes of the employment relationship). You can find more information on this in the "Applications" section.

In addition, we also use the legal basis of consent as part of the application process (Art. 6 para. 1 lit. a EU GDPR). This consent is voluntary and serves the purpose of recruiting personnel and transferring your data to an internal talent pool. You can find more information on this in the "Applications" section. You are free to decide whether you wish to give your consent or not. There are no negative consequences if you do not give your consent. You can also withdraw your consent in whole or in part at any time for the future. The lawfulness of the processing based on the consent remains in force until you withdraw your consent. This means that, despite the withdrawal of consent, processing will not become unlawful in the past.


Cookies

Our website uses so-called cookies, which serve to make our Internet presence more user-friendly, effective and secure overall - for example, when it comes to speeding up navigation on our website. Cookies also enable us to measure the frequency of page views and the generic use of the website.

Cookies are small text files that are stored on your computer system. Cookies do not cause any damage to your computer and do not contain viruses. We would like to point out that some of these cookies are transferred from our server to your computer system, most of which are so-called "session cookies". "Session cookies" are characterized by the fact that they are automatically deleted from your hard drive at the end of the browser session. Other cookies remain on your computer system and enable us to recognize your computer system on your next visit (so-called persistent cookies). Of course, you can reject cookies at any time if your browser allows this. However, we would like to point out that in this case you will not be able to use all the functions of our website to their full extent.

The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser notify you when you receive a new cookie or how to disable all cookies received.

Of course, you can also delete cookies at a later date. The procedure depends on your browser and operating system. We ask you to research the procedure for subsequent deletion for your system yourself.


Borlabs Cookie

Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.


Server log

Every visit to the pages of this website is recorded and stored in the so-called server log files. This data is used exclusively for the technical analysis of server usage.

Specifically, the following data is collected:

  • Requesting host address (IP address)
  • Date and time of retrieval
  • Name of the retrieved file
  • HTTP status code
  • Amount of data transferred
  • Website from which you visit us (referrer URL)
  • Browser/operating system/interface
  • Information about the server service used
  • Protocol version

This anonymous data is stored separately from any personal data you may have provided and therefore does not allow any conclusions to be drawn about a specific person. It will only be passed on to third parties if this is required by law or if a court order requires it to be passed on. It will not be passed on for commercial or non-commercial purposes. However, we reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.


Contact possibility

On our website, we offer you the opportunity to contact us by e-mail and via contact forms. Your details from the inquiry form, including the contact details you provide there for the purpose of processing the inquiry and in the event of follow-up questions, will then be forwarded to us in encrypted form and stored by us.

If you wish to contact us by e-mail, we would like to point out that the confidentiality of the information transmitted is not guaranteed in the case of unencrypted e-mails. The content of unencrypted e-mails can be viewed by third parties (see also the "Information security" section).


Applications

Applicant data will be stored for up to six months after the end of the selection process.

In addition, if you send us an application, we ask you to allow us to transfer your data to an internal talent pool. You then consent to us processing your data for a further two years for the purpose of recruitment. This applies in the event that you are in principle an interesting candidate for us, but were not selected for the position for which you applied.


Data protection provisions about the application and use of Google Analytics (with anonymization function)

The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, gathering and evaluation of data about the behavior of visitors to websites. Among other things, a web analysis service collects data on the website from which a data subject came to a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. Web analysis is mainly used to optimize a website and for the cost-benefit analysis of Internet advertising.

The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the addition "_gat._anonymizeIp" for web analysis via Google Analytics. By means of this addition, the IP address of the Internet connection of the data subject is shortened and anonymized by Google if access to our Internet pages is from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our website, and to provide other services related to the use of our website.

Google Analytics places a cookie on the data subject's IT system. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyze the use of our website. Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. During the course of this technical procedure, Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.

The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of visits to our website by the data subject. Each time our website is visited, this personal data, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a cookie on the data subject's IT system. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google. To do this, the data subject must download and install a browser add-on from the link https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google. If the data subject's IT system is deleted, formatted or reinstalled at a later date, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person who is attributable to their sphere of control, it is possible to reinstall or reactivate the browser add-on.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.de/intl/de/policies/privacy/ and under http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link https://www.google.com/intl/de_de/analytics/.


Use and disclosure of personal data

If you commission us to provide a service, your personal data will only be used to the extent necessary for the provision of the order (e.g. to process requests for information or brochure orders). This includes in particular the forwarding of your data to transport companies, credit companies or other service providers used to provide the service or process the contract.

Your personal data will not be passed on or sold to third parties.

There are the following exceptions to this procedure: We disclose customer accounts and personal data about customers if we are required to do so by law or if such disclosure is necessary or central to protecting our rights and the rights of our customers and those of third parties, e.g. in the event of attacks on our network infrastructure. This may include, for example, data exchange with companies that specialize in the prevention and minimization of abuse and credit card fraud and/or IT security. It is expressly clarified that in this context no data will be passed on to these companies for commercial use that is contrary to this privacy policy.


Commitment of employees and external service providers

Of course, our employees and the service companies commissioned by us are obliged to maintain confidentiality and to comply with the provisions of the EU GDPR.


Cooperation with external service providers

We commission other companies and individuals to perform tasks for us. Examples include parcel delivery, sending letters or emails, analyzing our databases, IT services, advertising, processing payments and customer service. These service providers have access to personal information that is required to fulfill their tasks. However, they may not use it for other purposes. In addition, they are obliged to handle the information in accordance with this privacy policy and the EU GDPR.

If these subcontractors are processors in accordance with Art. 28 EU GDPR, we have concluded corresponding legally compliant contracts with them.


Information security

AKRUS GmbH & Co KG uses appropriate technical and organizational security measures according to the current state of knowledge in order to protect the data you provide to us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Your data is stored in a secure operating environment that is not accessible to the public. Our security measures are reviewed at regular intervals and continuously improved in line with technological developments.

If you wish to contact us by e-mail, we would like to point out that the confidentiality of the information transmitted is not guaranteed in the case of unencrypted e-mails. The content of unencrypted e-mails can be viewed by third parties. We therefore recommend that you send us confidential information either in encrypted form or by post.

Your e-mail address will be used exclusively for correspondence with you. It will not be used for any other purpose or passed on to third parties.


Protection of your data through TLS or SSL

For secure data transmission on the Internet, we use the hybrid encryption protocol Transport Layer Security (TLS), more commonly known under its predecessor name Secure Sockets Layer Software (SSL). This software encrypts the information that you transmit. All data protection-relevant information is stored in encrypted form in a protected database.


Plugins and tools

YouTube

This website integrates videos from the YouTube website. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

Furthermore, YouTube may store various cookies on your device or use comparable technologies to recognize you (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts. Furthermore, the data collected is processed in the Google advertising network.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Further information on the handling of user data can be found in YouTube's privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Fonts (local hosting)

This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. There is no connection to Google servers.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

Font Awesome (local hosting)

This site uses Font Awesome for the uniform display of fonts. Font Awesome is installed locally. There is no connection to the servers of Fonticons, Inc.

Further information about Font Awesome can be found in the Font Awesome privacy policy at: https://fontawesome.com/privacy.

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service, we can integrate map material on our website.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether data is entered on this website (e.g. in a contact form) by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.


Consent, status and amendment of this privacy policy

By using our website, you consent to the data processing described above. The current status is 28.06.2018.

We reserve the right to amend this privacy policy at any time with effect for the future in compliance with the applicable data protection regulations. We will publish the changes here.