This is how we use your data.
In general, it is possible to use our website without entering any personal data. Wherever possible, when personal data are collected on our website (e.g. name, address, email address), this takes place on a voluntary basis. These data will not be passed on to third parties without your express consent. We point out that data transfer over the internet (e.g. through email communication) may exhibit security flaws. It is not possible to perfectly protect data against access by third parties. An explicit objection is hereby made to third parties using the contact information published in the Legal Notice to send any marketing material or information that has not been explicitly requested. The operator of the website expressly reserves the right to take legal steps if unrequested commercial information is sent, for example through spam email.
1. Data Protection at a Glance
The following notices provide you with a simple overview of what happens with your personal data when you visit our website. Personal data are all data through which you can be personally identified. You can find detailed information about Data Privacy in the Data Privacy Statement under this text.
Data Collection on our Website
Who is responsible for the data collection on this website?
The data processing on this website is performed by the website operator. You can find its contact information in this website’s Legal Notice.
How do we Collect your Data?
Your data are collected, first of all, if you send them to us. This may, for example, be data that you enter into a contact form.
Other data will be automatically collected by our IT systems during visits to our website. These are primarily technical data (e.g. internet browser, operating system or time of the page visit). These data are collected automatically as soon as you enter our website.
What do we Use your Data for?
Some of the data are collected in order to guarantee fault-free provision of the website. Other data may be used to analyze your user behavior.
What Rights do you have in Relation to your Data?
You have the right at any time, and free of charge, to receive information about the origin, recipients and purpose of your saved personal data. You also have the right to request the rectification, blocking or deletion of these data. In this regard, or if you have any other questions about data protection, you may contact us at any time at the address given in the Legal Notice. Furthermore, you are entitled to file a complaint with the competent supervisory authority.
Analysis tools and third-party tools
When you visit our website, your browsing behavior may be analyzed statistically. This is primarily done with cookies and so-called analysis programs. As a rule, the analysis of your browsing behavior is done anonymously; the browsing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find details about this in our Data Privacy Statement, under the heading “Third Party Plugins and Analysis Tools.”
You may object to this analysis. The Data Privacy Statement provides information about how you can lodge objections.
2. General Notices and Mandatory Information
The operator of this website takes the protection of your personal data extremely seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this Data Privacy Statement.
When you use this website, various types of personal data will be collected. Personal data are data through which you can be personally identified. This Data Privacy Statement explains which data we collect and what we use them for. It also explains how and for what purpose this happens.
We point out that data transfer over the internet (e.g. through email communication) may exhibit security flaws. It is not possible to perfectly protect data against access by third parties.
Data Controller Information
The data controller for data processing on this website is:
Mr Sebastian Bergler
NEW eco-tec Verfahrenstechnik GmbH
84453 Mühldorf am Inn, Germany
The data controller for data protection (from 12/14/2018) is:
PETZKA Management & Consulting GmbH
Patrick M. Petzka
Trostberger Strasse 24, 83301 Traunreut
Telephone: +49 (0)8669 9098975
The data controller is the natural or legal person that, alone or with others, decides upon the purposes and means of the personal data processing (e.g. name, email address or the like).
Revocation of your Consent to Data Processing
Many data processing procedures are only possible with your explicit consent. You can revoke consent that you have given at any time. To do this, it is enough to send us an email. The legality of the data processing that took place prior to the revocation remains unaffected by the revocation.
Right to Data Portability
You have the right to receive data, or have them received by a third party, that we have processed automatically on the basis of your consent or in fulfillment of a contract, in a current, machine-readable format. If you request the direct transfer of the data to another data controller, this shall take place only insofar as it is technically feasible.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and in order to safeguard the transfer of sensitive content, such as orders or inquiries, that you send to us as the site operator. An encrypted connection can be recognized from the fact that the address line of your browser changes from “http://” to “https://” and a lock symbol appears in your browser toolbar.
When the SSL or TLS encryption is active, the data you send to us cannot be read by third parties.
Inquiries, Blocking, Deletion
Within the framework of legal regulations, you have, at any time, the right to receive information, free of charge, about your stored personal data, their origin and recipients and the purpose of the data processing and, if applicable, a right to rectification, blocking or deletion of this data. In this regard, or if you have any other questions about personal data, you may contact us at any time at the address given in the Legal Notice.
Objection to Marketing Emails
An objection is hereby made to the use of the contact information published in the Legal Notice to send any marketing material or information that has not been explicitly requested. The operator of the website expressly reserves the right to take legal steps if unrequested commercial information is sent, for example through spam email.
3. Data Collection on our Website
Some of the web pages use so-called cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help us to make our site more user friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. When you leave the website, they will be deleted automatically. Other cookies remain on your device until you delete them. These cookies allow us to recognize your browser during your next visit to the site.
You can configure your browser to inform you whenever cookies are set and allow cookies only in individual cases, to accept cookies only in specific cases or to generally exclude them or automatically delete cookies when the browser is closed. Deactivating cookies may restrict the functionality of the website.
Cookies that are necessary to carry out electronic communication procedures, or to provide specific functions requested by you (e.g. a shopping cart function), will be saved on the basis of Art. 6 (1) f) GDPR. The website operator has a legitimate interest in saving cookies in order to offer an optimized provision of its services free of technical faults. If other cookies (e.g. cookies for analysis of your browsing behavior) are saved, these will be dealt with separately in this Data Privacy Statement.
Server Log Files
The website provider collects and automatically stores information in a format known as server log files. Your browser automatically sends us this information. This is:
- Browser type and version
- Operating system used
- Referrer URL
- The host name of the PC accessing the site
- Time of the server request
- IP address
These data are not combined with data from other sources.
The basis for processing these data is Art. 6 (1) b) GDPR which permits data processing in order to fulfill a contract or pre-contractual arrangements.
If you send us an inquiry using our contact form, your data from the inquiry form are saved so that we can process your inquiry and any follow-up questions. These data include the contact details you enter on the form. This information will not be passed on without your consent.
The processing of the data entered via the contact form is based exclusively on your consent (Art. 6 (1) a) GDPR). You can revoke consent at any time. To do this, it is enough to send us an email. The legality of the data processing that took place prior to the revocation remains unaffected by the revocation.
We save the information you enter into the contact form until you request its deletion, revoke your consent to our storing it or the purpose for the data storage is no longer applicable (e.g. once the inquiry has been fully processed). Necessary legal requirements—in particular the retention period—remain unaffected.
4. Analysis Tools and Advertising
This website uses the functions of the Google Analytics web analysis service. The service provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable analysis of your use of the website. The information generated by the cookie about your use of this website is generally transferred to a Google server in the USA and stored there.
The storage of Google Analytics cookies is permitted based on Art. 6 (1) f) GDPR. The website operator has a legitimate interest in the analysis of user behavior, in order to improve both its website and its advertising.
We have activated the IP anonymization feature for this website. This means that Google abbreviates your IP address within European Union Member States or other States Party to the Agreement via the European Economic Area before the address is transmitted to the USA. The full IP address is only transmitted to a Google server in the USA and abbreviated there in exceptional circumstances. On behalf of the website operator, Google uses this information to analyze your use of the website and create reports on website activity and to provide further services to the website operator in relation to website use and internet use. The IP address communicated by your browser within the scope of Google Analytics will not be combined with other Google data.
You can prevent cookies being saved through the corresponding setting in your browser software; we point out, however, that in this case you may not be able to make full use of all of the functions of this website. In addition, you can prevent the collection of the data generated by the cookies related to your use of the website (including your IP address) by Google, as well as the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout.
Objection to Data Collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set that prevents the collection of your data in future visits to this website: Deactivating Google Analytics.
You can find more information about how Google Analytics handles user data in Google’s Data Privacy Statement: https://support.google.com/analytics/answer/6004245.
If you wish to receive the newsletter offered on the website, we require you to provide an email address as well as information allowing us to verify that you are the owner of the given email address, and that you agree to receive the newsletter. Further data are not collected or only on a voluntary basis. We use these data solely for sending the requested information and we do not pass them on to third parties.
The processing of the data entered via the newsletter registration form is based exclusively on your consent (Art. 6 (1) a) GDPR). You can revoke your consent to the storage of your data, your email address and their use for sending the newsletter at any time via the “unsubscribe” link in the newsletter. The legality of the data processing operations previously carried out remains unaffected by the revocation.
The data you provide in order to receive the newsletter will be stored by us until you unsubscribe from the newsletter, and will be deleted once you unsubscribe from the newsletter. Data that have been stored by us for other purposes (e.g. email addresses for the Members Only Area) remain unaffected by this.
This website uses services provides by MailChimp to send newsletters. The service provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service that can organize and analyze the sending of newsletters, among other features. If you enter data for the purpose of receiving the newsletter (e.g. your email address), these are saved on MailChimp’s servers in the USA.
MailChimp is certified under the “EU-US Privacy Shield” scheme. The “Privacy Shield” is an agreement between the European Union (EU) and the USA that is designed to guarantee the maintenance of European data protection standards in the USA.
We can analyze our newsletter campaigns using MailChimp. When you open an email sent by MailChimp, a file within the email (known as a web beacon) connects to MailChimp’s servers in the USA. This enables us to determine whether newsletter messages have been opened and which links have been followed. Technical information is also collected (e.g. time of opening, IP address, browser type and operating system). This information cannot be connected to the individual newsletter recipient. Its only purpose is the statistical analysis of newsletter campaigns. The results of this analysis can be used to better tailor future newsletters to recipients’ interests.
If you do not wish for MailChimp to analyze your data, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message. In addition, you can also unsubscribe from the newsletter on the website.
The processing of these data is based exclusively on your consent (Art. 6 (1) a) GDPR). You can revoke consent at any time by unsubscribing from the newsletter. The legality of the data processing operations previously carried out remains unaffected by the revocation.
The data you provide in order to receive the newsletter will be stored by us until you unsubscribe from the newsletter, and will be deleted from both our servers and MailChimp’s servers once you unsubscribe from the newsletter. Data that have been stored by us for other purposes (e.g. email addresses for the Members Only Area) remain unaffected by this.
6. Rights of the Data Subject
6.1) Right to Confirmation
All data subjects have the right, as granted to them by the European Legislature, to demand confirmation of whether their personal data are being processed. If a data subject wishes to use their right to confirmation, they can contact an employee of the data controlling organization at any time for this purpose.
6.2) Right of Access
Any subject whose data are being processed has the right granted to them by the European Legislature to access the personal data relating to them free of charge and to receive a copy of these data at any time. Furthermore, the European Legislature grants the data subject access to the following information: the purpose for processing; the personal data categories which are being processed; the recipients or categories of recipients to whom the personal data are being or have been published, in particular this applies to recipients in third countries or international organizations; where possible, the planned personal data retention period, or where this is not possible, the criteria for determining the duration of this period; the existence of the right to rectification or deletion of the subject’s personal data or a right to restrict its processing by the data controller or the right to object to its processing; the existence of a right to complain to a Data Protection Authority where the personal data are collected from elsewhere than the data subject: All available information about the origin of the data; the existence of an automated decision-making process that uses profiling as per Art. 22 (1) and (4) GDPR and—at least in these cases—meaningful information about the logic involved and the scope of the intended impact of this kind of processing for the data subject Furthermore, the data subject has a right to information about whether personal data are being transmitted to a third country or an international organization. Where this is the case, the data subject also has the right to information about the relevant guarantees in relation to the data transfer. If a data subject wishes to use their right to access, they can contact an employee of the data controlling organization at any time for this purpose.
6.3) Right of Rectification
Any subject whose data are being processed has the right granted to them by the European Legislature to demand the immediate rectification of incorrect personal data relating to them. Furthermore, the data subject has the right, as appropriate to the purpose of the processing, to demand the completion of incomplete personal data—including by means of a supplementary statement. If a data subject wishes to use their right to rectification, they can contact an employee of the data controlling organization at any time for this purpose.
6.4) Right to Deletion (Right to be Forgotten)
Any subject whose personal data are being processed is granted the right by the European Legislature to demand the Data Controller to delete their personal data immediately provided one of the following reasons applies and the processing is not necessary: The personal data were collected for a purpose or processed in such a way that they are no longer necessary. The data subject revoked their consent, which permitted the processing of their data as per Art. 6 (1) a) GDPR or Art. 9 (2) a) GDPR and there is no other legal basis for processing these data. The data subject prohibits data processing as per Art. 21 (1) GDPR and there are no overriding legal bases for data processing or the data subject objects to data processing as per Art. 21 (2) GDPR. These personal data are being processed illegally. The deletion of personal data is required to fulfill the legal obligation under EU law or Member State law to which the Data Controller is subject.
Personal data are collected in relation to information society services as per Art. 8 (1) GDPR. Provided one of the aforementioned reasons applies and a data subject wishes to trigger the deletion of their personal data that are stored by the company, the subject may contact an employee of the Data Controller at any time. The company employee will ensure that the deletion request is completed without delay.
If the personal data have been published by the company and the company is the Data Controller as per Art. 17 (1) GDPR and is therefore required to delete the data, the company is also required, within reasonable technology availability and implementation costs, including technical means, to inform other Data Controllers who are processing the data that the data subject requests the deletion of all links to these personal data and copies or replications of these data by these data controllers provided that the processing is not necessary. Company employees will action this as necessary in each individual case.
6.5) Right to Restrict Processing
Any subject whose data are being processed has the right granted to them by the European Legislature to demand a restriction on the processing of their data by the Data Controller if one of the following criteria is met: The correctness of the personal data is contested by the data subject. In this case for a duration in which the Data Controller can verify the correctness of the personal data. The processing is illegal, the data subject refuses deletion of their personal data, instead requesting a restriction on the use of their personal data. The Data Controller no longer requires the personal data for the purpose of the processing but the data subject requires them to assert, implement or defend legal claims. The data subject has issued an objection to the processing as per Art. 21 (1) GDPR and it has not yet been determined whether the Data Controller’s legitimate reasons override those of the data subject. Provided one of the aforementioned criteria is met and a data subject requests a restriction on their personal data that is stored by the company, the subject may contact an employee of the Data Controller at any time. Company employees will action this restriction on processing.
6.6) Right of Portability
Any subject whose data are being processed is granted the right by the European Legislature to receive their personal data that they as the data subject have made available to a data controller, in a structured, standard, machine-readable format. They also have the right to transmit these data to another Data Controller without being impeded by the Data Controller to whom the data were originally made available, provided the processing was based on consent as per Art. 6 (1) a) GDPR or Art. 9 (2) a) GDPR or an agreement as per Art. 6 (1) b GDPR and the processing took place using automated methods, provided the processing is not required for the fulfillment of a job that is in the public interest or an exercise of official authority which has been transferred to the Data Controller. Furthermore, the data subject has the right, when exercising their right to data portability as per Art. 20 (1) GDPR, to have their personal data transferred directly from one Data Controller to another Data Controller provided that this is technically feasible and does not impact the rights and freedoms of other persons. In order to exercise their right to data portability, the data subject can contact an employee of the company at any time.
6.7) Right to Object
Any subject whose data are being processed is granted the right by the European Legislature to object to the processing of relevant personal data for reasons relating to their own specific situation where the processing is taking place on the basis of Art. 6 (1) e) or f) GDPR. This also applies to assisted profiling where these provisions apply. In the case of an objection, the company will cease to process the personal data unless we can prove necessary reasons for the processing which are worthy of protection and override the interests, rights and freedoms of the data subject, or where the processing is for the purpose of asserting, implementing or defending legal claims. If the company is processing personal data for the purpose of direct marketing, the data subject has the right to lodge an objection against the processing of their personal data for the purpose of direct marketing at any time. This also applies to profiling, to the extent that this is related to such direct marketing. If the data subject raises an objection to the company for processing their data for the purpose of direct marketing, the company will no longer process the personal data for this purpose. Furthermore, the data subject has the right to lodge an objection against the processing of their personal data for reasons pertaining to their specific situation where the company is processing this data for purposes of scientific or historical research or for statistical purposes, as per Art. 89 (1) GDPR, unless such processing is necessary to fulfill a task in the public interest. To exercise the right to object, the data subject can directly contact any company employee or other employee. The data subject may also, at their discretion, in conjunction with information society services and notwithstanding Directive 2002/58/EC, exercise their right to object via automated processes using technical specifications.
6.8) Automated Decisions in Individual Cases, including Profiling
Any subject whose data are being processed has the right granted to them by the European Legislature not to be subjected to a decision made purely on the basis of automated processing—including profiling—that has a legal impact on the subject or infringes upon them in a similar manner provided the decision (1) is not necessary for the completion or fulfillment of a contract between the data subject and the Data Controller or (2) is permissible on the basis of European Union or Member State legislation to which the Data Controller is subject and this legislation contains suitable measures to safeguard the data subject’s rights, freedoms and legitimate interests or (3) takes place on the basis of the data subject’s express consent. If the decision is (1) necessary for the completion or fulfillment of a contract between the data subject and the Data Controller or (2) takes place with the express consent of the data subject then the company shall use suitable measures to safeguard the data subject’s rights, freedoms and legitimate interests. These measures shall, at minimum, include the right to trigger the involvement of a person on behalf of the Data Controller to present their point of view and the right to appeal the decision. If the data subject wishes to exercise their rights with regard to automated decisions, they can contact an employee of the data controlling organization at any time for this purpose.
6.9) Right to Revoke Consent in Data Protection Matters
Any subject whose data are being processed has the right granted to them by the European Legislature to revoke consent to the processing of personal data at any time. If the data subject wishes to exercise their right to revoke consent to data processing, they can contact an employee of the data controlling organization at any time for this purpose.
7. Data Privacy in the case of Applications and Application Processes
The Data Controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may take place using electronic methods. This is especially the case when an applicant transmits relevant application documents to the Data Controller using electronic methods such as email or a form on a web page. If the Data Controller concludes an employment contract with the applicant, the data transmitted are then saved in accordance with legal requirements for the purposes of handling the employment relationship. If the Data Controller does not conclude an employment contract with the applicant then the application documents will automatically be deleted two months after the applicant is notified of their rejection, provided that deletion is not an obstacle to any other legitimate interests of the Data Controller. Here, other legitimate interests could include the burden of proof in a case under the General Act on Equal Treatment.
8. The Duration for which Personal Data are Retained
The criterion determining the duration for which personal data are retained is the applicable statutory retention period. When this period expires, the relevant data are deleted as a matter of routine provided that they are no longer required to fulfill or initiate a contract.
9. Legal or Contractual Requirements to Provide Personal Data
We point out that we may be required to provide personal data due to legal obligations (e.g. fiscal regulations) or to fulfill contractual stipulations (e.g. information about a contractual counterparty/co-contractor). Sometimes, to form a contract, it may be necessary for a data subject to provide us with personal data which we must subsequently process. For example, the data subject is required to provide us with personal data if our company is concluding a contract with the subject. Failure to provide personal data would result in an inability to conclude the contract with the data subject. Before providing personal data, the data subject must contact one of our employees. Our employee will explain whether the provision of personal data is legally or contractually required in this case, or whether it is needed to conclude a contract and whether there is a requirement to provide the personal data, as well as the consequences of not providing the personal data.
10. Plugins and Tools
Google Web Fonts
For uniform presentation of fonts, this site uses so-called Web Fonts, which are provided by Google. When visiting a page, your browser loads the necessary Web Fonts into your browser cache so that text and fonts are displayed correctly.
For this purpose the browser you use must initiate a connection to Google’s servers. By this means Google will acquire knowledge that our website has been visited via your IP address. Google Web Fonts are used to support a unified and attractive representation of our online presence. This represents a legitimate interest within the meaning of Art. 6 (1) f) GDPR.
If your browser does not support web fonts, a standard font from your computer will be used.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s Data Privacy Statement: https://www.google.com/policies/privacy/.
This site uses the Google Maps service via an API. The service provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
In order to use Google Maps functions, your IP address must be saved. This information is usually transmitted to a Google server in the USA and saved there. The operator of this website has no authority over this data transfer.
Google Maps is used in the interests of appropriately presenting our online offerings and facilitating the location of the places we name on our website. This represents a legitimate interest within the meaning of Art. 6 (1) f) GDPR.
You can find more information about how Google handles user data in their Data Privacy Statement: https://www.google.de/intl/de/policies/privacy/.
11. Social Media Channels
Data Privacy Statement for YouTube Utilization
This website contains at least one plugin by YouTube, a company belonging to Google Inc., headquartered in San Bruno, California, USA. When you visit one of our pages that is equipped with a YouTube plugin, a connection is immediately made
with YouTube’s servers. This tells YouTube’s servers which specific pages on our website you have visited. If you are also logged into your YouTube account, you allow YouTube
to connect your browsing behavior directly to your personal profile. You can prevent the connection to your profile by logging out of your account beforehand. You can find more information about YouTube’s collection and use of your data
in their information on Data Protection at www.youtube.com.
Data Privacy Statement for Facebook Utilization
Our pages feature integrated plugins from the social network Facebook, service provider: Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can spot Facebook plugins on our website by the Facebook logo or the “Like” button. You can read an overview of Facebook plugins here: https://developers.facebook.com/docs/plugins/.
When you visit our pages, the plugin creates a direct connection between your browser and the Facebook server. Facebook thus receives the information that you and your IP address have visited our page. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link that content on your Facebook profile. This enables Facebook to connect your visit to our page with your user account. We point out that we, as the provider of the pages, have no knowledge of the content of data transferred or their use by Facebook. You can find more information about this in Facebook’s Data Privacy Statement at: https://de-de.facebook.com/policy.php.
If you do not wish for Facebook to be able to connect your visit to our pages with your user account, please log out of your Facebook account.
Data Privacy Statement for Google+ Utilization
Our pages use functions provided by Google+. The service provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Collection and transmission of data: You can publish information globally using the Google+ interface. The Google+ interface provides you and other users with content from Google and our partners. Google stores the information that you have awarded a +1 to an item and information about the page that you viewed when clicking on +1. Your +1s can be shown as notes alongside your profile name and your photo in Google services such as search results or your Google profile, or in other places on websites and internet ads.
Google tracks information about your +1 activities in order to improve Google services for you and others. In order to use the Google+ interface, you need a public Google profile that can be viewed from anywhere in the world and it must contain at least the name selected for the profile. This name will be used for all Google services. In some cases, this name may replace another name that you have used when sharing content via your Google account. The identity of your Google profile may be displayed to users who know your email address or other identifying information about you.
Contact for Issues of Data Privacy
If you have questions about collection, processing or use of your personal data, would like to request access, rectification, blocking or deletion of data, or would like to lodge an objection, please contact: NEW
eco-tec Verfahrenstechnik GmbH, Leisederstr. 4, D-84453 Mühldorf a. Inn, Germany