DATA PROTECTION

Karasto Armaturenfabrik Oehler GmbH is delighted that you have visited our website and are interested in our company.We attach great importance to the protection of your personal data. In the context of this privacy statement we would like to inform you about the personal data we collect when you visit our website, how this data is processed and what rights you have. For this reason, we kindly ask you to read through the following statements carefully.

Explanations of the terms used:

Personal data refers to all information relating to an identified or identifiable natural person. This includes, e.g., your name, your address and communication data or your e-mail address.

Process means every procedure carried out with or without the assistance of automated processes or every set of operations in connection with personal data such as the collection, recording, organisation, filing, storage, modification or change, reading out, requesting, use, disclosure by transmission, dissemination or another type of preparation, reconciliation or linking, restriction, deletion or destruction.

The data subject is every identified or identifiable individual whose personal data is processed by the controller.

Contoller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

User includes all categories of persons affected by the data processing. This includes our business partners and other visitors to our website.

For the terminology used we also refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR). The terms used such as “user” are gender-neutral

 

1. Name and address of controller

KARASTO Armaturenfabrik Oehler GmbH
Manfred-von-Ardenne-Allee 27
71522 Backnang
Germany
Tel: +49 7191 3452-0
Fax: +49 7191 3452-100
E-Mail: info@karasto.de
The representatives of the controller are the managing directors Carola Reese and Norbert Badstiebe

2.Data Protection Officer

We appointed a Data Protection Officer. You can reach the Data Protection Officer by sending an e-mail to datenschutz@karasto.de or correspondence to our postal address marked “The Data Protection Officer”.

Processing of personal data

Visiting our website

1.  Scope of data processing

When you visit our website, your browser transfers certain data to our web server for technical reasons. The following data is transferred (so-called server logfiles):

– IP address
– Date and time of request
– Time zone difference to Greenwich Mean Time (GMT)
– Content of request (specific page)
– Operating system and its access status / HTTP status code
– Transferred data volume
– Website from where the request comes (“Referrer URL”)
– Browser, language and version of browser software

2. Purpose of data processing

The storage of this data in logfiles is necessary in order to ensure the functionality of the website. We use this data to optimise the website and ensure the security of our information systems.

3. Legal basis of processing

We collect this data based on our legitimate interest pursuant to Art. 6 Section 1 lit. f) GDPR in order to be able to display our website and guarantee its security.

4. Storage period

For security reasons information in the logfiles is stored for a maximum period of seven days (e.g. for clarification of misuse or fraudulent actions) and then deleted. Data whose further storage is required for the purposes of proof is exempt from the deletion until the final clarification of the respective incident.

5. Opt-out and objection options

The recording of the data for the provision of the website and its storage in logfiles are imperative for the operation for technical reasons. As such, there is no “opt-out” on the part of the user.

Contact form and e-mail contact

1. Scope of data processing

When you use the contact form on our website, the following data is transmitted to us: Name*, Company*, Telephone number*, E-mail address*, Street*, Postcode*, Town/City* Message text, desired callback and time. The fields marked with * are mandatory fields.
Alternatively, it is possible to establish contact using e-mail addresses provided by us – depending on the enquiry. In these cases the sender’s personal data transmitted with the e-mail is processed.
In this context the data is not passed on to third parties. The data is used solely for processing the conversation and the enquiry.
Purpose of data processing

The processing of personal data from the input mask allows us to make contact. In the case of contacting by e-mail, there is also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending procedure (e.g. IP address, date, time) serves to prevent any misuse of the contact form and to ensure the security of our information systems.

3. Legal basis of processing

For establishing contact with us (using contact form or e-mail) the user’s details are processed for dealing with the contact request and its processing in accordance with Art. 6 Section 1 lit. b) GDPR.

4. Storage period

We delete personal data when it is no longer required for achieving the purpose of its collection. For personal data from the input mask of the contact form and the data that was sent by e-mail, this is the case when the respective conversation with the user is over. The conversation is over if it is evident from the circumstances that the respective facts or the request for information are/is subsequently clarified.

5. Opt-out and objection options

You have the option at any time to revoke your consent for the processing of personal data.
If you contact us by e-mail, you can object at any time to the storage of your personal data. In this case our conversation can no longer be continued. Please send an e-mail with notice of revocation to info@karasto.de. All personal data which was stored in the course of making contact is then deleted.

Applications

1. Scope of data processing

If you are interested in working in our company, you can submit an application by e-mail. Under the menu item “Jobs” you find advertised positions.

2. Purpose of data processing

We process personal data for deciding on the conclusion of an employment relationship, particularly for the selection process of suitable candidates and the administrative side of the application process.

3. Recipients of data

Your personal data can be viewed by the HR department and the hiring department.

4. Legal basis of processing

Legal basis is § 26 Section 1 BDSG-new (German Federal Data Protection Act)

5. Storage period

If the application leads to an employment relationship, we process this data for the performance of employment. This data is included in our personnel management system.
If the application does not result in an employment relationship, this data is deleted 3 months after the end of the application process taking into consideration the time limit of the AGG, unless the applicant grants consent to the long-term storage of their personal data in accordance with Art. 6 Section 1 lit a) GDPR and Art. 7 GDPR in order to be considered for new vacancies if necessary.

6. Opt-out and objection options

delete. Please send an e-mail to personal@karasto.de. This does not apply if you have applied for a specific position in our company in an ongoing application process. In this case we store the information you provided for this position until the statutory time limits have expired (esp. § 15 AGG).

Cookies

Scope of data processing

Our website uses cookies. Cookies are small text files which are stored on your computer when our website is opened. Cookies do not cause any damage to your computer and do not contain any malware, such as viruses. Cookies contain a character string, which allows a unique identification of the browser when the website is opened again. Some elements of our website require that the requesting browser can also be identified after a page change.
We do not match the data to you personally; we allocate an identification number to the cookie (“cookie ID”). An amalgamation of the cookie ID with your name, your IP address or similar data which would enable an assignment of the cookie to you is not effected. This website uses transient and persistent cookies.
a) Transient cookies are automatically deleted when you close the browser. They include so-called session cookies. These cookies store a so-called session ID, with which various requests of your browser can be assigned to the common session. When you return to our website, your computer can be recognised again. The session cookies are deleted when you log out or close the browser.
b)Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in your browser’s security settings.

Purpose of data processing

We use cookies in order to make our website attractive and user-friendly, improve the website and process requests faster.
Some elements of our website require that the requesting browser can also be identified after a page change. For this it is necessary that the browser is also recognised after a page change.

Legal basis of data processing

The legal basis for the processing of personal data using the technically necessary cookies is Art. 6 Section 1 lit. f GDPR.

Storage period

Session cookies are deleted as soon as the browser is closed.
Persistent cookies are automatically deleted after a specified period.

Opt-out and objection options

As a user you have full control over the use of cookies. By changing the settings in your Internet browser you set the cookies so they are not stored or automatically deleted at the end of your Internet session. For this, in your browser’s settings select “Do not accept cookies”. In Microsoft Internet Explorer select “Extras > Internet options > Data protection > Setting”; In Firefox select “Extras > Settings > Data protection > Cookies”); If you use a different Internet browser, then please refer to the browser’s help function for instructions about preventing and deleting cookies.
However, please be aware that in this case you may not be able to use all functions of our website.

Data security

We adopt technical, contractual and organisational measures for secure data processing according to the state of the art. This allows us to ensure that the provisions of the data protection laws, particularly the General Data Protection Regulation (GDPR), are observed and the data processed by us is protected against destruction, loss, modification and unauthorised access. These security measures also include the encrypted transmission of data between your browser and our servers. Please note that the SSL encryption is only activated for transmissions over the Internet if the key symbol appears in the lower menu bar of your browser window and the address starts with https://. With SSL (Secure Socket Layer) the data transmission is protected with encryption technology against illegal data access by third parties. If this option is not available, you can also decide not to send certain data over the Internet.
All information that you send us is stored and processed on our servers in the Federal Republic of Germany.

Disclosure of data to third parties and third-party providers

The passing on of this data to third parties only takes place as part of statutory requirements. We only forward the data of users to third parties if this is required, for example, on the basis of Art. 6 Section 1 lit. b) GDPR for contract purposes or on the basis of legitimate interests in the economic and effective operation of our business in accordance with Art. 6 Section 1 lit. f. GDPR.
Within the framework of order processing in accordance with Art. 28 GDPR we hire subcontractors to provide our services, particularly for the operation, maintenance and hosting of the website. We took appropriate legal precautions, as well as corresponding technical and organisational measures, in order to ensure the protection of the personal data in accordance with the relevant statutory regulations.

External services and content on our website

We integrate external services or content on our website. This is effected on the basis of our legitimate interests in the analysis, optimisation and economical operation of our online offer pursuant to Art. 6 Section 1 lit. f GDPR.
For the use of such a service or the display of third-party content, communication data such as data, time and IP address are exchanged between you and the respective provider for technical reasons. This data includes, in particular, your IP address, which is required for the display of content in your browser.
It may be that the provider of the respective services or content processes your data for their own purposes. As we have no influence on the data collected by third parties and its processing by the third parties, we cannot provide any binding statements on the purpose and extent of the processing of your data.
Further information about the purpose and extent of the collection and processing of your data can be found in the privacy notices of the respective providers of the services or content integrated by us.
The following list provides an overview of third-party providers, as well as their content and links to their privacy notices, which contain further information about the processing of data and opt-out options.

Google Maps

We use Google Maps on this website. This allows us to display interactive maps directly in the website and enables you to conveniently use the map function.
By visiting the website Google obtains information that you requested the corresponding subpage of our website. This is effected irrespective if Google provides a user account, through which you are logged in, or if there is no user account. If you are logged in to Google, your data is assigned directly to your account. If you do not want the assignment to your Google profile, you must log out before opening a map. Google saves your data as usage profiles and uses them for the purposes of advertising, market research and/or needs-based design of its website. Such evaluation is effected particularly (even for users who are not logged in) for the provision of needs-based advertising and in order to inform other users of the social network about your activities on our website. You have the right to object to the creation of these usage profiles, whereby you must contact Google to exercise this right.
We use Google Maps in the interests of displaying our online services in an appealing way and to make it easier to discover the locations that we specify on the website. This represents a legitimate interest pursuant to Art. 6 Section 1 lit. f GDPR.
Further information about the purpose and extent of the data collection and processing by Google Maps can be found in the privacy notices. There you also obtain further information about your rights and settings for protecting your privacy: https://www.google.de/intl/de/policies/privacy/. Opt-out: https://www.google.com/settings/ads/. Google processes your personal data also in the USA and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files which are stored on your computer and enable an analysis of the use of the website by you. The information created by the cookie about your use of this website is generally transferred to a Google server in the USA and stored there.
The storage of Google Analytics cookies is effected on the basis of Art. 6 Section 1 lit. f GDPR. The website provider has a legitimate interest in the analysis of the user behaviour in order to optimise both its web offer and advertising.

IP anonymisation

We activated the IP anonymisation function on this website. This means that your IP address is shortened by Google in EU member states and in other contracting states of the Agreement on the European Economic Area before it is sent to the USA. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. Google shall use this information on behalf of the operator of this website in order to evaluate your use of the website, to compile reports on the website activities and to provide other services associated with the website and Internet use to the website operator. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data by Google.

Browser plug-in

You can prevent the storage of cookies with a corresponding setting in your browser software;. However, we would like to point out that in this case you may not be able to fully use all functions of this website. You may also prevent the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objecting to data collection

You may prevent the collection of your data by Google Analytics by clicking on the following link. This places an opt-out cookie on your system, which prevents your data from being collected during future visits to this website by deactivating Google Analytics.
More information about the handling of user data by Google Analytics can be found in Google’s privacy notice: https://support.google.com/analytics/answer/6004245?hl=de.

Commissioned data processing

We have concluded a contract on commissioned data processing with Google and implemented in full the strict provisions of the German data protection authorities in our use of Google Analytics.

Demographic features with Google Analytics

This website uses the “Demographic features” function of Google Analytics. This means that reports can be compiled, which contain statements about age, sex and interests of site visitors. This data comes from interest-based advertising by Google, as well as visitor data from third-party providers. This data cannot be assigned to a certain person. You can disable this function at any time via the display settings in your Google account or prevent the collection of your data by Google Analytics as shown in the point “Objecting to data collection”.

Your rights

When we process your personal data, you are a data subject pursuant to the General Data Protection Regulation (GDPR) and you have the following rights regarding personal data concerning you:
– Right to disclosure (Art. 15 GDPR)
– Right to correction (Art. 16 GDPR)
– Right to erasure (Art. 17 GDPR)
– Right to restriction of processing (Art. 18 GDPR),
– Right to data portability (Art. 20 GDPR)
– Right to object to processing (Art. 21 GDPR)
The restrictions in accordance with §§ 34 and 35 BDSG (German Federal Data Protection Act) apply for the right to disclosure and erasure.

Right to lodge a complaint at a supervisory authority

There is also a right to lodge a complaint at a data protection supervisory authority (Art. 77 GDPR pursuant to § 19 BDSG).
The supervisory authority responsible for our company is:
The State Officer for Data Protection and Freedom of Information in the state of Baden-Württemberg
Postcode 10 29 32
70025 Stuttgart
Tel.: 0711/615541-0
Fax: 0711/615541-15
E-mail: poststelle@lfdi.bwl.de

Changes to the privacy statement

We reserve the right to make changes to the privacy statement in order to adapt it to modified legal bases, or in the event of changes to the service and data processing. However, this shall only apply with regard to explanations for data processing. If consent from the users is required or elements of the privacy statement contain provisions of the contractual relationship with the users, the changes are only made with the agreement of the users.
Please keep up-to-date about the content of the privacy statement.

Status: August 2019 (un)