1. Basic information on data processing
We would like to inform you in this data protection declaration about the natur scope and purpose of the processing of personal data when you visit our website and about your rights in this regard.
With regard to the terms used, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Personal data is all information relating to an identified or identifiable natural person. This includes, for example, your name, your address and communication data as well as your e-mail address.
Processing means any operation or series of operations carried out with or without the aid of automated procedures in relation to personal data, such as the collection, collection, organization, arrangement, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, deletion or destruction.
Data subject is any identified or identifiable natural person whose personal data is processed by the controller.
The Controller or controller for processing is the natural or legal person, public authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data.
2. Name and address of the controller
Wallersheimer Weg 100
Phone: +49 261 – 8900-0
The controller‘s representatives are its managing directors Mark Wilhelms and Johannes Pink.
3. Data protection officer
Stabilus GmbH has appointed a data protection officer. You can reach him at the e-mail address email@example.com or via our postal address with the addition "the data protection officer".
4. Processing of personal data
4.1.Visit of our website
4.1.1. Scope of data processing
When you visit our website, your browser sends an error message (error log) to our web server in case of errors for technical reasons. This is the following data:
- IP address
- Date and time of the error message
- Error message
4.1.2. Purpose of data processing
The processing of this data is necessary in order to be able to trace the error and take remedial measures.
4.1.3. Legal basis for the processing
We collect this data on the basis of our legitimate interest within the meaning of Art. 6 Para. 1 letter f) GDPR in order to be able to correct errors and to guarantee the security of the website.
4.1.4. Duration of storage
Error message information is stored for a maximum of seven days and then deleted. Data where further storage is necessary for further processing of the error message are excluded from deletion until the respective incident has been finally clarified.
4.1.5. Right to object and abolish
The collection of data for error correction and its storage in log files is absolutely necessary for the operation and security of the website for technical reasons. Consequently, there is no possibility of objection on the part of the user.
4.2. Contact form, newsletter and e-mail contact
4.2.1. Scope of data processing
There is a form on our website under "Contact" with which you can make inquiries. There is a special form for suppliers under "Stabilus Suppliers". You can also register for our newsletter ("IR Newsletter") under Investor Relations.
If you use one of these options, the data entered in the input mask will be transmitted to us and saved. Depending on the input form, this may be all or part of the following data: Mrs/Mr, title/position, first name, surname, company, division/department, street, postcode, city, country, telephone number, fax number, e-mail address and details of your request. Mandatory fields are marked accordingly.
Registered partners and suppliers can log in using their user name and password. These are assigned to the stored data.
In addition, it is possible to contact us via the e-mail address firstname.lastname@example.org. In this case, the user's personal data transmitted by e-mail will be stored.
In this context, the data will not be passed on to third parties. The data will only be used to process the conversation and to process your request.
4.2.2. Purpose of data processing
The processing of the personal data from the input masks and/or the email address serves us only for the treating the establishment of contact and/or your inquiry. This is also the legitimate interest in the processing of the data.
4.2.3. Legal basis of the processing
When contacting us (via contact form or e-mail), the user's details are processed for processing the contact inquiry and its processing in accordance with Art. 6 Para. 1 lit. b) or f) GDPR. For the IR newsletter, we obtain your prior consent by e-mail; the legal basis for processing is Art. 6 para. 1 lit a) GDPR.
4.2.4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is terminated when it can be concluded from the circumstances that the facts in question have been finally clarified. The personal data from the registration for the IR newsletter is no longer required and will be deleted as soon as you unsubscribe from our IR newsletter.
4.2.5. Possibility of objection and removal; right to withdraw consent
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. If you unsubscribe from our newsletter, you will not receive any more newsletters from us. Please send cancellations to email@example.com. All personal data stored in the course of contacting us will be deleted in this case.
4.3. Applications (Homepage "Stabilus Career")
4.3.1. Scope of data processing
If you are interested in working for Stabilus, you can apply online. Under the menu item "Stabi-lus Career" you will find jobs that we have advertised. You can also send an unsolicited application.
If you apply to us by e-mail, we will process the data you have submitted to us in order to carry out the application process.
Your personal data can be viewed by the personnel department and the specialist department responsible for staffing. In addition, we have commissioned the service provider concludis GmbH to handle the applicant inquiries. concludis therefore also has access to the data.
4.3.2. Purpose of data processing
We process personal data for the decision on the establishing employment relationship, in particular for the selection process of suitable candidates and the administrative implementation of the application procedure.
4.3.3. Legal basis of the processing
Legal basis is § 26 para. 1 BDSG.
4.3.4. Duration of storage
If the application leads to an employment relationship, then we will process this data for the performance of an employment relationship. These are then included in our personnel administration system and are subject to the deletion periods for our employees' personal data.
If the application does not lead to an employment relationship, then this data will be deleted six months after the end of the application procedure. This is taking into account the period of action of the AGG, unless consent has been provided by the applicant acc. to Art. 6 para. 1 a) GDPR and Art. 7 GDPR for the long-term storage of his personal data in for eligibility of new job offers if necessary.
4.3.5. Possibility of objection and elimination
The information you send us can be renewed or deleted at any time upon request. For this please send an e-mail to firstname.lastname@example.org. This does not apply if you have applied for a specific position with us in an ongoing application process. In this case, we store the information you provide for this position until the end of the legal action periods (especially § 15 AGG).
4.4.1. Scope of data processing
a) Transient cookies are automatically deleted when you close your browser. These include in particular so-called session cookies. These store a so-called session ID, with which different requests of your browser can be assigned to the common session. When you return to our website, your computer can be recognized. The session cookies are deleted when you log out or close your browser.
b) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
4.4.2. Purpose of data processing
Some elements of our website require that the calling browser can be identified even after a page change. For this it is necessary that the browser is recognized even after a page change. These include, for example, log-in information and shopping basket functionalities.
4.4.3. Legal basis of data processing
The legal basis for the processing of personal data using the technically necessary cookies is Art. 6 para. 1 lit. f) GDPR.
4.4.4. Duration of storage
Session cookies are deleted as soon as the browser is closed.
Persistent cookies are automatically deleted after a specified period.
4.4.5. Possibility of objection and elimination
Please note, however, that in this case you may not be able to use all functions of our website.
4.5.1. If you have given us your consent, our website uses the services of etracker GmbH from Hamburg, Germany (www.etracker.com) to analyze usage data. Cookies are used which enable a statistical analysis of the use of the website by its visitors as well as the display of use-related content or advertising. Cookies are small text files that are stored by the Internet browser on the user's terminal device. etracker cookies do not contain any information that enables a user to be identified. The data generated with etracker is processed and stored by etracker exclusively in Germany on behalf of the provider of this website and is thus subject to the strict German and European data protection laws and standards. etracker has been independently tested, certified and awarded the ePrivacyseal data protection seal of approval.
4.5.2. Legal basis of the processing
The legal basis for the processing carried out on the basis of the consent is Art. 6 para. 1 lit. a) GDPR.
4.5.3. Duration of storage
etracker uses persistent cookies, which are automatically deleted after a specified period.
4.5.4. Right of revocation
The consent for data collection and storage can be revoked at any time with effect for the future. For revocation of your consent, you can use the below link. Revocation of your consent will have no negative consequences for you.
More information regarding the data protection of etracker can be found here.
5. Data integrity
We take technical, contractual and organizational measures for the security of data processing in accordance with the state of the art. In this way we ensure that the regulations of the data protection laws, in particular the GDPR, are observed and that the data processed by us is protected against destruction, loss, alteration and unauthorized access. These security measures also include the encrypted transmission of data between your browser and our servers. Please note that SSL encryption is only activated for transmissions made over the Internet if the key symbol appears in the lower menu bar of your browser window and the address starts with https:/. The SSL (Secure Socket Layer) protects data transmission against illegal access by third parties using encryption technology. If this option is not available, you can also choose not to send certain data over the Internet.
All information that you transmit to us is stored and processed on our servers in the Federal Republic of Germany.
6. Transfer of data to third parties
Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if this is necessary for contractual purposes on the basis of Art. 6 para. 1 lit. b) GDPR, if this is necessary to safeguard legitimate interests pursuant to Art. 6 para. 1 lit. f) GDPR in the economic and effective operation of our business or if another justification pursuant to Art. 6 GDPR exists.
Within the scope of order processing in accordance with Art. 28 GDPR, we employ subcontractors for the provision of our services, in particular for the operation, maintenance and hosting of IT systems. We have taken appropriate legal precautions and appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant statutory provisions.
7. External services including integration of social networks and third party content on our website
We integrate external services or content on our website. We have also included plug-ins (buttons) from various social networks so that you can use the interactive possibilities of social networks. This is done on the basis of our legitimate interests in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f) GDPR.
When using such a service, displaying third-party content and clicking the social networking buttons, communication data such as date, time and IP address are exchanged between you and the respective provider for technical reasons. In particular, this is your IP address, which is required to display content in your browser. When you click a social networking button, note that social networking sites may associate your visit with your account if you are logged in to the social networking site at that time. Stabilus does not receive any information about data transmission or use by social networks.
It is possible that the provider processes your data for further, own purposes. However, since we have no influence on the data collected from third parties and their processing by them, we cannot provide any binding information on the purpose and scope of processing your data.
For further information on the purpose and scope of the collection and processing of your data, please refer to the data protection information provided by the providers of the services or content integrated by us who are responsible for data protection law.
The following list provides an overview of third-party providers as well as their contents and links to their data protection declarations, which contain further information on the processing of data and possibilities of objection.
- Youtube: www.google.com/policies/privacy
- Xing: www.xing.com/privacy
- Facebook: https://www.facebook.com/policy.php
8. Your rights
If we process personal data of yours, you are affected in the sense of basic data protection regulation and you have the following rights with regard to your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectify (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object to process (Art. 21 GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
We reserve the right to change the data protection declaration in order to adapt it to a changed legal situation or in the event of changes to the service or data processing. Therefore, please inform yourself regularly about the contents of the data protection declaration.