Privacy

 

We thank you for your interest in our website. Protection of your personal data is a top priority for the AWEBA Werkzeugbau GmbH Aue company (hereafter referred to as  "AWEBA", "we" or "us"). As required by the relevant EU General Data Protection Regulation (EU regulation 2016/679 issued by the European Parliament and Council on 27 April 2016 – hereafter known as "GDPR") - we hereby provide information regarding the processing of your personal data during visits of the website at http://www.aweba.de/, hereafter known as  “the website”, in this statement of our privacy policy:

 1.   Names and contact information for the responsible parties

AWEBA Werkzeugbau GmbH Aue

Damaschkestraße 7

08280 Aue/ Germany

Phone: +49 (3771) 273 0

Fax: +49 (3771) 273 353

Email: info(at)aweba.de

The AWEBA Werkzeugbau GmbH Aue is represented by its managing directors Udo Binder and Rüdiger Drewes. 

The AWEBA Werkzeugbau GmbH Aue bears sole responsibility for maintaining this website. We also use this website to provide information about other organizations belonging to the AWEBA group.

 

2.   Contact information for the data protection officer

The person responsible for data protection at AWEBA is: 

Attorney RA Dr. Thorsten B. Behling

WTS Legal Rechtsanwaltsgesellschaft mbH

Sachsenring 83

50677 Köln/ Germany

Email  t.behling@aweba.de

 

3.   Categories of personal data we process

Depending on the specific services you use, personal data is collected in the following categories:

a.      General use of the website (“surfing”)

·      Information about the browser type and the version used

·      The user’s operating system

·      The user’s internet service provider

·      The user’s IP address

·      Time and date of access

·      Websites from which the user accessed our website

·      Websites visited by the user via our website

·      Cookie data (for example, pseudonym session-ID), insofar as and provided that users accept this, as explained in article 8

 

b.     Use of an application option (via email or mail)

·      Personal master data (such as salutation, first name, last name, date of birth)

·      Contact information (such as phone, fax number, email)

·      Address (such as street, building number, zip code, city, country)

·      Application data (such as application letter, CV, testimonials, recommendations)

 

c.      Contact (phone or mail)

·      Personal master data (such as first name, last name)

·      Contact information (such as email, phone number)

·      Content of your request (such as email content)

  

4.   Origin of personal data not immediately collected from you

We generally collect your personal data only from you. If data collection is performed otherwise, we explicitly indicate this. When we process data sent to us, for example by email, we get the data from the person sending us the email. 

Should you transmit to us a third party’s personal data via the previously mentioned services,  you are obliged to maintain all legal data protection requirements, especially those found in  the clauses 5 to 9 and 12 from the GDPR. Otherwise we have no intention to collect this data and reserve the right of initiating legal action against you.

 

5.   Data storage period

The personal data collected by us is stored as long as necessary for the performance of the purpose for which it was collected. Should this purpose no longer apply, we will delete or anonymize your data, if and to the extent that we have no legitimate retention reasons and obligations (such as for tax regulations) not to do so. In this case, the data undergo only the limited processing needed to fulfill these obligations and, otherwise, only with prior approval, for the assertion, performance or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of an essential public duty of the European Union (EU) or one of its member states. If there is any obligation to preserve records/ data, we delete ore anonymize the data after the reason or obligation for retention has elapsed. 

 

6.   Purposes for which personal data are processed

We adhere to the principle of the appropriate use of the personal data and process your personal data only for the purposes for which you communicated them to us. The personal data you share with us we use for the following purposes:

 

·         Processing your inquiry (such as via email)

·         Sending information

·         Customer support and administration

·         Contract performance and execution of precontractual actions

·         Company and/or group management control (such as for budgeting and reporting)

·         Decisions regarding the establishment of an employment relationship and, in this case, regarding the execution and termination of it (for applications by both email and post)

·         Maintenance of legal requirements (such as for the performance of tax regulations and other relevant commercial law and the implementation of compliance management incl. compliance audits)

·         Data privacy and security management and checks

·         Provision of access data for access-limited website areas 

 

7.   Legal basis for processing

Processing of personal data is based on the GDPR, the German Federal Data Protection Act (German abbrev.: BDSG), as well as additional European and German regulations and acts. 

a.      Legal basis overview

The table below provides a short summary of the available or applicable legal foundations according to the GDPR:

 

Legal foundation

Description / justification

Prior approval

Clause 6 par. 1 p. 1 a) GDPR

This legal basis applies if you have a priori agreed that we are allowed to process your data for one or several purposes.

Performance of a contract or execution of precontractual actions

Clause 6 par. 1 p. 1 b) GDPR

If we have signed a contract with you (such as concerning the purchase of a die) or you have asked us to execute a precontractual action (such as to create an offer), then this is the legal basis enabling us to process any data necessary to perform the contract or execute the precontractual action.

Performance of a legal obligation

Clause 6 par. 1 p. 1 c) GDPR

This allows us to process your data if this is required for the performance of a legal obligation (such as to meet obligations in terms of taxes or commercial law).

 

Justified self-interest or justified third-party’s interests

Clause 6 par. 1 p. 1 f) GDPR

Our processing of personal data is also based on our own justified interests or the justified interests of third parties. Justified interests are regarded as all legal, economic and ideal interests that are not legally disallowed. These justified interests can be, for example, data processing to communicate with our customers and contact partners of the customers (as far as not covered by clause 6 par. 1 p. 1 b) GDPR yet)

Decision on the establishment of an employment relationship Clause 88 GDPR

In connection with § 26 par. 1 p. 1 BDSG (Federal Data Protection Act)

We use job applicant’s data for decision-making regarding establishing employment and, if applicable, substantiation, execution and termination of this employment.

 

b.     Details about the legal basis 

aa.   General use of our website (surfing)

With each visit, for technical reasons, we automatically collect data and information from the computer system of the terminal accessing our website. Here, we process the data types given in article 3 a). This process is carried out with your prior approval of our cookie banner declaration according to clause 6 par. 1 p. 1 a) GDPR as the legal foundation. We store the data processed on our website in so-called log files. Details and specific facts about the cookies used can be taken from article 8. 

 

bb. Sending of applications

If you send us an application (such as by mail or email), we make use of the data types used by you as aforementioned under article 3 c) to make decisions regarding your employment and establishing, executing and terminating the employment relationship. This is legally based on clause 88 GDPR in connection with § 26 par. 1 p. 1 Federal Data Protection Act (BDSG).  

We process data of the types given in article 3 c) only if and insofar as they are suitable to demonstrate your suitability for the job. If this is not given, we do not intend to collect this data. If you send your application via email, please make sure that the data are adequately encoded, since data transfer via email is not protected and, consequently, third persons may also access it. 

If you apply for a job not advertised by AWEBA itself, but another organization in the AWEBA group, then the aforementioned data are processed in a reliable way for the same purposes and on the identical legal basis by the relevant organization. The job advertisement gives the organization in its first line. 

cc.   Contact via email or phone

If you contact us by email or phone, we process the data you entered (such as email, phone number, content of your contact). This is necessary to reply to your request and, if necessary, to perform precontractual actions requested by you (such as sending you a proposal upon request). This processing is legally based on clause 6 par. 1 p. 1 b) and f) of the GDPR. If you act as a contact partner for one of our customers, then our justified interests in processing your data are to fulfill the contract with our customer or to make the materials available to the customer during precontractual actions.

If you contact an organization other than the AWEBA group, then the data aforementioned are processed for the same purposes and on the same legal basis by the relevant organization.

 

8.   Use of cookies

We use cookies on our web site. A cookie is a small data file generated by our web server and stored on the hard disk of your computer during the communication of your computer with the web server. There are session cookies designed only for the functionality of our website, which are immediately deleted after closing the browser, and cookies that persist after a session (so-called persistent cookies) that are stored and used across sessions. We use both types of cookies. By making use of our websites, which features a cookie banner, you have automatically given permission for us to process your data using cookies as explained below. This kind of processing of data is legally based on clause 6 par. 1 S. 1 a) of the GDPR. If you wish to assert your right to withdraw or refuse, proceed  – notwithstanding the explanations in article 11 g) and i) – as explained below:

Avoiding cookies

You can assert your right to refuse cookies at any time. To do this, notwithstanding the miscellaneous options to avoid cookies as explained in the following, you can adjust your browser so that it does not accept cookies or so that it asks you for your confirmation before setting a cookie. Please find the corresponding details by using your browser’s help function. 

If you don’t accept cookies, the full functionality of the website may not be available to you. 

The website makes use of so-called cookies. Cookies neither damage your computer nor contain viruses. Cookies are designed to make our services user-friendly, more efficient and safer. Cookies are small text files that are placed on your computer and stored by your browser. 

Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit to the website. Other cookies remain stored on your terminal until you delete them. These cookies enable us to recognize your browser during your next visit. 

You may adjust your browser so that you are informed about the setting of cookies and are able to approve cookies only in individual cases, as well as to accept cookies in certain cases or in general, and you can also activate the automated deletion of cookies when closing the browser. The functionality of this website can be limited upon deactivation of the cookies.

 

9.   Recipients or categories of personal data recipients

The personal data may be shared with the following recipients:

·       Public authorities to whom the data must be sent due to legal regulations (such as tax authorities, supervisory authorities, social insurance agencies, if necessary law enforcement authorities)

·       Internal bodies involved in the execution of tasks

·       Contractors (service providers, such as IT service providers)

·       Our external data protection officer

·       Other group organizations and departments (such as the revision or information safety department or the management of the AWEBA /Schuler and/or Andritz group)

 

10.         Transmission of personal data to third countries

As a rule, we don’t transfer the personal data we collect by means of this website to governments outside the European Union or the European Economic Area (third-party countries). 

However, data collected through our website may be transferred to third-party countries if and to the extent that this transfer is necessary to fulfill a contract, for internal communication, customer support and/or administration or, for example, due to the integration of a service provider or the intervention of a group company in a third country. We commonly involve our data protection officer in such cases. The transfer only occurs if an adequate data privacy level exists or has been generated at the receiving address by means of suitable guarantees (according to clause 45  of the GDPR) or, in exceptional circumstances, where neither an adequacy decision nor suitable guarantees (clause 49 par. 1 p. 2 GDPR) are required. As a general rule, we use EU standard contractual clauses to guarantee an adequate data protection level for the corresponding recipient. The guarantees we use are available from our data protection officer. If and insofar as you are interested in obtaining further information about the guarantees in an individual case, please contact him using the contact data given in article 2.

 

11.         Rights in relation to data processing

You are entitled to the rights outlined below, from clause 15 to 21 of the GDPR, as well as the right to revoke your prior approval at any reasonable time and the right to bring a complain to the supervisory authority. You may informally assert your rights vis-à-vis our company either immediately – using the contact data found in article 1 or by using as an intermediary our data protection officer, whose contact data are to be found in article 2. In this process, you will incur not costs, except possible transfer or connection charges.

 
a.      Right to demand information (clause 15 GDPR)

You have the right to request a confirmation from us of whether and, if yes, which personal data about you have been processed, and to demand information in particular about the purposes and the legal basis for this processing (see articles 6, 7 and 8), the categories of the data we process (article 3), the categories of recipients (article 9) and our intent to transfer the data to receivers in a third country (article 10). The requested information also comprises information about the data’s origin, unless you collect it yourself. You are also entitled to demand a copy of the personal data subject to processing, unless this impinges on the rights and freedoms of other persons in relation to their personal data.

 

b.     Right to correction (clause 16 GDPR)

You are entitled to demand from us the immediate correction of incorrect personal data. You are also entitled to demand – making allowances for the purpose of the processing – the completion of incomplete personal data – even by means of an additional statement.

 
c.      Right to deletion (clause 17 GDPR)

You have the right to demand that we immediately delete your personal data for any of the following reasons and if none of the exceptions below applies:

 • The data processed by you are no longer necessary for the purposes explained in this data privacy policy statement

You have revoked your prior approval (see article 11. i)) and we have no other legal basis for processing your data

The data have been illegally processed, or

It is necessary to delete the data to comply with a legal obligation according to the law of the European Union or its member states, which is valid for us. 

You have filed an objection to the processing of your data by our firm (see also article 11. g)) and we have no justified reasons to process your data that take priority.

However, we are not compelled to comply, and may even be prohibited from complying, with your intent to delete personal data in one of the following cases:

Processing is needed to perform the right to free expression of opinion and information,

Processing is required to fulfill a legal obligation applicable for us according to the laws of the European Union or one of its member states (such as legal obligations to preserve records over a certain period),

Processing is necessary to assert, execute or defend legal claims, or

Processing is needed for reasons of the public interest in the field of public health.

d. Right to limit processing (clause 18 GDPR)

You have the right to demand that we process your personal data only to a limited extent. You are, in particular, entitled to demand this in case of one of the following reasons:

You deny the correctness of your data,

Processing of data is illegal, and you reject the deletion of data,

We, in fact, no longer need your data, but you need it to assert, execute or defend legal claims, or

You have revoked permission for processing (see also article 11 g)) and we are still checking whether our justified reasons for processing take precedence over your objection.

 

e.      Right to information (clause 19 GDPR)

If you have asserted the right to correction, deletion or limitation of processing, then we are obliged to inform all recipients to whom your personal data were disclosed of this correction or deletion of data or the limitation in processing, unless this proves to be impossible or entails unreasonable efforts. You are also entitled to be informed of these recipients.

 
f.       Right to data transferability (clause 20 GDPR)

You are entitled to obtain your personal data in a structured, commonly used and machine-readable format and to send them to another officer, or to let the data be sent by us, insofar as you have made this data available to us through a prior approval, or due to a contract, and the data are processed by means of an automated procedure. You have the right to have the data transferred from us immediately to the new officer, insofar as this is technically feasible and the rights and the freedom of other persons are not infringed.

 
g.     Right to contradiction (clause 21 GDPR)

You have the right to file an objection to the processing of your personal data for reasons resulting from your specific situation at any time, insofar as it is necessary to process this data to safeguard our or a third party’s justified interests or to perform a task of public interest.

 

You may refuse the processing of your data for future advertising purposes at any time, and we will always comply.

 
h.     Right to complain to a supervisory body (clause 77 GDPR)

Moreover, you are also entitled to lodge a complaint with the relevant data protection supervisory body, such as at your place of residence or the place of the presumed violation, at any time.

 

The following data protection supervisory authority is responsible for us:

 

Saxon Data Protection Officer

Mr Andreas Schurig

Bernhard-von-Lindenau-Platz 1

01067 Dresden/ Germany

Email: saechsdsb(at)slt.sachsen.de This email address is protected against Spam bots! Enable JavaScript to see them.

 
i.       Right to revoke prior approval

If and to the extent that you have given us a prior approval statement regarding the processing of your data, you have the right to revoke this prior approval for the future at any time. Revocation does not affect the lawfulness of processing carried out following the prior approval up to the date of revocation; the revocation only affects the lawfulness of future processing.

 
12.         You are not obliged to provide data

There is no legal obligation for you to provide us with your personal data.

 

Should you refuse, even technically, to allow us to obtain the data required to use our web-site, you may be limited in your use of, or unable to use, the services mentioned in article 3.

 

It is necessary to provide personal data (according to article 3 c) for an application to our organization or another organization in the AWEBA group to make decisions regarding employment. Not providing this data may result in a negative decision.

 

The provision of your data when contacting us or another organization in the AWEBA group via email or phone (see article 3 d) is also voluntary. However, we are unable to reply to your request if you have not provided a contact address.

 

13.         Automated decisions, including profiling, according to article 22 GDPR

Your personal data are not used for automated decision making, including profiling, according to clause 22 par. 1 and 4 GDPR.

 

14.         Data protection

We take technical and organizational security actions to safeguard your personal data against unintentional or illegitimate deletion, alteration or loss and against unauthorized transmission or unauthorized access.

 
15.         State and adjustments of this data protection notice

This data privacy policy statement was updated on the date given below. We reserve the right to update this data privacy policy statement. For this reason, we ask you to consult the statement regularly so that we can keep you abreast of potential changes.

 

Issued: May 2018