Data protection information for visitors to our website

Information requirements for data collection according to Art. 13,14,21 DSGVO

In the following, we inform you about the collection and processing of personal data when using our website. Personal data is data that can be related to a person, e.g. name, address, telephone and e-mail address, IP address, but also user behaviour etc.

Responsible for the processing of your data and contact details of the data protection officer

August Mössner GmbH + Co KG

Hohenstaufenstraße 3

73569 Eschach

Tel: 07175 / 99806-0

E-mail:

You can reach our company data protection officer, Mr. Torsten Schmid, at the above postal address under the keyword “PERSONALLY to the data protection officer” or by e-mail at .

Information on data security

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is therefore not possible.

Purposes and legal bases of the processing of personal data

Contact by e-mail

Purposes of processing

If you send us a message by e-mail or via a contact form, the data you provide will be stored by us and used to process your message and to contact you. We will not pass on your data to third parties without your express consent.

Legal basis for processing

The legal basis for the collection and processing of your data is Art. 6 para. 1 lit. b DSGVO (implementation of pre-contractual measures), as well as Art. 6 para. 1 lit. a DSGVO (consent), if we have requested this.

Groups of people affected

Website visitors

Processed data

Name, address data, contact data (telephone number and e-mail address), function in the company, message texts, if applicable.

Duration of storage

The personal data collected in the course of responding to your enquiry will be deleted as soon as storage is no longer necessary or processing will be restricted if there are legal obligations to retain data. If you revoke the consent you have given us to process your data, your data will be deleted immediately after your revocation.

Use of our website

Purposes of processing

In the case of purely informative use of our website, we or our web hosting provider only collect the personal data that your browser transmits to our servers. This is data that is technically necessary for us to display our website to you and to ensure stability and security. This includes IP addresses, log data about website accesses, but also communication and traffic data (e.g. entries in contact forms, etc.), if you use them.

 Legal basis for processing

The legal basis for collecting and processing your personal data is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. The processing is necessary to provide you with the website and to ensure the fast execution as well as stability and security of the services or to enable communication. The data collected in this context may also be used in individual cases to determine and remedy malfunctions and to clarify, defend against and prosecute attempted attacks.

Affected groups of persons

Website visitors

Processed data

IP address of the requesting computer, date and time of the page request, content of the request, access status / HTTP status code, amount of data transferred, website from which the request came (referrer URL), web browser used with version number and set language, operating system used and, if applicable, interface used. This data does not allow us to draw any conclusions about specific persons. This data is not merged with other data sources.

Application procedure

Purposes of the processing

On our career pages, you have the opportunity to send us an unsolicited application or to apply for specific job vacancies. The data you provide to us in this context will only be processed within the framework of the respective job advertisement or within the framework of your consent to be considered for further job offers. If you have given us your consent to consider you for further job offers, you can revoke this consent at any time with effect for the future.

Note on sensitive data: We expressly draw your attention to the fact that job applications, in particular CVs, references and other data submitted by you to us may contain particularly sensitive information about mental and physical health, racial or ethnic origin, political opinions, religious or philosophical beliefs, membership of a trade union or political party or sexual life.

Please note that any such data you send to us by email will be transmitted unencrypted.

Legal basis for processing

The legal basis for the collection and processing of your personal data is Art. 6 para. 1 lit. b DSGVO, Section 26 BDSG (fulfilment of contracts or pre-contractual measures at the request of the data subject or establishment of employment relationships), and, where applicable, Art. 6 para. 1 lit. a DSGVO if you have given us your consent to be considered for further job offers.

Affected groups of persons

Website visitors, applicants

Data processed

Names, addresses, contact details, e-mail address, submitted or uploaded application documents

Duration of storage

In the event of a rejection or negative decision on your application, the transmitted data will be deleted on the basis of § 15 para. 4 AGG (General Equal Treatment Act) at the earliest 3 months after the end of the application procedure, but at the latest after 6 months. This does not apply if legal provisions prevent deletion or if further storage is necessary for the purpose of providing evidence or if you have consented to longer storage. If you have given your consent to longer-term storage, we will process your data for a maximum period of 2 years for the purpose of selecting applicants for further job advertisements. After this period has expired or if you revoke your consent, your data will be deleted.

Consent management on our website

Purposes of processing

This website uses the cookie consent manager “Borlabs Cookies” of Borlabs GmbH to obtain your consent to, among other things, the storage of certain cookies on your terminal device or the use of certain technologies and to document these in accordance with data protection law.

Legal basis for processing

The Consent Manager is used to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c DSGVO. In order to ensure data protection-compliant processing, we have concluded a contract with the provider Borlabs on commissioned processing within the meaning of Art. 28 DSGVO.

Groups of people affected

Website visitors

Data processed

Your consent(s) or the revocation of your consent(s), your IP address, timestamp.

Furthermore, the cookie consent manager stores cookies in your browser in order to be able to allocate the consent(s) granted to you or their revocation.

Duration of storage

The data collected in this way is stored until you request us to delete it, you delete the relevant cookies yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.

Analysis of usage behaviour

Purposes of processing

This website uses tracking technologies from etracker GmbH Erste Brunnenstraße 1, 20459 Hamburg, to enable us to analyse usage behaviour. When visiting our website, we record, for example, which sub-pages are clicked on by the website visitors and how long the visitors stay on the individual pages or from which page visitors leave our website again. This data enables us to continuously improve our website and offer users the best possible browsing experience. The data collected with etracker is processed and stored by etracker on our behalf exclusively in Germany and is therefore subject to the strict German and European data protection laws and standards. In this respect, etracker has been independently audited, certified and awarded the data protection seal of approval, available at https://www.eprivacy.eu/kunden/vergebene-siegel/firma/etracker-gmbh. As the privacy of our visitors is particularly important to us, etracker anonymises the IP address as soon as possible and converts log-in or device IDs into a unique key that is not assigned to a person. etracker does not use the data in any other way, combine it with other data or pass it on to third parties. You can object to the aforementioned data processing at any time, insofar as it is carried out on a personal basis. Your objection will not have any negative consequences for you.

 Further information on data protection at etracker can be found at https://www.etracker.com/datenschutz.

Legal basis for processing

The user analysis is carried out on the basis of consent pursuant to Art. 6 (1) lit. a DSGVO as well as Section 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. 

Groups of persons affected

Website visitors

Processed data

Pages visited, entry pages, traffic over time, reading time, approximate geographical location, device class, new/recurring visits, interactions (click on specific links/buttons), shortened IP address.

Duration of storage

Raw data is deleted after 13 months. Aggregated data is deleted after the purpose for which it was collected no longer applies. Data will also be deleted if the data subject submits a corresponding deletion request to us.

Google Maps

On our contact page, we link to the external map service “Google Maps” in order to enable you to find our company conveniently through interactive maps and other navigation services. Google Maps can only be accessed via an external link, i.e. no data is collected or transmitted to the Google map service when you visit our contact pages. You must actively click on this link. By using the Google Maps service, you consent to the collection, processing and use of automatically collected data and data provided by you by Google, one of its representatives or third parties. The terms of use for Google Maps and more detailed information can be found at: https://www.google.com/intl/de_de/help/terms_maps.html https://www.google.com/policies/privacy/

YouTube with enhanced data protection

Our website embeds videos with the help of YouTube. The operator of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The use of YouTube is based on your consent in accordance with Art. 6 Para. 1 lit. a DSGVO and § 25 Para. 1 TTDSG. Your consent can be revoked at any time.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the disclosure of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube establishes a connection to the Google DoubleClick network – regardless of whether you watch a video.

A connection to the YouTube servers is already established when you call up those sub-pages in which a YouTube video is embedded. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

When loading the video player in your browser, YouTube records your IP address, which may also be transmitted to YouTube or Google servers in the USA and stored there. As the provider of our company website, we have no influence on this data transmission.

If the YouTube video player is activated, YouTube may use fonts from Google, the so-called Google Web Fonts, for the purpose of uniform display of fonts within the YouTube player. When you call up the YouTube video player, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. Here too, your IP address is transmitted to Google servers in the USA for technical reasons.

Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no influence.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

https://policies.google.com/privacy/frameworks,

https://privacy.google.com/businesses/gdprcontrollerterms/ and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information about data protection at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

Jobsaround.tv

On our career pages, we offer you insights into various professional fields of our company and the diverse career opportunities in the form of short videos. These videos are provided by the jobsaround.tv agency commissioned by us, Der Punkt GmbH, Werbeagentur für Design & Lösung, Kaiserstraße 142-144, 76133 Karlsruhe. The legal basis for the integration of the videos by the commissioned agency is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. Further information on processing can be found in the provider’s data protection information at: https://jobsaround.tv/datenschutzerklaerung/

Information on the use of cookies

In addition to the aforementioned services, we also use cookies that are absolutely necessary for the operation of our pages (so-called functional cookies), which enable us, among other things, to save information that has already been provided (e.g. user names, language selection, contents of form fields, etc.).

Cookies are small text files that your web browser stores on your computer or mobile device. Cookies do not cause any damage to your computer/mobile device and do not contain viruses.

Most of the cookies we use are deleted from your hard drive at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer on your next visit (so-called permanent cookies).

The legal basis for the use of these cookies is our legitimate interest according to Art. 6 para. 1 lit. f DSGVO or § 25 para. 2 TTDSG in a technically error-free and optimised provision of our services as well as, if applicable, Art. 6 para. 1 lit. a DSGVO (consent), insofar as we have requested this or § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. 

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, however, the functionality of this website may be limited. For the purpose of permanent deactivation, you can restrict the use of cookies in the settings of your browser. Furthermore, it is possible to prevent cookies from being set by using browser plug-ins such as Ghostery.

Supplementary information on our social media presences

We maintain publicly accessible profiles on social networks. The individual social networks used by us are listed below.

Social networks can generally comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged into your social media account and visit our social media presences, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or have been logged in.

Please also note that we are not able to track all processing procedures on the social media portals. Depending on the provider, further processing procedures may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portal.

Legal basis of the processing

Our social media presences are intended to ensure the most comprehensive possible presence of our company on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The analysis processes initiated by the social networks may be based on different legal grounds, which are to be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a DSGVO).

Person responsible and assertion of rights

If you visit one of our social media sites (e.g. Instagram), we are jointly responsible with the operator of the respective social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Instagram).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the respective providers. Our options are largely determined by the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

The social networks used by us in detail

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Parent company: Meta Platforms Inc, 1 Hacker Way, Menlo Park, CA 94025, USA.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum and

https://www.facebook.com/help/566994660333381.

For details on their handling of your personal data, please refer to Instagram’s privacy policy:

https://help.instagram.com/519522125107875.

LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. For details on how they handle your personal data, please refer to LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy.

Data transfer to third countries

When calling up our social media presences, personal data may be transferred to the USA or other jurisdictions outside the EU / EEA. The USA and other countries are considered so-called “third countries” which do not offer an adequate level of data protection. In the case of data transfer to the USA, for example, there is therefore a fundamental risk that your data may be processed by US authorities for control and monitoring purposes, without you possibly having any legal remedies. In the event that data is transferred to third countries, we have taken appropriate measures to ensure that your data is processed in the third countries just as securely as within the European Union. With service providers in third countries, we conclude standard data protection clauses provided by the Commission of the European Union. These clauses provide appropriate safeguards for the protection of your data with third country service providers.

​​ Recipients of personal data

Within August Mössner GmbH & Co. KG, those business units receive your personal data that require it to fulfil our contractual and legal obligations. If necessary, personal data will be transferred to companies affiliated with August Mössner GmbH + Co. KG, insofar as this is required for the fulfilment of the aforementioned purposes. In some cases, we use external service providers (e.g. IT service providers, web hosts, etc.) to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored by us. Furthermore, public bodies have the right to transfer data in the event of a legal or official obligation. Other recipients will only receive your personal data if you have actively consented to the transfer.

 Your rights

Right to information, correction and deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing at any time in accordance with Art. 15 DSGVO and, if applicable, a right to correction in accordance with Art. 16 DSGVO or deletion of this data in accordance with Art. 17 DSGVO. The restrictions according to §§ 34 and 35 BDSG apply to the right to information and the right to deletion. To exercise your rights, you can contact the data controller or the data protection officer using the contact details provided above.

​Right to restriction of processing

In accordance with Art. 18 DSGVO, you have the right to request the restriction of the processing of your personal data. The right to restriction of processing exists in the following cases:

• If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of erasure.
• If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.
• If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

Right to data portability

In accordance with Art. 20 DSGVO, you have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
Right to object to the collection of data in specific cases and to direct advertising

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21(1) DSGVO).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 DSGVO).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right of complaint

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to other administrative or judicial remedies.

The competent supervisory authority for data protection issues is the State Data Protection Commissioner of the federal state in which our company has its registered office. A list of data protection officers and their contact details can be found at the following link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Supervisory authorities in the European Union can be found at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

The supervisory authority responsible for our company can be reached at the following contact details:

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg.

Address: Lautenschlagerstraße 20, 70173 Stuttgart, Postal address: Postfach 10 29 32, 70025 Stuttgart Phone: +49 711 615541-0, Fax: +49 711 615541-15,

​Obligation to provide data

Within the scope of a business relationship, but also during the initiation and processing, you must provide the personal data that is required for this purpose and/or that we are legally obliged to collect. Without the provision of such data, we will have to refuse to conclude a contract. (legal risk)

Automatic decision-making including profiling

An automatic decision-making process within the meaning of Art. 22 DSGVO, which has a legal effect on you, as well as profiling does not take place.

We reserve the right to update this data protection information if necessary.

Status: March 2023