PRIVATE POLICY
We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.
This data protection declaration applies to the website of the Sheffield Hi-Tech Refractories Germany GmbH, which can be reached under the domain www.sheffield-refractories.com as well as the various subdomains (“our website”).
Who is responsible and how do I contact you?
Responsible
for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)
Sheffield Hi-Tech Refractories Germany GmbH
An der Schleuse 19A 46446 Emmerich
DE
+49 (0) 2822 976 295 0
office.emmerich@sheffield-refractories.de
Data protection officer
Datenschutz Ruhr GmbH
Hauptstr. 2
45219 Essen
DE
Björn Leineweber
leineweber@datenschutz-ruhr.de
What is this about?
This data protection declaration meets the legal requirements for transparency in the processing of personal data. This is all information that relates to an identified or identifiable natural person. This includes, for example, information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or user behavior when visiting a website. Information with which we cannot (or only with disproportionate effort) relate to you personally, e.g. through anonymization, are not personal data. The processing of personal data (e.g. the collection, querying, use, storage or transmission) always requires a legal basis and a defined purpose.
Stored personal data are deleted as soon as the purpose of the Processing has been achieved and there are no legitimate reasons for further retention of the data. We will inform you about the specific storage periods and criteria for storage in the individual processing operations. Regardless of this, we store your personal data in individual cases to assert, exercise or defend legal claims and if there are statutory retention requirements.
Who gets my data?
We only pass on your personal data that we process on our website to third parties if this is necessary for the fulfillment of the purposes and in individual cases is covered by the legal basis (e.g. consent or protection of legitimate interests). In addition, we pass on personal data to third parties in individual cases if this serves to assert, exercise or defend legal claims. Possible recipients can then e.g. Law enforcement authorities, lawyers, auditors, courts, etc.
Insofar as we use service providers for the operation of our website who, as part of order processing on our behalf, provide personal data in accordance with. Process Art. 28 GDPR, these recipients of your personal data can be. You can find more detailed information on the use of processors and web services in the overview of the individual processing operations.
Do you use cookies?
Cookies are small text files that we send to the browser of your device and store them as part of your visit to our website. As an alternative to using cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, allow us to perform various analyses, so that we are able, for example, to recognize the browser you use when you visit our website again and to transmit various information to us (not necessary cookies). Cookies enable us to make our website more user-friendly and effective for you, for example by tracking your use of our website and by determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly through your browser. Cookies do not cause any damage to your device. You cannot run programs or contain viruses.
We inform you about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website.
What rights do I have?
Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as a data subject have the following rights:
- Information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing and a copy of your data;
- Correction in accordance with Art. 16 GDPR of inaccurate or incomplete data stored by us;
- Deletion in accordance with Art. 17 GDPR of the data stored by us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- Restriction of the processing in accordance with Art. 18 GDPR, insofar as the correctness of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to delete it, because you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
- Data portability in accordance with Art. 20 GDPR, insofar as you have provided us with personal data within the framework of consent pursuant to Art. 6 sec. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 sec. 1 lit.b GDPR and these were processed by us by means of automated procedures. You receive your data in a structured, common and machine-readable format or we transmit the data directly to another responsible person, as far as this is technically feasible.
- In accordance with Art. 21 GDPR, you object to the processing of your personal data, insofar as they are carried out on the basis of Art. 6 sec. 1 lit. e, f GDPR and there are reasons for doing so, which arise from your particular situation or if the objection is directed against direct marketing. The right to object does not exist if overriding, overriding reasons for processing are proven or if the processing is carried out for the assertion, exercise or defence of legal claims. Insofar as there is no right to object in individual processing operations, this is indicated therein.
- Revocation in accordance with Art. 7 sec. 3 GDPR of your given consent with effect for the future.
- Complaint under Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.
How will my data be processed in detail?
In the following we will inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.
Provision of the website
Type and scope of processing
When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:
- IP address of the requesting computer
- Date and time of access
- Name and URL the retrieved file
- website from which access is made (referrer URL)
- browser used and, if applicable, the operating system of your computer, as well as the name of your access provider
Our website is not hosted by us, but by a service provider who for the purpose of the aforementioned data on our behalf in accordance with. Art. 28 GDPR processed.
Purpose and legal basis
The processing is carried out to safeguard our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of the Art. 6 para. Lit. f GDPR. The collection of data and storage in log files is essential for the operation of the website. There is no right to object to the processing due to the exception according to Art. 21 Paragraph 1 GDPR. Insofar as the further storage of the log files is required by law, the processing takes place on the basis of Art. 6 Para. 1 lit. c GDPR. There is no legal or contractual obligation to provide the data, but it is technically not possible to call up our website without providing the data.
Storage duration
The aforementioned data are used for the duration of the display of the website [and for technical reasons beyond that for a maximum of [7 days]].
Contact Form
Type and scope of processing
On our website, we offer you the option of contacting us using a form provided. The information that is collected via mandatory fields is required to process the request. In addition, you can voluntarily provide additional information that you believe is necessary to process the contact request.
When using the contact form, your personal data will not be passed on to third parties.
Purpose and legal basis
The processing of your data by using our contact form takes place for the purpose of communication and processing of your request on the basis of your consent in accordance with. Art. 6 para. 1 lit. a GDPR. If your request relates to an existing contractual relationship with us, processing for the purpose of fulfilling the contract is based on Art. 6 Para. 1 lit. b GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not want to provide this data, please contact us by other means.
Storage period
If you use the contact form on the basis of your consent, we will save the data collected each request for a period of three years, starting with the handling of your request or until you withdraw your consent.
If you use the contact form in the context of a contractual relationship, we will save the data collected for each request Duration of three years from the end of the contractual relationship.
General information for data processing outside our website
Contact / Visitors
You can contact us. The data processed for this purpose (e.g. e-mail data, your name) are required to enable communication and to process your request. Other data that you provide to us makes it easier for us to address us personally or to process them better or faster.
This processing is based on Art. 6 para. 1 lit. b GDPR, insofar as this is necessary for the initiation or execution of a contract. Otherwise, the processing takes place on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to respond to your request.
Suppliers, service providers & business partners
We use contact and communication data and other relevant personal data from our suppliers, service providers and business partners, insofar as these or their employees are natural persons. We process this data to carry out the business relationship, communication and contact maintenance. The provision of data is regularly required for the initiation, execution and billing of contracts, otherwise a contract cannot be concluded.
The processing is based on Art. 6 para. 1 lit. b GDPR, insofar as this is necessary for the initiation or execution of a contract. Insofar as it does not concern the initiation or fulfilment of the contract, the processing is carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the handling of business cooperation and maintaining contacts.
The storage period is based on the general limitation rules or the tax retention obligations.
Candidacies
You can apply to us by sending us your documents. We process the personal data provided in this context exclusively to process your application. The processing is necessary for the initiation of an employment relationship, furthermore to enable communication in this regard and to process your request.
In individual cases, we process – insofar as necessary for the initiation of the employment relationship – personal data that we have legitimately received from third parties (e.g. recruiters) or obtained from publicly accessible sources (e.g. social networks or Internet search engines).
This processing is based on Art. 6 para. 1 lit. b GDPR in conjunction with § 26 para. 1 BDSG.
We regularly store this data for a period of up to 6 months after completion of the application process. Any further storage will only take place if you have expressly consented to this in accordance with Art. 6 para. 1 lit. a GDPR.
There is no legal or contractual obligation to provide your data, but it is not possible to process your application without providing the information.
Recipients of the above-mentioned data
As part of our above-mentioned activities, we work with service providers, partners, authorities and other third parties who may receive personal data, including:
· Service providers for hosting services
· IT and telecommunications service providers
Logistics and delivery service providers
· Service provider for file storage and disposal
· Authorities and institutions
We only transfer your data to these recipients if this is necessary to fulfil a contract with you, if we are subject to a legal obligation to do so or if we have a legitimate interest in passing on your data. The legitimate interest may consist above all in the maintenance of the business organisation or in the assertion, exercise or defence of legal claims. If you have any further questions, please contact our data protection officer.
In principle, we do not pass on any personal data to recipients who are based outside the EEA in so-called third countries. Should such transfers take place in individual cases, we guarantee a secure level of protection in accordance with Chapter 5 of the GDPR, inter alia, by concluding the contractual amendments currently recommended by the authorities and by agreeing on special protection mechanisms for your data; such data processing and its effects are documented and regularly subjected to a risk assessment.
Storage period
If we store your personal data, this will only be done for a limited period of time and no longer than necessary. In principle, we delete your data if it is no longer necessary for the processing purpose for which it was collected or if there are other legal reasons that require deletion.
Insofar as we are subject to statutory retention obligations that require longer storage, we store the data for this period, in particular to fulfil retention periods under commercial and tax law that are between 2 and 10 years.
Other legal reasons for retention may be that we must retain data for evidence purposes for the duration of the applicable limitation provisions. These periods are usually between 2 and 30 years.
If you have any further questions, please contact our data protection officer.
Obligation to provide
Insofar as the personal data is necessary for the establishment and execution of the contractual relationship and the associated contractual or legal obligations, this data must be provided by you so that we can meet our performance obligations or legal obligations. Without the provision of the data, we may no longer be able to provide the service, not properly or not completely.
Google Fonts
Type and scope of processing
We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, as a service to provide fonts for our online offering. To obtain these fonts, you connect to Google Ireland Limited servers, whereby your IP address is transmitted.
Purpose and legal basis
The use of Google Fonts is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The transfer of data to the USA takes place in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The participating U.S. companies and/or their U.S. subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
In cases where there is no adequacy decision by the European Commission (including US companies that are not EU-U.S. DPF certified), we have other appropriate safeguards with the recipients of the data within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be found at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE .
In addition, before such a third country transfer, we obtain your consent in accordance with Art. 49 para. 1 sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of transfers to third countries, there may be risks unknown in detail (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not become aware).
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy.