1. General notes and compulsory information
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legislative data protection regulations as well as this privacy statement.
When you use this website, various items of personal data are collected. Personal data are details by which you can be identified. This privacy statement explains which data we collect and what we use the information for. It also explains how it is done and for what purpose.
We draw your attention to the fact that the transfer of data on the internet (e.g. communication by email) may have gaps in security. Absolute protection of your data against third parties is not possible.
Note regarding responsible party
A responsible party is a natural or legal person who, either solely or with others, makes decisions about the purposes and means of processing personal data (e.g. names, email addresses and similar).
The responsible party for data processing on this website is:
Telefon: +49 6181-94570-0
SSL and TLS encryption
For reasons of security and to protect confidential information during transfer, e.g. orders or requests that you send to us as the site operator, this site uses SSL and TLS encryption. An encrypted connection is evident in the address bar of the browser by “http://” changing to “https://” and a lock symbol displayed in the browser bar. When SSL or TLS encryption is activated, any data that you transfer to us cannot be read by third parties.
2. Data protection representative
We have appointed an external data protection representative for our company:
Piepenbrock Service GmbH + Co. KG
Hannoversche Straße 91-95
Contact: Christina Wawra
Telephone: +49 541 5841-429
3. Purpose and legal foundation of processing
In all cases of data processing, we observe the principle of data prevention and data economy. In other words, we process as little personal data as possible.
3.1 We process your personal data if and providing you have given us consent to do so. Here, the data are only used for the purpose and to the extent given in the authorisation, e.g. our newsletter to you will not include any more information than you have given consent for. Article 6 paragraph 1 sentence 1 letter a DS-GVO forms the legal foundation for data processing on the basis of your consent.
3.2 We process your personal data as and when necessary for purposes of precontractual measures/for contractual purposes, for the execution or completion of contractual or contract-related requirements. Article 6 paragraph 1 sentence 1 letter b DS-GVO forms the legal foundation here.
3.3 We process your personal data once this becomes necessary for the purpose of meeting our legal obligation. Article 6 paragraph 1 sentence 1 letter c DS-GVO forms the legal foundation here.
3.4 We process your personal data once this becomes necessary for purposes of fulfilling our legitimate interests as well as the legitimate interests of third parties. Article 6 paragraph 1 sentence 1 letter f forms the legal foundation here.
4. Compulsory disclosure of data
The disclosure of your personal data is partially a legal requirement (e.g. tax regulations) or required for contractual reasons (e.g. details about the contractual partner).
Even for completion of the contract it may be necessary for you to make personal data available to us that will subsequently need to be processed. Failure to provide the personal data would result in it not being possible to complete the contract with you. If in these instances you have no wish to disclose personal data, you can contact the department specified in section 1 by post or email. We will notify you in each individual case whether the provision of personal data is a legal requirement or necessary for completion of the contract, whether making personal data is compulsory and what the consequences would be if the personal data are not provided.
5. Data capture on our website
Most of the cookies that we use are session cookies. At the end of your visit they are automatically deleted. Other cookies stay saved on your end device until you delete them. These cookies help us to identify your browser the next time you visit.
Cookies that are needed for electronic communication or the provision of certain, user-requested functions are saved on the basis of article 6 paragraph 1 sentence 1 letter f DS-GVO. The website operator has a legitimate interest in saving cookies to ensure trouble-free and optimised delivery of its services. In the event of other cookies (e.g. cookies for analysing your surfing behaviour) being saved, these are dealt with separately in this privacy statement.
Prevention of storage via browser plugin
Naturally, viewing this website without cookies is generally also possible. You can adjust your browser so that you are informed about the placement of cookies, and only allow cookies in individual circumstances, accept cookies for certain cases or systematically block them, and you can also activate the automatic deletion of cookies when the browser is closed. You can prevent cookies being saved by adjusting your browser software accordingly. However, we should draw your attention to the fact that in this case you may not be able to use all of the functions of this website in full.
You can find the necessary information according to your browser provider via the following links:
Mozilla Firefox: support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
Internet Explorer: https://support.microsoft.com/en-gb/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Google Chrome: https://support.microsoft.com/en-gb/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
5.2 IP anonymisation
We have activated the IP anonymisation function for this website. In this way, your IP address within member states of the European Union or in other signatories of the European Economic Area is shortened by Google before being communicated to the USA. Only in exceptional circumstances is the full IP address transferred to a Google server in the USA and shortened there. On request of the operator of this website, Google will use this information to assess your use of the website in order to collate reports regarding the website activities and to provide other services to the website operator associated with the website and internet use.
5.3 Server log files
The provider of the pages automatically collects and saves information in server log files that your browser automatically shares with us. These are:
• Browser type and browser version
• Installed operating system
• Referrer URL (source/link from which you reached this site)
• Host name of the accessing computer
• Time of server request
• IP address
• Volume of sent data in bytes
These data are not pooled with other data sources.
With the aid of the log file, the website operators are given the means by which to protocol the activities on the visited web pages. Listed in these protocols are all queries and accesses to the pages and the fault messages generated there. Statistic analyses can be created using the listed data, which in turn can be used to improve the website. As the basis for data processing, article 6 paragraph 1 sentence 1 letter f DS-GVO can be used for this reason, which declares that it is lawful to process data for fulfilling legitimate interests.
5.4 Contact form
If you submit requests to us using the contact form, your specified details will be stored there for purposes of processing as well as for individual communication with you. This makes it possible, for example, for queries to be sent in a targeted manner to the respective specialist departments and branches. The website operator has a legitimate interest in this manner of control concerning the communication processes. Without your consent, we will not share with others data recorded in this way.
Processing of the data entered in the contact form is only carried out on the basis of legitimate interest in accordance with article 6 paragraph 1 sentence 1 letter f DS-GVO. In particular cases, processing is carried out in accordance with article 6 paragraph 1 sentence 1 letter b DS-GVO. To be more precise, instances in which a quote is requested with a subsequent contract, and serves in connection with this to carry out precontractual measures.
5.5 Social media
The contents on our pages can be shared as long as they conform with data protection on social networks such as Facebook, Twitter or Google+. The eRecht24 Safe Sharing Tool is used to do this. This tool creates a direct contact between the networks and users but only after the user has actively pressed one of these buttons.
As an alternative to registering directly on our website, you can register with Facebook Connect, for example. If you choose this option and click on the "Login with Facebook"/"Connect with Facebook" button, you are automatically directed to the Facebook platform. You can log in there with your user data. An automatic transfer of user data by us to the operators of these platforms is not carried out by this tool. As a result of the integration of the third-party providers, we create however the possibility that your personal data will be transferred to these entities. If the user is logged in on one of the social networks and the social buttons from Facebook, Google+1, Twitter & Co. are used, an information window appears in which the user can confirm the text or the target group before sending.
Your Facebook profile is linked in this way to our website or our services. This link gives us access to data stored in your Facebook account. These details are mainly:
• Facebook name
• Facebook profile and main image
• Facebook main image
• Email address associated with Facebook
• Facebook ID
• Facebook friend lists
• Facebook likes
Article 6 paragraph 1 sentence 1 letter a DS-GVO forms the legal foundation for processing the entered data exclusively on the basis of your consent. The provider of the "Facebook Connect" service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Further information can be found in the Facebook conditions of use and the Facebook data protection regulations via the following links:
5.6 Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This website uses the "demographic features" function from Google Analytics. Reports can be generated in this way that contain statements about the age, gender and interests of the site's visitors. These details are derived from interest-related advertising from Google as well as visitor data from third party providers. These details cannot be associated with specific persons.
The storage of Google Analytics cookies is therefore based on article 6 paragraph 1 sentence 1 letter f DS-GVO. The website operator has a legitimate interest in analysing the way the site is used in order to optimise its products/services offered on the web and also to optimise its advertising. The IP address communicated by your browser in the scope of Google Analytics is not pooled with other data from Google.
Revoking data capture
You can deactivate this function at any time via the display settings in your Google account and generally stop Google Analytics from recording your data by clicking on the following link. An opt-out cookie is then placed that prevents the capture of your data during future visits to this website. Furthermore, you can also stop the capture of data generated by the cookie and data relating to your use of the website (inc. your IP address) by Google and prevent Google from processing these details by downloading and installing the browser plugin available via: tools.google.com/dlpage/gaoptout
More information about the way Google Analytics handles user data can be found in Google's privacy statement: support.google.com/analytics/answer/6004245.
5.7 Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").
We use a function called conversion tracking in the scope of Google AdWords. If you click on an ad provided by Google, a cookie is placed for conversion tracking. Cookies are small text files that the internet browser places on the user's computer. The validity of these cookies expires after 30 days and they are not used for personal identification of the users. If the user visits certain pages of this website and the cookie has not yet expired, we and Google are able to detect that the user clicked on the ad and was forwarded to this site.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites from AdWords customers. The information collected with the aid of the conversion cookie is used to create conversion statistics for AdWords customers who opted for conversion tracking. Customers find out the total number of users who have clicked on their ad and were forwarded to a page featuring a conversion tracking tag. However, they are not given information with which users can be identified personally. If you do not wish to participate in tracking, you can prevent its use simply by deactivating the Google conversion tracking cookie in your internet browser via the user settings. You will then not be included in the conversion tracking statistics.
The storage of conversion cookies is based on article 6 paragraph 1 sentence 1 letter f DS-GVO. The website operator has a legitimate interest in analysing the way the site is used in order to optimise its products/services offered on the web and also to optimise its advertising.
You can adjust your browser so that you are informed about the placement of cookies, and only allow cookies in individual circumstances, accept cookies for certain cases or systematically block them, and you can also activate the automatic deletion of cookies when the browser is closed. The functionality of this website may be affected through deactivation of the cookies.
More information about Google AdWords and Google conversion tracking can be found in Google's data protection regulations: https://policies.google.com/privacy?hl=de&gl=de.
5.8 Google Analytics remarketing
Our websites use the functions from Google Analytics remarketing in connection with the multi-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This function makes it possible to link the target advertising groups created with Google Analytics remarketing with the multi-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalised advertising messages that were adapted to you depending on your previous use and surfing behaviour on an end device (e.g. mobile telephone) can also be displayed on another of your end devices (e.g. tablet or PC).
Providing you have given the relevant consent, Google will link your web and app browsing activities for this purpose to your Google account. In this way, the same personalised advertising messages can be sent to you on any end device on which you login with your Google account.
To support this function, Google Analytics collects google-authenticated IDs of the users that are temporarily linked to our Google Analytics data in order to define and create target groups for multi-device advertisements.
The pooling of captured data in your Google account is carried out exclusively on the basis of your consent that you can give Google and also withdraw (article 6 paragraph 1 sentence 1 letter a DS-GVO). For data capture processes that are not pooled in your Google account (e.g. because you do not have a Google account or revoked pooling), the capture of data is based on article 6 paragraph 1 sentence 1 letter f DS-GVO. The legitimate interest derives from the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes.
You can permanently stop multi-device remarketing/targeting by deactivating personalised advertising in your Google account.
Further information and the data protection regulations can be found in Google's privacy statement via: www.google.com/policies/technologies/ads/ .
Our website uses plugins from the Google-operated site YouTube. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection is made to the servers of YouTube. In the process, information is shared with the YouTube server regarding which of our pages you visited. If you are logged in to your YouTube account, you make it possible for YouTube to associate your surfing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is carried out in the interest of presenting our online products/services in an appealing way. This represents a legitimate interest in terms of article 6 paragraph 1 sentence 1 letter f DS-GVO.
Further information about the way user data are handled can be found in YouTube's privacy statement via: www.google.de/intl/de/policies/privacy .
5.10 Google web fonts
To display our content in multiple browsers correctly and in a graphically appealing way, we use Google web fonts from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 64043, USA) on this website. We do not collect any personal data through the use of Google web fonts.
The browser of your choice must make a connection to Google servers for this purpose. In doing so, Google will be able to see that you called up our website via your IP address. The use of Google web fonts is carried out in the interest of presenting our online products/services in a uniform and appealing manner. This represents a legitimate interest in terms of article 6 paragraph 1 sentence 1 letter f DS-GVO.
If your browser does not support web fonts, a standard font is used by your computer.
Further information about Google web fonts can be obtained from developers.google.com/fonts/faq and Google's privacy statement: www.google.com/policies/privacy/ .
5.11 Google maps
This page uses the Google maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We are able to show you interactive maps directly on the website in this way and enable you to use the map function conveniently.
To use the Google maps function, it is necessary for your IP address to be saved. This information is usually communicated to a Google server in the USA and saved there. The provider of this site has no influence on the way data are communicated.
Google maps is used in the interest of showing our online products/services in an appealing way and to make it easier to find the locations we have provided on the website. This represents a legitimate interest in terms of article 6 paragraph 1 sentence 1 letter f DS-GVO.
Further information about the way user data are handled can be found in Google's privacy statement via: www.google.de/intl/de/policies/privacy/ .
This website uses Newsletter2Go to send newsletters. The provider is Newsletter2Go GmbH, Nürnberger Strasse 8, 10787 Berlin, Germany.
Newsletter2Go is a service with which, among other things, the sending of newsletters can be organised and analysed. The data entered by you for the purpose of receiving newsletters are stored on the servers of Newsletter2Go in Germany.
If you wish to subscribe to the newsletter offered on the website, we require your email address along with information that enables us to check that you are the owner of the specified email address and agree to receiving the newsletter. Further details are not collected or only disclosed on a voluntary basis. We use these data exclusively to send out the requested information and do not share them with third parties. To send newsletters, we employ the double opt-in method to check whether a login has been carried out by the actual owner of the email address.
Data analysis by Newsletter2Go
With the aid of Newsletter2Go, we are able to analyse our newsletter campaigns. We can find out, for example, whether a newsletter message was opened and, if necessary, which links were clicked on. In this way, we can determine, among other things, which links were clicked on particularly often.
Furthermore, we can see whether certain previously defined actions were carried out after opening/clicking (conversion rate). We are able in this way to see, for example, whether a purchase was made after the newsletter was clicked on.
Newsletter2Go also allows us to subdivide the newsletter recipients according to various categories ("clusters"). Here, the newsletter recipients can be divided e.g. according to age, gender or location. As such, we can adapt the newsletter more effectively to the respective target groups.
Precise details about the functions of Newsletter2Go are available via the following link: https://www.newsletter2go.de/newsletter-software/.
For more information, see Newsletter2Go's privacy statement at: www.newsletter2go.de/features/datenschutz-2/ .
Article 6 paragraph 1 sentence 1 letter a DS-GVO forms the legal foundation for processing the data entered in the newsletter registration form exclusively on the basis of your consent. The consent for the storage of data, the email address and its use for sending the newsletter can be withdrawn at any time, such as via the unsubscribe link in the newsletter. The lawfulness of any data processing already carried out remains unaffected by the withdrawal.
The data from you that we have saved for the purpose of newsletter delivery remain in storage until you unsubscribe from the newsletter. We make a corresponding link available in every newsletter message to do this. Furthermore, you can also cancel the newsletter subscription directly on the website.
7. Data processing within audio and video conferences
We use the online conference tool "Microsoft Teams" for telephone conferences, online meetings, video conferences and/or webinars, and for internal and external communication. Microsoft Teams is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Details of data processing can be found in the Microsoft Teams data privacy statement: https://privacy.microsoft.com/en-gb/privacystatement.
If you communicate with us per video or audio conference via internet, we and the provider of the conference tool record and process your personal data.
In this context, the conference tools record all the data that you provide in order to use the tools (your e-mail address and/or telephone number as well as details of the user such as display name and profile picture). The conference tool also processes the duration of the conference, start and end (time) of participation in the conference, number of participants and other "context information" related to the communication process (metadata).
Furthermore, the provider of the tool processes all the technical data required to handle the online communication. This comprises in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker as well as the type of connection.
If content is exchanged, uploaded or otherwise provided within the tool, this is also stored on the servers of the tool provider. This content includes in particular cloud records, chat / instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information that is shared during use of the service.
Note: Please bear in mind that we do not have full influence on the data processing operations of the tool that is used. When you open the "Microsoft Teams" internet site, the "Microsoft Teams" provider is responsible for the data processing. However, it is only necessary to open the "Microsoft Teams" internet site to download the software that enables use of "Microsoft Teams". If you do not want or are unable to use the "Microsoft Teams" app, you can also use "Microsoft Teams" through your browser. The service is then also provided via the "Microsoft Teams" website. More information on data processing by the conference tool can be found in the data privacy statement: https://privacy.microsoft.com/en-gb/privacystatement.
Insofar as personal data of Piepenbrock Group employees are processed, Article 26 of [German] Federal Data Protection Law is the legal basis of data processing. If personal data are not required for the justification, completion or termination of the employment relationship in the context of using "Microsoft Teams", but are still an elementary constituent part of using "Microsoft Teams", Article 6, Paragraph 1 lit. f) of GDPR is the legal basis for the data processing. Our interest in these cases is the effective execution of online meetings.
Over and above this, the legal basis for data processing for the execution of online meetings is Article 6, Paragraph 1 lit. b) of GDPR, provided the meetings are held within the framework of contractual relationships.
If there is no contractual relationship, the legal basis is Article 6, Paragraph 1 lit. f) of the GDPR. Our interest in these cases is also the effective execution of online meetings.
We have concluded a contract with the provider of Microsoft Teams with regard to order processing as well as standard data protection stipulations, and fully implement the stringent specifications of German data protection authorities when using Microsoft Teams.
8. Communication of your data
We communicate your data within the Piepenbrock Group so that we can deal with your matters in an appropriate manner. For example, when an order is received your data are sent to the local operative unit responsible for you. If you submitted a job application to us, your data will be viewed by the staff member in human resources responsible for you as well as your potential future manager. In addition, we co-operate with external service providers in order to meet the requirements of your order as efficiently as possible and to offer you the best conditions.
When legally required to do so, we also share data with regulatory bodies, tax and judicial authorities.
9. Details about third country transfers
Generally, we only commission companies that process data within the European Economic Area. If, in exceptional circumstances, your data are processed by service providers outside the European Economic Area, we have special contracts with these service providers that meet the requirements in terms of the standard contractual clauses of the European Commission where these are not privacy shield certified or are in countries that are able to assure an appropriate data protection level in accordance with a suitability ruling of the European Union.
We employ technical and organisational security measures in order to protect your data that we manage against manipulation, loss, deletion and access by unauthorised persons. We continue to improve our security measures in line with technological development.
11. Storage period and deletion of data
We keep your personal data at least for the prescribed period as laid down in the applicable law. Furthermore, we delete personal data as soon as the purpose for which we captured and processed the data is no longer valid. Storage above and beyond this period only takes place if necessary according to the regulations, orders or other legislation of the European Union or a member state of the European Union that we are subject to.
12. Rights of persons
You have the following rights in terms of data processing:
Right to information regarding the data that we process about you (article 15 DS-GVO):
You have a right to find out which of your data we process as well as other information in accordance with article 15 DS-GVO in connection with data processing. On request, we are happy to disclose the affected data and information and make a copy of these data available to you.
Right to correction of your data (article 16 DS-GVO):
You have a right to have your data corrected if your data are inaccurate, or – in consideration of the purposes of processing – the right to demand the completion of incomplete personal data.
Right to deletion (article 17 DS-GVO):
You have a right to deletion if data are no longer required, if processing is not lawful or other circumstances prevail in connection with article 17 DS-GVO. In these cases, we will delete your data with immediate effect.
Right to restriction of processing of your data (article 18 DS-GVO):
You have a right to restriction of your data in the cases specified in article 18 DS-GVO. This includes the case in which we process data in places or to an extent that is no longer legitimate with regard to data processing. Moreover, the case of data that are subject to compulsory storage may be relevant. We are then not permitted to delete them without permission. In this case, we restrict processing to the furthest degree possible. Restriction generally means that the data are saved but are no longer accessible by members of staff.
Right to data transfer (article 20 DS-GVO):
The right to data portability makes it possible for you to acquire the data about yourself that you made available to us in the format specified in article 20 DS-GVO and to have it transferred by us. Data excluded from this issuance are those that we acquire ourselves (processing results).
Right to objection against processing based on article 6 paragraph 1 sentence 1 letter e or f DS-GVO (article 21 DS-GVO):
We will stop the processing of data based on article 6 paragraph 1 sentence 1 letter e or f DS-GVO – particularly for advertising and marketing purposes – if you object to it and the objection is justified.
Right of withdrawal
You can withdraw any consent that you have given us at any time by sending an email to firstname.lastname@example.org. If you withdraw your consent, your data will no longer be processed based on your consent. The authorisation to process data based on your consent up until the point of withdrawal remains unaffected by the withdrawal.
If you wish to exercise your rights in accordance with DS-GVO or you have any other questions on the topic of personal data, please write to the following email address: email@example.com
Right to complain to the responsible regulatory body
In the event of violations against data protection law, the party affected has a right to complain to the responsible regulatory body. The responsible regulatory body for data protection matters is the data protection representative of the federal state in which our company has its headquarters. A list of data protection representatives and their contact data can be obtained via the following link:
Your rights and your satisfaction matter a great deal to us. Therefore, if you have any questions about data protection, please do not hesitate to contact us: firstname.lastname@example.org.