Privacy policy for our website

1. Privacy at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. You will find detailed information on the subject of data protection in our privacy policy set out below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the section "Information on the data controller" in this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you give it to us. For example, this could be data that you enter into a contact form. Other data is collected by our IT systems when you visit the website, automatically or after you give your consent. This is mainly technical data (e.g. Internet browser, operating system or time the page was accessed). This data is collected automatically as soon as you visit this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right to receive information free of charge about the origin, recipient and purpose of your stored personal data at any time. You also have the right to demand the rectification or erasure of this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. You also have the right to request restriction of the processing of your personal data under certain circumstances. You also have a right to lodge a complaint with the relevant supervisory authority. You can contact us at any time regarding this and should you have any further questions on the subject of data protection.

Analytical tools and third-party tools

When you visit this website, your browsing behaviour may be analysed statistically. This is mainly done with analysis programs. Detailed information on these analysis programs can be found in the following privacy policy.

2. Hosting

This website is hosted by an external service provider (web host). The personal data collected on this website is stored on the web host's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The web host is used for the purpose of fulfilling contracts with our potential and existing customers (Article 6(1)(b) GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Article 6(1)(f) GDPR).

Our web host will only process your data to the extent necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data. We use the following web host:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany
Phone: +49 (0) 9831 / 505-0
Fax: +49 (0) 9831 / 505-3
E-mail: info@hetzner.com

We have concluded a data processing contract with the above provider. This is a contract required by data protection law that ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

 

3. General notes and mandatory information

Privacy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data in confidence and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is any data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how this is done and for what purpose.

We would like to point out that data transmission on the Internet (e.g. communication by e-mail) may have security gaps. It is not possible to completely protect data from access by third parties.

Note on the data controller

The controller for data processing on this website is:

MUNK GmbH
Rudolf-Diesel-Strasse 23
D-89312 Günzburg
Germany
Phone: +49 8221 3616 01
Fax: +49 8221 3616 80
E-mail: info@munk-group.com

The controller is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Storage period

Unless a more specific storage period is specified within this privacy policy, we will retain your personal data until the purpose for its processing no longer applies. If you assert a justified request for erasure or if you revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

Data Protection Officer

We have appointed a Data Protection Officer for our company.

machCon Deutschland GmbH
Robert-Bosch-Strasse 1
78234 Engen
Germany
Data Protection Officer: Kai Hartwig
E-mail: kai.hartwig@machcon.de
Phone: +49 7733 360 35 40

Information on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are enabled, your personal data may be transferred to these third countries and processed there. It is not possible to guarantee a level of data protection comparable to that in the EU in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as data subject being able to take legal action against this. It therefore cannot be ruled out that US authorities (e.g. intelligence services) process, analyse and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw already given consent at any time. The legality of the data processing carried out up to the point of withdrawal remains unaffected by the withdrawal.

Right to object to data collection in special cases and to direct marketing
(Article 21 GDPR)

If data processing is carried out on the basis of Article 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to any profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or unless the processing serves the purpose of establishing, exercising or defending legal claims (objection under Article 21(1) GDPR). If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection under Article 21(2) GDPR).

Right lo lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have the data which we process automatically on the basis of your consent or in fulfilment of a contract provided to you or to a third party in a conventional, machine-readable format. If you request direct transfer of the data to another controller, this will only take place as far as it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as site operator.

You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, erasure and rectification

Under the applicable legislation, you have the right to free disclosure about your stored personal data, its origin and recipients and the purpose of data processing as well as a right to rectification or erasure of this data at any time. You can contact us at any time should you have any further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data held by us, we usually need time to check this. You have the right to request the restriction of the processing of your personal data for the time this check takes.

If your personal data was/is being processed unlawfully, you can request the restriction of data processing instead of erasure.

If we no longer need your personal data, but you need it to exercise, defend or establish legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.

If you have lodged an objection pursuant to Article 21(1) GDPR, it is necessary to balance your interests and our own. You have the right to request the restriction of the processing of your personal data until such time as it is determined whose interests prevail.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Objection to marketing e-mails

The use of contact details published under the requirement to display the publisher's details, for the purpose of sending unsolicited advertising and information material is hereby prohibited. The website operators expressly reserve the right to legal action in case of unsolicited promotional information such as by spam e-mails.

4. Data collection on this website

Cookies

Our Internet pages use 'cookies'. Cookies are small text files and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser. In some cases, cookies from third-party companies may also be stored on your device when you access our site (third-party cookies). These allow us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are necessary for technical reasons, as certain website functions would not work without them (e.g. the shopping basket function or displaying videos). Other cookies are used to analyse user behaviour or to display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions requested by you (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) are stored on the basis of Article 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. If consent to store cookies has been requested, the cookies in question are stored exclusively on the basis of this consent (Article 6(1)(a) GDPR); consent can be revoked at any time.

You can configure your browser so that you are informed about the use of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when you close your browser. Disabling cookies may restrict the functionality of this website.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately under this privacy policy and, if necessary, request your consent.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form including the contact details you provide will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We shall not pass on this data without your consent. The processing of this data is based on Article 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if this has been requested. We will retain the data you enter in the contact form until you ask us to delete it, withdraw your consent for storage, or the purpose for which the data was stored no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Enquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your enquiry including all personal data resulting therefrom (name, enquiry) for the purpose of dealing with your enquiry. We shall not pass on this data without your consent. The processing of this data is based on Article 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if this has been requested. We will retain the data you sent to us in contact enquiries until you ask us to delete it, withdraw your consent for storage, or the purpose for which the data was stored no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular legal retention periods – remain unaffected.

5. Social media

Facebook plugin

This website incorporates plugins from the social network Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries. You can recognise the Facebook plugins by the Facebook logo or the "Like" button on this website. You can find a summary of the Facebook plugins here: https://developers.facebook.com/docs/plugins/.

When you visit this website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while you are logged into your Facebook account, you can link to the content of this website on your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We wish to point out that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by Facebook. For more information, please refer to Facebook's privacy policy at: https://www.facebook.com/privacy/explanation.

If you do not want Facebook to be able to assign your visit to this website to your Facebook user account, please log out of your Facebook user account. The use of Facebook plugins is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility on social media. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

Insofar as personal data is collected on our website by means of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are joint controllers (Article 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the forwarding does not fall under the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: [https://www.facebook.com/legal/controller_addendum]. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for implementing the tool on our website in a way that is secure from a privacy perspective. Facebook is responsible for the data security of the Facebook products. You can assert your rights as a data subject (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your rights as a data subject with us, we are obliged to forward them to Facebook.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. For details please see: https://www.facebook.com/legal/EU_data_transfer_addendum, https://www.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

Instagram plugin

This website incorporates functions of the Instagram service. These functions are offered by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We wish to point out that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by Instagram.

The storage and analysis of the data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility on social media. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

Insofar as personal data is collected on our website by means of the tool described here and forwarded to Facebook or Instagram, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are joint controllers (Article 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the forwarding does not fall under the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook or Instagram tool and for implementing the tool on our website in a way that is secure from a privacy perspective. Facebook is responsible for the data security of the Facebook or Instagram products. You can assert your rights as a data subject (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert your rights as a data subject with us, we are obliged to forward them to Facebook.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. For details please see: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://www.facebook.com/help/566994660333381. For more information, please refer to Instagram's privacy policy at: https://instagram.com/about/legal/privacy/.

LinkedIn plugin

This website uses functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each time you access a page of this website that contains LinkedIn functions, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited this website with your IP address. If you click the LinkedIn "Recommend" button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to this website with you and your user account. We wish to point out that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by LinkedIn.

The use of the LinkedIn plugin is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility on social media. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission. For details please see: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-derschweiz?lang=en For more information, please refer to LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.

XING plugin

This website uses functions of the XING network. The provider is New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany.

Each time you access one of our pages that contains XING functions, a connection to XING servers is established. As far as we are aware, no personal data is stored during this process. In particular, no IP addresses are stored, and usage behaviour is not analysed.

The storage and analysis of the data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility on social media. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

Further information on data protection and the XING Share button can be found in XING's privacy policy at: https://www.xing.com/app/share?op=data_protection.

6. Analysis tools and marketing

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool by means of which we can integrate tracking or statistical tools and other technologies into our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It is only used to manage and load the tools integrated via it. However, the Google Tag Manager does record your IP address, which may also be transmitted to Google's parent company in the United States.

The use of the Google Tag Manager is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and simple integration and management of various tools on its website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether the data entered on this website (e.g. in a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor accesses the website. To perform its analysis, reCAPTCHA evaluates various pieces of information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place. The storage and analysis of the data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offer from automated misuse and from spam. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.
For further information on Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Service at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

Google Analytics

Insofar as you have given your consent, this website uses Google Analytics, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by the cookies about your use of this website is usually sent to a Google server in the USA and stored there.

We use Google Signals. This allows Google Analytics to collect additional information about users who have enabled personalised ads (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.

We use the 'anonymizeIP' function (known as IP masking): Due to IP anonymisation in use on this website, your IP address will be truncated by Google within Member States of the European Union or other states that are part of the European Economic Area. The full IP address is only sent to a Google server in the US and truncated there in exceptional cases. The IP address sent by your browser as part of Google Analytics is not merged with other Google data.

During your visit to the website, some of the data collected includes:

  • the pages you visit, your "click path"
  • achievement of "website goals" (conversions, e.g. newsletter sign-ups, downloads, purchases)
  • your user behaviour (e.g. clicks, dwell time, bounce rates)
  • your approximate location (region)
  • your IP address (truncated)
  • technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
  • your internet service provider
  • the referrer URL (via which website/advertising medium you came to this website)

On behalf of the operator of this website, Google will use this information to evaluate your (anonymised) use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyse the performance of our website and the success of our marketing campaigns.

The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as processor. We have concluded a processing agreement with Google for this purpose. Google LLC, based in California, USA, and, where applicable, US authorities may access the data stored by Google. A transfer of data to the USA cannot be ruled out.

The data sent by us and linked to cookies is automatically deleted after 14 months. Data that has reached its retention period is deleted automatically once a month.

You can also prevent the collection by Google of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by
a. not giving your consent to the setting of the cookie or
b. downloading and installing the browser add-on to disable Google Analytics from [HERE].

You can also prevent cookies from being stored by configuring your browser software accordingly. However, if you configure your browser to reject all cookies, you may experience reduced functionality on this and other websites.

The legal basis and option to withdraw for this data processing is your consent, Article 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by opening the cookie settings (accessible via the fingerprint icon in the bottom left corner of the screen) and changing your selection there.

For further information about the terms of use of Google Analytics and data protection at Google, please see https://marketingplatform.google.com/about/analytics/terms/gb/ and https://policies.google.com/?hl=de.

7. Plugins and tools

YouTube

This website integrates videos from the website YouTube. The operator of the YouTube website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. When you visit one of our pages on which YouTube is embedded, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

Furthermore, YouTube may store various cookies on your device or use comparable technologies for recognition (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.

If you are logged into your YouTube account, you allow YouTube to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an appealing presentation of our website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

Further information on the handling of user data can be found in YouTube's privacy policy at: https://policies.google.com/privacy?hl=en.

Google Maps

This site uses the Google Maps service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this website has no influence on this data transmission. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform font display. When you access Google Maps, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

Google Maps is used in the interest of an appealing presentation of our website

and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

The transfer of data to the USA is based on the standard contractual clauses of the EU Commission.

For details please see: https://business.safety.google/gdprcontrollerterms/ and https://business.safety.google/gdprcontrollerterms/sccs/.

Further information on the handling of user data can be found in Google's privacy policy at: https://policies.google.com/privacy?hl=en.

Tidio

We use Tidio (hereinafter: "Tidio") to process user enquiries via our support channels or via live chat systems. The provider is Tidio LLC, 180 Steuart St, CA 94119, San Francisco, California, USA.

Messages that you send to us may be stored in the Tidio ticket system or answered in live chat by our staff. When you communicate with us via Tidio, all the data you entered before starting the chat (e.g. name or chat ID, address and telephone number) as well as your IP address, country of origin, the browser and device you are using, website accessed and messages exchanged are summarised in a profile and stored on Tidio's servers.

We will retain any messages you send to us until you request us to delete them or the purpose for storing the data no longer applies (e.g. after processing your enquiry has been completed). Mandatory statutory provisions – in particular legal retention periods – remain unaffected. We also use Tidio to analyse the behaviour of our users. This allows us to determine, for example, how many users have accessed our website or filled in the contact form.

The use of Tidio is based on Article 6(1)(f) GDPR. We have a legitimate interest in processing your enquiries as quickly, reliably and efficiently as possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Article 6(1)(a) GDPR; consent can be revoked at any time.

For more information, please refer to Tidio's privacy policy at: https://www.tidio.com/privacy-policy/.

We have concluded a data processing contract with the above provider. This is a contract required by data protection law that ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

Embedded tender texts from heinze.de

This website uses embedded tender texts via the platform [https://www.heinze.de] of Heinze GmbH. Cookies and Javascript are used for this purpose. Only session cookies are used, which are deleted when the browser is closed. It is easy to prevent cookies being saved in most browsers. The IP address is transmitted to Heinze GmbH and anonymised before statistical analysis. These session cookies are used on the basis of our legitimate interest according to Article 6(1)(f) GDPR, in measuring the access and use of the website, to improve the website and to check for misuse. For further information on data protection at heinze.de please see here: https://www.heinze.de/datenschutz.

Privacy policy of our social media channels

The protection of your personal data is extremely important to us. Below is information on how we handle the data captured through your use of our social media presences on social networks and platforms. Your data is processed in accordance with the legal regulations.

1. Facebook fan page

1.1. Responsible body

In the event that the data you provide us with is also or exclusively processed by Facebook, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is, in addition to ourselves or in our place, responsible for data processing within the meaning of the GDPR. To this end, we have concluded an agreement with Facebook in accordance with Art. 26 GDPR on joint responsibility for data processing (Controller Addendum). This agreement defines which data processing operations we or Facebook are responsible for when you visit our Facebook fan page. You can view this agreement via the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
If you as a visitor to the site wish to exercise your rights (information, correction, deletion, restriction, data transferability, complaint to the supervisory authority, opposition or revocation), you can contact both Facebook and us.
You can adjust your advertising settings by yourself in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads or http://www.youronlinechoices.com 
Further details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/

1.2. Data protection officer at Facebook

To contact the data protection officer at Facebook, you can use the online contact form provided by Facebook at the following link https://www.facebook.com/help/contact/540977946302970.

1.3. Data processing for statistical purposes with page insights

Facebook provides page insights for our Facebook fan page: https://www.facebook.com/business/a/page/page-insights. This is summarised data that provides information on how people are interacting with our page. Page insights can be based on personal data which is collected in relation to a visit or interaction with persons on or with our page and in relation to the content provided. Please be aware of what personal data you share with us via Facebook. Your data may be processed for market research and advertising purposes even if you are not logged in to Facebook or do not own a Facebook account. User profiles, for example, can be generated from the usage behaviour and resulting interests of the user. The user profiles can then in turn be used to display advertisements within and outside the platforms that are assumed to match the users' interests. This data is captured via cookies which are stored on your device. The user profiles can also be used to store data that is independent of the devices used by the user; especially if the user is a member of the platforms concerned and is logged into them. The legal basis for processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the optimised presentation of our offer, providing effective information and communication with customers and interested parties as well as in the targeted placement of advertisements. Please note that we have no influence on the collection of data and its further processing by Facebook. As a result, we cannot provide any information about the extent to which, where and for how long the data is stored by Facebook. Furthermore, we cannot make any statements about the extent to which Facebook complies with existing deletion obligations, which evaluations and links to the data are carried out by Facebook and to whom the data is passed on by Facebook. If you wish to avoid your data being processed by Facebook, please contact us via a different route.

2. Other social media providers

2.1. Responsible body

If your personal data is processed by a provider listed below, this provider is responsible for data processing in accordance with the GDPR. For the assertion of your data subject rights, we point out that they can be asserted most effectively with the respective providers. Only they have access to the data collected from you. Should you require any assistance, however, please feel free to contact us.

We have online presences on the social media platforms of the following providers:

  1. Instagram Inc., Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland 
  2. YouTube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
  3. LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
  4. XING SE, Dammtorstrasse 29-32, 20354 Hamburg, Germany

2.2. Data protection officer

Information on how to contact the data protection officer of the other social media providers can be found here:

  1. Instagram Inc.: https://www.facebook.com/help/contact/540977946302970 
  2. LinkedIn Ireland Unlimited Company: https://www.linkedin.com/help/linkedin/ask/TSO-DPO 
  3. XING SE: Datenschutzbeauftragter@xing.com

To contact the data protection officer for YouTube, please contact Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

3. General information on social media platforms from MUNK GmbH

3.1. Controller

The controller for data processing within the meaning of the GDPR is the following entity, insofar as we process this data transmitted to us by you via one of the social media platforms:

MUNK GMBH
Rudolf-Diesel-Strasse 23
D-89312 Günzburg, Germany

Phone: +49 (0) 8221 / 3616-01
Fax: +49 (0) 8221 / 3616-80
E-mail: info@munk-group.com

 

3.2. Data Protection Officer

Data Protection Officer: Kai Hartwig
E-mail: kai.hartwig@machcon.de

3.3. General data processing on social media platforms

3.3.1. Data processing for market research and advertising

Generally speaking, personal data is used on the company website for market research and advertising purposes. To do this, a cookie is placed in your browser which allows the provider to recognise you if you visit a website. The collected data can be used to create usage profiles. They are used to display advertisements within and outside the platform that are presumed to match your interests. The usage profiles can also be used to store data independently of the devices you use. This is generally the case if you are a member of the platforms in question and are logged into them.

3.3.2. Data processing upon contact initiation

We collect personal data ourselves if you get in touch with us using the contact form or a messenger service, such as Facebook Messenger. Which data is collected depends on the information you provide and the contact details you specify or allow us to use. This information is used for the purposes of processing your enquiry and stored by us in case there are any follow-up enquiries. We do not, under any circumstances, share your data with third parties without your consent. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6(1)(f) GDPR and, if applicable, Art. 6(1)(b) GDPR, if your request relates to the conclusion of a contract. Your data will be deleted after the full processing of your request, provided that this does not conflict with any legal storage obligations. We assume full processing if it can be concluded from the circumstances that the matter in question has been conclusively clarified.

3.3.3. Data processing for contract handling

If your contacting us via a social network or other platform is intended to achieve the conclusion of a contract for the delivery of goods or the provision of services with us, we process your data for the fulfilment of the contract or for the implementation of pre-contractual measures or for the provision of the requested services. The legal basis for the processing your data in this case is Art. 6(1)(b) of the GDPR. Your data will be deleted if it is no longer necessary for the execution of the contract or if it is clear that the pre-contractual measures will not lead to a conclusion of contract corresponding to the purpose of the contact. Please note, however, that even after conclusion of the contract, it may be necessary to store the personal data of our contractual partners to comply with contractual or legal obligations.

3.3.4. Data processing based on consent

If you are asked by the respective platform providers for consent to processing for a specific purpose, the legal basis of the processing is Art. 6(1)(a), Art. 7 GDPR. A given consent can be revoked at any time, with effect for the future.

3.3.5. Data sharing and recipients

Please note that due to the use of social media platforms, data processing may take place outside the EU and the European Economic Area, which means that the standard of European data protection cannot necessarily be guaranteed. The specified social media providers based in the USA are certified for the "Privacy Shield" US-European data protection agreement, which guarantees compliance with the standard of data protection applicable in the EU.

We have no influence on the processing and handling of your personal data by the respective providers. We also have no information regarding this. For further information, please see the privacy policy of the provider in question:

  1. Instagram privacy policy/opt-out http://instagram.com/about/legal/privacy/ 
  2. YouTube/Google privacy policy: https://policies.google.com/privacy?hl=de&gl=de, opt-out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active 
  3. LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy, opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active 
  4. XING privacy policy/opt-out: https://privacy.xing.com/de/datenschutzerklaerung

3.4 Your rights

Below you will find information on the rights of data subjects that the applicable data protection law grants you vis-à-vis the controller. You have the right to request information regarding the personal data we process about you; Art. 15 GDPR. In particular, you may request information as to the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged storage period, the existence of a right of rectification, erasure, restriction of processing or opposition, the existence of a right of appeal, the origin of your data if not collected by us, as well as the existence of automated decision making including profiling and, where applicable, meaningful information on the details thereof.

To request without delay the correction of incorrect or incomplete personal data stored by us; Article 16 GDPR.

To demand the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims; Article 17 GDPR.

To demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to have it deleted and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or if you have lodged an objection to the processing pursuant to Article 21 GDPR; Article 18 GDPR.

 To receive your personal data, which you have provided us with, in a structured, common and machine-readable format or to request its transmission to another responsible party; Art. 20 GDPR.

To complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office mentioned above or that of your usual place of residence or work.

To revoke any consent to the processing of data once granted at any time with effect for the future; Art. 7(3) GDPR. In the case of revocation, we will immediately delete the data concerned, unless further processing cannot be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

3.4.1. Right to objection
If your personal data is processed by us on the basis of legitimate interests in accordance with Art. 6(1)(f) GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data if this is done for reasons arising from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the need for specific reasons.

If you wish to exercise your right of revocation or objection, simply send an e-mail to datenschutz@munk-group.com

3.5 Duration of storage

The personal data collected by us will be deleted from our system if it is no longer required for the purposes specified at the time of collection or if you have exercised your right of revocation or objection. Statutory retention periods remain unaffected. We have no influence on the duration of storage of your data, which is stored by social media providers for their own purposes. For details of this, please contact them directly.

Information regarding data protection for applicants

In the following we inform you about our processing of your personal data and about your rights, which you can assert against us according to the GDPR.

1. Controller

MUNK GMBH
Rudolf-Diesel-Strasse 23
89312 Günzburg, Germany

Phone: +49 (0) 8221 / 3616-01
Fax: +49 (0) 8221 / 3616-80
E-mail: info@munk-group.com

Data Protection Officer: Kai Hartwig
E-mail: kai.hartwig@machcon.de

2. Purposes and legal basis of the processing

The data we receive from you will only be processed for the purposes for which you have transmitted it to us. Processing for any other purposes will only be considered if the legal requirements as specified in Article 6(4) GDPR are met. We will of course comply with the resulting information obligations under Art. 13(3) and Art. 14(4) GDPR.

We process your personal data in accordance with the provisions of the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG), insofar as this is necessary for the decision on the establishment of an employment relationship with us. The legal basis for this is Art. 88 GDPR and Section 26 of the new BDSG, as well as Art. 6(1)(b) GDPR where appropriate on the initiation or execution of contractual relationships.

If you give us your express consent to process your personal data for specific purposes, the lawfulness of the processing is based on Art. 6(1)(a) GDPR. A given consent can be revoked at any time, with effect for the future. Should the consent also relate to the processing of special categories of personal data in accordance with Art. 9 GDPR, we will expressly inform you of this in advance. If the processing of your personal data is necessary for the defence of legal claims against us arising from the employment relationship, this processing is based on the legal principles of Art. 6(1)(f) GDPR.

If necessary and legally permissible, we process your data beyond the actual contractual purposes to fulfil legal obligations in accordance with Art. 6(1)()c GDPR. In addition, processing may be carried out to protect our legitimate interests or the legitimate interests of third parties in accordance with Art. 6(1)(f) GDPR. We shall inform you separately of this stating the legitimate interest, if this is required by law. If the processing of your personal data is carried out on the basis of Art. 6(1)(f) GDPR in order to safeguard legitimate interests, you have the right, pursuant to Art. 21 GDPR, to object to the processing of such data at any time for reasons arising from your particular situation. In this case we will no longer process this data, unless we can prove compelling reasons for processing worthy of protection. These must outweigh your interests, rights and freedoms, or the processing must serve to assert, exercise or defend legal claims.

In the event that an employment relationship is established between you and us, in accordance with Art. 88 GDPR in conjunction with Section 26 of the new BDSG, we may process the personal data already received from you for the purposes of the employment relationship, insofar as this is necessary for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the representation of the interests of the employees resulting from a law or a collective agreement, a works or service agreement.

3. Length of data storage

We process your data as long as this is necessary for the decision on your application. The personal data or application documents provided by you will be deleted at most six months after the end of the application procedure, unless longer storage is legally required or permitted.

Storage of your data beyond the mentioned purposes is only carried out in those cases in which we are subject to various storage and documentation obligations arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The time limits for storage or documentation prescribed therein are two to ten years.

Ultimately, the period of storage is also based on the statutory periods of limitation, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), generally amount to three years, but can be up to thirty years in certain cases.

In principle, we carry out an examination of data towards the end of a calendar year with regard to the need for further processing. Given the volume of data, this check is carried out with regard to specific types of data or purposes of processing.

If you have agreed to a longer storage of your personal data, we will store it according to your consent.

If you are employed after the application procedure, your data will continue to be stored as far as this is necessary and permissible, and then transferred to the personnel file.

Under certain circumstances, you may receive an invitation to join our talent pool after the application process. This will also enable us to consider you for suitable positions in the future. If we have your consent, we will store your data in our talent pool in accordance with this consent.

4. Recipients of the data

We pass on your personal data within our company exclusively to those areas and persons who need this data to fulfil contractual and legal obligations or to implement our legitimate interests.

Furthermore, your personal data will be processed on our behalf on the basis of contracted data processing agreements in accordance with Art. 28 GDPR. In this case, we guarantee that the processing of personal data shall occur in accordance with the provisions of the GDPR.

In this case, the categories of recipients are: Bite GmbH, Magirus-Deutz-Str.16, 89077 Ulm, Germany

Otherwise, data will only be passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary for processing and thus for the fulfilment of the contract or, at your request, for the implementation of pre-contractual measures, if we have your consent or if we are authorised to provide information.

5. Categories of personal data

We only process personal data which you have submitted to us in connection with your application. This can be general data about your person, such as name, address, contact data or similar, but also information about your professional qualifications, school education, professional further education, as well as other data which you have transmitted to us.

6. Your rights

Every data subject has the following rights:

  • Right of access pursuant to Article 15 GDPR
  • Right to rectification pursuant to Article 16 GDPR
  • Right to erasure pursuant to Article 17 GDPR
  • Right to restriction of processing pursuant to Article 18 GDPR
  • Right to notification pursuant to Article 19 GDPR
  • Right to data portability pursuant to Article 20 GDPR

To exercise these rights, please contact: datenschutz@munk-group.com or write to MUNK GmbH, Rudolf-Diesel-Str. 23, 89312 Günzburg, Germany.

According to Article 77 GDPR, you also have the right to lodge a complaint with the data protection supervisory authority. This right is without prejudice to any other administrative or judicial recourse.

In particular, you have a right of objection under Art. 21 (1) and (2) GDPR against the processing of your data in connection with a direct advertising campaign, if this is based on a balancing of interests.

7. Sources of data

Only personal data will be processed which you have transmitted to us verbally, in writing, by e-mail or fax for the purpose of contacting us or applying for a job, or which you have entered in our BITE applicant management system from BITE GmbH, Magirus Deutz-Str. 16, 89077 Ulm, Germany.

8. Transmission to a third country

Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary or legally required for the execution of the contractual relationship or if you have given us your consent. We do not currently transfer your personal data to any service provider outside the European Economic Area.

9. Provision of personal data

The provision of personal data to establish, perform or fulfil a contract or to carry out pre-contractual measures is generally neither statutorily nor contractually stipulated. You are therefore not obliged to provide information regarding personal data. Please be aware, however, that this information is generally required for reaching a decision concerning conclusion of a contract, for fulfilment of a contract or for pre-contractual measures. If you do not provide us with any personal data, we may not be able to make a decision for the purposes of pre-contractual measures.

10. Automated decision-making

The decision on your application is not based solely on automated processing. There is therefore no automated individual decision-making within the meaning of Article 22 GDPR.

Cookies Policy