1. Data Protection
The following information gives you an overview how we use your personal data when you visit our website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about data protection, please refer to our Data Protection Declaration below.
Who is responsible for the recording of data on this website (i.e. the “controller”)?
The data on this website is processed by the operator of the website, whose contact information is available under section “Legal Notice” on this website.
How do we record your data?
We collect your data as a result of you sharing your data with us. E.g. this is information you send us via e-mail to one of the addresses on our website.
Our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system or time the site was accessed). This information is recorded automatically when you access our website.
For what purposes do we use your data?
Some of the information is generated to guarantee an error free provision of the website. Other data may be used to analyze your user patterns.
Rights of the data subject
You have the right to be informed about the source, recipients and purposes of your personal data that we store at any time, free of charge. You also have the right to demand that your data to be rectified, blocked or eradicated by us. Please do not hesitate to contact us under the address in section “Legal Notice” on this website in case you have questions about any data protection related issues at any time. You also have the right to lodge a complaint with the competent supervising authority.
Moreover, under certain circumstances, you have the right to demand to restrict the processing of your personal data. Further details are given under section “Right to Restriction of Data Processing.”
2. General and mandatory information
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and strictly in compliance with the statutory data protection regulations, especially the General Data Protection Regulation (GDPR) and this Data Protection Declaration.
Whenever you visit this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration describes which data we collect as well as its use. It also explains how, and for which purpose the information is collected.
Please be advised that the transmission of data via the internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.
Responsible party (referred to as the “controller” in the GDPR)
The data processing controller of this website is:
KROSE GmbH & Co. Kommanditgesellschaft
Armin Beier-Thomas, Dr. Oliver Cullmann, Leopold Muhle, Dr. Stephan Schramm
T +49 421 5988-800
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to the processing of data
A wide range of data processing transactions are possibly only subject to your express consent. You can also revoke any consent that you have already given us at any time. All you need to do is to send us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collected prior to your revocation.
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects are entitled to lodge a complaint with a supervisory authority, in particular in the member state where they usually maintain their domicile, place of work or at the place where the alleged violation occurred. The right to lodge a complaint is in effect without prejudice to any other administrative or judicial remedies.
Right to data portability
You have the right to receive any data that we automatically process on the basis of your consent or in order to fulfill a contract as well as its transferal to a third party in a commonly used, machine readable format. Should you demand a direct data transfer to another controller, we will only do so if it is technically feasible.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content such as inquiries sent to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Blockage, rectification and erasure of data
You have the right to demand information about your stored personal data, their source and recipients as well as the purpose of the processing of your data pursuant to the applicable statutory provisions at any time. You may also have a right to have your data rectified, blocked or eradicated. Should you have any questions about personal data, please do not hesitate to contact us at the address in section “Legal Notice” at any time.
Right to demand processing restrictions
You have the right to demand the imposition of restrictions to our processing of your personal data. To do so, you may contact us at the address provided in section “Legal Notice” at any time. The right to demand restriction of processing applies in the following cases:
- In the event that you should dispute the correctness of your data stored by us; usually we need some time to verify this claim. While this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
- If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data rather than demanding the erasure of this data.
- If we do not need your personal data any longer and you need it to exercise, defend or claim legal titles, you have the right to demand the restriction of the processing of your personal data instead of its erasure.
- If you have raised an objection pursuant to Art. 21 Sect. 1 GDPR, your rights will have to be weighed against our rights. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – with the exception of their retention – may be processed only subject to your consent or to claim, exercise or defend legal titles or to protect the rights of other natural persons or legal entities or for reasons of important public interest cited by the European Union or a member state of the EU.
3. Data protection officer
Designation of a data protection officer as mandated by law
We have appointed a data protection officer for our company.
KROSE GmbH & Co. Kommanditgesellschaft
Data Protection Officer
T +49 421 5988-800
4. Recording of data on our website
Server log files
The provider of this website and its pages automatically collects and stores information in so-called server log files, communicated to us automatically by your browser. The information comprises:
- type and version of browser
- operating system
- referring URL
- hostname of the accessing computer
- time of the server inquiry
- IP address
This data is not merged with any other data sources.
This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website is recording server log files due to his legitimate interest in ensuring a technically error free function and optimization of the operator’s website.
Requests by e-mail, telephone or fax
If you contact us via e-mail, telephone or fax, your request, with all personal data (name, request) contained therein, will be stored and processed by us so that we are able to handle your request accordingly. Without your consent we do not pass on these data to any third party.
The processing of these data is based on Art. 6 (1) (b) GDPR, if your request is related to the execution of a contract or is necessary to carry out pre-contractual measures. In all other cases the processing is based on your consent (Article 6 (1) (a) GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we ourselves have a legitimate interest in handling incoming requests effectively.
The data contained in contact requests sent to us remain with us until you request to delete them, revoke your consent to their storage or the purpose of the data storage no longer exists (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
5. Applications for Employment
You can apply for job offers and apprenticeships or proactively for future job offers via mail or e-mail. If you apply by e-mail, you have the option to voluntarily submit files containing your application documents such as your personal motivational letter, resume, credentials, etc.
Please note that the application will be transmitted by e-mail in unencrypted form.
Please make sure that you do not provide information that is not in accordance with the provisions of the General Equal Treatment Act.
Your data and files will only be collected and processed insofar as they concern your interest in current or future employment and our assessment of your application, including the need to contact you. If we conclude an employment contract, your data and files may be used when beginning to implement the employment relationship.
If your application for a job offer is unsuccessful or if you have applied by unsolicited application, we will hold the data and files you submitted for six months to be able to answer any questions related to your application and / or rejection. You have the option to withdraw your application in whole or in part at any time. You can also request at any time that all or some of your submitted data and files shall be deleted. However, we still need to retain certain information about your application for a limited period in order to comply with legal, contractual and commercial or tax regulations. You can explain with effect for the future the withdrawal of the processing of your application documents, by mail or e-mails to the contact information specified in the section “Legal Notice”.
5.1 Applications via the application form
For the application form on our website we use the service “FriendlyCaptcha” (www.friendlycaptcha.com) of Friendly Captcha GmbH.
Friendly Captcha is implemented to make it more difficult for automated programs and scripts (so-called “bots”) to use the application form on our website.
Friendly Captcha does not set or read any cookies on the visitor’s terminal device. IP addresses are only stored in hashed (one-way encrypted) form and do not allow us and Friendly Captcha to draw any conclusions about an individual person.
The data is used exclusively for the protection against spam and bots described above.
The legal basis for the processing is our legitimate interests in protecting our website from abusive access by bots, thus spam protection and protection against attacks (e.g. mass requests), Art. 6 (1) lit. f DSGVO.
For more information on data protection when using Friendly Captcha, please visit https://friendlycaptcha.com/legal/privacy-end-users/.