Name and contact data of the person responsible for processing as well as the company data protection officer
Koubek & Hartinger GmbH & Co. KG
Collection and storage of personal data as well as type and purpose of their use
a) When you visit our website
When you visit our website, our web server temporarily evaluates the usage data for statistical purposes in order to improve the quality of our website. This data record comprises
- the name and the address of the requested content,
- the date and time of the query,
- the transmitted data amount,
- the access status (contents transmitted, content not found),
- the description of the web browser and the operating system used,
- the referral link specifying from which site you accessed our site,
- the IP address of the querying computer, shortened in such a way that it is not possible to reference an individual person.
These listed log data are only evaluated in an anonymous manner.
b) In case of contacting/communication (customers and interested parties)
If you have questions of any kind, you can contact us by e-mail or telephone. This action involves the transmission of at least one valid e-mail-address or your phone number. For communication purposes, we might process other data regarding your person transmitted by you to us.
Data processing for the purpose of contacting us takes place acc. to article 6, section 1a of the GDPR basing on your consent. In the course of a business relationship, we might process the data on the basis of a contract or pre-contractual measures acc. to article 6, section 1b of the GDPR. In individual cases, we process customer and interested party data due to our legitimate interest acc. to article 6, section 1f of the GDPR if and insofar as our interests in regard to this data processing prevail.
The personal data collected by us in the contacting process are generally deleted after your query has been settled. If the personal data of customers or interested persons are subject to a legal requirement of storage (e.g. as part of a contractual relationship), we shall store such data basing on article 6, section 1f of the GDPR until the legal period has expired. In some cases we have a legitimate interest in storing relevant processes (e.g. until the end of the limitation period) and shall save such data until the period expires basing on our legitimate interest acc. to article 6 section 1f of the GDPR.
c) In case of job applications/unsolicited applications
We are always happy to receive your application. Please ensure that you choose a means of transmission that offers sufficient safety. Sending an e-mail without suitable encryption is not recommended because this means of communication enables unauthorized persons to read and use your data without major effort. If you want to send us an encrypted e-mail with your application papers, please use only the e-mail address email@example.com.
Data we require:
In the application, we process those of your data that we need for your application. This includes contact data, data in connection with your application (résumé, certificates, qualifications, responses to questions, etc.) and possibly data of your bank account (to reimburse you for travel expenses). The legal basis for this is § 26 of the German Federal Data Protection Law.
Deletion of data:
Unless there is a legal requirement to store data over a specified period, the data will be deleted as soon as storage is no longer necessary and/or the justifiable interest to storage has lapsed. If no employment results, this happens on a regular basis, latest six months after concluding the application process.
In individual cases, individual data can be stored over a longer period (e.g. travel expenses). The duration of storage then depends on the legal requirements for storage for example in the General Fiscal Law (6 years) or the Commercial Code (10 years).
If we do not hire you but your application is still of interest to us, we will ask for your permission to keep your application for future openings.
Confidential treatment of your data:
Naturally we shall treat your data confidentially and do not transmit them to third parties beyond the Gabler company.
If necessary, we employ service providers strictly bound by instructions who assist us e.g. in the field of IT or in archiving and destruction of documents and with whom we sign specific contracts regarding order processing.
Cookies are small text files that can be saved to and read from your terminal device. There is a distinction between session cookies which are deleted as soon as you close your browser and permanent cookies which are saved beyond the individual session.
We do not use these necessary cookies for analysis, tracking or promotional purposes.
In part, these cookies only contain information regarding specific settings and cannot be traced to individuals. They can be necessary to enable user guidance, safety and implementation of the site.
We use these cookies on the basis of article 6 section 1f of the GDPR.
Transfer of data
Any transfer of your personal data to third parties for other purpose than listed herein will not take place.
We only disclose your personal data to third parties if:
- you have given us your express consent pursuant to article 6, section 1a of the GDPR,
- the relevant disclosure pursuant to article 6 section 1f of the GDPR is required to assert, exercise or defend legal claims and there is no reason to believe that you have no overriding and legitimate interest warranting non-disclosure of your data,
- we are legally obliged to disclose the data pursuant to article 6 section 1c of the GDPR, or
- the disclosure is lawful and required to handle a contractual relationship with you pursuant to article 6, section 1b of the GDPR.
We disclose your data as part of order processing acc. to article 28 of the GDPR to service providers who assist us in the operation of our website and any processes in connection therewith. These are e.g. hosting service providers or IT providers for the support of our IT systems. Our service providers are strictly bound by our instructions and under according contractual obligations.
Suitable privacy level
Web hosting and support
Processing only within the EU/EEA
Insofar as we did not already inform you about the storage period, we delete personal data when they are no longer required for the processing purposes given above and if no legal obligations for storage preclude a deletion.
Rights of persons concerned
In processing your personal data, the GDPR grants you as concerned person certain rights:
Right of access (article 15 GDPR)
You have the right to demand a confirmation whether any personal data concerning you are being processed; if this is the case you have the right of access to these personal data and to the information listed in article 15 of the GDPR.
Right to rectification (article 16 GDPR)
You have the right to request immediate rectification of any incorrect or incomplete personal data and completion of any incomplete data, if applicable.
Right to erasure (article 17 GDPR)
You have the right to request immediate erasure of any personal data concerning you if one of the reasons listed in article 17 of the GDPR applies.
Right to restriction of processing (article 18 GDPR)
You have the right to request restriction of processing if one of the requirements listed in article 18 of the GDPR is met, e.g. if you filed an objection to processing, for the duration of the verification by the responsible person.
Right to data portability (article 20 GDPR)
In specific cases listed in detail in article 20 of the GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to demand transmission of said data to a third party.
Right to withdrawal (article 7 GDPR)
If data processing is done on the basis of your consent, you have the right acc. to article 7 section 3 of the GDPR to withdraw your consent to the use of your personal data any time. Please observe that this withdrawal will only act in the future. Processing that was done before your withdrawal is not affected.
Right to object (article 21 GDPR)
If data are collected on the basis of article 6 section 1 section 1f of the GDPR (data transfer to pursue legitimate interest) or on the basis of article 6 section 1e (data processing to pursue public interest or exercise of official authority), you have the right to appeal the processing any time for reasons resulting from your specific situation. We no longer process personal data, unless there are compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
Right of appeal to the supervisory authority (article 77 GDPR)
Acc. to article 77 of the GDPR you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes data protection regulations. This right to lodge a complaint can in particular be claimed with a supervisory authority in the member state of your habitual residence, place of work or place of the alleged infringement.
Assertion of your rights
Unless described differently above, please contact the body given in the imprint to assert your rights as a concerned person.
In order to protect your data as comprehensively as possible from undesired access we take technical and organizational measures. We use an encryption method on our website. Your information are transmitted from your computer to our server and vice versa via the internet using a TLS encryption. In general you can detect this by the padlock symbol in the status bar of your browser and by the fact that the address line starts with https://.