PRIVACY POLICY

Privacy Policy

We would like to welcome you to our website and appreciate your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable personal data protection legislation, in particular the EU General Data Protection Regulation (GDPR) and the country-specific implementation laws applicable to us. With the help of this Data Protection Policy, we will inform you comprehensively about the processing of your personal data by HEINZ-GLAS GmbH & Co. KGaA and the rights to which you are entitled.

Personal data is the information that makes it possible to identify a natural person. This includes, in particular, name, date of birth, address, telephone number, email address and also your IP address.

Data is anonymized if no personal reference to the user can be made.

Controller and Data Protection Officer

Address: HEINZ-GLAS GmbH & Co. KGaA | Glashüttenplatz 1-7 | 96355 Kleintettau, Germany

Contact information: heinz-glas.com | +49 9269 77-100 | info@heinz-glas.com

Contact information for the Data Protection Officer: data-protection@ heinz-glas.com

Your rights as a data subject

First, we would like to inform you about your rights as a data subject. These rights are standardized in Articles 15 - 22 EU-GDPR. This includes:

 The right of access (Art. 15 EU-GDPR),

 The right to erasure (Art. 17 EU-GDPR),

 The right to rectification (Art. 16 EU-DS-GVO),

 The right to data portability (Art. 20 EU-GDPR),

 The right to restriction of data processing (Art. 18 EU-DS-GVO),

 The right to object to data processing (Art. 21 EU-DS-GVO).

In order to exercise any of these rights, please contact  data-protection@ heinz-glas.com. The same applies if you have questions about data processing in our company. You also have a right to lodge a complaint with a data protection supervisory authority.

Right to object

Please note the following in connection with your right to object:

If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without providing justification. This also applies to profiling insofar as it is associated with direct marketing.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be done without being in any specific form, if possible send to: data-protection@ heinz-glas.com.

In the event that we process your data to protect legitimate interests, you may object to such processing at any time for reasons that arise from your particular situation; this also applies to profiling based on these provisions.

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

Purposes and legal basis for data processing

The processing of your personal data complies with the provisions of the EU-GDPR and all other applicable data protection regulations. The legal basis for the data processing arises, in particular, from Art. 6 EU-GDPR.

We use your data to initiate business, to fulfill contractual and legal obligations, to execute the contractual relationship, to offer products and services, and to strengthen customer relationships, which may include marketing and direct marketing.

Your consent also constitutes a data protection regulation. In doing so, we will inform you about the purposes of data processing and your right to withdraw. If the consent also relates to the processing of special categories of personal data, we will expressly inform you about this in the consent form, Art. 88(1) EU-GDPR.

Processing of special categories of personal data within the meaning of Art. 9(1) EU-GDPR is only applied where this is required by law and there is no reason to believe that your legitimate interest in the exclusion of processing prevails, Art. 88(1) EU-GDPR.

Transfer to third parties

We will only pass on your data to third parties within the scope of statutory provisions or with the appropriate consent. Otherwise, it will not be passed on to third parties unless we are obliged to do so due to mandatory legal regulations (disclosure to external bodies such as supervisory authorities or law enforcement authorities).

Recipients of the data / categories of recipients

Within our organization, we ensure that only those individuals receive the data that they need to fulfill their contractual and legal obligations. In many cases, service providers support our specialist departments in fulfilling their tasks. The necessary data protection contract was concluded with all service providers.

Transfer to third countries

A transfer of data to third countries (outside the European Union or the European Economic Area) only occurs if required by law, or if you have given us your consent to do so.

We transfer your personal data to a service provider or to group companies outside the European Economic Area: China, India, Peru, Russia, Switzerland, USA. Compliance with this level of data protection is ensured by the Privacy Policy of the HEINZ-GLAS & PLASTICS Group.

Duration of data storage

We store your data as long as it is needed for the respective processing purpose. Please note that numerous retention periods require that data continues to be stored. This concerns, in particular, commercial or tax-related retention obligations (for example, commercial code, tax code, etc.). Unless there are further retention requirements, data will be routinely deleted after use.

In addition, we may store data if you have given us your permission to do so or if there are any legal disputes and we use evidence within the legal period of limitation, which may be up to thirty years; the normal period of limitation is three years.

Secure transfer of your data

In order to best protect the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we employ appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

The data exchange from and to our website is encrypted. We offer HTTPS as a transmission protocol for our website, using the current encryption protocols each time. In addition, we offer our users content encryption as part of the contact forms and applications. The decryption of this data is only possible for us. It is also possible to use alternative communication channels (e.g. the postal service).

Obligation to provide data

Various personal data is necessary for the establishment, implementation and termination of the contractual obligation(s) and the fulfillment of the associated contractual and legal obligations. The same applies to the use of our website and the various functions it provides.

We have summarized details concerning this for you in the aforementioned point. In certain cases, data must also be collected or made available due to legal regulations. Please note that it is not possible to process your request or execute the underlying contractual obligation without providing this data.

Categories, sources and origin of the data

The context, e.g. the submission of an application, determines which data we process. Please note that we may also provide information for specific processing situations separately where appropriate, e.g. when uploading application documents.

When visiting our website, we collect and process the following data:

• Name of the internet service provider
• Information about the website from which you came to visit us
• Web browser and operating system used
• The IP address assigned by your internet service provider
• Requested files, transferred amount of data, downloads/file export
• Information about the websites that you call up from our website, including date and time
• For reasons of technical security (in particular to ward off attempts to attack our web server), this data is processed in accordance with Art. 6(1)(f) EU-GDPR. Anonymization takes place by truncating the IP address after 7 days at the latest, so that no reference is made to the user.

When applying online, we collect and process the following data:

• Last name, First name
• Email address
• Telephone number
• Curriculum vitae, certificates and other application-relevant and personal documents
• In addition, we use data that we have legitimately gained from publicly accessible directories (e.g. professional networks).

Contact by email (Article 6(1)(a), (b) EU-GDPR)

If you contact us by email, we will process the personal information provided in the email solely for the purpose of processing your request.

Advertising purposes for existing customers (Article 6(1)(f) EU-GDPR)

The HEINZ-GLAS & PLASTICS Group is interested in maintaining customer relations with you and in providing you with information and offers about our products and services. Therefore, we process your data in order to send you the corresponding information and offers by email.

If you do not wish to receive this, you may object to the use of your personal information for the purpose of direct marketing at any time; this also applies to profiling insofar as it is associated with direct marketing. If you object, we will stop processing your data for this purpose.

The objection can be made free of charge without providing justification and should preferably be sent by email to data-protection@ heinz-glas.com or by post to HEINZ-GLAS GmbH & Co. KGaA | Glashüttenplatz 1-7 | 96355 Kleintettau, Germany

Applicant portal (Article 6(1)(a), (b) EU-GDPR)

Thank you for your interest in working for the HEINZ-GLAS & PLASTICS Group. We are aware of the importance of your data and process the personal data provided by you within the application form only for the purpose of the effective and correct handling of the application process and for the contact that takes place during the application process. There is no transfer of data to third parties without your consent.

As part of the application form you will be asked to provide personal information. In doing so, we follow the principle of data minimization and data avoidance by having you provide us only with the information we need to fully review your application or which we are required to collect by law. Any such mandatory details are marked with a * (asterisk). Due to technical necessity as well as legal security, your IP address will be processed.

Unfortunately, we cannot carry out an examination of your application documents without this data, as in this case our application system will not allow us to upload the application documents. Of course you have the opportunity to provide any voluntary information in the application form.

In order to best protect the security and confidentiality of your data, we implement appropriate security measures. Your application documents will be encrypted and transmitted to us via our application system.

We store your data for the above purposes until the application process is completed and any deadlines have expired – no later than six months after receipt of a decision. You can, of course, withdraw your consent at any time without providing justification with effect for the future by sending an email to data-protection@ heinz-glas.com or by post to HEINZ-GLAS GmbH & Co. KGaA | Glashüttenplatz 1-7 | 96355 Tettau, Germany.

Automated individual decisions

We do not use purely automated processing to make a decision.

Cookies (Art. 6(1)(f) EU-GDPR / Art. 6(1)(a) EU-GDPR with consent)

Our website uses so-called cookies at several locations. They serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are filed on your computer and stored by your browser (locally on your hard disk).

These cookies enable us to analyze how users use our websites. This way we can design the website content according to the visitor's needs. Cookies also allow us to measure the effectiveness of a given ad and to place it according to the user's interests, for example.

Most of the cookies we use are so-called "session cookies". These will be deleted automatically after your visit. Persistent cookies are automatically deleted from your computer when their validity period (usually six months) is reached or you delete them yourself before the expiration date.

Cookies are stored on the computer of the user and transmitted by the computer to us. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Furthermore, already set cookies can be deleted at any time through the internet browser or other software programs. This is possible in all common internet browsers.

Please note: If you deactivate the setting of cookies, you may find that the functions of our website are not fully available.

Adjust your cookie preferences

User profiles / Webtracking procedures

Analysis programs and other technologies to evaluate your usage behavior have not been used on our website.

Social media network plugins

Facebook

LinkedIn

Also installed are:

Lightwidget.com

Google Maps

Online offers for children

Persons under the age of 16 may neither submit any personal data to us without the consent of their legal guardian(s) nor submit a declaration of consent. We encourage parents and guardians to actively participate in the online activities and interests of their children.

Links to other providers

Our website also contains – clearly recognizable – links to the Internet sites of other companies. As far as links to websites of other providers are available, we have no influence on their content. Therefore, no guarantee or liability can be assumed for this content. The content of these pages is always the responsibility of the respective provider or operator of the pages.

The linked pages were checked at the time of linking for possible legal violations and identifiable infringements. Illegal content was not recognizable at the time of linking. However, permanent control of the content of the linked pages is not reasonable without concrete evidence of an infringement. Upon notification of such an infringement, the links will be promptly removed.