1. Name and contact details of the controller responsible for processing and the company data protection officer
This privacy notice applies to data processing in connection with our website www.hoberg-driesch.de:
Hoberg & Driesch GmbH & Co. KG, Theodorstraße 101, 40472 Düsseldorf, Germany
Telefon: +49 (0)211 52063-0
Telefax: +49 (0)211 52063-204
Registered office and registry court Düsseldorf, register no. HRA 4149
General partner: Hoberg & Driesch Beteiligungsgesellschaft mbH, Düsseldorf local court (Amtsgericht), register no. HRB 1510
Managing Directors: Hanns-Jörg Westendorf, Dr. Marcus Schubbe
The companies of the Hoberg & Driesch Group have designated a single data protection officer. You can contact this officer at the following postal address: Hoberg & Driesch GmbH & Co. KG, Data Protection Officer, Theodorstr. 101, 40472 Düsseldorf, Germany. Email: email@example.com
Separate privacy information for customers and suppliers of the Hoberg & Driesch Group can be found at: www.hoberg-driesch.de/terms-and-conditions/
Intensive intragroup supply and service relationships exist between the companies in the Hoberg & Driesch Group. Moreover, Hoberg & Driesch GmbH & Co. KG provides central departments and services for the group companies. This primarily concerns the Human Resources, IT, Controlling, Quality Control/Health and Safety and Accounting divisions. Within the scope of this cooperation, the companies also share personal data with each other.
The companies are then jointly responsible for the processing of the personal data within the meaning of Article 26 of the European General Data Protection Regulation (GDPR). The Regulation stipulates that the companies must reach an arrangement determining their joint responsibility (so-called ‘joint control arrangement’) and inform the data subjects of the essence of that arrangement.
- Hoberg & Driesch GmbH & Co. KG has been designated as holding primary responsibility for all personal data and all processing procedures within the Hoberg & Driesch Group.
- The single data protection officer has been designated as the central point of contact for the data subjects. The data subjects are, however, at liberty to express their privacy concerns to each individual group company.
- Both the companies themselves and their employees are bound by an obligation of confidentiality in respect of all personal data.
- All obligations to which the companies are subject under the GDPR are incumbent on Hoberg & Driesch GmbH & Co. KG as the body with primary responsibility.
- All Hoberg & Driesch GmbH & Co. KG regulations and measures with regard to data protection and data security shall be adopted, implemented and applied by the other companies.
Intragroup sharing of personal data is based on Article 6(1)(f) GDPR in conjunction with recital 48 GDPR.
3. Collection and storage of personal data, and how and why we use your data
When you visit our website www.hoberg-driesch.de, the browser on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part:
- IP address of the requesting computer,
- date and time of the request,
- name and URL of the retrieved file,
- website from which access is being made (referrer URL),
- browser used and, where appropriate, the operating system of your computer and the name of your access provider.
The log file data are automatically anonymised after seven days. After that, it is no longer possible to trace them to a specific user.
We process the cited data for the following purposes:
- to ensure a smooth connection with the website,
- to ensure comfortable use of our website,
- to analyse system security and stability, and
- for other administrative purposes.
The legal basis for the data processing is provided for by point (f) of the first subparagraph of Art. 6(1) GDPR. Our legitimate interest results from the purposes of data collection as mentioned above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you as an individual.
We also use analytical services when you visit our website. For more information about this, please refer to Section 5 of this privacy statement.
4. Disclosure of data
Your personal data are not disclosed to third parties for any purposes other than those stated below. We only pass your personal data on to third parties when:
- this disclosure is necessary pursuant to point (f) of the first subparagraph of Art. 6(1) GDPR for the establishment, exercise or defence of legal claims and there are no grounds to assume that you have an overriding legitimate interest in preventing disclosure of your data,
- in cases where there is a statutory obligation to disclose data pursuant to point (c) of the first subparagraph of Art. 6(1) GDPR and
- this is permitted by law and, pursuant to point (b) of the first subparagraph of Art. 6(1) GDPR, is necessary in implementing the contractual relations with you.
5. Analysis tools and embedded third-party content
We use the open source software Matomo (formerly ‘Piwik’) to analyse and statistically evaluate the use of our website. We do not use any cookies in this connection.
The information is used to evaluate the use of our website and to enable its needs-based design. Information is not passed on to third parties. Under no circumstances are analysis results linked with other data relating to the user.
The tracking measures we apply are carried out on the basis of point (f) of the first subparagraph of Art. 6(1) GDPR. In applying these tracking measures our intention is to ensure the needs-based design and ongoing optimisation of our website. We also apply the tracking measures in order to statistically record the use of our website and for the purpose of optimising our service offerings for you as a user. These interests shall be considered legitimate within the meaning of the aforementioned provision.
If the ‘do not track’ feature is enabled in your browser, your visit to our website is not recorded by web tracking.
In the interests of uniform presentation of fonts, this website uses so-called web fonts provided by Monotype GmbH, Werner-Reimers-Straße 2–4, 61352 Bad Homburg (‘Monotype’). When a page is accessed, your browser loads the web fonts required into your browser cache so that texts and fonts can be displayed correctly. For this purpose, your browser has to link up with the Monotype servers. Monotype thus gains knowledge of the fact that your IP address accessed our website. Monotype web fonts are used to enable uniform and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of point (f) of the first subparagraph of Art. 6(1) GDPR.
6. Consideration of ‘do not track’ and opt out information
We respect the ‘do not track’ feature set in the browser. When ‘do not track’ is enabled in the browser, tracking is deactivated.
Depending on the browser, the ‘do not track’ (DNT) option in your Internet browser is either a button in the program settings or a module that has to be subsequently installed (add-on or plugin). When this option is activated, your browser sends a signal to our website that you do not wish any tracking measures to be undertaken without your explicit consent. All server-side tracking functions are then automatically disabled at our end. This ensures the best possible privacy without you having to take any further steps with regard to our website.
The procedure by which you can enable the ‘do not track’ option differs depending on the Internet browser used. Please refer to the help function of your browser in this respect.
7. Your rights as data subject
You have the right:
- pursuant to Article 15 GDPR to demand access to information about the personal data we process about you. You can, in particular, demand information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be made available, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data insofar as these were not collected by us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about the details thereof;
- pursuant to Article 16 GDPR to demand without undue delay the rectification or completion of inaccurate or incomplete personal data relating to you;
- pursuant to Article 17 GDPR to demand erasure of the personal data we store about you insofar as processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- pursuant to Article 18 GDPR to demand restriction of processing of your personal data where you contest the accuracy of the data, where processing is unlawful but you oppose the erasure of the data and where we no longer need the data, but they are required by you for the establishment, exercise or defence of legal claims, or where you have objected to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR to receive the personal data relating to you, which you have provided to us, in a structured, commonly used and machine-readable format, or to request that those data be transmitted to another controller;
- pursuant to Article 7(3) GDPR to at any time withdraw your previously granted consent. As a consequence of this, we shall with future effect no longer be permitted to continue the data processing which was based on this consent and
- pursuant to Article 77 GDPR to lodge a complaint with a supervisory authority. As a rule, complaints can be addressed to the supervisory authority of your usual place of residence or work, or of our registered office.
8. Right to object
Insofar as your personal data are processed based on legitimate interests pursuant to point (f) of the first subparagraph of Article 6(1) GDPR, you have the right pursuant to Article 21 GDPR to object to processing of your personal data where grounds relating to your particular situation exist or the objection is directed against direct marketing. In the latter case you have a general right to object which shall be implemented by us without a particular situation being specified.
To exercise your right to object, simply contact us by email at firstname.lastname@example.org
9. Data security
Within the visit to the website, we use the widespread SSL procedure (secure socket layer) in connection with the highest possible level of encryption supported by your browser. This is generally a 256-bit encryption. The closed depiction of the key or lock symbol in the bottom status bar of your browser indicates whether an individual page of our Internet presence is transmitted in encrypted form.
We furthermore apply appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are subject to improvement on an ongoing basis in line with technological developments.
10. Validity and modification of this privacy statement
This privacy statement is currently valid as at May 2018.
Further development of our website and service offerings or changes in legal requirements or official regulations can necessitate modification of this privacy statement. The latest version of our privacy statement can be accessed on and printed from our website www.hoberg-driesch.de/en/privacy-statement/ at any time.