Data privacy

1. An overview of data protection

General information

The fol­low­ing infor­ma­tion will pro­vide you with an easy to nav­i­gate overview of what will hap­pen with your per­son­al data when you vis­it this web­site. The term “per­son­al data” com­pris­es all data that can be used to per­son­al­ly iden­ti­fy you. For detailed infor­ma­tion about the sub­ject mat­ter of data pro­tec­tion, please con­sult our Data Pro­tec­tion Dec­la­ra­tion, which we have includ­ed beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this web­site is processed by the oper­a­tor of the web­site, whose con­tact infor­ma­tion is avail­able under sec­tion “Infor­ma­tion about the respon­si­ble par­ty (referred to as the “con­troller” in the GDPR)” in this Pri­va­cy Policy.

How do we record your data?

We col­lect your data as a result of your shar­ing of your data with us. This may, for instance be infor­ma­tion you enter into our con­tact form.

Oth­er data shall be record­ed by our IT sys­tems auto­mat­i­cal­ly or after you con­sent to its record­ing dur­ing your web­site vis­it. This data com­pris­es pri­mar­i­ly tech­ni­cal infor­ma­tion (e.g., web brows­er, oper­at­ing sys­tem, or time the site was accessed). This infor­ma­tion is record­ed auto­mat­i­cal­ly when you access this website.

What are the purposes we use your data for?

A por­tion of the infor­ma­tion is gen­er­at­ed to guar­an­tee the error free pro­vi­sion of the web­site. Oth­er data may be used to ana­lyze your user patterns.

What rights do you have as far as your information is concerned?

You have the right to receive infor­ma­tion about the source, recip­i­ents, and pur­pos­es of your archived per­son­al data at any time with­out hav­ing to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or erad­i­cat­ed. If you have con­sent­ed to data pro­cess­ing, you have the option to revoke this con­sent at any time, which shall affect all future data pro­cess­ing. More­over, you have the right to demand that the pro­cess­ing of your data be restrict­ed under cer­tain cir­cum­stances. Fur­ther­more, you have the right to log a com­plaint with the com­pe­tent super­vis­ing agency.

Please do not hes­i­tate to con­tact us at any time if you have ques­tions about this or any oth­er data pro­tec­tion relat­ed issues.

Analysis tools and tools provided by third parties

There is a pos­si­bil­i­ty that your brows­ing pat­terns will be sta­tis­ti­cal­ly ana­lyzed when your vis­it this web­site. Such analy­ses are per­formed pri­mar­i­ly with what we refer to as analy­sis programs.

For detailed infor­ma­tion about these analy­sis pro­grams please con­sult our Data Pro­tec­tion Dec­la­ra­tion below.

2. Hosting

We are host­ing the con­tent of our web­site at the fol­low­ing provider:

External Hosting

This web­site is host­ed exter­nal­ly. Per­son­al data col­lect­ed on this web­site are stored on the servers of the host. These may include, but are not lim­it­ed to, IP address­es, con­tact requests, meta­da­ta and com­mu­ni­ca­tions, con­tract infor­ma­tion, con­tact infor­ma­tion, names, web page access, and oth­er data gen­er­at­ed through a web site.

The exter­nal host­ing serves the pur­pose of ful­fill­ing the con­tract with our poten­tial and exist­ing cus­tomers (Art. 6(1)(b) GDPR) and in the inter­est of secure, fast, and effi­cient pro­vi­sion of our online ser­vices by a pro­fes­sion­al provider (Art. 6(1)(f) GDPR). If appro­pri­ate con­sent has been obtained, the pro­cess­ing is car­ried out exclu­sive­ly on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

Our host(s) will only process your data to the extent nec­es­sary to ful­fil its per­for­mance oblig­a­tions and to fol­low our instruc­tions with respect to such data.

We are using the fol­low­ing host(s):

Timme Host­ing GmbH & Co. KG
Ovel­gön­ner Weg 43
21335 Lüneb­urg
Deutsch­land

Data processing

We have con­clud­ed a data pro­cess­ing agree­ment (DPA) for the use of the above-men­tioned ser­vice. This is a con­tract man­dat­ed by data pri­va­cy laws that guar­an­tees that they process per­son­al data of our web­site vis­i­tors only based on our instruc­tions and in com­pli­ance with the GDPR.

3. General information and mandatory information

Data protection

The oper­a­tors of this web­site and its pages take the pro­tec­tion of your per­son­al data very seri­ous­ly. Hence, we han­dle your per­son­al data as con­fi­den­tial infor­ma­tion and in com­pli­ance with the statu­to­ry data pro­tec­tion reg­u­la­tions and this Data Pro­tec­tion Declaration.

When­ev­er you use this web­site, a vari­ety of per­son­al infor­ma­tion will be col­lect­ed. Per­son­al data com­pris­es data that can be used to per­son­al­ly iden­ti­fy you. This Data Pro­tec­tion Dec­la­ra­tion explains which data we col­lect as well as the pur­pos­es we use this data for. It also explains how, and for which pur­pose the infor­ma­tion is collected.

We here­with advise you that the trans­mis­sion of data via the Inter­net (i.e., through e‑mail com­mu­ni­ca­tions) may be prone to secu­ri­ty gaps. It is not pos­si­ble to com­plete­ly pro­tect data against third-par­ty access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data pro­cess­ing con­troller on this web­site is:

Mag­ne­sia GmbH
Max-Jenne-Straße 2 — 4
21337 Lüneb­urg

Phone: +49 4131 8710–0
E‑mail: info@magnesia.de

The con­troller is the nat­ur­al per­son or legal enti­ty that sin­gle-hand­ed­ly or joint­ly with oth­ers makes deci­sions as to the pur­pos­es of and resources for the pro­cess­ing of per­son­al data (e.g., names, e‑mail address­es, etc.).

Storage duration

Unless a more spe­cif­ic stor­age peri­od has been spec­i­fied in this pri­va­cy pol­i­cy, your per­son­al data will remain with us until the pur­pose for which it was col­lect­ed no longer applies. If you assert a jus­ti­fied request for dele­tion or revoke your con­sent to data pro­cess­ing, your data will be delet­ed, unless we have oth­er legal­ly per­mis­si­ble rea­sons for stor­ing your per­son­al data (e.g., tax or com­mer­cial law reten­tion peri­ods); in the lat­ter case, the dele­tion will take place after these rea­sons cease to apply.

General information on the legal basis for the data processing on this website

If you have con­sent­ed to data pro­cess­ing, we process your per­son­al data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cat­e­gories of data are processed accord­ing to Art. 9 (1) DSGVO. In the case of explic­it con­sent to the trans­fer of per­son­al data to third coun­tries, the data pro­cess­ing is also based on Art. 49 (1)(a) GDPR. If you have con­sent­ed to the stor­age of cook­ies or to the access to infor­ma­tion in your end device (e.g., via device fin­ger­print­ing), the data pro­cess­ing is addi­tion­al­ly based on § 25 (1) TTDSG. The con­sent can be revoked at any time. If your data is required for the ful­fill­ment of a con­tract or for the imple­men­ta­tion of pre-con­trac­tu­al mea­sures, we process your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­more, if your data is required for the ful­fill­ment of a legal oblig­a­tion, we process it on the basis of Art. 6(1)© GDPR. Fur­ther­more, the data pro­cess­ing may be car­ried out on the basis of our legit­i­mate inter­est accord­ing to Art. 6(1)(f) GDPR. Infor­ma­tion on the rel­e­vant legal basis in each indi­vid­ual case is pro­vid­ed in the fol­low­ing para­graphs of this pri­va­cy policy.

Designation of a data protection officer

We have appoint­ed a data pro­tec­tion officer.

Bernard van den Berg
Mag­ne­sia GmbH
Max-Jenne-Straße 2–4
D‑21337 Lüneb­urg

Phone: 04131 8710–0
E‑mail: datenschutz@magnesia.de

Information on data transfer to the USA and other non-EU countries

Among oth­er things, we use tools of com­pa­nies domi­ciled in the Unit­ed States or oth­er from a data pro­tec­tion per­spec­tive non-secure non-EU coun­tries. If these tools are active, your per­son­al data may poten­tial­ly be trans­ferred to these non-EU coun­tries and may be processed there. We must point out that in these coun­tries, a data pro­tec­tion lev­el that is com­pa­ra­ble to that in the EU can­not be guar­an­teed. For instance, U.S. enter­pris­es are under a man­date to release per­son­al data to the secu­ri­ty agen­cies and you as the data sub­ject do not have any lit­i­ga­tion options to defend your­self in court. Hence, it can­not be ruled out that U.S. agen­cies (e.g., the Secret Ser­vice) may process, ana­lyze, and per­ma­nent­ly archive your per­son­al data for sur­veil­lance pur­pos­es. We have no con­trol over these pro­cess­ing activities.

Revocation of your consent to the processing of data

A wide range of data pro­cess­ing trans­ac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revoke at any time any con­sent you have already giv­en us. This shall be with­out prej­u­dice to the law­ful­ness of any data col­lec­tion that occurred pri­or to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of vio­la­tions of the GDPR, data sub­jects are enti­tled to log a com­plaint with a super­vi­so­ry agency, in par­tic­u­lar in the mem­ber state where they usu­al­ly main­tain their domi­cile, place of work or at the place where the alleged vio­la­tion occurred. The right to log a com­plaint is in effect regard­less of any oth­er admin­is­tra­tive or court pro­ceed­ings avail­able as legal recourses.

Right to data portability

You have the right to demand that we hand over any data we auto­mat­i­cal­ly process on the basis of your con­sent or in order to ful­fil a con­tract be hand­ed over to you or a third par­ty in a com­mon­ly used, machine read­able for­mat. If you should demand the direct trans­fer of the data to anoth­er con­troller, this will be done only if it is tech­ni­cal­ly feasible.

Information about, rectification and eradication of data

With­in the scope of the applic­a­ble statu­to­ry pro­vi­sions, you have the right to at any time demand infor­ma­tion about your archived per­son­al data, their source and recip­i­ents as well as the pur­pose of the pro­cess­ing of your data. You may also have a right to have your data rec­ti­fied or erad­i­cat­ed. If you have ques­tions about this sub­ject mat­ter or any oth­er ques­tions about per­son­al data, please do not hes­i­tate to con­tact us at any time.

Right to demand processing restrictions

You have the right to demand the impo­si­tion of restric­tions as far as the pro­cess­ing of your per­son­al data is con­cerned. To do so, you may con­tact us at any time. The right to demand restric­tion of pro­cess­ing applies in the fol­low­ing cases:

  • In the event that you should dis­pute the cor­rect­ness of your data archived by us, we will usu­al­ly need some time to ver­i­fy this claim. Dur­ing the time that this inves­ti­ga­tion is ongo­ing, you have the right to demand that we restrict the pro­cess­ing of your per­son­al data.
  • If the pro­cess­ing of your per­son­al data was/is con­duct­ed in an unlaw­ful man­ner, you have the option to demand the restric­tion of the pro­cess­ing of your data in lieu of demand­ing the erad­i­ca­tion of this data.
  • If we do not need your per­son­al data any longer and you need it to exer­cise, defend or claim legal enti­tle­ments, you have the right to demand the restric­tion of the pro­cess­ing of your per­son­al data instead of its eradication.
  • If you have raised an objec­tion pur­suant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each oth­er. As long as it has not been deter­mined whose inter­ests pre­vail, you have the right to demand a restric­tion of the pro­cess­ing of your per­son­al data.

If you have restrict­ed the pro­cess­ing of your per­son­al data, these data – with the excep­tion of their archiv­ing – may be processed only sub­ject to your con­sent or to claim, exer­cise or defend legal enti­tle­ments or to pro­tect the rights of oth­er nat­ur­al per­sons or legal enti­ties or for impor­tant pub­lic inter­est rea­sons cit­ed by the Euro­pean Union or a mem­ber state of the EU.

SSL and/or TLS encryption

For secu­ri­ty rea­sons and to pro­tect the trans­mis­sion of con­fi­den­tial con­tent, such as pur­chase orders or inquiries you sub­mit to us as the web­site oper­a­tor, this web­site uses either an SSL or a TLS encryp­tion pro­gram. You can rec­og­nize an encrypt­ed con­nec­tion by check­ing whether the address line of the brows­er switch­es from “http://” to “https://” and also by the appear­ance of the lock icon in the brows­er line.

If the SSL or TLS encryp­tion is acti­vat­ed, data you trans­mit to us can­not be read by third parties.

Rejection of unsolicited e‑mails

We here­with object to the use of con­tact infor­ma­tion pub­lished in con­junc­tion with the manda­to­ry infor­ma­tion to be pro­vid­ed in our Site Notice to send us pro­mo­tion­al and infor­ma­tion mate­r­i­al that we have not express­ly request­ed. The oper­a­tors of this web­site and its pages reserve the express right to take legal action in the event of the unso­licit­ed send­ing of pro­mo­tion­al infor­ma­tion, for instance via SPAM messages.

4. Recording of data on this website

Cookies

Our web­sites and pages use what the indus­try refers to as “cook­ies.” Cook­ies are small data pack­ages that do not cause any dam­age to your device. They are either stored tem­porar­i­ly for the dura­tion of a ses­sion (ses­sion cook­ies) or they are per­ma­nent­ly archived on your device (per­ma­nent cook­ies). Ses­sion cook­ies are auto­mat­i­cal­ly delet­ed once you ter­mi­nate your vis­it. Per­ma­nent cook­ies remain archived on your device until you active­ly delete them, or they are auto­mat­i­cal­ly erad­i­cat­ed by your web browser.

In some cas­es, it is pos­si­ble that third-par­ty cook­ies are stored on your device once you enter our site (third-par­ty cook­ies). These cook­ies enable you or us to take advan­tage of cer­tain ser­vices offered by the third par­ty (e.g., cook­ies for the pro­cess­ing of pay­ment services).

Cook­ies have a vari­ety of func­tions. Many cook­ies are tech­ni­cal­ly essen­tial since cer­tain web­site func­tions would not work in the absence of the cook­ies (e.g., the shop­ping cart func­tion or the dis­play of videos). The pur­pose of oth­er cook­ies may be the analy­sis of user pat­terns or the dis­play of pro­mo­tion­al messages.

Cook­ies, which are required for the per­for­mance of elec­tron­ic com­mu­ni­ca­tion trans­ac­tions, or for the pro­vi­sion of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or those that are nec­es­sary for the opti­miza­tion (required cook­ies) of the web­site (e.g., cook­ies that pro­vide mea­sur­able insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fer­ent legal basis is cit­ed. The oper­a­tor of the web­site has a legit­i­mate inter­est in the stor­age of required cook­ies to ensure the tech­ni­cal­ly error free and opti­mized pro­vi­sion of the operator’s ser­vices. If your con­sent to the stor­age of the cook­ies and sim­i­lar recog­ni­tion tech­nolo­gies has been request­ed, pro­cess­ing occurs exclu­sive­ly on the basis of the con­sent obtained (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this con­sent may be revoked at any time.

You have the option to set up your brows­er in such a man­ner that you will be noti­fied any time cook­ies are placed and to per­mit the accep­tance of cook­ies only in spe­cif­ic cas­es. You may also exclude the accep­tance of cook­ies in cer­tain cas­es or in gen­er­al or acti­vate the delete func­tion for the auto­mat­ic erad­i­ca­tion of cook­ies when the brows­er clos­es. If cook­ies are deac­ti­vat­ed, the func­tions of this web­site may be limited.

In the event that third-par­ty cook­ies are used or if cook­ies are used for ana­lyt­i­cal pur­pos­es, we will sep­a­rate­ly noti­fy you in con­junc­tion with this Data Pro­tec­tion Pol­i­cy and, if applic­a­ble, ask for your consent.

Consent with ConsentManager

Our web­site uses the Con­sent­Man­ag­er con­sent tech­nol­o­gy to obtain your con­sent to the stor­age of cer­tain cook­ies on your device or for the use of cer­tain tech­nolo­gies and data pro­tec­tion leg­is­la­tion com­pli­ant doc­u­men­ta­tion of the for­mer. The par­ty offer­ing this tech­nol­o­gy is Jao­hawi AB, Hål­tegelvä­gen 1b, 72348 Västerås, Swe­den, web­site: https://www.consentmanager.de (here­inafter referred to as “Con­sent­Man­ag­er”).

When­ev­er you vis­it our web­site, a con­nec­tion to ConsentManager’s servers will be estab­lished to obtain your con­sent and oth­er dec­la­ra­tions regard­ing the use of cookies.

More­over, Con­sent­Man­ag­er shall store a cook­ie in your brows­er to be able to allo­cate your declaration(s) of con­sent or any revo­ca­tions of the for­mer. The data that are record­ed in this man­ner shall be stored until you ask us to erad­i­cate them, delete the Con­sent­Man­ag­er cook­ie or until the pur­pose for archiv­ing the data no longer exists. This shall be with­out prej­u­dice to any manda­to­ry legal reten­tion periods.

Con­sent­Man­ag­er uses cook­ies to obtain the dec­la­ra­tions of con­sent man­dat­ed by law. The legal basis for the use of such cook­ies is Art. 6(1)© GDPR.

Data processing

We have con­clud­ed a data pro­cess­ing agree­ment (DPA) for the use of the above-men­tioned ser­vice. This is a con­tract man­dat­ed by data pri­va­cy laws that guar­an­tees that they process per­son­al data of our web­site vis­i­tors only based on our instruc­tions and in com­pli­ance with the GDPR.

Server log files

The provider of this web­site and its pages auto­mat­i­cal­ly col­lects and stores infor­ma­tion in so-called serv­er log files, which your brows­er com­mu­ni­cates to us auto­mat­i­cal­ly. The infor­ma­tion comprises:

  • The type and ver­sion of brows­er used
  • The used oper­at­ing system
  • Refer­rer URL
  • The host­name of the access­ing computer
  • The time of the serv­er inquiry
  • The IP address

This data is not merged with oth­er data sources.

This data is record­ed on the basis of Art. 6(1)(f) GDPR. The oper­a­tor of the web­site has a legit­i­mate inter­est in the tech­ni­cal­ly error free depic­tion and the opti­miza­tion of the operator’s web­site. In order to achieve this, serv­er log files must be recorded.

Contact form

If you sub­mit inquiries to us via our con­tact form, the infor­ma­tion pro­vid­ed in the con­tact form as well as any con­tact infor­ma­tion pro­vid­ed there­in will be stored by us in order to han­dle your inquiry and in the event that we have fur­ther ques­tions. We will not share this infor­ma­tion with­out your consent.

The pro­cess­ing of these data is based on Art. 6(1)(b) GDPR, if your request is relat­ed to the exe­cu­tion of a con­tract or if it is nec­es­sary to car­ry out pre-con­trac­tu­al mea­sures. In all oth­er cas­es the pro­cess­ing is based on our legit­i­mate inter­est in the effec­tive pro­cess­ing of the requests addressed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been request­ed; the con­sent can be revoked at any time.

The infor­ma­tion you have entered into the con­tact form shall remain with us until you ask us to erad­i­cate the data, revoke your con­sent to the archiv­ing of data or if the pur­pose for which the infor­ma­tion is being archived no longer exists (e.g., after we have con­clud­ed our response to your inquiry). This shall be with­out prej­u­dice to any manda­to­ry legal pro­vi­sions, in par­tic­u­lar reten­tion periods.

Request by e‑mail, telephone, or fax

If you con­tact us by e‑mail, tele­phone or fax, your request, includ­ing all result­ing per­son­al data (name, request) will be stored and processed by us for the pur­pose of pro­cess­ing your request. We do not pass these data on with­out your consent.

These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is relat­ed to the ful­fill­ment of a con­tract or is required for the per­for­mance of pre-con­trac­tu­al mea­sures. In all oth­er cas­es, the data are processed on the basis of our legit­i­mate inter­est in the effec­tive han­dling of inquiries sub­mit­ted to us (Art. 6(1)(f) GDPR) or on the basis of your con­sent (Art. 6(1)(a) GDPR) if it has been obtained; the con­sent can be revoked at any time.

The data sent by you to us via con­tact requests remain with us until you request us to delete, revoke your con­sent to the stor­age or the pur­pose for the data stor­age laps­es (e.g. after com­ple­tion of your request). Manda­to­ry statu­to­ry pro­vi­sions — in par­tic­u­lar statu­to­ry reten­tion peri­ods — remain unaffected.

5. Analysis tools and advertising

Google Analytics

This web­site uses func­tions of the web analy­sis ser­vice Google Ana­lyt­ics. The provider of this ser­vice is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

Google Ana­lyt­ics enables the web­site oper­a­tor to ana­lyze the behav­ior pat­terns of web­site vis­i­tors. To that end, the web­site oper­a­tor receives a vari­ety of user data, such as pages accessed, time spent on the page, the uti­lized oper­at­ing sys­tem and the user’s ori­gin. This data is assigned to the respec­tive end device of the user. An assign­ment to a user-ID does not take place.

Fur­ther­more, Google Ana­lyt­ics allows us to record your mouse and scroll move­ments and clicks, among oth­er things. Google Ana­lyt­ics uses var­i­ous mod­el­ing approach­es to aug­ment the col­lect­ed data sets and uses machine learn­ing tech­nolo­gies in data analysis.

Google Ana­lyt­ics uses tech­nolo­gies that make the recog­ni­tion of the user for the pur­pose of ana­lyz­ing the user behav­ior pat­terns (e.g., cook­ies or device fin­ger­print­ing). The web­site use infor­ma­tion record­ed by Google is, as a rule trans­ferred to a Google serv­er in the Unit­ed States, where it is stored.

The use of these ser­vices occurs on the basis of your con­sent pur­suant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your con­sent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Browser plug-in

You can pre­vent the record­ing and pro­cess­ing of your data by Google by down­load­ing and installing the brows­er plu­g­in avail­able under the fol­low­ing link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­tion about the han­dling of user data by Google Ana­lyt­ics, please con­sult Google’s Data Pri­va­cy Dec­la­ra­tion at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have exe­cut­ed a con­tract data pro­cess­ing agree­ment with Google and are imple­ment­ing the strin­gent pro­vi­sions of the Ger­man data pro­tec­tion agen­cies to the fullest when using Google Analytics.

Google Ads

The web­site oper­a­tor uses Google Ads. Google Ads is an online pro­mo­tion­al pro­gram of Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

Google Ads enables us to dis­play ads in the Google search engine or on third-par­ty web­sites, if the user enters cer­tain search terms into Google (key­word tar­get­ing). It is also pos­si­ble to place tar­get­ed ads based on the user data Google has in its pos­ses­sion (e.g., loca­tion data and inter­ests; tar­get group tar­get­ing). As the web­site oper­a­tor, we can ana­lyze these data quan­ti­ta­tive­ly, for instance by ana­lyz­ing which search terms result­ed in the dis­play of our ads and how many ads led to respec­tive clicks.

The use of these ser­vices occurs on the basis of your con­sent pur­suant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your con­sent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

Google Conversion-Tracking

This web­site uses Google Con­ver­sion Track­ing. The provider of this ser­vice is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

With the assis­tance of Google Con­ver­sion Track­ing, we are in a posi­tion to rec­og­nize whether the user has com­plet­ed cer­tain actions. For instance, we can ana­lyze the how fre­quent­ly which but­tons on our web­site have been clicked and which prod­ucts are reviewed or pur­chased with par­tic­u­lar fre­quen­cy. The pur­pose of this infor­ma­tion is to com­pile con­ver­sion sta­tis­tics. We learn how many users have clicked on our ads and which actions they have com­plet­ed. We do not receive any infor­ma­tion that would allow us to per­son­al­ly iden­ti­fy the users. Google as such uses cook­ies or com­pa­ra­ble recog­ni­tion tech­nolo­gies for iden­ti­fi­ca­tion purposes.

The use of these ser­vices occurs on the basis of your con­sent pur­suant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your con­sent at any time.

For more infor­ma­tion about Google Con­ver­sion Track­ing, please review Google’s data pro­tec­tion pol­i­cy at: https://policies.google.com/privacy?hl=en

Facebook Pixel

To mea­sure con­ver­sion rates, this web­site uses the vis­i­tor activ­i­ty pix­el of Face­book. The provider of this ser­vice is Meta Plat­forms Ire­land Lim­it­ed, 4 Grand Canal Square, Dublin 2, Ire­land. Accord­ing to Facebook’s state­ment the col­lect­ed data will be trans­ferred to the USA and oth­er third-par­ty coun­tries too.

This tool allows the track­ing of page vis­i­tors after they have been linked to the web­site of the provider after click­ing on a Face­book ad. This makes it pos­si­ble to ana­lyze the effec­tive­ness of Face­book ads for sta­tis­ti­cal and mar­ket research pur­pos­es and to opti­mize future adver­tis­ing campaigns.

For us as the oper­a­tors of this web­site, the col­lect­ed data is anony­mous. We are not in a posi­tion to arrive at any con­clu­sions as to the iden­ti­ty of users. How­ev­er, Face­book archives the infor­ma­tion and process­es it, so that it is pos­si­ble to make a con­nec­tion to the respec­tive user pro­file and Face­book is in a posi­tion to use the data for its own pro­mo­tion­al pur­pos­es in com­pli­ance with the Face­book Data Usage Pol­i­cy. This enables Face­book to dis­play ads on Face­book pages as well as in loca­tions out­side of Face­book. We as the oper­a­tor of this web­site have no con­trol over the use of such data.

The use of these ser­vices occurs on the basis of your con­sent pur­suant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your con­sent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381.

Inso­far as per­son­al data is col­lect­ed on our web­site with the help of the tool described here and for­ward­ed to Face­book, we and Meta Plat­forms Ire­land Lim­it­ed, 4 Grand Canal Square, Grand Canal Har­bour, Dublin 2, Ire­land are joint­ly respon­si­ble for this data pro­cess­ing (Art. 26 DSGVO). The joint respon­si­bil­i­ty is lim­it­ed exclu­sive­ly to the col­lec­tion of the data and its for­ward­ing to Face­book. The pro­cess­ing by Face­book that takes place after the onward trans­fer is not part of the joint respon­si­bil­i­ty. The oblig­a­tions incum­bent on us joint­ly have been set out in a joint pro­cess­ing agree­ment. The word­ing of the agree­ment can be found under: https://www.facebook.com/legal/controller_addendum. Accord­ing to this agree­ment, we are respon­si­ble for pro­vid­ing the pri­va­cy infor­ma­tion when using the Face­book tool and for the pri­va­cy-secure imple­men­ta­tion of the tool on our web­site. Face­book is respon­si­ble for the data secu­ri­ty of Face­book prod­ucts. You can assert data sub­ject rights (e.g., requests for infor­ma­tion) regard­ing data processed by Face­book direct­ly with Face­book. If you assert the data sub­ject rights with us, we are oblig­ed to for­ward them to Facebook.

In Facebook’s Data Pri­va­cy Poli­cies, you will find addi­tion­al infor­ma­tion about the pro­tec­tion of your pri­va­cy at: https://www.facebook.com/about/privacy/.

You also have the option to deac­ti­vate the remar­ket­ing func­tion “Cus­tom Audi­ences” in the ad set­tings sec­tion under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook.

If you do not have a Face­book account, you can deac­ti­vate any user-based adver­tis­ing by Face­book on the web­site of the Euro­pean Inter­ac­tive Dig­i­tal Adver­tis­ing Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

LinkedIn Insight Tag

This web­site uses the Insight tag from LinkedIn. This ser­vice is pro­vid­ed by LinkedIn Ire­land Unlim­it­ed Com­pa­ny, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight tag

We use the LinkedIn Insight tag to obtain infor­ma­tion about vis­i­tors to our web­site. Once a web­site vis­i­tor is reg­is­tered with LinkedIn, we can ana­lyze the key occu­pa­tion­al data (e.g., career lev­el, com­pa­ny size, coun­try, loca­tion, indus­try, job title) of our web­site vis­i­tors to help us bet­ter tar­get our site to the rel­e­vant audi­ence. We can also use LinkedIn Insight tags to mea­sure whether vis­i­tors to our web­sites make a pur­chase or per­form oth­er actions (con­ver­sion mea­sure­ment). Con­ver­sion mea­sure­ment can also be car­ried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also fea­tures a retar­get­ing func­tion that allows us to dis­play tar­get­ed adver­tis­ing to vis­i­tors to our web­site out­side of the web­site. Accord­ing to LinkedIn, no iden­ti­fi­ca­tion of the adver­tis­ing addressee takes place.

LinkedIn itself also col­lects log files (URL, refer­rer URL, IP address, device and brows­er char­ac­ter­is­tics and time of access). The IP address­es are short­ened or (if they are used to reach LinkedIn mem­bers across devices) hashed (pseu­do­nymized). The direct iden­ti­fiers of LinkedIn mem­bers are delet­ed by LinkedIn after sev­en days. The remain­ing pseu­do­nymized data will then be delet­ed with­in 180 days.

The data col­lect­ed by LinkedIn can­not be assigned by us as a web­site oper­a­tor to spe­cif­ic indi­vid­u­als. LinkedIn will store the per­son­al data col­lect­ed from web­site vis­i­tors on its servers in the USA and use it for its own pro­mo­tion­al activ­i­ties. For details, please see LinkedIn’s pri­va­cy pol­i­cy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Legal basis

If your approval (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (Ger­man Telecom­mu­ni­ca­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of Art. 6(1)(f) GDPR; the web­site oper­a­tor has a legit­i­mate inter­est in effec­tive adver­tis­ing pro­mo­tions that include the uti­liza­tion of social media.

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Objection to the use of LinkedIn Insight Tag

You can object to LinkedIn’s analy­sis of user behav­ior and tar­get­ed adver­tis­ing at the fol­low­ing link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

In addi­tion, LinkedIn mem­bers can con­trol the use of their per­son­al infor­ma­tion for pro­mo­tion­al pur­pos­es in the account set­tings. To pre­vent LinkedIn from link­ing infor­ma­tion col­lect­ed on our site to your LinkedIn account, you must log out of your LinkedIn account before you vis­it our site.

Data processing

We have con­clud­ed a data pro­cess­ing agree­ment (DPA) for the use of the above-men­tioned ser­vice. This is a con­tract man­dat­ed by data pri­va­cy laws that guar­an­tees that they process per­son­al data of our web­site vis­i­tors only based on our instruc­tions and in com­pli­ance with the GDPR.

6. Newsletter

Newsletter data

If you would like to receive the newslet­ter offered on the web­site, we require an e‑mail address from you as well as infor­ma­tion that allows us to ver­i­fy that you are the own­er of the e‑mail address pro­vid­ed and that you agree to receive the newslet­ter. Fur­ther data is not col­lect­ed or only on a vol­un­tary basis. For the han­dling of the newslet­ter, we use newslet­ter ser­vice providers, which are described below.

Mailchimp

This web­site uses the ser­vices of Mailchimp to send out its newslet­ters. The provider is the Rock­et Sci­ence Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

Among oth­er things, Mailchimp is a ser­vice that can be deployed to orga­nize and ana­lyze the send­ing of newslet­ters. When­ev­er you enter data for the pur­pose of sub­scrib­ing to a newslet­ter (e.g. your e‑mail address), the infor­ma­tion is stored on Mailchimp servers in the Unit­ed States.

With the assis­tance of the Mailchimp tool, we can ana­lyze the per­for­mance of our newslet­ter cam­paigns. If you open an e‑mail that has been sent through the Mailchimp tool, a file that has been inte­grat­ed into the e‑mail (a so-called web-bea­con) con­nects to Mailchimp’s servers in the Unit­ed States. As a result, it can be deter­mined whether a newslet­ter mes­sage has been opened and which links the recip­i­ent pos­si­bly clicked on. Tech­ni­cal infor­ma­tion is also record­ed at that time (e.g. the time of access, the IP address, type of brows­er and oper­at­ing sys­tem). This infor­ma­tion can­not be allo­cat­ed to the respec­tive newslet­ter recip­i­ent. Their sole pur­pose is the per­for­mance of sta­tis­ti­cal analy­ses of newslet­ter cam­paigns. The results of such analy­ses can be used to tai­lor future newslet­ters to the inter­ests of their recip­i­ents more effectively.

If you do not want to per­mit an analy­sis by Mailchimp, you must unsub­scribe from the newslet­ter. We pro­vide a link for you to do this in every newslet­ter message.

The data is processed based on your con­sent (Art. 6(1)(a) GDPR). You may revoke any con­sent you have giv­en at any time by unsub­scrib­ing from the newslet­ter. This shall be with­out prej­u­dice to the law­ful­ness of any data pro­cess­ing trans­ac­tions that have tak­en place pri­or to your revocation.

The data deposit­ed with us for the pur­pose of sub­scrib­ing to the newslet­ter will be stored by us until you unsub­scribe from the newslet­ter or the newslet­ter ser­vice provider and delet­ed from the newslet­ter dis­tri­b­u­tion list after you unsub­scribe from the newslet­ter. Data stored for oth­er pur­pos­es with us remain unaffected.

Data trans­mis­sion to the US is based on the Stan­dard Con­trac­tu­al Claus­es (SCC) of the Euro­pean Com­mis­sion. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.

After you unsub­scribe from the newslet­ter dis­tri­b­u­tion list, your e‑mail address may be stored by us or the newslet­ter ser­vice provider in a black­list, if such action is nec­es­sary to pre­vent future mail­ings. The data from the black­list is used only for this pur­pose and not merged with oth­er data. This serves both your inter­est and our inter­est in com­ply­ing with the legal require­ments when send­ing newslet­ters (legit­i­mate inter­est with­in the mean­ing of Art. 6(1)(f) GDPR). The stor­age in the black­list is indef­i­nite. You may object to the stor­age if your inter­ests out­weigh our legit­i­mate interest.

For more details, please con­sult the Data Pri­va­cy Poli­cies of Mailchimp at: https://mailchimp.com/legal/terms/.

Data processing

We have con­clud­ed a data pro­cess­ing agree­ment (DPA) for the use of the above-men­tioned ser­vice. This is a con­tract man­dat­ed by data pri­va­cy laws that guar­an­tees that they process per­son­al data of our web­site vis­i­tors only based on our instruc­tions and in com­pli­ance with the GDPR.

7. Plug-ins and Tools

YouTube with expanded data protection integration

Our web­site embeds videos of the web­site YouTube. The web­site oper­a­tor is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

We use YouTube in the expand­ed data pro­tec­tion mode. Accord­ing to YouTube, this mode ensures that YouTube does not store any infor­ma­tion about vis­i­tors to this web­site before they watch the video. Nev­er­the­less, this does not nec­es­sar­i­ly mean that the shar­ing of data with YouTube part­ners can be ruled out as a result of the expand­ed data pro­tec­tion mode. For instance, regard­less of whether you are watch­ing a video, YouTube will always estab­lish a con­nec­tion with the Google Dou­bleClick network.

As soon as you start to play a YouTube video on this web­site, a con­nec­tion to YouTube’s servers will be estab­lished. As a result, the YouTube serv­er will be noti­fied, which of our pages you have vis­it­ed. If you are logged into your YouTube account while you vis­it our site, you enable YouTube to direct­ly allo­cate your brows­ing pat­terns to your per­son­al pro­file. You have the option to pre­vent this by log­ging out of your YouTube account.

Fur­ther­more, after you have start­ed to play a video, YouTube will be able to place var­i­ous cook­ies on your device or com­pa­ra­ble tech­nolo­gies for recog­ni­tion (e.g. device fin­ger­print­ing). In this way YouTube will be able to obtain infor­ma­tion about this website’s vis­i­tors. Among oth­er things, this infor­ma­tion will be used to gen­er­ate video sta­tis­tics with the aim of improv­ing the user friend­li­ness of the site and to pre­vent attempts to com­mit fraud.

Under cer­tain cir­cum­stances, addi­tion­al data pro­cess­ing trans­ac­tions may be trig­gered after you have start­ed to play a YouTube video, which are beyond our control.

The use of YouTube is based on our inter­est in pre­sent­ing our online con­tent in an appeal­ing man­ner. Pur­suant to Art. 6(1)(f) GDPR, this is a legit­i­mate inter­est. If appro­pri­ate con­sent has been obtained, the pro­cess­ing is car­ried out exclu­sive­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

For more infor­ma­tion on how YouTube han­dles user data, please con­sult the YouTube Data Pri­va­cy Pol­i­cy under: https://policies.google.com/privacy?hl=en.

Google Fonts (local embedding)

This web­site uses so-called Google Fonts pro­vid­ed by Google to ensure the uni­form use of fonts on this site. These Google fonts are local­ly installed so that a con­nec­tion to Google’s servers will not be estab­lished in con­junc­tion with this application.

For more infor­ma­tion on Google Fonts, please fol­low this link: https://developers.google.com/fonts/faq and con­sult Google’s Data Pri­va­cy Dec­la­ra­tion under: https://policies.google.com/privacy?hl=en.

OpenStreetMap

We are using the map­ping ser­vice pro­vid­ed by Open­StreetMap (OSM).

We inte­grate Open­StreetMap on our own (tile) serv­er. When call­ing up the map mate­r­i­al, there is con­se­quent­ly no con­nec­tion to the servers of third parties.

We use Open­StreetMap with the objec­tive of ensur­ing the attrac­tive pre­sen­ta­tion of our online offers and to make it easy for vis­i­tors to find the loca­tions we spec­i­fy on our web­site. This estab­lish­es legit­i­mate grounds as defined in Art. 6(1)(f) GDPR. If appro­pri­ate con­sent has been obtained, the pro­cess­ing is car­ried out exclu­sive­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

Google reCAPTCHA

We use “Google reCAPTCHA” (here­inafter referred to as “reCAPTCHA”) on this web­site. The provider is Google Ire­land Lim­it­ed (“Google”), Gor­don House, Bar­row Street, Dublin 4, Ireland.

The pur­pose of reCAPTCHA is to deter­mine whether data entered on this web­site (e.g., infor­ma­tion entered into a con­tact form) is being pro­vid­ed by a human user or by an auto­mat­ed pro­gram. To deter­mine this, reCAPTCHA ana­lyzes the behav­ior of the web­site vis­i­tors based on a vari­ety of para­me­ters. This analy­sis is trig­gered auto­mat­i­cal­ly as soon as the web­site vis­i­tor enters the site. For this analy­sis, reCAPTCHA eval­u­ates a vari­ety of data (e.g., IP address, time the web­site vis­i­tor spent on the site or cur­sor move­ments ini­ti­at­ed by the user). The data tracked dur­ing such analy­ses are for­ward­ed to Google.

reCAPTCHA analy­ses run entire­ly in the back­ground. Web­site vis­i­tors are not alert­ed that an analy­sis is underway.

Data are stored and ana­lyzed on the basis of Art. 6(1)(f) GDPR. The web­site oper­a­tor has a legit­i­mate inter­est in the pro­tec­tion of the operator’s web­sites against abu­sive auto­mat­ed spy­ing and against SPAM. If appro­pri­ate con­sent has been obtained, the pro­cess­ing is car­ried out exclu­sive­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to infor­ma­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

For more infor­ma­tion about Google reCAPTCHA please refer to the Google Data Pri­va­cy Dec­la­ra­tion and Terms Of Use under the fol­low­ing links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

8. Custom Services

Handling applicant data

We offer web­site vis­i­tors the oppor­tu­ni­ty to sub­mit job appli­ca­tions to us (e.g., via e‑mail, via postal ser­vices on by sub­mit­ting the online job appli­ca­tion form). Below, we will brief you on the scope, pur­pose and use of the per­son­al data col­lect­ed from you in con­junc­tion with the appli­ca­tion process. We assure you that the col­lec­tion, pro­cess­ing, and use of your data will occur in com­pli­ance with the applic­a­ble data pri­va­cy rights and all oth­er statu­to­ry pro­vi­sions and that your data will always be treat­ed as strict­ly confidential.

Scope and purpose of the collection of data

If you sub­mit a job appli­ca­tion to us, we will process any affil­i­at­ed per­son­al data (e.g., con­tact and com­mu­ni­ca­tions data, appli­ca­tion doc­u­ments, notes tak­en dur­ing job inter­views, etc.), if they are required to make a deci­sion con­cern­ing the estab­lish­ment or an employ­ment rela­tion­ship. The legal grounds for the afore­men­tioned are § 26 BDSG accord­ing to Ger­man Law (Nego­ti­a­tion of an Employ­ment Rela­tion­ship), Art. 6(1)(b) GDPR (Gen­er­al Con­tract Nego­ti­a­tions) and – pro­vid­ed you have giv­en us your con­sent – Art. 6(1)(a) GDPR. You may revoke any con­sent giv­en at any time. With­in our com­pa­ny, your per­son­al data will only be shared with indi­vid­u­als who are involved in the pro­cess­ing of your job application.

If your job appli­ca­tion should result in your recruit­ment, the data you have sub­mit­ted will be archived on the grounds of § 26 BDSG and Art. 6(1)(b) GDPR for the pur­pose of imple­ment­ing the employ­ment rela­tion­ship in our data pro­cess­ing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or with­draw your appli­ca­tion, we reserve the right to retain the data you have sub­mit­ted on the basis of our legit­i­mate inter­ests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the appli­ca­tion pro­ce­dure (rejec­tion or with­draw­al of the appli­ca­tion). After­wards the data will be delet­ed, and the phys­i­cal appli­ca­tion doc­u­ments will be destroyed. The stor­age serves in par­tic­u­lar as evi­dence in the event of a legal dis­pute. If it is evi­dent that the data will be required after the expiry of the 6‑month peri­od (e.g., due to an impend­ing or pend­ing legal dis­pute), dele­tion will only take place when the pur­pose for fur­ther stor­age no longer applies.

Longer stor­age may also take place if you have giv­en your agree­ment (Arti­cle 6(1)(a) GDPR) or if statu­to­ry data reten­tion require­ments pre­clude the deletion.

Privacy policy for customers and suppliers of Magnesia GmbH

For rea­sons of read­abil­i­ty, the mas­cu­line form is used in per­son names, but the female form is always included.

1. Privacy policy

We, the Mag­ne­sia GmbH, attach par­tic­u­lar impor­tance to the obser­vance of data pro­tec­tion laws. The rel­e­vant data pro­tec­tion laws, in par­tic­u­lar the EU Gen­er­al Data Pro­tec­tion Reg­u­la­tion and the Fed­er­al Data Pro­tec­tion Act (new), are ful­ly com­plied with by us. The pro­cess­ing of per­son­al data takes place exclu­sive­ly on the basis of the rel­e­vant laws and takes place only for the pur­pos­es stat­ed under No. 4. The data will only be processed accord­ing to the spec­i­fi­ca­tions of this pri­va­cy policy.

2. Responsible body

The body respon­si­ble for data pro­cess­ing is:

Mag­ne­sia GmbH
Max-Jenne-Straße 2 — 4
21337 Lüneb­urg

Tele­phone: +49 4131 8710–0
E‑Mail: info@magnesia.de

Man­ag­ing Direc­tor: Markus Cord­ing, Johann Studt­mann 
IT Man­ag­er: André Suchan

3. Data Collection

We col­lect, store and process the fol­low­ing data cat­e­gories to ful­fill the con­trac­tu­al and legal regulations:

Cus­tomers:

  • Com­pa­ny data (name and address of the client)
  • Per­son­al data (name, address of the con­tact per­son at the client)
  • Con­tact details (tele­phone num­ber, e‑mail address of the con­tact person)
  • Bank data
  • Oth­er data (posi­tion of the con­tact person)

Ser­vice providers or suppliers:

  • Com­pa­ny data (name and address of the client)
  • Per­son­al data (name, address of the con­tact per­son at the client)
  • Con­tact details (tele­phone num­ber, e‑mail address of the con­tact person)
  • Bank data
  • Oth­er data (posi­tion of the con­tact person)

4. Purpose of the data processing

We process the data men­tioned in No. 3 exclusively

  1. to ful­fill the con­tract
    (Arti­cle 6 (1) (b) EU GDPR)
  2. to ful­fill legal, judi­cial or reg­u­la­to­ry require­ments / orders
    (Arti­cle 6 (1) © EU GDPR)
  3. for infor­ma­tion about our ser­vices and events
    (Arti­cle 6 (1) (f) EU GDPR) 
  4. to per­form anony­mous sta­tis­ti­cal eval­u­a­tion such. Eg sat­is­fac­tion ana­lyzes
    (Arti­cle 6 (1) (f) EU GDPR)

Regard­ing Point 3: Our legit­i­mate inter­est here is cus­tomer loy­al­ty and the gen­er­a­tion of new con­trac­tu­al relationships.

Regard­ing Point 4: The legit­i­mate inter­est lies in the opti­miza­tion of our offer.

Submission of data

The con­tact details of the clerks are trans­mit­ted to trans­port ser­vice providers or for­ward­ing agents, as well as the deliv­ery address, in order to ensure the prop­er ship­ment of goods or only to enable them.

6. Transfer of data to a third country

As part of our gen­er­al busi­ness oper­a­tions, we also source prod­ucts from third coun­tries. Per­son­al data of the employ­ees (name and con­tact details) are trans­mit­ted to our busi­ness part­ners. Legal basis is here our con­trac­tu­al rela­tion­ship gem. Art. 6 para. 1 sen­tence 1 lit. b DSGVO.

7. Deletion periods

The per­son­al data stored by us are delet­ed or made anony­mous after the dis­con­tin­u­a­tion of the pur­pos­es stat­ed in No. 4 or after expiry of any statu­to­ry reten­tion periods.

8. Rights of the data subject

You will receive free infor­ma­tion at any time (Art. 15 EU-DSGVO) about the per­son­al data we store about you as well as the ori­gin, the recip­i­ent and the pur­pose of the data pro­cess­ing. In addi­tion, you have the right to request the cor­rec­tion (Art. 16 EU-GDPR), the block­ing (Art. 18 EU-GDPR) or can­cel­la­tion (Art. 17 EU-GDPR) of your data. Exclud­ed from this is data that is stored due to legal reg­u­la­tions or required for the prop­er con­duct of busi­ness. You have the right to object to the pro­cess­ing of your data (Arti­cle 21 EU GDPR) and the right to data porta­bil­i­ty (Arti­cle 20 EU GDPR).

Right to object

Accord­ing to Art. 21 (1) GDPR, you have the right to object to the pro­cess­ing of your per­son­al data at any time, as far as this does not serve the ful­fill­ment of a con­tract, a legal oblig­a­tion or the pro­tec­tion of vital interests.

To safe­guard your rights (also from no. 7) you can turn to the fol­low­ing address in writ­ing or text form:

Mag­ne­sia GmbH
Max-Jenne-Straße 2 — 4
21337 Lüneb­urg

E‑Mail: info@magnesia.de

If you do not ful­ly under­stand your rights when deal­ing with your per­son­al data, you have the right to lodge a com­plaint with your reg­u­la­to­ry authority.

9. Data Protection Officer

We have appoint­ed a data pro­tec­tion offi­cer. This can be reached with all ques­tions con­cern­ing the pro­tec­tion of per­son­al data via the fol­low­ing con­tact data:

Bernard van den Berg
Mag­ne­sia GmbH
Max-Jenne-Straße 2–4
D‑21337 Lüneb­urg
E‑Mail: datenschutz@magnesia.de

10. Obligation to provide personal data

If you wish to enter into a con­trac­tu­al rela­tion­ship with us, you must pro­vide us with the per­son­al data that are nec­es­sary for the per­for­mance of the asso­ci­at­ed con­trac­tu­al oblig­a­tions or that are legal­ly required to be collected.

If the data is not pro­vid­ed, no con­tract can be concluded.

11. Automated decision-making

We do not use auto­mat­ed deci­sion-mak­ing to estab­lish or exe­cute cus­tomer or sup­pli­er relationships.

Privacy policy of Magnesia GmbH for applications

We are glad that you would like to apply to us. In the fol­low­ing, we explain how we process your per­son­al infor­ma­tion in an appli­ca­tion and pro­vide oth­er rel­e­vant infor­ma­tion in this context.

1. Who is responsible for the processing of your personal data?

Mag­ne­sia GmbH, Max-Jenne-Str. 2–4, 21337 Lüneb­urg (here­inafter referred to as “we”) is respon­si­ble with­in the mean­ing of the EU Gen­er­al Data Pro­tec­tion Reg­u­la­tion (“GDPR”).

2. Data Protection Officer

For all ques­tions relat­ed to the pro­cess­ing of your per­son­al data and the exer­cise of your rights under the GDPR, you can con­sult our data pro­tec­tion offi­cer, who can be reached as follows:

Bernard van den Berg
Mag­ne­sia GmbH
Max-Jenne-Straße 2–4
D‑21337 Lüneb­urg
E‑Mail: datenschutz@magnesia.de

3. For what purposes and on what legal basis do we process personal data?

We process per­son­al­ly iden­ti­fi­able infor­ma­tion about you for the pur­pose of your appli­ca­tion for employ­ment, to the extent nec­es­sary for the deci­sion to estab­lish employ­ment with us. The legal basis is § 26 para. 1 in con­junc­tion with para­graph 8 sen­tence 2 BDSG.

Fur­ther­more, we may process per­son­al data about you, as far as this is required to defend against assert­ed legal claims from the appli­ca­tion process against us. The legal basis is Arti­cle 6 (1) (f) GDPR, for exam­ple, the legit­i­mate inter­est is a bur­den of proof in pro­ceed­ings under the Gen­er­al Equal Treat­ment Act (AGG).

Inso­far as employ­ment aris­es between you and us, pur­suant to § 26 (1) BDSG we may fur­ther process the per­son­al data you have already received for employ­ment pur­pos­es if this is nec­es­sary for the per­for­mance or ter­mi­na­tion of the employ­ment rela­tion­ship or for per­for­mance or ful­fill­ment of required by a law or col­lec­tive agree­ment, an oper­at­ing or ser­vice agree­ment (col­lec­tive agree­ment) and duties of employ­ee representation.

4. Which categories of personal data do we process?

We process data relat­ed to your appli­ca­tion. This may include gen­er­al per­son­al infor­ma­tion (such as name, address and con­tact details), details of your qual­i­fi­ca­tions and edu­ca­tion, CV infor­ma­tion, or oth­er infor­ma­tion that you pro­vide to us in con­nec­tion with your appli­ca­tion. Inci­den­tal­ly, we can process your pub­licly avail­able job-relat­ed infor­ma­tion, such as a pro­file in pro­fes­sion­al social media networks

5. What sources of personal information come from if we do not collect them from you?

Unless we col­lect the data direct­ly from you and you have an active pro­file on online job boards or pro­fes­sion­al social net­works such as Step­Stone or Xing or dis­close an inac­tive or par­tial­ly active pro­file to us dur­ing the appli­ca­tion process, we may also pro­vide per­son­al infor­ma­tion about it rise.

6. Which categories of recipients data are there?

We may trans­fer your per­son­al data to com­pa­nies affil­i­at­ed with us, inso­far as this is pos­si­ble with­in the scope of the pro­vi­sions of point 3 (pur­pos­es and legal bases). Inci­den­tal­ly, per­son­al data are processed on our behalf on the basis of con­tracts pur­suant to Arti­cle 28 GDPR, in par­tic­u­lar by host providers or providers of appli­cant man­age­ment sys­tems. For fur­ther infor­ma­tion please con­tact our data pro­tec­tion officer.

7. Is the transfer to a third country intended?

A trans­fer to a third coun­try is not intended.

8. How long will your data be stored?

We store your per­son­al infor­ma­tion as long as this is nec­es­sary to decide on your appli­ca­tion. Inso­far as an employ­ment rela­tion­ship between you and us does not mate­ri­al­ize, we may also con­tin­ue to store data as far as nec­es­sary to defend against pos­si­ble legal claims. The appli­ca­tion doc­u­ments will be delet­ed two months after noti­fi­ca­tion of the rejec­tion deci­sion, unless a longer stor­age due to lit­i­ga­tion is required.

9. What rights do you have?

As an appli­cant with us you have depend­ing on the sit­u­a­tion in indi­vid­ual cas­es the fol­low­ing data pro­tec­tion rights. To exer­cise these rights, you can con­tact us or our data pro­tec­tion offi­cer at the above-men­tioned con­tact details.

a. Infor­ma­tion

You have the right to receive infor­ma­tion about your per­son­al data processed by us and to request access to your per­son­al data and / or copies of this data. This includes infor­ma­tion on the pur­pose of the use, the cat­e­go­ry of data used, their recip­i­ents and access rights.

b. Cor­rec­tion, era­sure or restric­tion of processing

You have the right to demand imme­di­ate cor­rec­tion of incor­rect per­son­al data con­cern­ing you. Tak­ing into account the pur­pos­es of pro­cess­ing, you have the right to request the com­ple­tion of incom­plete per­son­al data, includ­ing by means of a sup­ple­men­tary statement.

c. Con­tra­dic­tion

Inso­far as the pro­cess­ing of your per­son­al data takes place on the basis of Arti­cle 6 (1) (f) of the GDPR, you have the right, at any time, to object to the pro­cess­ing of such data for rea­sons aris­ing from your par­tic­u­lar sit­u­a­tion. We will then no longer process that per­son­al infor­ma­tion unless we can demon­strate com­pelling legit­i­mate grounds for pro­cess­ing that out­weigh your inter­ests, rights and free­doms, or the pro­cess­ing is for the pur­pos­es of assert­ing, exer­cis­ing or defend­ing legal claims.

d. Revo­ca­tion

e. Right to delete

You have the right to request that per­son­al data con­cern­ing you be delet­ed imme­di­ate­ly and we are oblig­ed to delete per­son­al data imme­di­ate­ly if one of the fol­low­ing rea­sons applies:

  • The per­son­al data are no longer nec­es­sary for the pur­pos­es for which they were col­lect­ed or oth­er­wise processed
  • They object to the pro­cess­ing in accor­dance with point 9.c above and there are no legit­i­mate rea­sons for the processing.
  • The per­son­al data were processed unlawfully.
  • The dele­tion of per­son­al data is required to ful­fill a legal oblig­a­tion under Union or nation­al law to which we are subject.

This does not apply if pro­cess­ing is required:

  • to ful­fill a legal oblig­a­tion which requires pro­cess­ing under the law of the Union or of the Mem­ber States to which we are subject.
  • to assert, exer­cise or defend legal claims.

f. Right to restric­tion of processing

You have the right to require us to restrict pro­cess­ing if any of the fol­low­ing con­di­tions apply:

  • the accu­ra­cy of your per­son­al infor­ma­tion is dis­put­ed by you, for a peri­od of time that enables us to ver­i­fy the accu­ra­cy of your per­son­al information,
  • the pro­cess­ing is unlaw­ful and you refuse the dele­tion of per­son­al data and instead demand the restric­tion of the use of per­son­al data;
  • we no longer need the per­son­al data for the pur­pos­es of pro­cess­ing, but you need it to assert, exer­cise or defend your rights, or
  • You have lodged an objec­tion against the pro­cess­ing in accor­dance with point 9.c above, as long as it is not cer­tain whether our legit­i­mate rea­sons out­weighed yours.

If pro­cess­ing has been restrict­ed in accor­dance with this sub­para­graph, these per­son­al data may only be used, with the excep­tion of their stor­age, to assert, exer­cise or defend legal claims or to pro­tect the rights of anoth­er nat­ur­al or legal per­son or for impor­tant pub­lic rea­sons Inter­est of the Union or of a Mem­ber State. If you have a lim­i­ta­tion on the pro­cess­ing, we will inform you before the restric­tion is lifted.

g. Right of appeal

With­out prej­u­dice to any oth­er admin­is­tra­tive or judi­cial rem­e­dy, you have the right to lodge a com­plaint with a super­vi­so­ry author­i­ty, in par­tic­u­lar in the Mem­ber State of your place of res­i­dence, employ­ment or the place of the alleged infringe­ment, if you believe that the pro­cess­ing of your per­son­al data is con­trary to the GDPR.

10. Need to provide personal information

The pro­vi­sion of per­son­al infor­ma­tion is nei­ther required by law nor by con­tract, nor are you required to pro­vide your per­son­al infor­ma­tion. How­ev­er, the pro­vi­sion of per­son­al infor­ma­tion is required to enter into a con­tract of employ­ment with us. This means that unless you pro­vide us with per­son­al data when apply­ing, we will not enter into any employ­ment rela­tion­ship with you.

11. Encryption

This site uses, for secu­ri­ty rea­sons and to pro­tect the trans­mis­sion of con­fi­den­tial con­tent, such as appli­ca­tions that you send to us as a site oper­a­tor, an SSL or. TLS encryp­tion. You can rec­og­nize an encrypt­ed con­nec­tion in the address line of the brows­er. It is switch­ing from “http: //” to “https: //” and there is a lock sym­bol in your brows­er line. If SSL or TLS encryp­tion is enabled, the data you sub­mit to us can­not be read by third parties.

Privacy policy for social media

When you vis­it our social media chan­nels, it is nec­es­sary to process per­son­al data from you. There­fore, we inform you in accor­dance with Art. 13 DSGVO about the data pro­cess­ing with­in the scope of our social media pages.

1. Responsible entity & social media channels

Mag­ne­sia GmbH
Max-Jenne-Str. 2–4
21337 Lüneb­urg

Tel. +49 4131 87100
Web­site: www.magnesia.de
E‑Mail-Adresse: info@magnesia.de

Man­age­ment: Markus Cord­ing, Johann Studt­mann
The fol­low­ing pages and pro­files are oper­at­ed on social media platforms:

  • Insta­gram
  • YouTube
  • LinkedIn

In the con­text of the ECJ rul­ing (C‑210/16 — Face­book Fan­pages) of 05.06.2018, it was ruled that in addi­tion to the oper­a­tor of the social media plat­form, the page or pro­file oper­a­tor is also respon­si­ble for data pro­cess­ing. There­fore, both we and the oper­a­tor of the social media chan­nel are joint­ly respon­si­ble for the data pro­cess­ing. With­in the scope of our pos­si­bil­i­ties to exert influ­ence, we work towards the data pro­tec­tion-com­pli­ant han­dling of your data with­in the frame­work of the social media plat­form. How­ev­er, we are often not in a posi­tion to influ­ence the data pro­cess­ing by the social media plat­form oper­a­tor. For more detailed infor­ma­tion, please refer to the respec­tive data pro­tec­tion notices of the social media plat­form oper­a­tors at the end.

2. Data processing by Magnesia GmbH

2.1 Processing within the framework of the social media site

The fan page you vis­it gives you the oppor­tu­ni­ty to respond to our posts, com­ment on them, cre­ate a user post your­self, and send us pri­vate mes­sages with per­son­al concerns.

The data you pro­vide in this con­text and which may be acces­si­ble to us (e.g. user name, images, inter­ests, con­tact data) will be used by us for the pur­pose of cus­tomer and prospect com­mu­ni­ca­tion based on an over­rid­ing legit­i­mate inter­est (Art. 6 para. 1 lit. f DSGVO). Our inter­est lies in pro­vid­ing you with a plat­form on which we can dis­play up-to-date infor­ma­tion and with the help of which you can address your request to us and we can com­ply with it as quick­ly as pos­si­ble. As far as we are able, your data will be delet­ed when the fan­page oper­a­tion is discontinued.

The data you pub­lish on the social media plat­form (for exam­ple, user­name, com­ments, videos and images) are pub­lished by the cor­re­spond­ing social media plat­form and are not processed by us for pur­pos­es oth­er than those list­ed here.

If you send us an inquiry via a social media plat­form, we may refer you to oth­er, secure com­mu­ni­ca­tion chan­nels. You can always reach us via the con­tact details list­ed in the imprint.

2.2 Processing of statistical “insight data”

Some social media plat­forms (for exam­ple Insta­gram) pre­pare sta­tis­tics, so-called “page insights” based on usage data, which are made avail­able to us.

Sta­tis­ti­cal data of dif­fer­ent cat­e­gories can be accessed by us via the so-called “page insights” (for exam­ple: total num­ber of page views, page activ­i­ties, etc.). These sta­tis­tics are gen­er­at­ed and cre­at­ed by the social media plat­form, so we have no influ­ence on them and can­not pre­vent them.

The social media plat­forms deter­mine, with ref­er­ence to the joint respon­si­bil­i­ty agree­ment, the pro­cess­ing and imple­men­ta­tion of the “Insight Data”. Our con­tri­bu­tion to the pur­pose-means deci­sion of the “Insight Data” is lim­it­ed to the use of the “Insight Data” to make posts and activ­i­ties on our social media site more attrac­tive and to adapt them accord­ing­ly for the users.

The sta­tis­tics pro­vid­ed are trans­mit­ted in anonymized form, so that we can­not iden­ti­fy any par­tic­u­lar user via the sta­tis­tics. The page sta­tis­tics are used by us exclu­sive­ly for the above-men­tioned pur­pos­es and no con­clu­sions can be drawn about indi­vid­ual persons.

The legal basis for the pro­cess­ing of the data is Art. 6 (1) lit. f DSGVO as part of the legit­i­mate inter­est to val­i­date the inter­ac­tions with our social media site and to tar­get con­tent to the inter­est­ed parties.

Details on the delim­i­ta­tion of respon­si­bil­i­ty can be found in the fol­low­ing agreement:

3. Storage duration

Your per­son­al data will be delet­ed if they are no longer nec­es­sary for the pro­cess­ing pur­pos­es or if no reten­tion peri­ods pre­vent the deletion.

4. Data processing by the operators of the social media platforms

The oper­a­tors of the social media plat­forms use web track­ing meth­ods. Web track­ing takes place regard­less of whether you are reg­is­tered on the platform.

It can there­fore not be ruled out that the oper­a­tors of the social media plat­forms use your pro­file and behav­ioral data to eval­u­ate them accord­ing­ly. We have no influ­ence on the pro­cess­ing of your data by the providers of the social media plat­forms, so that the use of the social media plat­form is your own responsibility.

More detailed infor­ma­tion on data pro­cess­ing by the providers of the social media plat­forms, con­fig­u­ra­tion options to pro­tect your pri­va­cy, as well as fur­ther objec­tion options and, if avail­able and con­clud­ed, the agree­ment accord­ing to Art. 26 DSGVO can be found in the pri­va­cy pol­i­cy of the provider:

5. Data subject rights

Requests for infor­ma­tion and the asser­tion of data sub­ject rights should be made direct­ly to the provider of the plat­form, which is the most effec­tive way. This is due to the fact that only the provider has the direct infor­ma­tion and the data­base from which the trans­mit­ted sta­tis­tics are cre­at­ed. Should our sup­port be required, you can con­tact us at any time.

You have the right to request con­fir­ma­tion as to whether per­son­al data relat­ing to you is being processed by us. If this is the case, we will glad­ly pro­vide you with infor­ma­tion about this per­son­al data and the infor­ma­tion list­ed in Art. 15 DSGVO. In addi­tion, you have the right to rec­ti­fi­ca­tion (Art. 16 GDPR), the right to restric­tion of pro­cess­ing (Art. 18 GDPR), the right to era­sure (Art. 17 GDPR) and the right to data porta­bil­i­ty (Art. 20 GDPR) under the respec­tive legal conditions.

Right of objection

Pur­suant to Art. 21 (1) DSGVO, you have the right to object to the pro­cess­ing of your per­son­al data at any time, unless it serves the ful­fill­ment of a con­tract, a legal oblig­a­tion or the pro­tec­tion of vital interests.

With­out prej­u­dice to these rights and the pos­si­bil­i­ty of seek­ing any oth­er admin­is­tra­tive or judi­cial rem­e­dy, you may at any time exer­cise your right to lodge a com­plaint with a super­vi­so­ry author­i­ty, in par­tic­u­lar in the Mem­ber State of your res­i­dence, place of work or the place of the alleged infringe­ment, if you con­sid­er that the pro­cess­ing of per­son­al data relat­ing to you infringes data pro­tec­tion law (Arti­cle 77 GDPR).

Data Protection Officer

We have appoint­ed a data pro­tec­tion offi­cer. He can be con­tact­ed for all ques­tions regard­ing the pro­tec­tion of per­son­al data via the fol­low­ing con­tact details:

Bernard van den Berg
Mag­ne­sia GmbH
Max-Jenne-Straße 2–4
21337 Lüneb­urg
E‑Mail: datenschutz@magnesia.de