Data protection at DEMMEL AG
The protection of your privacy when processing personal data and the security of all business data is an important concern for us, which we take into account in our business processes. We observe the rules of data protection laws and take the protection of your personal data very seriously. Personal data is therefore only collected and processed by us to the extent that is technically necessary, for example for contract processing.
However, the Demmel AG Internet pages may also contain links to pages of other providers to which this data protection declaration expressly does not extend.
Here you will find the DATA PROTECTION INFORMATION ACCORDING TO ARTICLE 13 & 14 for further reading.
You can exercise the following rights at any time using the contact details provided for our data protection officer:
If you have given us your consent, you can revoke it at any time with effect for the future.
You can contact the supervisory authority responsible for you at any time with a complaint. Your competent supervisory authority depends on the federal state of your place of residence, your work or the alleged infringement. A list of supervisory authorities (for the non-public sector) with addresses can be found at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
We only process your personal data for the purposes stated in this privacy policy. Your personal data will not be transferred to third parties for purposes other than those stated. We only pass on your personal data to third parties if:
the processing is necessary to safeguard legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data.
If you contact us with questions of any kind by e-mail or contact form, you give us your voluntary consent for the purpose of contacting you. This requires you to provide your company, first and last name and a valid e-mail address. This is used to assign the request and subsequently answer it. The provision of further data is optional. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. Personal data will be automatically deleted after your inquiry has been dealt with.
We always endeavour to take all technical and organizational measures to store your personal data in such a way that it is not accessible to third parties. We cannot guarantee complete data security when communicating by e-mail, so we expressly recommend that you send confidential information by post.
We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for by the various storage periods stipulated by law. Once the respective purpose no longer applies or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.
When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person.
This information is technically necessary in order to correctly deliver the website content you have requested and is mandatory when using the Internet. It is processed for the following purposes in particular:
The processing of your personal data is based on our legitimate interest in the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. Recipients of the data are only the controller and, if applicable, processors.
Anonymous information of this kind may be statistically evaluated by us in order to optimize our website and the technology behind it.
The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means, for example by email or via a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller stand in the way of deletion. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).
To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
We use Google Analytics 4 on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google"). In this context, pseudonymous user profiles are created and cookies are used.
The information generated by the cookie about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information on the browser and operating system used) is usually transmitted to Google servers in the USA and processed there.
The use of Google Analytics is based on your consent in accordance with (Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG) in the analysis and optimization of our online offer and the economic operation of this website. Google therefore processes the information on our behalf to evaluate the use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website.
We have concluded a data processing agreement with Google for the use of Google Analytics. Through this contract, Google ensures that it processes the data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subject.
The IP address processed by Google Analytics is automatically truncated. The last three digits of your IP address are replaced by a "0", which prevents them from being assigned.
The data collected may be transferred to third parties if this is required by law or if third parties process the data on our behalf. The user data collected via cookies is automatically deleted after 14 months.
The information generated by the cookies about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information about the browser and operating system used) is transferred to Google servers in the USA and processed there. Google relies on the Transatlantic Data Privacy Framework of 10.07.2023 (TADPF) for the transfer of data to recipients based in the USA and, in the case of data transfer to other third countries, on standard contractual clauses approved by the EU Commission as a guarantee of a level of data protection comparable to that in the EU. You can download a copy of the standard contractual clauses here [https://policies.google.com/privacy/frameworks?hl=de] receive. We only transmit data to Google on the basis of your consent.
You can revoke or adjust your consent at any time with effect for the future. Further information on data protection in connection with Google Analytics can be found in the Google Analytics help section, for example (https://support.google.com/analytics/answer/6004245). Information on the use of data by Google can be found in their privacy policy (https://policies.google.com/privacy?hl=de).
This website uses Google Maps API to display geographical information visually. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google privacy policy. You can also change your personal data protection settings there in the data protection center.
You can find detailed instructions on how to manage your own data in connection with Google products here.
We use Google Fonts from Google Inc (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.
You do not need to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at exactly how the data is stored.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory of more than 800 fonts provided by Google LLC for free use.vMany of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses. This means we can use them freely without paying license fees.
Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage, especially for use on mobile devices. When you visit our site, the low file size ensures a fast loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can sometimes visually distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod).
We therefore use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible. According to Art. 6 para. 1 f lit. F GDPR, this already constitutes a "legitimate interest" in the processing of personal data. In this case, "legitimate interest" means both legal and economic or non-material interests that are recognized by the legal system.
What data is stored by Google?
When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google server. In this way, Google also recognizes that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the collection, storage and use of end user data to what is necessary for the efficient provision of fonts. Incidentally, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.
Google Fonts stores CSS and font requests securely at Google and is therefore protected. The collected usage figures allow Google to determine the popularity of the fonts. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the BigQuery database of Google Fonts. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data.
However, it should be noted that every Google Font request also automatically transmits information such as IP address, language settings, browser screen resolution, browser version and browser name to the Google servers. It is not clear whether this data is also stored or whether it is clearly communicated by Google.
How long and where is the data stored?
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.
The font files are stored by Google for one year. Google's aim is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.
How can I delete my data or prevent data storage?
The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=231557990173 contact us. In this case, you can only prevent data storage if you do not visit our website.
Unlike other web fonts, Google allows us unrestricted access to all fonts. This means we have unlimited access to a sea of fonts and can therefore get the most out of our website. You can find out more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=231557990173. Although Google addresses data protection issues there, it does not provide any really detailed information about data storage. It is relatively difficult (almost impossible) to obtain really precise information from Google about stored data.
You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/ read more.
We use "Google reCAPTCHA" (hereinafter "re CAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated program. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and used there. However, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. The deviating data protection provisions of Google apply to this data. Further information on Google's data protection guidelines can be found at: www.google.com/intl/de/policies/privacy/ Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM For more information about Google reCAPTCHA and Google's privacy policy, please see the following links: www.google.com/intl/de/policies/privacy/ and www.google.com/recaptcha/intro/android.html . For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield www.privacyshield.gov
We use Ajax and jQuery technologies on this site, which optimizes loading speeds. In this regard, program libraries are called up from Google servers. The CDN (content delivery network) from Google is used. If you have previously used jQuery on another page from the Google CDN, your browser will fall back on the copy stored in the cache. If this is not the case, this will require a download, whereby data from your browser will be sent to Google! Your data will be transferred to the USA. You can find out more on the provider's website.
A web service of the company Google LLC, 1600 Amphitheatre Parkway in 94043 Mountain View, USA (hereinafter referred to as gstatic) is loaded on our website in order to ensure the full functionality of our Internet presence. In this context, your browser may transmit personal data to gstatic. The legal basis for data processing is the legitimate interest in providing an error-free function of the website in accordance with Art. 6 para. 1 lit. f GDPR. gstatic has certified itself under the EU-US Privacy Shield Agreement (vgl. https://www.privacyshield.gov/list).The data will be deleted as soon as the purpose for which it was collected has been fulfilled. Further information on the handling of the transferred data can be found in gstatic's privacy policy: https://www.google.com/intl/de/policies/privacy/. You can prevent the collection and processing of your data by gstatic by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find this, for example, at www.noscript.net or www.ghostery.com).
For Microsoft 365 Teams we have created a separate Data protection notice.
We reserve the right to amend this privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your return visit.
If you have any questions about data protection, please send us an email or contact the person responsible for data protection in our organization directly:
Jürgen C. Beer
datenschutz@demmel.de
Status: 16.09.2022