Göpfert Maschinen GmbH Data Privacy Statement
We are pleased about your visit on the website of our company. Protection of information and in particular data protection is of great importance for the management. In principle, you can use this website without providing any personal data. Should you disclose data to us in connection with the processing described below, we will treat your personal data confidentially and in accordance with the statutory data protection regulations of the European Union and the Federal Republic of Germany, as well as this data protection declaration.
Göpfert Maschinen GmbH, as the data controller, has implemented numerous technical and organisational measures to ensure the most complete possible protection of the personal data processed via this website. Nevertheless, Internet-based data transmissions can in principle have security gaps, so that absolute protection cannot be guaranteed. For this reason, you as the person concerned are free to transmit personal data to us by alternative means, such as telephone or post.
A. personal data
This is all information available to us as a responsible person to identify you as a natural person. (e.g. name, address, e-mail, telephone number, IP address)
B. person affected
That's you as a natural person, if we've identified you.
A processing is every capture, storage, further processing, forwarding, archiving and deletion of data. Here it is irrelevant whether the process is carried out automatically with the help of IT systems or manually (e.g. by letter).
D. restriction of processing
Limitation of processing is the marking of stored personal data with the aim of limiting or preventing their future processing.
Profiling is any type of automated processing of your data that consists of using this data to evaluate certain personal aspects that relate to you. In particular, to analyse or predict aspects relating to your work performance, economic situation, health, personal preferences, interests, behaviour, location or change of location.
This is a process to provide your personal data with an identifier. Furthermore, only this identifier will be used and without the source key or a "reference database" this pseudonym can no longer be resolved. (e.g. allocation of a customer number)
The controller or responsible for the processing is Göpfert Maschinen GmbH, with whom you have a contractual relationship. The decisive factor is that Göpfert Maschinen GmbH can decide independently on the processing methods and means.
An processor is a company name that has been commissioned by Göpfert Maschinen GmbH to assist it in the collection, processing, storage, forwarding or deletion of your data. Usually these are IT service providers and software suppliers, but also disposal companies, which are e.g. commissioned with the destruction of files.
A agreement is each of you, for the certain individual case given expressions of intent. You will be fully informed of what you agree to.
Responsible in the sense of the general data protection regulation and other regulations with data protection-juridical character, for this web page is the one:
Göpfert Maschinen GmbH
Am Zollwasen 6
Karl F. Göpfert,
Telefon: +49 (0) 9383 / 205-0
IV. data protection officer
A data protection officer has been appointed for Göpfert Maschinen GmbH. He is at your disposal at any time for questions in connection with data processing.
EIKONA Systems GmbH
Am Alten Bahnhof 8
Telefon: +49 (0) 9381 / 71 77 8 – 59
V. Rights of the data subject
In accordance with Chapter 3 of the GDPR, you as the party concerned have the rights listed below. In order to fulfil our obligations in connection with your rights in accordance with the law, please address the relevant enquiries and applications to our data protection officer.
A. Art. 15 Right of access by the data subject
You have an unlimited right to demand information about the personal data processed by you. This information must be provided to you free of charge. You may request information about the following information, copies of which must also be sent to you:
– the purpose of processing their data,
– the categories of the data,
– the internal and external recipients of your data,
– the duration of the data storage,
– their rights under Chapter 3, in connection with data processing,
– the origin of the data, if they have not been collected from you,
– whether a profile was created,
– whether your data has been transferred to a third country (non-EU and non-EEA),
– which data protection authority is responsible for our respective company,
B. Art. 16 Right to rectification
If we should process wrong data from you, you can have these corrected at any time with your contact person.
C. Art. 17 Right to erasure
You have the right to demand the deletion of your personal data at any time. We may be required by law to retain your data for a certain period of time (e.g. 6 years for business mail or 10 years for tax related documents), in which case we will block your record until the retention period expires and then delete the record accordingly. Please address your request for deletion to the data protection officer, who will exercise your rights in our company on your behalf.
D. Art. 18 Right to restriction of processing
If you dispute the accuracy of our personal data, or if you refuse the deletion of your data and instead demand the restriction (e.g. in the case of advertising letters) then you can demand the restriction of processing from us. We will then set your data to "Blocked".
E. Art. 19 Notification obligation regarding rectification or erasure of personal data or restriction of processing
We are obliged to inform all recipients of your data of any correction, deletion or restriction commissioned by you, insofar as this is possible and can be implemented with a reasonable effort. We will inform you about the recipients of your data if you request this.
F. Art. 20 Right to data portability
You have the right at any time to ask our company to transfer your data to another responsible person. This applies to all master data that we keep about you. If this is technically possible, we will make the data record available in a common machine-readable format (e.g. .csv/xml).
G. Art. 21 Right to object
If data processing is based on Art. 6 Para. I lit. a (consent) or Art. 6 Para. I lit. f (so-called legitimate interest), you may object to the processing in this context.
H. Art. 77 Right to lodge a compliant with a supervisory authority
You have the right at any time to complain to the data protection supervisory authority responsible for our company if you are of the opinion that we are in any way violating the provisions of the GDPR. The following authority is responsible for Göpfert Maschinen GmbH:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
You can access the website of the data protection supervisory authority via the following link: https://www.lda.bayern.de/de/index.html
In this section we will describe the data processing operations that are connected with our Internet offer or that apply to a general business relationship between you and Göpfert Maschinen GmbH.
The following legal bases serve us for the processing of your data.
Art. 6 I lit. a GDPR serves our company as a legal basis for processing operations in which we obtain your consent for a specific processing purpose.
If the processing of your data is necessary for the fulfilment of a contract to which you are a party, as is the case, for example, with an offer - order - order, or which is necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 I lit. b GDPR The same applies to such processing operations which are necessary for the implementation of pre-contractual measures, for example in cases of inquiries regarding our products or services.
If our company is subject to a legal obligation which makes the processing of personal data necessary, such as, for example, the fulfilment of tax reporting and verification obligations, the processing is based on Art. 6 I lit. c GDPR.
In rare cases, the processing of personal data may become necessary in order to protect the vital interests of the person concerned or another natural person. This would be the case, for example, if a visitor to our business were injured and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d GDPR.
Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and fundamental freedoms of you do not prevail. Such processing operations are permitted to us in particular because they have been specifically mentioned by the European legislator. In most cases, processing within the framework of company presentations (Internet, press, etc.) is justified on the basis of Art. 6 I lit. f.
We operate this website and collect various data in this context.
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal until you delete them. These cookies enable us to recognize your browser during your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, accept cookies for certain cases or generally exclude them and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Cookies which are required for the electronic presentation or for the provision of certain functions requested by you (e.g. image displays) are stored on the basis of Art. 6 para. 1 lit. f GDPR. We, as website operators, have a justified interest in the storage of cookies for the technically error-free and optimised provision of our services. As far as other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, these are treated separately in this data protection declaration.
Göpfert Maschinen GmbH or our website provider collects data about accesses to our website and stores these as "server log files". The following data is logged in this way:
– Visited Website
– Time at the time of access
– Amount of data sent in bytes
– Source/reference from which you came to the page
– Browser used
– Operating system used
– IP address used (anonymized)
The data collected is used only for statistical purposes and to improve the website. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.
3. Browser Plugin
B. Contact / Inquiries / Newsletter
In the following, we describe the possibilities of establishing contact with the employees of our company.
1. email / phone
If you send us enquiries by e-mail / telephone, your details from the e-mail or the conversation, including the contact data provided by you there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of the data entered in the reply e-mail is therefore based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. In further correspondence, there may be a change of legality (e.g. if it is a business correspondence), then your data will be processed according to Art. 6 para. 1 lit b GDPR (as a pre-contractual measure).
The data entered by you in the e-mail will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected by this.
Göpfert Maschinen GmbH gives its customers the opportunity to subscribe to the newsletter of our company. The following personal data will be processed for this purpose: title, surname, first name and e-mail address.
Göpfert Maschinen GmbH informs its customers and business partners at regular intervals by means of a newsletter about offers of the company. The newsletter of our company can only be received by you if (1) you have a valid e-mail address and (2) you have registered for or agreed to receive the newsletter. For legal reasons, a confirmation e-mail in the double opt-in procedure will be sent to the e-mail address you entered for the first time for the newsletter dispatch. This confirmation e-mail is used to check whether the owner of the e-mail address as the person concerned has authorised receipt of the newsletter.
When you register for the newsletter, we also store the IP address assigned by the Internet Service Provider (ISP) to the computer system you are using at the time of registration as well as the date and time of registration. The collection of this data is necessary in order to be able to track the (possible) misuse of the e-mail address of a person concerned at a later point in time and therefore serves the legal protection of our company.
The personal data collected in the course of registering for the newsletter will be used exclusively for sending our newsletter. The personal data collected as part of the newsletter service will not be passed on to third parties. You can cancel your subscription to our newsletter at any time. The consent to the storage of your personal data, which you have given us for the newsletter dispatch, can be revoked at any time. For the purpose of revoking your consent, you will find a corresponding link in every newsletter.
C. Data processing for the fulfilment of contracts
If you have entered into a business relationship with our company, e.g. you have placed an order with us, data processing will be carried out on the basis of Art. 6 Para. 1 lit. b GDPR. All data necessary to initiate, fulfil or complete this order, such as contact data, object data, service providers involved, photo documentation, plans, orders for goods, etc., may be collected and processed by us without separate consent.
Should it be necessary to call in a subcontractor (e.g. forwarding agent for the delivery of materials or special trades) to fulfil the contract with you, we may also pass on your data to this subcontractor. We guarantee that we have committed our subcontractors to the same strict data protection requirements that you can expect from us.
In individual cases it may happen that we receive information about the credit reform in order to initiate an order. Should any consequences for the order arise from the data obtained in this way, we will clarify this separately with you.
The data in connection with orders are subject to different retention periods. For example, tax documents must be proven for 10 years. Göpfert's design and construction data may also be subject to a 30-year retention period, as the average service life of a Göpfert is 30 years and we are happy to offer you the service of not starting from scratch when you place a new order. We will only pass on your data within our company to the extent necessary, if this is justified by the subject of the order.
D. Data processing in connection with maintenance and remote access to your Göpfert
Within the scope of existing maintenance and support contracts (according to Art. 6 para. 1 lit b GDPR) for your Göpfert, it can happen that our technicians carry out remote maintenance access to your machine, this must usually be enabled by one of your employees. Depending on your usage behaviour of Göpfert, it may happen that our technicians get to know personal data of their employees and customers. We do not process this data in any way or pass it on to internal or external third parties. For remote maintenance access, we exclusively use so-called remote access tools, which establish an encrypted transmission channel (e.g. VPN) between your Göpfert and our servers. In this way, your data is protected from unauthorized access. Without exception, our employees are obliged to maintain confidentiality in accordance with the GDPR and the Trade Secrets Act. Should a data transfer or download of error logs be necessary, this will only be carried out by your employee after express approval (at least in text form).
E. dealing with application documents
The legal basis for processing your personal data for application purposes is §26 of the Data Protection Adaptation and Implementation Act (DSAnpUG-EU) or BDSG-neu.
Data will only be collected and processed to the extent required by law. Insofar as further data may not be required directly for the establishment of the employment relationship, the processing is based on a legitimate interest of the company pursuant to Art. 6 Para. 1 lit. f GDPR.
A legitimate interest may arise, for example, from internal organisational and administrative purposes, for the protection of the company's facilities, installations and assets as well as data processing installations and data. Processing of your data is permitted here unless the protection of your interests, fundamental rights and fundamental freedoms prevails.
In individual cases, we may also obtain your consent to the processing or transmission of your data. Your consent in these cases is voluntary and may be revoked by you at any time in the future, unless otherwise agreed.
A transmission of the application documents takes place within the company. In the application process, the respective specialist department is involved. The specialist departments are instructed to treat application documents as strictly confidential. The documents will not be forwarded to a third country.
Göpfert Maschinen GmbH in the Federal Republic of Germany is responsible for the collection, processing and use of your personal data.
Your personal data will only be stored as long as knowledge of the data is necessary for the above-mentioned purposes or as long as legal or contractual storage regulations exist. As a rule, the application documents are deleted 6 months after completion of the application procedure.
It is possible to store your data for a longer period if you send us your consent with the following wording:
I consent to my application documents being included in the applicant pool for 12 months on the basis of the points from the heading "Dealing with application documents in accordance with Art. 13 GDPR" of the data protection declaration of your website. During this period Göpfert Maschinen GmbH can contact me about new job offers.
F. lottery participations
Within the framework of job fairs in which our company participates, it happens that we conduct lotteries with our partner REKA Wellpappenwerke GmbH from Kitzingen. The data collected here will be used by us, Göpfert Maschinen GmbH, as well as REKA Wellpappenwerke GmbH.
The disclosure of your data within the scope of this competition is absolutely voluntary and therefore the processing is carried out on the basis of Art. 6 Para. I lit. a GDPR.
We use your data (name, first name, address) exclusively for the following purposes. 1. notification of the winners and transmission of the prize.
2. we use the data of all lottery participants to invite them to an open day at our premises. We will write to you separately by post.
This data will be deleted by us after the selection of trainees for the current selection year has been carried out.
VII. Data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
VIII. Timeliness and amendment of this data protection declaration