1. information on personal data
(1) Personal data is individual information that relates to a person or that is suitable for establishing a connection to a person, such as a name, postal address, telephone number, e-mail address, bank details, etc. Personal data can therefore be used to infer the identity of a person under certain circumstances.
(2) The service provider pursuant to Section 13 of the German Telemedia Act (TMG) and the controller pursuant to the German Federal Data Protection Act (BDSG) and the General Data Protection Regulation (GDPR) is: L. Possehl & Co. mit beschränkter Haftung, Beckergrube 38-52, 23552 Lübeck, Germany
2. rights of data subjects
You have the following rights in connection with our processing of your data:
(1) Right to information pursuant to Art. 15 GDPR on the processing of your personal data by us regarding the purpose of processing, categories of processed data, recipients or categories of recipients, duration of storage or criteria for determining the duration, right to rectification, erasure, restriction of processing or objection to processing, right to lodge a complaint with the supervisory authority, information on the origin of the data and the existence of automated decision-making and, if applicable, information on guarantees pursuant to Art. 46 GDPR in the event of transfer to a third country or international organizations;
(2) Right to immediate correction of incorrect or completion of incomplete personal data in accordance with Art. 16 GDPR;
(3) Right to erasure of the stored personal data in accordance with Art. 17 GDPR if the data is no longer necessary for the purposes for which it was collected or otherwise processed, if consent has been withdrawn and there is no other legal basis, if an objection to the processing has been lodged and the data may no longer be processed in accordance with Art. 21 para. 1 or 2 GDPR, if the data has been processed unlawfully, if the deletion is necessary to fulfill a legal obligation or if the data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR. This does not apply if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
(4) Right to restriction of processing pursuant to Art. 18 GDPR if you contest the accuracy of the data (for the period necessary to verify the accuracy), if the processing is unlawful but you oppose the erasure and request the restriction of its use instead, if we no longer need the data for the purposes of the processing, but you require the data for the establishment, exercise or defense of legal claims, or if you have objected to processing pursuant to Art. 21 para. 1 GDPR, as long as it is not yet clear whether our legitimate reasons outweigh your legitimate reasons;
(5) Right to object to the processing of your personal data pursuant to Art. 21 para. 2 GDPR (if the data is processed for the purpose of direct marketing) or pursuant to Art. 21 para. 1 GDPR (if the processing is carried out pursuant to Art. 6 para. 1 sentence 1 e) or f) GDPR, for reasons arising from your particular situation, unless we have compelling legitimate grounds for the processing that outweigh your interests, or the processing serves to assert, exercise or defend legal claims). For more information on the right to object, please also refer to section 20 below;
(6) Right to data portability pursuant to Art. 20 GDPR, i.e. the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to transmit those data to another controller;
(7) Right to withdraw consent given at any time in accordance with Art. 7 (3) GDPR. The revocation has the consequence that we may no longer carry out data processing for the future from the time of revocation. See also section 21. below;
(8) Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. The supervisory authority responsible for us can be found in section 4. The right to lodge a complaint applies without prejudice to other administrative or judicial remedies.
(9) Please send all requests for information, requests for information or objections to data processing by e-mail to datenschutz@possehl.de or to the address given under point 1 (2).
3. automated decision-making
Automated decision-making is not used here.
4. supervisory authority
The address of the supervisory authority responsible for us is
Independent State Center for Data Protection Schleswig-Holstein, Holstenstraße 98, 24103 Kiel,
Phone: +49 431 988-1200, Fax: +49 431 988-1223
E-mail: mail@datenschutzzentrum.de
Homepage: www.datenschutzzentrum.de
5. operation of the website and access to the website
(1) The hosting services we use from our hosting provider serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services used for the purpose of operating the website.
(2) We or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in the efficient and secure provision of this website in accordance with Art. 6 para. 1 sentence 1 f) GDPR in conjunction with Art. 28 GDPR. Art. 28 GDPR processed.
(3) We, or our hosting provider, also collect and process access data. These include
Name and URL of the retrieved file
Date and time of retrieval
Name of the requested file
Amount of data transferred
Message about successful retrieval (HTTP response code)
Browser type and browser version
Operating system
Referer URL (i.e. the previously visited page)
Websites that are accessed by the user's system via our website
Internet service provider of the user
IP address and the requesting provider
(4) This log data is used without assignment to your person or other profiling for statistical evaluations for the purpose of operation, security and optimization of the website, but also for anonymous recording of the number of visitors to our website and the extent and type of use of our website and services, as well as for billing purposes to measure the number of "clicks" received from cooperation partners. Based on this information, we can provide personalized and location-based content and analyze traffic, troubleshoot and fix errors, and improve our services.
This is also our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
(5) We reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. IP addresses are stored in the log file for a limited period of time if this is necessary for security purposes, e.g. if you use one of our offers. The IP address will be deleted after the process is terminated or after the end of use if it is no longer required for security purposes. IP addresses are also stored if there is a concrete suspicion of a criminal offense in connection with the use of our website.
(6) External services: We use the following services on our website that are GDPR-compliant:
1. Webflow - We use this platform to design and manage our website. Webflow fulfills all requirements of the GDPR by processing personal data only to the extent necessary.
2. Google Analytics - This tool helps us to analyze the use of our website. The collection of usage data is anonymized and your IP address is shortened. Data is only collected with the express consent of the user, which can be revoked at any time. We offer you corresponding options for opting out.
3. Flockler - We use Flockler to display social media content. Flockler does not store any personal data of visitors and does not set any cookies. Content is embedded and processed in accordance with the applicable data protection guidelines.
6. collection of personal data for informational use
If you only use the website for informational purposes, i.e. if you do not log in to use the website, register or otherwise provide us with information, we do not collect any personal data, with the exception of the data mentioned under 5.3, which your browser transmits to technically enable you to visit the website.
7. cookies
(1) Session cookies are used on our website to optimize our online offering. A session cookie is a small text file that is sent by the respective servers when you visit a website and is temporarily stored on your hard disk. This file as such contains a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. These cookies are deleted after you close your browser.
(2) We also use a small number of persistent cookies (also small text files that are stored on your end device), which remain on your end device and enable us to recognize your browser the next time you visit. These cookies are stored on your hard disk and delete themselves after the specified time. Their lifespan is 1 month to 10 years. This enables us to present our website to you in a more user-friendly, effective and secure manner and, for example, to display information on the site that is specifically tailored to your interests.
(3) Our legitimate interest in the use of cookies pursuant to Art. 6 para. 1 sentence 1 f) GDPR is to make our website more user-friendly, effective and secure and easier for you to use.
(4) The following data and information are stored in the cookies:
Log-in information
Language settings
Search terms entered
Information about the number of visits to our website and the use of individual functions of our website.
(5) When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address or similar data that would allow the cookie to be assigned to you are not stored in the cookie. Based on the cookie technology, we therefore only receive pseudonymized information, for example about which pages have been visited.
(6) You can set your browser so that you are informed in advance about the setting of cookies and can decide in individual cases whether you want to exclude the acceptance of cookies for certain cases or in general, or that cookies are completely prevented. Stored cookies can be deleted in the system settings of the browser. This may limit the functionality of the website.
8. use of functions on our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do so, you must generally provide additional personal data that we use to provide the respective service. If additional voluntary information is possible, this is marked accordingly.
(2) When you contact the service provider by e-mail or via the contact form, your e-mail address and, if you specify this, your name and telephone number will be stored by us in order to answer your questions.
9. contact form
(1) On our website, you have the option of sending us an encrypted e-mail with your request using the "Contact" form. Here you can, for example, ask questions about our company, our products or our services.
In order to be able to process your request, we ask you to enter personal data in our input mask. This includes your name, your e-mail address and other information such as the subject of your request and your message text. In addition to the mandatory fields, you can also provide additional information. Optionally, you can enter your address and/or telephone number.
The information requested enables us to respond to your request comprehensively. The communication of the data provided by you in this context is expressly on a voluntary basis.
(2) The personal data transmitted to us from your above-mentioned details and the time of contact will be used exclusively for the purpose for which you provide it to us when contacting us - in particular the processing of your request. The information you provide will only be used to process your request. The data will not be used for other purposes or passed on to third parties without your express consent. This does not apply to affiliated companies and partner companies of L. Possehl & Co. mit beschränkter Haftung, insofar as this is necessary to fulfill your request. Provided there are no statutory retention obligations, your personal data will be deleted after your request has been processed.
The legal basis for data processing is Art. 6 para. 1 sentence 1 f) GDPR. Our legitimate interest is that we need your data in order to process or respond to your message.
10. data protection for applications and in the application process
Possehl & Co. mbH collects and processes the personal data of applicants for the purpose of handling the application process as the controller. Processing may be carried out electronically as well as by post. The electronic route is particularly the case if an applicant sends corresponding application documents, for example by e-mail or via a web form on the website, to the controller. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted six months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller (Art. 6 para. 1 b GDPR). Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).
11. external services used on our website
(1) Webflow
We use the Webflow service provided by Webflow, Inc, 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA, to design and manage our website. Webflow processes personal data to enable the provision of the website, whereby only the data necessary for the operation of the website is collected. The data may be processed in the USA. Further information on data protection at Webflow can be found at https://webflow.com/legal/privacy.
(2) Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to analyze usage behavior on our website. The data is collected anonymously and your IP address is truncated to protect your privacy. Data is only collected with the express consent of the user, which can be revoked at any time. To opt out, you can download and install the browser add-on, which prevents the collection of data by Google Analytics: https://tools.google.com/dlpage/gaoptout. Further information on data protection can be found at https://policies.google.com/privacy.
(3) Flockler
We use the Flockler service from Flockler Oy, Rautatienkatu 26, 33100 Tampere, Finland, to display social media content. Flockler enables us to embed social media feeds on our website. Flockler does not set any cookies and does not store any personal data of website visitors. Data processing is carried out exclusively in accordance with the applicable European data protection guidelines. Further information can be found in Flockler's privacy policy at https://flockler.com/privacy-policy.
(4) Google Maps
We integrate the maps of the Google Maps service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to provide geographical information. In particular, IP addresses and location data of users may be collected, but only with their express consent (usually via the settings of the mobile device). This data may be processed in the USA. Further information on data protection at Google Maps can be found at https://www.google.com/policies/privacy. An opt-out is possible here: https://adssettings.google.com/authenticated.
(5) Mabox
We use Mapbox to provide mapping and location services. Data such as IP addresses and location information may be collected for security and billing purposes. These data are stored in the U.S. and deleted after 30 days. For more details, please visit Mapbox Privacy Policy.
12 Liability for content
The content of our website has been created with the utmost care. However, we cannot assume any liability for the accuracy, completeness and up-to-dateness of the content. As a service provider, we are responsible for our own content on these pages in accordance with § 7 para. 1 TMG (German Telemedia Act) and general laws. According to §§ 8 to 10 TMG, however, we as a service provider are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information in accordance with general legislation remain unaffected by this. However, liability in this respect is only possible from the time of knowledge of a specific infringement. As soon as we become aware of such infringements, we will remove this content immediately.
13 Liability for links
Our pages may contain links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of any legal infringements, we will remove such links immediately.
14. data security
(1) We use suitable technical and organizational measures to protect our website and other systems against loss, destruction, access, modification or dissemination of your data by unauthorized persons. Despite regular checks, however, complete protection against all risks is not possible.
(2) Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal data over the Internet. You can tell whether encrypted transmission is taking place by the closed key/lock symbol in your browser display.
15. disclosure of data
Your personal data will only be passed on to third parties if you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 a) GDPR; if the transfer is necessary to fulfill contractual obligations in accordance with Art. 6 para. 1 sentence 1 b) GDPR; if we are legally obliged to pass on the data in accordance with Art. 6 para. 1 sentence 1 c) GDPR; if the disclosure of the data is in the public interest within the meaning of Art. 6 para. 1 e) GDPR or; if the disclosure of the data pursuant to Art. 6 para. 1 sentence 1 f) GDPR is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests in the protection of your data prevail
16. data categories
We process the following categories of data: master data (such as company, contact person if applicable, address), communication data, contract data, receivables data, payment and default information if applicable. See the information above.
17. third party recipient
In order to process your requests satisfactorily, we may have to pass on your personal data to third party recipients. Third-party recipients may be companies of the Possehl Group and our business partners.
18. duration of the storage of personal data
Your data will be stored by us for as long as it is required for the purposes on which the processing is based. Beyond this, we only store data insofar as we are legally obliged to do so, e.g. due to statutory retention obligations.
19. information on the right to object
An objection to the processing of personal data concerning you on the basis of Article 6 (1) e) (data processing in the public interest) or f) (data processing to safeguard legitimate interests on the basis of a balancing of interests) is possible at any time in accordance with Article 21 GDPR. In the event of an objection, the personal data will no longer be processed unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
Please send your objection to the e-mail address datenschutz@possehl.de.
20. information on the right of withdrawal
If you have given us your consent to process your personal data, you can withdraw this consent at any time. Of course, this also applies to declarations of consent given to us before May 25, 2018 (before the GDPR came into force). The revocation of consent can only take effect for the future. The legality of the processing is not retroactively removed by a revocation.
Please send your revocation by e-mail to datenschutz@possehl.de.
21. actuality
This privacy policy is dated 27.11.2018. It is the current and valid version of our privacy policy.
However, we would like to point out that it may be necessary to revise this privacy policy from time to time due to actual or legal changes.
22. data protection officer
If you have any questions about data protection, please contact our data protection officer at:
Vater Solution GmbH
Mrs. Manja Saß
Liebigstr. 26
24145 Kiel
or by e-mail at datenschutz@possehl.de.