The information presented below is intended to explain to you as the “data subject” how we process your personal data and to inform you of your rights according to the data protection laws.
The use of our website is in general possible without the disclosure of personal data. However, should you wish to make use of any special company services via our website, it may become necessary to process certain personal data. If we need to process personal data and there is no legal basis for such processing, we will generally request your consent.
As data controllers, we have implemented various technical and organisational measures to ensure the greatest possible protection of the personal data processed on this website. Nevertheless Internet-based data transmissions may display inherent security issues, so absolute protection cannot be guaranteed. For this reason it is your prerogative to transmit your personal data by other means, for example, by telephone or by mail.
2. Data Controller
The data controller within the meaning of the GDPR is:
Stallbau Weiland GmbH & Co. KG
Personally liable partner
Weiland Verwaltungs GmbH,
represented in the final instance by
Managing director Iris Weiland
Hilberlachestraße 8, 37242 Bad Sooden-Allendorf, Germany
Representative of the data controller: Managing director Iris Weiland
3. Data Protection Officer
Please find the contact details of the data protection officer below:
Kanzlei für Datenschutz (Office for Data Protection), Bernd Kircher
You can contact our data protection officer directly at any time with questions or suggestions regarding data privacy.
4. Terminology definitions
The privacy statement is based on the terminology used by the European Regulatory Authority when the General Data Protection Regulation (GDPR) was enacted. Our data protection declaration is intended to be easily readable and understandable both for the general public and for our customers and business partners. To ensure that this is the case, we would like to begin by defining the terms used.
The following are some of the terms used in this Privacy Statement:
1. Personal data
Personal data is any information relating to an identified or identifiable natural person. A natural person is referred to as “identifiable” if he/she can be identified directly or indirectly, in particular by association with an identifier such as a name, identification number, location data, online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
2. Data subject
The data subject is any identified or identifiable natural person whose personal data is processed by the data controller (our company).
Any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. Limitation of processing
Marking of stored personal data with the aim of limiting any future processing thereof.
Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects, in particular to analyse or predict aspects concerning that person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
7. Data processor
A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
8. Data recipient
A natural or legal person, public authority, agency or another body, to which personal data is disclosed, whether it is a third party or not. Public authorities that receive personal data in the framework of a particular inquiry in accordance with EU or member state law shall not be regarded as recipients, however.
9. Third party
Any natural or legal person, public authority, agency or other body, except the data subject, the data controller, the data processor and persons under the direct responsibility of the data controller or the data processor, who is authorised to process the personal data.
Consent is any unambiguous expression of free will given voluntarily and in an informed manner by the data subject for the particular case in the form of a declaration or any other unequivocal affirmative act by which the data subject gives to understand that he/she is in agreement with the processing of his/her personal data by another party.
5. Legal basis for processing
Art. 6 para.1 (a) GDPR provides our company with the legal basis for processing operations for which we obtain the consent of the data subject for a specific processing purpose.
If the processing of personal information is necessary for the performance of a contract to which you are party, such as is necessary, for instance, for processing operations in connection with the supply of goods, the provision of a service or consideration, such processing is based on Art. 6 para.1 (b) GDPR. The same applies to such processing operations as may be necessary prior to entering into a contract, for example, concerning enquiries about our products or services.
If our company is subject to a legal obligation which makes it necessary to process personal data, for example to fulfil tax obligations, such processing is based on Art. 6 para. 1 (c) GDPR.
In rare cases, the processing of personal data might be required in order to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a person suffered an injury while visiting our company, and consequently his name, age, health insurance data or other vital information needed to be forwarded to a doctor, a hospital or other third parties. In this case, data processing would be based on Art. 6 para.1 (d) GDPR.
Finally, processing operations could be based on Article 6 para.1 (f) GDPR. This applies to processing operations not covered by any of the above criteria, where processing is necessary to safeguard the legitimate interests of our company or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. We are permitted to carry out such operations in particular because they are specifically mentioned by the European legislatory body. In this respect the latter was of the opinion that a legitimate interest could be assumed if you are a customer of ours (Recital 47, sentence 2, GDPR).
6. Transmission of Data to Third Parties
No transmission of your personal data to third parties will take place for any other purpose than those specified below.
We will pass on your personal data to third parties in the following cases only:
- if you have granted your express consent thereto in accordance with Article 6 para.1 s. 1 (a) GDPR,
- if the transmission according to Art. 6 para.1 s.1 (f) GDPR is permissible in order to safeguard our legitimate interests and there is no reason to suppose that you have an overriding or compelling interest in the non-transmission of your data,
- if there is a legal obligation for such transmission according to Art. 6 para.1 s. 1 (c) GDPR, or
- if it is legally permissible and necessary according to Art. 6 para.1 s. 1 (c) GDPR for the processing of contractual relationships with you.
7. Technical solutions
7.1 SSL/TLS Encryption
In order to guarantee the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us as the site perator, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that in the address line of the browser “https://” appears instead of “http://” and by the lock symbol in your browser line. We use this technology to protect the information you provide.
7.2 Data collection when visiting our website
When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect such data as is transmitted to our server by your browser (in so-called “server logfiles”). With each retrieval of a page by you or an automated system, our website records a set of general data and information. This general data and information is stored in the logfiles of the server.
The following data can be recorded:
- the browser types and versions used,
- the operating system used by the accessing system,
- the webpage where the system requesting access to our website originated (so-called referrer),
- the sub-websites which are triggered by a system requesting access to our website.
- the date and time of a hit on our website,
- an abbreviated Internet Protocol address (anonymised IP address),
- the Internet service provider of the system requesting access.
When using this general data and information, no inference is made to your person.
This information is in fact used to
- deliver the content of our website correctly,
- optimise the content of our website as well as relevant advertising,
- ensure the permanent operability of our IT systems and the technology of our website, and
- in case of a cyber attack provide law enforcement authorities with the necessary information for prosecution actions.
The data and information collected is therefore evaluated by us both for statistical purposes and in order to improve the data protection and data security in our company, with the ultimate aim of ensuring the best possible level of protection for the personal data we process. The anonymous data of the server logfiles is stored separately from any personal data provided by a data subject.
The legal basis for data processing is Art. 6 para.1 s. 1 (f) GDPR. Our legitimate interests are pursuant to the purposes specified above for data collection.
8.1 General information on Cookies
The cookie stores information arising from the specific terminal device used in each particular context. However, this does not mean that we thereby obtain direct knowledge of your identity.
Apart from this, we also use temporary cookies to improve the user friendliness of our website. These are stored for a certain, specified length of time on your device. If you then return to our website in order to use our services, the entries and settings you made previously will be recognised automatically so that you do not need to enter this information again.
The data processed by cookies is required to ensure the proper function of the website in order to protect our legitimate interests and those of third parties under Art. 6 para.1 s.1 (f) GDPR. For all other cookies, the proviso is applicable that you have given your consent via our opt-in cookie banner in accordance with Art. 6 para.1 (a) GDPR.
9. Content of our website
9.1 How to contact us / Contact form
Whenever you contact us (e.g. via contact form or e-mail), personal data will be collected. Which data is collected when the contact form is used is evident from the particular form. This data will be stored and used exclusively for the purpose of answering your request or for making contact including the associated technical administration. The legal basis for processing the data is our legitimate interest in replying to your request in accordance with Art. 6 para.1 (f) GDPR. If you have contacted us with the aim of concluding a contract, the legal basis for data processing specified in Art. 6 para.1 (b) GDPR is also applicable.
Your data will be erased after final processing of your enquiry. This is the case once it is clear from the circumstances that the matter has been brought to a conclusion and providing there are no legal retention obligations.
9.2 Application management / Job exchange
We collect and process the personal data of applicants for the purpose of processing the application. Processing may take place by electronic means. This is the case in particular if an applicant submits the relevant application documents to us electronically, for example by e-mail or using the online form on the website. If we enter into an employment contract with an applicant, the data transmitted will be saved for the purpose of managing the employment relationship in compliance with the statutory provisions.
If no employment contract is concluded with the applicant, the application documents will be automatically erased two months after notification of rejection, unless such erasure is contrary to other legitimate interests on our part. Other legitimate interests of this nature could be, for instance, a burden of proof required in proceedings under the General Anti-discrimination Act (AGG).
Any data processing in this respect takes place solely on the basis of our legitimate interest in accordance with Art. 6 para. 1 (f) GDPR.
10. Plugins and other services
The plugin Honeypot is used on this website. This function serves above all to distinguish whether an entry is made by a natural person or fraudulently by automated web bots. This service also includes sending of the IP address and any other required data. Such processing operations are carried out solely to protect our legitimate interests in accordance with Art. 6 para. 1 s. 1 (f) GDPR.
11. Your rights as the data subject
11.1 Right of confirmation
You have the right to request confirmation of whether we are processing pertinent personal data.
11.2 Right of information Art. 15 GDPR
You are entitled to receive information from us free of charge at any time about stored personal data concerning you, as well as a copy of this data in accordance with the statutory provisions.
11.3 Right to rectification Art. 16 GDPR
You are entitled to request correction of incorrect personal data. Further, taking into account the purposes of the processing, you are entitled to request that incomplete personal data be completed.
11.4 Erasure Art. 17 GDPR
You have the right to request that the personal data concerning you be erased without delay provided that one of the grounds provided by law is applicable and insofar as the processing or storage is not necessary.
11.5 Restriction of processing Art. 18 GDPR
You have the right to request that we restrict processing if one of the legal requirements applies.
11.6 Data portability Art. 20 GDPR
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.
Furthermore, you have the right to transmit this data, without hindrance from us, to another controller to whom the personal data have been provided, providing that the processing is based on consent pursuant to Art. 6 para. 1 (a) GDPR or Art. 9 para. 2 (a) GDPR or on a contract pursuant to Art. 6 para. 1 (b) GDPR and that the processing is carried out by automated means. That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. In exercising your right to data portability pursuant to Art. 20 para.1 GDPR, you are entitled to have the personal data transmitted directly from one controller to another, where technically feasible and providing that the rights and freedoms of others are not adversely affected thereby.
11.7 Objection Art. 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on GDPR Art. 6 para.1 (e) (data processing in the public interest) or (f) (data processing based on balancing of interests).
This also applies to profiling based on these provisions within the meaning of Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims. In certain cases we process your personal data for direct marketing purposes. You can object at any time to the processing of personal data for such purposes. This also applies to profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, we will no longer process the personal data for such purposes.
Moreover, you have the right, on grounds relating to your particular situation, to object to the processing of your personal data for scientific or historical research purposes or statistical purposes pursuant to Art. 89 para.1 GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
11.8 Withdrawal of consent to processing of personal data
You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.
11.9 Complaint to a supervisory authority
You have the right to lodge a complaint with a supervisory authority for data protection about our processing of your personal data.
12. Routine storage, erasure and blocking of personal data
We process and store your personal data only for the period of time necessary to achieve the storage purpose or insofar as this is required by the legal regulations to which our company is subject. If the storage purpose no longer applies or if a prescribed storage period expires, the personal data will be routinely blocked or erased in accordance with legal requirements.
13. Duration of storage of personal data
The criterion for the duration of storage of personal data is the respective legal retention period. After expiry of this period, the corresponding data is routinely erased providing it is no longer needed for fulfillment or initiation of a contract.
This privacy statement is currently valid with status as of: June 2020. Due to the further development of our web pages and offers or due to changed legal or official requirements, it may become necessary to amend this privacy statement. The currently applicable privacy statement can be accessed and printed out at any time at « https://www.huehnermobil.de/en/data-protection/ ».