We are very happy with your visit to this website and would like to thank you for your interest in our company. During your visit to our website, we assign greatest importance to the protection of your privacy. Therefore, when processing your personal data, we will strictly adhere to all applicable regulations regarding your personal data. Accordingly, we want to make any form of data collection and its use transparent to you.

You can visit our website without providing any personal information. We do not store any such data in this context. In order to improve these services, we exclusively analyze statistical data, which does not enable us to draw any connections to your personal information. All personal information is collected on a strictly voluntary basis. None of this information will be shared with third parties without your consent.

The following chapters are intended to clarify our use and processing of your personal information, as well as the applicable rights and regulations.

Firstly, this requires clarification of the terms in use with privacy policy declarations since the current General Data Protection Regulation (GDPR / DSGVO) has taken effect.

Our privacy policy is intended to be easily readable and understandable for our customers as well as the general public. To ensure this, certain terms must be clarified.

• Personal data / personal information

Personal data is defined as any information relating to an identified or identifiable natural person (hereafter referred to as “data subject”). A natural person is considered identifiable, if they can be identified, directly or indirectly, particularly by reference to an identifier such as names, numbers, location data, an alias or specific features of their physical, physiological, genetic, mental, economic, cultural or social identity.

• Affected person / data subject

The data subject is considered to be any identified or identifiable natural person whose personal information is being processed by those in possession of and responsible for this information.

• Processing

Processing is considered to be any (automated) procedure or series of such processes related to personal information by means of collection, recording, organization, arrangement, storage, adaptation or change, read out, query, usage, disclosure by transmission, dissemination or any other form of provision, comparison or linkage restriction, deletion or destruction.

• Restriction of processing

Restriction of processing is the marking / tagging of personal data with the goal of restricting its future processing.

• Profiling

Profiling is considered to be any form of automated processing of personal data with the goal of evaluating certain individual aspects relating to a natural person, i. e. the analysis or prediction of work performance, economic status, health status, personal preferences and interests, reliability, behavior, location or change of location of this natural person.

• Pseudonymization

Pseudonymization refers to the processing of personal data, which does not allow for the personal data to be assigned to any natural person without additional data, as long as this additional data is stored separately and subject to technical and organizational restrictions in order to guarantee that the personal data cannot be assigned to any identified or identifiable natural person.

• Controller / data controller

The person responsible is any natural or legal person, administrative authority, institution, body or position, that alone or jointly with others decides about the purposes and means in processing personal data. If those purposes and means are predefined by Union law or laws of member states, the controller / person responsible or the criteria for his appointment can be provided by Union law or laws of member states.

• Processor

The processor is considered any natural or legal person administrative authority, institution, body or position, which processes information on behalf of the person responsible.

• Recipient

Recipient is defined as any natural or legal person, administrative authority, institution, body or position, to whom personal data is disclosed, regardless of them being a third party or not. However, authorities that may receive personal data in the context of a specific investigative mandate under Union law or laws of member states are not considered recipients.

• Third party

A third party is any natural or legal person, administrative authority, institution, body or position, other than the affected person / data subject, the controller, the processor and any persons who, under the direct responsibility of the controller or processor, are authorized to process personal data.

• Consent

Consent is considered any expression of will in the form of a declaration or confirmatory action given voluntarily, in an informed manner and unequivocally for a specific case by the affected person / data subject, indicating that the affected person / data subject agrees to the processing of their personal data.

Name and address of the person responsible:

Klein Umformtechnik GmbH
Waldstraße 60 + 65
57250 Netphen
Deutschland
Tel.: +49 (0) 2737 / 597- 0
E-Mail: info@klein-ut.de
Website: www.klein-ut.de

Name and address of the (external) data protection officer:

dokuworks GmbH

Sven Berger
Birlenbacher Str. 20
57078 Siegen
Deutschland
Tel.: +49 (0) 271 / 77237 - 60
E-Mail: datenschutz@doku.works

1. Scope of personal data processing

Principally, personal data is only collected and processed only insofar as it is required to provide a functioning website as well as our content and services. The collection and use of personal data regularly takes place only with the consent of the user. Exceptions are such cases where the consent cannot be obtained due to actual reasons and where processing of the data conforms with statutory regulations.

2. Legal bases for processing personal data

In case consent for processing personal data is obtained, Article 6 (1) (lit. a) of the General Data Protection Regulation (GDPR / DSGVO) will serve as the legal basis for the processing of the data.

Article 6 (1) (lit. b) GDPR / DSGVO will serve as legal basis in the use of personal data required for the completion of a contract to which the data subject is a party. This includes operations necessary for the completion of pre-contractual processes.

Insofar as personal data is required in fulfilling legal obligations to which out company is subject, Article 6 (1 (lit. c) GDPR / DSGVO serves as legal basis.

In the event that vital interests of the affected person or another natural person necessitate the processing of personal data, Article 6 (1 (lit. d) GDPR / DSGVO serves as legal basis.

If processing of personal data is necessary to preserve legitimate interests of a company or third party and is not outweighed by the interests, fundamental rights and freedoms of the effected person, Article 6 (1 (lit. f) GDPR / DSGVO serves as legal basis.

3. Data deletion and storage duration

Unless further specified personal data will be stored only as long as it is required for the fulfillment of its intended purposes. In several cases such as those pertaining to tax or commercial laws, the legislation allows for the storage of personal data. In these cases personal data will only be stored by us for such lawful purposes, will not be processed further and deleted after the legal retention period.

4. Disclosure of personal data to third parties

Your personal data will not be transmitted to third parties for purposes other than those listed below. Such data will only be passed on, if:

• You have given express consent in accordance with Article 6 (1 S.1) (lit. a) GDPR / DSGVO
• The disclosure is required for the enforcement, execution or defense of legal claims while there is no reason to assume that any of your interests worthy of protection outweigh those claims, prohibiting the disclosure of your personal data, according to Article 6 (1 S.1) (lit. f) GDPR / DSGVO
• There exists a legal obligation for the disclosure, according to Article 6 (1 S.1) (lit. c) GDPR / DSGVO, and
• This is legally permitted for the fulfillment of contractual obligations, according to Article 6 (1 S.1) (lit. b)

1. Scope and manner of data processing

Each time our website is accessed, data and information about the accessing computer is collected automatically.

The following data is collected in such instances:

• Browser type and version info
• Operating system of the accessing computer
• Host name of the accessing computer
• Date and time of the access
• Websites from which the accessing computer is directed to our website

This data is saved in log files on our system. This does not include IP addresses of the user or any other data which would allow the identification of the user. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

Article 6 (1) (lit. f) GDPR / DSGVO serves a s legal basis for temporary data storage.

3. Purposes of data processing

The temporary storage of IP addresses is required for the delivery of the web site and its contents to the user’s computer. For this purpose, the IP address has to be stored for the duration of the session.

This is considered a legitimate interest according to Article 6 (1) (lit. f) GDPR / DSGVO.

4. Duration of storage

The data will be deleted as soon as it is no longer required for the fulfillment of its purpose. In the case of data collection for providing the website, this will be when the respective session ends.

5. Objection and data removal

Data collection and subsequent storage in log files is indispensable for providing the website. There is no possibility for objection to this on part of the user.

6. Hosting

All our content is hosted by the following provider:

ALL-INKL.COM

Hauptstraße 68

02742 Friedersdorf

Further details can be accessed in the data protection declaration of the provider:                 

https://all-inkl.com/datenschutzinformationen/

The use of providers is based on Article 6 (1) (lit. f) GDPR / DSGVO. We have legitimate interest in a reliable display / provision of our website. If the corresponding consent has been given, further processing will follow Article 6 (1) (lit. a) GDPR / DSGVO and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or the access to information on the user’s computer (i. e. device fingerprinting). This consent can be revoked at any time.

1. Scope of personal data processing

Our website uses cookies. Cookies are text files saved locally on the user’s computer by the internet browser. Once a website is accessed by the user, a cookie may be saved on the user’s computer, which contains a characteristic string of characters, allowing the browser’s unambiguous identification if the website is accessed again.

The following data is stored in the cookies:

• Language setting
• Login credentials

Additionally, we use cookies that enable the analysis of the user’s surfing behavior.

The following data can be collected:

• Entered search terms
• Frequency of page views
• Use of website functionality

User data collected in this manner will be pseudonymized by technical precautions which make it impossible to correlate it with any individual user accessing the website. This data is not stored with any correlation to other personal user data.

Insofar as the use of cookies serves analytic purposes, upon accessing the website the user will be prompted with the above information and the option to consent to the processing of their personal data collected in this context, while also being referred to this declaration.

2. Legal basis for data processing

The legal basis in the case of essential cookies and the related processing of personal data is Article 6 (1) (lit. f) RDPG / DSGVO.

Personal data may be processed via the use of analytical cookies on the legal basis according to Article 6 (1) (lit. a) RDPG / DSGVO, if the user has given their consent.

3.  Purposes of data processing

The purpose of technically essential cookies is to facilitate the use of websites for the user. Some of the website’s functionality would not be available without the use of essential cookies, as they require browser identification after a page change.

The following applications require cookies:

• Language settings
• Storage of login credentials

Data collected by essential cookies will not be used to create user profiles.

The use of analytical cookies aims to improve the quality of our website and content. By those means we may analyze the use of our website, in order to continually optimize our offer.

4. Storage duration, objection and deletion

Since cookies are stored on the user’s computer and the data contained therein will be transmitted to our website, you as the user have full control over the use of cookies. The transmission of cookies may be easily restricted or blocked by changing the browser’s settings. Existing data can be deleted at any time, automatically if desired. If cookies are deactivated for our website, some of the functionality may not be available.

Integration of social media buttons

The person responsible for processing has integrated components of social media on this website. This is achieved by means of the following third-party services, responsible for data processing according to Article 4 (7) RDPG / DSGVO. These providers will only collect your personal data when you click the corresponding button and are redirected to the respective website.

The corresponding legal basis for our legitimate interest to provide and advertise our offers and services on social media is addressed under Article 6 (1) (lit. f) RDPG / DSGVO.

Additional information on data processing by those third parties and your rights as an affected person can be found in the data protection declarations linked below:

• YouTube

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

https://support.google.com/youtube/answer/7671399?p=privacy_guidelines&hl=de&visit_id=0-636644030056539000-341535836&rd=1

• Facebook

Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

https://www.facebook.com/about/privacy/

Use of social media profiles

To display our content on social media profiles we do access the technical platform and services of the respective social media provider.

As the operator of this social media profile, we (KLEiN Umformtechnik GmbH), are responsible together with the operator of the social network within the definition of Article 4 (7) RDPG / DSGVO. During a visit of our social media profile personal data is processed by the persons responsible. In the following we would like to inform you about which data is collected, how it is processed and your rights in this respect.

We would like to inform you that the use of this website happens at your own risk. This applies in particular to interactive features (e. g. commenting, sharing, rating etc.). We might take your comments and ratings as an opportunity to respond with our own comments, which falls within the definition of legitimate interest of interacting with active users of our profile (Article 6 (1) (lit. f) RDPG / DSGVO).

If you have any questions, you may contact us via personal messages. In doing so, we may be automatically informed about your username. Further information may be provided on a strictly voluntary basis, especially concerning contact outside of social media platforms. Data processing with the goal of contacting us is in accordance with Article 6 (1 S.1) (lit. a) RDPG / DSGVO on the basis of your consent. Furthermore, personal data processed in this context will be deleted after your request has been fully processed, as long as this is not prevented by obligations to preserve records (i. e. if a request leads to a formal contract between us).

Upon visiting our social media profile, the provider will collect your IP address as well as other data present within cookies on your computer. This information may be used to provide us as the operator of the social media profile statistical data about web site usage.

All data gathered about you will be processed by the providers and may possibly be transmitted to countries outside the European Union / European Economic Community. A general description regarding the nature and possible use of the data the provider receives can be found in their respective privacy policy. There you will also find the providers contact information and advertisement settings.

The way a provider may use the data gathered by visits to our social media profile for their own purposes, to what extent activities on the website may be associated with individual users, how long the data will be stored and whether it might be transmitted to third parties is not fully communicated and is not known to us. Upon accessing a social media profile, the user’s IP address will be transmitted to the provider. The provider may possibly associate this IP address with individual users. If you are currently registered and logged in with a social media provider, cookies with identifiers will be locally stored on your computer system. This enables the provider to track your site visits and site interactions. In order to prevent this, you should log out from the social media provider or deactivate the option to stay logged in (“remember me”), delete all cookies stored on your device and restart your browser.

Further information regarding your rights granted by the RDPG / DSGVO as an affected person can be found under the chapter concerning data subject rights.

The providers offer more detailed information on this under the following links:

• YouTube

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

https://support.google.com/youtube/answer/7671399?p=privacy_guidelines&hl=de&visit_id=0-636644030056539000-341535836&rd=1

• Facebook

Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

https://www.facebook.com/about/privacy/

1. Description and scope of data processing

On our website you will find a contact form that can be used to get in contact with us electronically. If you choose to contact us this way, the data entered into the form will be transmitted to us and stored. This includes:

• Company name
• Name
• Email address
• Message

In the moment of sending the message the following data will be stored additionally:

• IP address of the user
• Date and time of the registration

During the process of transmitting your message to us, we will reference this privacy policy and ask for your consent. Alternatively, you can contact us by using our email address. In this case, the personal user data transmitted with the email will be stored.

No data will be transmitted to third parties in this case and the data will be used exclusively to process the conversation.

2. Legal basis for data processing

The legal basis for processing data in the case that a user has given their consent is Article 6 (1) (lit. a) RDPG / DSGVO.

In the case of direct email contact, all personal data transmitted along with the email will be processed based on Article 6 (1) (lit. f) RDPG / DSGVO. If this communication is aimed at forming a contract, Article 6 (1) (lit. b) RDPG / DSGVO will serve as an additional basis.

3. Purposes of data processing

Personal data obtained from the contact form will be utilized exclusively to process your request. In the case of direct email contact the required legitimate interest covers processing of your personal data.

Other personal data collected during the transmission is used for the protection against abuse and to ensure the security of our information technology systems.

4. Duration of storage

The data will be deleted once it is no longer required for the completion of the purpose for which they were initially collected. In the case of personal data collected from our contact form and direct email contact this occurs when the conversation with the respective user ends. The conversation ends once circumstances indicate that the particular issue has been clarified conclusively. The personal data gathered additionally during the transmission will be deleted after a period of seven days.

5. Objection and deletion

The user can at any time revoke their consent to the processing of their personal data. If the user contacts us via email directly, they can object to the storage of their personal data. In such a case, the conversation cannot be continued and would have to be conducted via mail. All personal data stored while making contact will be deleted.

If your personal data is being processed, you are an affected person according to the RDPG / DSGVO and thusly hold the following rights towards the person responsible:

Right to disclosure: Any person affected by the processing of their personal data can at any time request, free of charge, disclosure about the scope, source and recipients of the stored data as well as its purpose (Article 15 RDPG / DSGVO). If you wish to exercise your right to disclosure as an affected person, you can always contact the person responsible or the appointed external data protection officer. The corresponding contact information can be found in chapter II. of this data protection declaration.

Right to correction: Any person affected by the processing of their personal data has the right to request the immediate correction of incorrect personal information related to them (Article 15 RDPG / DSGVO). Furthermore, with regard to the purpose of the processing of their personal data, the person affected has the right to request the completion of incomplete personal data.

Right to deletion (right to be forgotten): Any person affected by the processing of their personal data has the right to request from the person responsible the immediate deletion of their personal data, as long as one of the following criteria is met and the processing is not required (Article 17 RDPG / DSGVO): (1) The personal data was collected or processed for non-necessary purposes. (2) The affected person revokes their consent on which the processing was based and there is no other legal basis for the processing. (3) The affected person objects to the processing and there are no other priority reasons for the processing. (4) The personal data was wrongfully processed. (5) The deletion of the personal data is required due to legal obligations.

Right to restricted processing: The affected person has the right to request the restriction of processing from the person responsible, if one of the prerequisites in Article 18 RDPG / DSGVO is met, i. e. if the affected person has objected the processing for the duration of examination by the person responsible.

Right to data transferability: Any person affected by the processing of their data may request the transfer of their personal data in a structured, common and machine-readable format (Article 20 RDPG / DSGVO), if (1) the processing is based on a consent according to Article 6 (1) (lit. a) or Article 9 (2) (lit. a) RDPG / DSGVO or a contract according to Article 6 (1) (lit. b) and (2) the processing is accomplished by means of automated procedures.

RIGHT TO OBJECTION: ANY PERSON AFFECTED BY THE PROCESSING OF THEIR PERSONAL DATA HAS THE RIGHT TO OBJECT THE PROCESSING OF THEIR PERSONAL DATA (Article 21 RDPG / DSGVO). IN THE CASE OF SUCH AN OBJECTION, WE DO NO LONGER PROCESS THE PERSONAL DATA, IF WE CANNOT ESTABLISH ANY OTHER COMPELLING REASONS FOR THE PROCESSING, OUTWEIGHING THE INTERESTS, RIGHTS AND LIBERTIES OF THE AFFECTED PERSON, OR SERVING THE ENFORCEMENT, EXECUTION OR DEFENSE OF LEGAL CLAIMS.

RIGHT TO REVOKE CONSENT TO DATA PROTECTION DECLARATIONS: ANY PERSON AFFECTED BY THE PROCESSING OF THEIR PERSONAL DATA HAS THE RIGHT TO WITHDRAW THEIR CONSENT TO THE PROCESSING OF SAID DATA AT ANY TIME (Article 7 (3) RDPG / DSGVO).

Right to complaints with a regulatory body: Irrespective of other administrative or legal remedies the affected person has the right to file a complaint with a regulatory body, particularly within the country / member state of residence, employment or the alleged infraction, if they believe that the processing of their respective personal data constitutes a violation of the RDPG / DSGVO (Article 77 RDPG / DSGVO). The corresponding regulatory authority in North-Rhine-Westphalia is: State Commissioner for Data Protection and Freedom of Information, Kavalleriestr. 2 -4, 40213 Düsseldorf.

The person responsible gathers and processes the personal data of job applicants for the purpose of completing the application process. This may also be done electronically, especially if the applicant sends their application credentials by email or via the contact form on our website to the responsible person. If an employment contract is formed with the applicant, the transmitted data will be stored according to legal regulations with the purpose of finalizing the employment.

The legal basis for this process is § 26 (1) S. 1 BDSG in conjunction with Article 88 (1) RDPG / DSGVO.

If no employment contract is formed between the person responsible and the applicant, the application credentials will be deleted six months after the notification of the decision, as long as no other legitimate interests of the person responsible prevent the deletion. Other legitimate interests in this sense may be for example the burden of proof in the context of court proceedings related to the General Equal Treatment Act (AGG).

Legal basis in this case is Article 6 (1) (lit. f) (RDPG / DSGVO and § 24 (1) No. 2 BDSG. Our legitimate interest is legal defense or enforcement respectively.

Given that you explicitly agree to a prolonged duration of storage, i. e. to be registered in a database for potential applicants, your personal data will be stored accordingly. The legal basis for this is Article 6 (1) (lit. a) RDPG / DSGVO. You may revoke your consent at any time, according to Article 7 (3) RDPG / DSGVO effective from the date of the notification to us.

You have the right to object being subjected to a purely automated decision making process, including profiling, that might ensue legal consequences for you or that might interfere significantly with you in a similar way. This does not apply, if the decision is (1) required in the fulfillment of a contract between you and the person responsible, (2) permissible due to legal obligations of the Union or member states, to which the person responsible is subject, and these regulations contain adequate measures for the protection of your rights, freedoms and legitimate interests, or (3) based on your explicit consent.

However, these decisions cannot be based on specific categories of personal data according to Article 9 (1) RDPG / DSGVO, insofar as Article 9 (2) (lit. a or g) RDPG / DSGVO does not apply and adequate measures for the protection of your rights, freedoms and legitimate interests have been taken.

Regarding the cases outlined above under (1) and (3), the person responsible will take adequate measures for the protection of your rights, freedoms and legitimate interests, which must include at least the right to effectuate the intervention on the part of the responsible person, to elaborate one’s own position and to challenge the decision.

We invest the maximal amount of effort to ensure the safety of your data within the scope of the current data protection laws. Your personal data will be transmitted encrypted, including your orders and login credentials. While we use the SSL (Secure Sockets Layer) coding system, we must inform you, that data transfer on the internet (for example email communication) has inherent safety risks. Risk free protection from third party access is generally not possible.

This data protection declaration is currently valid as of July 23, 2023. By further developing our website and services or by changes to the legal framework it may become necessary to adapt this data protection declaration.