Data Privacy Statement
General Information
- Name and contact details of the controller
This privacy information applies to data processing by:
Gissler & Pass GmbH
Dürener Str. 12
52428 Jülich
Phone: +49 2461 684-0
Fax: +49 2461 684-181
Email: hello@gissler-pass.de
The company data protection officer of Gissler & Pass GmbH can be reached at the address dhpg IT-Services GmbH, Bunsenstr. 10a, 51647 Gummersbach, for the attention of Dr. Christian Lenz, or under datenschutz@dhpg.de or 02261-8195-0.
- Rights of data subjects
You have the right:
- pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the recipients and or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries, the envisaged period for which the personal data will be stored or the criteria used to determine that period, the existence of a right to request rectification, erasure or restriction of processing of personal data about you or to object to such processing, the right to lodge a complaint with a supervisory authority, where your personal data are not collected from us, any available information as to their source, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details of it;
- pursuant to Art. 16 GDPR, to obtain without undue delay the rectification or completion of your inaccurate personal data stored with us;
- pursuant to Art. 17 GDPR, to obtain the erasure of your personal data stored with us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the performance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims;
- pursuant to Art. 18 GDPR, to obtain restriction of processing of your personal data where you contest the accuracy of the personal data, the processing is unlawful but you oppose the erasure of the personal data and we no longer need the personal data but you require the data for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Art. 21 GDPR pending the verification whether our legitimate grounds override your interests;
- pursuant to Art. 20 GDPR, to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format or to request that those data be transmitted to another controller, insofar as the processing is based on your consent or a contract and the processing is carried out by automated means;
- to withdraw any consent you have previously given to us at any time pursuant to Art. 7, clause 3 GDPR. This means that we are not allowed to continue processing your data in the future as we did on the basis of that consent, and
- to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can turn to the supervisory authority in the state of your habitual residence, place of work or the place of our company’s registered office.
- Right to object
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6, clause 1, sentence 1, lit. e or f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, provided that there are grounds relating to your particular situation or if the objection is directed against direct advertising.
In the first case, we will no longer process your data unless we can prove compelling reasons that prevail your interests, liberties and rights or our processing serves to establish, exercise or defend legal claims.
In the latter case you have a general right of objection, which we will implement without the need for you to state a particular situation. If you wish to exercise your right to withdraw consent or object to processing, simply send an email to hello@gissler-pass.de
- Transfer of data
We will not transfer your personal data to third parties for purposes other than those listed below. We will only pass on your personal data to third parties in the following cases:
- if you have given your explicit consent according to Art. 6, clause 1, sent. 1, a GDPR;
- if disclosure is necessary pursuant to Art. 6, clause 1, sent. 1, lit. f GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding protectable interest in the non-disclosure of your information;
- if disclosure is necessary for compliance with a legal obligation pursuant to Art. 6, clause 1, sent. 1, lit. c GDPR, and
- where permitted by law and necessary for the performance of a contract with you pursuant to Art. 6, clause 1, sent. 1, lit. b GDPR.
In addition, your personal data are processed by our processors in compliance with instructions, insofar as this is necessary for the fulfilment of the order. Our processors do not have an own right to use your data.
- Data security
For visits to our website, we use the common SSL (Secure Sockets Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol or by the use of “https” in front of the address of our (sub)website. We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in accordance with technological development.
- Third countries
Data will be transmitted to third countries by us exclusively in accordance with the statutory regulations.
Insofar as we fulfil our contract with you, data are made available to third parties. Appropriate safeguards pursuant to Art. 46 GDPR or an adequacy decision pursuant to Art. 45 GDPR are not required for this.
If you have not consented to the data transfer, if the data transfer does not serve the fulfilment of the contract or if the transfer is necessary for the establishment, exercise or defence of legal claims, the data are only transferred by us if suitable safeguards or an adequacy decision exist.
A suitable safeguard exists, for example, if the EU standard data protection clauses issued by the EU Commission have been concluded or if certification by means of a “Privacy Shield” has been obtained.
The legal basis is Art. 45 and 46 GDPR.
Specific privacy information for data processing operations on the website
- When visiting the website
When visiting our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer;
- date and time of access;
- name and URL of the retrieved file;
- website from which access takes place (referrer-URL);
- the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The aforementioned data are processed by us for the following purposes:
- to ensure a smooth connection to our website,
- to ensure a comfortable use of our website,
- to evaluate the system security and stability as well as
- for other administrative purposes.
The legal basis for data processing is laid down in Art. 6, clause 1, sent. 1, lit. f GDPR. Our legitimate interest lies in the operation of our website and the related presentation of our company.
Your data will be erased as soon as they are no longer needed for the indicated purposes, but after 6 months at the latest.
- When using our contact form
If you have any questions, we offer you the opportunity to contact us by using a form provided on the website. You must provide a valid email address so that we know who sent the enquiry and to enable us to respond to it. Further information can be provided voluntarily.
Data processing for the purpose of making contact with us is made pursuant to Art. 6, clause 1, sent. 1, lit. a GDPR and is based on the consent you have granted voluntarily. The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been dealt with.
If your inquiry is directed to the conclusion of a contract, Art. 6, clause 1, sent. 1, lit. b) GDPR serves as the legal basis. In this case, we will store your data for the duration of the statutory retention periods.
- When using the applicant portal
For Gissler & Pass GmbH, it is particularly important to ensure the highest possible protection of your personal data. All personal data collected and processed by Gissler & Pass GmbH as part of an application are protected against unauthorised access and manipulation by technical and organisational measures.
We require your personal data in the application documents to be able to consider you as an applicant in the application process and to check whether you qualify to become an employee of our company. If you provide information that goes beyond the required extent, you provide it to us voluntarily and consent to its processing.
We also offer you the possibility to apply for a job at our company with your “finest jobs” profile. In this case, we receive the application documents and applicant data lodged in your profile from the operator rexx systems GmbH. If you choose to apply via the “finest jobs” portal, you consent to the transfer of such documents and data to us.
Thus, the legal basis for the processing of your application data is Art. 6, clause 1, sent. 1, lit. a and b GDPR. You may withdraw your consent at any time. You can send your withdrawal to hello@gissler-pass.de at any time.
After completion of the application process, we will store your documents for further 6 months for evidence purposes.
For a possible conclusion of a contract, it is necessary to provide us with your personal data in the application documents. Otherwise, we will not be able to consider you in the application process.
- When using the request form
The data required in the request form are necessary for reviewing your request and sending you an offer. The legal basis for processing is laid down in Art. 6, clause 1, sent. 1, lit. b GDPR. Without these data, we cannot initiate a contract with you.
We store your data for the duration of the contract initiation and the following contract performance, if applicable. Moreover, we store your data for the duration of the statutory retention periods.
- Cookies, analysis tools, plug-ins and other elements of third parties
We use cookies on our website. These are small files created automatically by your browser and stored on your end device (laptop, tablet, Smartphone and others). Cookies do not damage your end device and they do not contain any viruses, Trojans or other malware. The cookie is used to store information generated in connection with the specific end device used. However, this does not mean that we will immediately become aware of your identity.
Analysis tools evaluate the user behaviour of the website visitors and enable us to optimise the website and adapt marketing measures.
We use plug-ins and other elements of third parties to integrate the contents of these providers into a website.
- Required first-party cookies
On the one hand, the use of our required first-party cookies is intended to make it more pleasant for you to use our services. We therefore use so-called session cookies to confirm that you have already visited individual pages of our website. They are deleted automatically when you leave our website.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a specific period of time. If you visit our website again to use our services, we can automatically identify that you have visited us before and the inputs and settings you entered, so that this does not have to be done again.
These data will be deleted after six months at the latest.
We process your data on the basis of our legitimate interest in the external image of our company via the website you have called up and to promote user-friendliness. The legal basis for the processing is Art. 6, clause 1, sentence 1, lit. f GDPR.
Most browsers accept these cookies automatically. However, you can configure your browser in such a way so that no cookies are stored on your computer or a message always appears before such a cookie is generated. However, if cookies are completely deactivated, the website may not be displayed correctly, or you may not be able to use all the features of our website.
- Third-party cookies, analysis tools, plug-ins and other elements of third parties
The third-party cookies, analysis tools, plug-ins and other elements of third parties used by us and listed below will be used only with your express consent and therefore on the basis of Art. 6, clause 1, sentence 1, lit. a GDPR. You can withdraw the consent you have granted at any time with effect for the future. You can do this by changing your settings here. The withdrawal of your consent or not giving your consent may lead to an incorrect display of the website or in you being unable to fully use all the features of the website.
By using the third-party cookies, analysis tools, plug-ins and other elements of third parties, we wish to ensure that our website is designed to meet requirements and is continually optimised. In addition, we use tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our services for you.
You can find the relevant function descriptions, any recipients of data, information about possible transmissions to third countries and the duration of storage in the following notes on the individual processing procedures which use third-party cookies, analysis tools, plug-ins and other elements of third parties.
(1) Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”), to continually improve the way our websites work and to tailor them to suit your needs. In this context, we create pseudonymised user profiles and use cookies (see Section 4). The information generated by the cookie regarding your use of this website, such as
- the type and version of your browser software,
- the operating system you are using,
- the referrer URL (the site previously visited),
- the hostname of the accessing computer (IP address),
- the time of the server request,
will be transmitted to and stored by Google on servers in the United States. This information is used to analyse the use of our website, to compile reports on website activity and to provide other services relating to website activity and Internet usage for market research purposes and to tailor those websites to suit users’ needs. Under no circumstances will your IP address be combined with other data from Google. IP addresses are anonymised so that they cannot be linked with other data (IP masking).
You can obtain further information on data protection in connection with Google Analytics in Google Analytics support (https://support.google.com/analytics/answer/6004245?hl=de).
Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
(2) Google Maps
This site uses the maps service Google Maps through API. The provider of the maps service is Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
The implementation of this plug-in by us is made through the so-called two-click method in order to protect visitors of our websites in the best possible way. This means that your personal data (in particular, your IP address) will not be transmitted to Google when you visit the website. You have to activate the integrated map first by clicking on it. With this click, you give your consent for loading the map with our company location and transferring the data to Google.
Your information is generally transmitted to a server of Google in the United States without being anonymised and is stored there.
You can find more information about the handling of user data in the privacy policy of: www.google.de/intl/de/policies/privacy/.
Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
(3) Google Doubleclick
We use Google Doubleclick, a service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.; hereinafter referred to as ”Google“) to optimise our online marketing. In this connection, pseudonymised user profiles are compiled and cookies (see Section 4) are used. The information obtained by the cookie on your use of this website is transmitted to a server of Google in the United States and stored there. The information is used to display advertising in line with your interests in the Google advertising network. Under no circumstances will your IP address be combined with other data from Google. IP addresses are anonymised so that they cannot be linked with other data (IP masking)
You can find more information on data protection and data processing by Google in the privacy policy of Google (https://policies.google.com/privacy).
Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
(4) Vimeo
Our website uses plug-ins provided by Vimeo, Inc. 555 West 18th Street, New York, New York 10011, USA to raise our corporate profile and embed videos with additional information for you into our website.
These plug-ins are embedded with the help of the so-called two-click method to offer visitors of our website the best protection possible. This means that your personal data (including but not limited to your IP address) will not immediately be transmitted to Vimeo when you visit our website. Instead, the embedded videos must first be activated by clicking on them.
This integration lets Vimeo know that your browser has accessed the corresponding page of our website even if you don’t have a Vimeo account or are not logged in.
Your browser sends this information (including your IP address) directly to the Vimeo server in the United States, where it will be stored. When you’re logged in with Vimeo, the provider can link your visit to our website directly to your account. When you interact with the plug-ins, e.g. by starting the video, this information, too, will be sent directly to a Vimeo server and stored.
If you do not want Vimeo to link the data gathered through our website directly to your account, you must first log off from Vimeo before activating the plug-in.
The data are transferred to the United States as third-party country pursuant to art. 49 (1) (a) GDPR with your consent, if given after we informed you that legal remedies in the United States may be limited or lacking altogether and that data protection is less strict than in the EU. See Vimeo’s data privacy statement for further details: https://vimeo.com/privacy.
- Topicality and amendment of the data privacy statement
This Data Privacy Statement is currently valid and was last updated in September 2022. It may become necessary to amend this Data Privacy Statement due to the continuous development of our website and related services, or due to the amendment of statutory regulations or official requirements. The current, up-to-date Data Privacy Statement can be viewed and printed at any time by visiting our website at https://gissler-pass.de/en/agb/
II. Data privacy information for the Gissler & Pass Facebook page
- General information
Gissler & Pass uses the technical platform and services of Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland (hereinafter also referred to as “Facebook”) for the information service it offers.
Please be aware that you use of the Facebook page and its functions is on your own responsibility. This applies especially to the interactive functions (such as commenting, sharing or rating). Facebook processes personal data about your account, your IP address and about the terminal equipment that you use. Cookies, which are small files that are stored on your terminal equipment, will be used for data collection. Please see Facebook’s data usage guidelines for a general description of what information is received and how it is used. There you will also find information on how to contact Facebook, how to opt out, and how to use the advertising settings. Click on the following link to view the data usage guidelines: http://de-de.facebook.com/about/privacy. Facebook’s full data guidelines can be found at https://de-de.facebook.com/full_data_use_policy
The information may be used by Facebook to provide us, as the operator of the Facebook pages, with statistical information such as sex and age distribution about the use of the Facebook page. In addition, Facebook may show you further information or advertisements according to your preferences. Facebook provides more detailed information on this at the following link: http://de-de.facebook.com/help/pages/insights.
The data collected about you in this context will be processed by Facebook and may be transmitted to non-EU countries.
Your visiting our pages on social media (e.g. Facebook) means that your personal data will be processed during such a visit. In this case, we share responsibility with the operator of the respective social network with respect to the data processing activities within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing activities and we also have an influence on said activities. As far as possible, we have concluded joint responsibility agreements with the operators of the social networks pursuant to Art. Art. 26 GDPR. You can generally assert your data protection rights both against us and against Facebook.
Please be aware that despite the shared with the operators of social networks responsibility under Art. 26 GDPR, we have no full control of the data processing activities of the individual social networks. The corporate policy of the respective provider influences our options significantly. In the event that you assert data subject rights, we can only forward your requests to the operator of the social network in question.
In what way Facebook uses the data collected during visits of Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is disclosed to third parties is not conclusively and clearly stated by Facebook and is not known to us.
The IP address assigned to your terminal equipment will be transmitted to Facebook when you access a Facebook page. Facebook has stated that this IP address is anonymised (for “German” IP addresses) and deleted after 90 days. Facebook also stores information about the terminal equipment of its users (for example as part of the “registration notification” function); this may allow Facebook to link IP addresses to individual users.
If you are logged in to Facebook as a user, a cookie with your Facebook ID will be stored on your terminal equipment. This allows Facebook to determine that you have visited this page, and how you have used it. This also applies to all other Facebook pages. Facebook buttons embedded in websites enable Facebook to record your visits to these websites and link them to your Facebook profile. This data can be used to provide customised content or advertising.
If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies stored on your equipment and close and restart your browser. In this way, Facebook information that can directly identify you will be deleted. This allows you to use our Facebook page without revealing your Facebook identifier. Accessing the interactive features of the page (Like, Comment, Share, Message, etc.) will open a Facebook login screen. After a login, Facebook will again be able to identify you as a specific user. Alternatively, you can use a different browser than usual to visit our Facebook page.
For information on how to manage or delete personal information, please go to the following Facebook support pages: https://de-de.facebook.com/about/privacy#
We, as the provider of the information service, do not collect and process any data from your use of our service, unless the following conditions apply:
- Contact via Facebook
You can contact us via Facebook for questions of any kind. In doing so, you can provide personal data such as your name.
If your enquiry is aimed at signing a contract or if the processing is necessary for the fulfilment of a contract signed with you, the legal basis is provided by Art. 6 (1) sentence 1 letter b) GDPR. In this case, we will store your data for the duration of the statutory retention periods.
Otherwise, we will only process your data if you expressly consent to it in accordance with Art. 6 (1) sentence 1 letter a) GDPR or if this is necessary to protect our legitimate interests in accordance with Art. 6 (1) sentence 1 letter f) GDPR and the processing is not opposed by any overriding interests or fundamental rights and freedoms which may exist on your part.
III. Data privacy information for the Gissler & Pass Instagram page
- General information
Gissler & Pass uses the technical platform and services of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (hereinafter also referred to as „Instagram“) for the information service it offers.
Please be aware that you use of the Instagram page and its functions is on your own responsibility. This applies especially to the interactive functions (such as commenting, sharing or rating).
When you visit our Instagram page, Instagram will collect, among other things, your IP address and other information that exists on your PC as cookies. This information is used to provide us, as operators of the Instagram pages, with statistical information about the use of the Instagram page.
The data collected about you in this context will be processed by Instagram and may be transmitted to non-EU countries. A general description of what information is received and how it is used can be found in Instagram’s privacy policy. There you will also find information on how to contact Instagram and how to use the advertising options. Click on the following link to view the data privacy guidelines: https://help.instagram.com/519522125107875
Your visiting our pages on social media (e.g. Instagram) means that your personal data will be processed during such a visit. In this case, we share responsibility with the operator of the respective social network with respect to the data processing activities within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing activities and we also have an influence on said activities. As far as possible, we have concluded joint responsibility agreements with the operators of the social networks pursuant to Art. Art. 26 GDPR. You can generally assert your data protection rights both against us and against Instagram.
Please be aware that despite the shared with the operators of social networks responsibility under Art. 26 GDPR, we have no full control of the data processing activities of the individual social networks. The corporate policy of the respective provider influences our options significantly. In the event that you assert data subject rights, we can only forward your requests to the operator of the social network in question.
In what way Instagram uses the data collected during visits of Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, how long Instagram stores this data and whether data from a visit to the Instagram page is disclosed to third parties is not conclusively and clearly stated by Instagram and is not known to us.
The IP address assigned to your terminal equipment will be transmitted to Instagram when you access a Instagram page. Instagram has stated that this IP address is anonymised (for “German” IP addresses) and deleted after 90 days. Instagram also stores information about the terminal equipment of its users (for example as part of the “registration notification” function); this may allow Instagram to link IP addresses to individual users.
If you are logged in to Instagram as a user, a cookie with your Instagram ID will be stored on your terminal equipment. This allows Instagram to determine that you have visited this page, and how you have used it. This also applies to all other Instagram pages. Instagram buttons embedded in websites enable Instagram to record your visits to these websites and link them to your Instagram profile. This data can be used to provide customised content or advertising.
If you want to avoid this, you should log out of Instagram or deactivate the “stay logged in” function, delete the cookies stored on your equipment and close and restart your browser. In this way, Instagram information that can directly identify you will be deleted. This allows you to use our Instagram page without revealing your Instagram identifier. Accessing the interactive features of the page (Like, Comment, Share, Message, etc.) will open a Instagram login screen. After a login, Instagram will again be able to identify you as a specific user.
We, as the provider of the information service, do not collect and process any data from your use of our service, unless the following conditions apply:
- Contact via Instagram
You can contact us via Instagram for questions of any kind. In doing so, you can provide personal data such as your name.
If your enquiry is aimed at signing a contract or if the processing is necessary for the fulfilment of a contract signed with you, the legal basis is provided by Art. 6 (1) sentence 1 letter b) GDPR. In this case, we will store your data for the duration of the statutory retention periods.
Otherwise, we will only process your data if you expressly consent to it in accordance with Art. 6 (1) sentence 1 letter a) GDPR or if this is necessary to protect our legitimate interests in accordance with Art. 6 (1) sentence 1 letter f) GDPR and the processing is not opposed by any overriding interests or fundamental rights and freedoms which may exist on your part.
IV. Data privacy information for the Gissler & Pass XING page
- General Information
Gissler & Pass uses the technical platform and services of XING AG, Dammtorstraße 30, 20354 Hamburg, Germany (hereinafter also referred to as „XING“) for the information service it offers.
Please be aware that you use of the XING page and its functions is on your own responsibility. This applies especially to the interactive functions (such as commenting, sharing or rating).
When you visit our XING page, XING will collect, among other things, your IP address and other information that exists on your PC as cookies. This information is used to provide us, as operators of the XING pages, with statistical information about the use of the XING page.
The data collected about you in this context will be processed by XING and may be transmitted to non-EU countries. A general description of what information is received and how it is used can be found in XING’s privacy policy. There you will also find information on how to contact XING and how to use the advertising options. Click on the following link to view the data privacy guidelines: https://privacy.xing.com/de/datenschutzerklaerung
Your visiting our pages on social media (e.g. XING) means that your personal data will be processed during such a visit. In this case, we share responsibility with the operator of the respective social network with respect to the data processing activities within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing activities and we also have an influence on said activities. As far as possible, we have concluded joint responsibility agreements with the operators of the social networks pursuant to Art. Art. 26 GDPR. You can generally assert your data protection rights both against us and against XING.
Please be aware that despite the shared with the operators of social networks responsibility under Art. 26 GDPR, we have no full control of the data processing activities of the individual social networks. The corporate policy of the respective provider influences our options significantly. In the event that you assert data subject rights, we can only forward your requests to the operator of the social network in question.
In what way XING uses the data collected during visits of XING pages for its own purposes, to what extent activities on the XING page are assigned to individual users, how long XING stores this data and whether data from a visit to the XING page is disclosed to third parties is not conclusively and clearly stated by XING and is not known to us.
The IP address assigned to your terminal equipment will be transmitted to XING when you access a XING page. XING has stated that this IP address is anonymised (for “German” IP addresses) and deleted after 90 days. XING also stores information about the terminal equipment of its users (for example as part of the “registration notification” function); this may allow XING to link IP addresses to individual users.
If you are logged in to XING as a user, a cookie with your XING ID will be stored on your terminal equipment. This allows XING to determine that you have visited this page, and how you have used it. This also applies to all other XING pages. XING buttons embedded in websites enable XING to record your visits to these websites and link them to your XING profile. This data can be used to provide customised content or advertising.
If you want to avoid this, you should log out of XING or deactivate the “stay logged in” function, delete the cookies stored on your equipment and close and restart your browser. In this way, XING information that can directly identify you will be deleted. This allows you to use our XING page without revealing your XING identifier. Accessing the interactive features of the page (Like, Comment, Share, Message, etc.) will open a XING login screen. After a login, XING will again be able to identify you as a specific user.
We, as the provider of the information service, do not collect and process any data from your use of our service, unless the following conditions apply:
- Contact via XING
You can contact us via XING for questions of any kind. In doing so, you can provide personal data such as your name.
If your enquiry is aimed at signing a contract or if the processing is necessary for the fulfilment of a contract signed with you, the legal basis is provided by Art. 6 (1) sentence 1 letter b) GDPR. In this case, we will store your data for the duration of the statutory retention periods.
Otherwise, we will only process your data if you expressly consent to it in accordance with Art. 6 (1) sentence 1 letter a) GDPR or if this is necessary to protect our legitimate interests in accordance with Art. 6 (1) sentence 1 letter f) GDPR and the processing is not opposed by any overriding interests or fundamental rights and freedoms which may exist on your part.
V. Data privacy information for the Gissler & Pass LinkedIn page
- General information
Gissler & Pass uses the technical platform and services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter also referred to as “LinkedIn”) for the information service it offers.
Please be aware that you use of the LinkedIn page and its functions is on your own responsibility. This applies especially to the interactive functions (such as commenting, sharing or rating).
When you visit our LinkedIn page, LinkedIn will collect, among other things, your IP address and other information that exists on your PC as cookies. This information is used to provide us, as operators of the LinkedIn pages, with statistical information about the use of the LinkedIn page.
The data collected about you in this context will be processed by LinkedIn and may be transmitted to non-EU countries. A general description of what information is received and how it is used can be found in LinkedIn’s privacy policy. There you will also find information on how to contact LinkedIn and how to use the advertising options. Click on the following link to view the data privacy guidelines: https://de.linkedin.com/legal/privacy-policy
Your visiting our pages on social media (e.g. LinkedIn) means that your personal data will be processed during such a visit. In this case, we share responsibility with the operator of the respective social network with respect to the data processing activities within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing activities and we also have an influence on said activities. As far as possible, we have concluded joint responsibility agreements with the operators of the social networks pursuant to Art. Art. 26 GDPR. You can generally assert your data protection rights both against us and against LinkedIn.
Please be aware that despite the shared with the operators of social networks responsibility under Art. 26 GDPR, we have no full control of the data processing activities of the individual social networks. The corporate policy of the respective provider influences our options significantly. In the event that you assert data subject rights, we can only forward your requests to the operator of the social network in question.
In what way LinkedIn uses the data collected during visits of LinkedIn pages for its own purposes, to what extent activities on the LinkedIn page are assigned to individual users, how long LinkedIn stores this data and whether data from a visit to the LinkedIn page is disclosed to third parties is not conclusively and clearly stated by LinkedIn and is not known to us.
The IP address assigned to your terminal equipment will be transmitted to LinkedIn when you access a LinkedIn page. LinkedIn has stated that this IP address is anonymised (for “German” IP addresses) and deleted after 180 days. LinkedIn also stores information about the terminal equipment of its users (for example as part of the “registration notification” function); this may allow LinkedIn to link IP addresses to individual users.
If you are logged in to LinkedIn as a user, a cookie with your LinkedIn ID will be stored on your terminal equipment. This allows LinkedIn to determine that you have visited this page, and how you have used it. This also applies to all other LinkedIn pages. LinkedIn buttons embedded in websites enable LinkedIn to record your visits to these websites and link them to your LinkedIn profile. This data can be used to provide customised content or advertising.
If you want to avoid this, you should log out of LinkedIn or deactivate the “stay logged in” function, delete the cookies stored on your equipment and close and restart your browser. In this way, LinkedIn information that can directly identify you will be deleted. This allows you to use our LinkedIn page without revealing your LinkedIn identifier. Accessing the interactive features of the page (Like, Comment, Share, Message, etc.) will open a LinkedIn login screen. After a login, LinkedIn will again be able to identify you as a specific user.
We, as the provider of the information service, do not collect and process any data from your use of our service, unless the following conditions apply:
- Contact via LinkedIn
You can contact us via LinkedIn for questions of any kind. In doing so, you can provide personal data such as your name.
If your enquiry is aimed at signing a contract or if the processing is necessary for the fulfilment of a contract signed with you, the legal basis is provided by Art. 6 (1) sentence 1 letter b) GDPR. In this case, we will store your data for the duration of the statutory retention periods.
Otherwise, we will only process your data if you expressly consent to it in accordance with Art. 6 (1) sentence 1 letter a) GDPR or if this is necessary to protect our legitimate interests in accordance with Art. 6 (1) sentence 1 letter f) GDPR and the processing is not opposed by any overriding interests or fundamental rights and freedoms which may exist on your part.
VI. Data privacy information for the Gissler & Pass YouTube page
- General information
Gissler & Pass uses the technical platform and services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter also referred to as “YouTube”) for the information service it offers.
Please be aware that you use of the YouTube page and its functions is on your own responsibility. This applies especially to the interactive functions.
When you visit our YouTube page, YouTube will collect, among other things, your IP address and other information that exists on your PC as cookies. This information is used to provide us, as operators of the YouTube pages, with statistical information about the use of the YouTube page.
The data collected about you in this context will be processed by YouTube and may be transmitted to non-EU countries. A general description of what information is received and how it is used can be found in YouTube’s privacy policy. There you will also find information on how to contact YouTube and how to use the advertising options. Click on the following link to view the data privacy guidelines: https://policies.google.com/privacy?hl=de
Your visiting our pages on social media (e.g. YouTube) means that your personal data will be processed during such a visit. In this case, we share responsibility with the operator of the respective social network with respect to the data processing activities within the meaning of Art. 26 GDPR, provided that we actually make a joint decision with the operator of the social network about the data processing activities and we also have an influence on said activities. As far as possible, we have concluded joint responsibility agreements with the operators of the social networks pursuant to Art. Art. 26 GDPR. You can generally assert your data protection rights both against us and against YouTube.
Please be aware that despite the shared with the operators of social networks responsibility under Art. 26 GDPR, we have no full control of the data processing activities of the individual social networks. The corporate policy of the respective provider influences our options significantly. In the event that you assert data subject rights, we can only forward your requests to the operator of the social network in question.
In what way YouTube uses the data collected during visits of YouTube pages for its own purposes, to what extent activities on the YouTube page are assigned to individual users, how long YouTube stores this data and whether data from a visit to the YouTube page is disclosed to third parties is not conclusively and clearly stated by YouTube and is not known to us.
The IP address assigned to your terminal equipment will be transmitted to YouTube when you access a YouTube page. LinkedIn has stated that this IP address is anonymised (for “German” IP addresses) and deleted after 6 months. YouTube also stores information about the terminal equipment of its users (for example as part of the “registration notification” function); this may allow YouTube to link IP addresses to individual users.
If you are logged in to YouTube as a user, a cookie with your YouTube ID will be stored on your terminal equipment. This allows YouTube to determine that you have visited this page, and how you have used it. This also applies to all other YouTube pages. YouTube buttons embedded in websites enable YouTube to record your visits to these websites and link them to your YouTube profile. This data can be used to provide customised content or advertising.
If you want to avoid this, you should log out of YouTube or deactivate the “stay logged in” function, delete the cookies stored on your equipment and close and restart your browser. In this way, YouTube information that can directly identify you will be deleted. This allows you to use our YouTube page without revealing your YouTube identifier. Accessing the interactive features of the page will open a YouTube login screen. After a login, YouTube will again be able to identify you as a specific user.
We, as the provider of the information service, do not collect and process any data from your use of our service, unless the following conditions apply:
- Contact via YouTube
You can contact us via YouTube for questions of any kind. In doing so, you can provide personal data such as your name.
If your enquiry is aimed at signing a contract or if the processing is necessary for the fulfilment of a contract signed with you, the legal basis is provided by Art. 6 (1) sentence 1 letter b) GDPR. In this case, we will store your data for the duration of the statutory retention periods.
Otherwise, we will only process your data if you expressly consent to it in accordance with Art. 6 (1) sentence 1 letter a) GDPR or if this is necessary to protect our legitimate interests in accordance with Art. 6 (1) sentence 1 letter f) GDPR and the processing is not opposed by any overriding interests or fundamental rights and freedoms which may exist on your part.
Data Privacy Statement
General Information
- Name and contact details of the controller
This privacy information applies to data processing by:
Gissler & Pass GmbH
Dürener Str. 12
52428 Jülich
Phone: +49 2461 684-0
Fax: +49 2461 684-181
Email: hello@gissler-pass.de
The company data protection officer of Gissler & Pass GmbH can be reached at the address dhpg IT-Services GmbH, Bunsenstr. 10a, 51647 Gummersbach, for the attention of Dr. Christian Lenz, or under datenschutz@dhpg.de or 02261-8195-0.
- Rights of data subjects
You have the right:
- pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the recipients and or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries, the envisaged period for which the personal data will be stored or the criteria used to determine that period, the existence of a right to request rectification, erasure or restriction of processing of personal data about you or to object to such processing, the right to lodge a complaint with a supervisory authority, where your personal data are not collected from us, any available information as to their source, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details of it;
- pursuant to Art. 16 GDPR, to obtain without undue delay the rectification or completion of your inaccurate personal data stored with us;
- pursuant to Art. 17 GDPR, to obtain the erasure of your personal data stored with us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the performance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims;
- pursuant to Art. 18 GDPR, to obtain restriction of processing of your personal data where you contest the accuracy of the personal data, the processing is unlawful but you oppose the erasure of the personal data and we no longer need the personal data but you require the data for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Art. 21 GDPR pending the verification whether our legitimate grounds override your interests;
- pursuant to Art. 20 GDPR, to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format or to request that those data be transmitted to another controller, insofar as the processing is based on your consent or a contract and the processing is carried out by automated means;
- to withdraw any consent you have previously given to us at any time pursuant to Art. 7, clause 3 GDPR. This means that we are not allowed to continue processing your data in the future as we did on the basis of that consent, and
- to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can turn to the supervisory authority in the state of your habitual residence, place of work or the place of our company’s registered office.
- Right to object
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6, clause 1, sentence 1, lit. e or f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, provided that there are grounds relating to your particular situation or if the objection is directed against direct advertising.
In the first case, we will no longer process your data unless we can prove compelling reasons that prevail your interests, liberties and rights or our processing serves to establish, exercise or defend legal claims.
In the latter case you have a general right of objection, which we will implement without the need for you to state a particular situation. If you wish to exercise your right to withdraw consent or object to processing, simply send an email to hello@gissler-pass.de
- Transfer of data
We will not transfer your personal data to third parties for purposes other than those listed below. We will only pass on your personal data to third parties in the following cases:
- if you have given your explicit consent according to Art. 6, clause 1, sent. 1, a GDPR;
- if disclosure is necessary pursuant to Art. 6, clause 1, sent. 1, lit. f GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding protectable interest in the non-disclosure of your information;
- if disclosure is necessary for compliance with a legal obligation pursuant to Art. 6, clause 1, sent. 1, lit. c GDPR, and
- where permitted by law and necessary for the performance of a contract with you pursuant to Art. 6, clause 1, sent. 1, lit. b GDPR.
In addition, your personal data are processed by our processors in compliance with instructions, insofar as this is necessary for the fulfilment of the order. Our processors do not have an own right to use your data.
- Data security
For visits to our website, we use the common SSL (Secure Sockets Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol or by the use of “https” in front of the address of our (sub)website. We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in accordance with technological development.
- Third countries
Data will be transmitted to third countries by us exclusively in accordance with the statutory regulations.
Insofar as we fulfil our contract with you, data are made available to third parties. Appropriate safeguards pursuant to Art. 46 GDPR or an adequacy decision pursuant to Art. 45 GDPR are not required for this.
If you have not consented to the data transfer, if the data transfer does not serve the fulfilment of the contract or if the transfer is necessary for the establishment, exercise or defence of legal claims, the data are only transferred by us if suitable safeguards or an adequacy decision exist.
A suitable safeguard exists, for example, if the EU standard data protection clauses issued by the EU Commission have been concluded or if certification by means of a “Privacy Shield” has been obtained.
The legal basis is Art. 45 and 46 GDPR.
Specific privacy information for data processing operations on the website
- When visiting the website
When visiting our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer;
- date and time of access;
- name and URL of the retrieved file;
- website from which access takes place (referrer-URL);
- the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The aforementioned data are processed by us for the following purposes:
- to ensure a smooth connection to our website,
- to ensure a comfortable use of our website,
- to evaluate the system security and stability as well as
- for other administrative purposes.
The legal basis for data processing is laid down in Art. 6, clause 1, sent. 1, lit. f GDPR. Our legitimate interest lies in the operation of our website and the related presentation of our company.
Your data will be erased as soon as they are no longer needed for the indicated purposes, but after 6 months at the latest.
- When using our contact form
If you have any questions, we offer you the opportunity to contact us by using a form provided on the website. You must provide a valid email address so that we know who sent the enquiry and to enable us to respond to it. Further information can be provided voluntarily.
Data processing for the purpose of making contact with us is made pursuant to Art. 6, clause 1, sent. 1, lit. a GDPR and is based on the consent you have granted voluntarily. The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been dealt with.
If your inquiry is directed to the conclusion of a contract, Art. 6, clause 1, sent. 1, lit. b) GDPR serves as the legal basis. In this case, we will store your data for the duration of the statutory retention periods.
- When using the applicant portal
For Gissler & Pass GmbH, it is particularly important to ensure the highest possible protection of your personal data. All personal data collected and processed by Gissler & Pass GmbH as part of an application are protected against unauthorised access and manipulation by technical and organisational measures.
We require your personal data in the application documents to be able to consider you as an applicant in the application process and to check whether you qualify to become an employee of our company. If you provide information that goes beyond the required extent, you provide it to us voluntarily and consent to its processing.
We also offer you the possibility to apply for a job at our company with your “finest jobs” profile. In this case, we receive the application documents and applicant data lodged in your profile from the operator rexx systems GmbH. If you choose to apply via the “finest jobs” portal, you consent to the transfer of such documents and data to us.
Thus, the legal basis for the processing of your application data is Art. 6, clause 1, sent. 1, lit. a and b GDPR. You may withdraw your consent at any time. You can send your withdrawal to hello@gissler-pass.de at any time.
After completion of the application process, we will store your documents for further 6 months for evidence purposes.
For a possible conclusion of a contract, it is necessary to provide us with your personal data in the application documents. Otherwise, we will not be able to consider you in the application process.
- When using the request form
The data required in the request form are necessary for reviewing your request and sending you an offer. The legal basis for processing is laid down in Art. 6, clause 1, sent. 1, lit. b GDPR. Without these data, we cannot initiate a contract with you.
We store your data for the duration of the contract initiation and the following contract performance, if applicable. Moreover, we store your data for the duration of the statutory retention periods.
- Cookies, analysis tools, plug-ins and other elements of third parties
We use cookies on our website. These are small files created automatically by your browser and stored on your end device (laptop, tablet, Smartphone and others). Cookies do not damage your end device and they do not contain any viruses, Trojans or other malware. The cookie is used to store information generated in connection with the specific end device used. However, this does not mean that we will immediately become aware of your identity.
Analysis tools evaluate the user behaviour of the website visitors and enable us to optimise the website and adapt marketing measures.
We use plug-ins and other elements of third parties to integrate the contents of these providers into a website.
- Required first-party cookies
On the one hand, the use of our required first-party cookies is intended to make it more pleasant for you to use our services. We therefore use so-called session cookies to confirm that you have already visited individual pages of our website. They are deleted automatically when you leave our website.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a specific period of time. If you visit our website again to use our services, we can automatically identify that you have visited us before and the inputs and settings you entered, so that this does not have to be done again.
These data will be deleted after six months at the latest.
We process your data on the basis of our legitimate interest in the external image of our company via the website you have called up and to promote user-friendliness. The legal basis for the processing is Art. 6, clause 1, sentence 1, lit. f GDPR.
Most browsers accept these cookies automatically. However, you can configure your browser in such a way so that no cookies are stored on your computer or a message always appears before such a cookie is generated. However, if cookies are completely deactivated, the website may not be displayed correctly, or you may not be able to use all the features of our website.
- Third-party cookies, analysis tools, plug-ins and other elements of third parties
The third-party cookies, analysis tools, plug-ins and other elements of third parties used by us and listed below will be used only with your express consent and therefore on the basis of Art. 6, clause 1, sentence 1, lit. a GDPR. You can withdraw the consent you have granted at any time with effect for the future. You can do this by changing your settings here. The withdrawal of your consent or not giving your consent may lead to an incorrect display of the website or in you being unable to fully use all the features of the website.
By using the third-party cookies, analysis tools, plug-ins and other elements of third parties, we wish to ensure that our website is designed to meet requirements and is continually optimised. In addition, we use tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our services for you.
You can find the relevant function descriptions, any recipients of data, information about possible transmissions to third countries and the duration of storage in the following notes on the individual processing procedures which use third-party cookies, analysis tools, plug-ins and other elements of third parties.
(1) Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”), to continually improve the way our websites work and to tailor them to suit your needs. In this context, we create pseudonymised user profiles and use cookies (see Section 4). The information generated by the cookie regarding your use of this website, such as
- the type and version of your browser software,
- the operating system you are using,
- the referrer URL (the site previously visited),
- the hostname of the accessing computer (IP address),
- the time of the server request,
will be transmitted to and stored by Google on servers in the United States. This information is used to analyse the use of our website, to compile reports on website activity and to provide other services relating to website activity and Internet usage for market research purposes and to tailor those websites to suit users’ needs. Under no circumstances will your IP address be combined with other data from Google. IP addresses are anonymised so that they cannot be linked with other data (IP masking).
You can obtain further information on data protection in connection with Google Analytics in Google Analytics support (https://support.google.com/analytics/answer/6004245?hl=de).
Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
(2) Google Maps
This site uses the maps service Google Maps through API. The provider of the maps service is Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
The implementation of this plug-in by us is made through the so-called two-click method in order to protect visitors of our websites in the best possible way. This means that your personal data (in particular, your IP address) will not be transmitted to Google when you visit the website. You have to activate the integrated map first by clicking on it. With this click, you give your consent for loading the map with our company location and transferring the data to Google.
Your information is generally transmitted to a server of Google in the United States without being anonymised and is stored there.
You can find more information about the handling of user data in the privacy policy of: www.google.de/intl/de/policies/privacy/.
Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
(3) Google Doubleclick
We use Google Doubleclick, a service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.; hereinafter referred to as ”Google“) to optimise our online marketing. In this connection, pseudonymised user profiles are compiled and cookies (see Section 4) are used. The information obtained by the cookie on your use of this website is transmitted to a server of Google in the United States and stored there. The information is used to display advertising in line with your interests in the Google advertising network. Under no circumstances will your IP address be combined with other data from Google. IP addresses are anonymised so that they cannot be linked with other data (IP masking)
You can find more information on data protection and data processing by Google in the privacy policy of Google (https://policies.google.com/privacy).
Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
- Topicality and amendment of the data privacy statement
This Data Privacy Statement is currently valid and was last updated in February 2020. It may become necessary to amend this Data Privacy Statement due to the continuous development of our website and related services, or due to the amendment of statutory regulations or official requirements. The current, up-to-date Data Privacy Statement can be viewed and printed at any time by visiting our website at https://gissler-pass.de/en/agb/