Information on Data Protection
(„data privacy statement“)

Gissler & Pass GmbH takes the protection of your personal data (data) very seriously. In the cases described below, we process such data on the basis of the General Data Protection Regulation (EU) 2016/679 (GDPR). Personal data refers to information relating to a natural person.

Data Privacy Statement

General Information

  1. Name and contact details of the controller

This privacy information applies to data processing by:

Gissler & Pass GmbH
Dürener Str. 12
52428 Jülich

Phone: +49 2461 684-0
Fax: +49 2461 684-181
Email: kontakt@gissler-pass.de

The company data protection officer of Gissler & Pass GmbH can be reached at the address dhpg IT-Services GmbH, Bunsenstr. 10a, 51647 Gummersbach, for the attention of Dr. Christian Lenz, or under datenschutz@dhpg.de or 02261-8195-0.

  1. Rights of data subjects

You have the right:

  • pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the recipients and or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries, the envisaged period for which the personal data will be stored or the criteria used to determine that period, the existence of a right to request rectification, erasure or restriction of processing of personal data about you or to object to such processing, the right to lodge a complaint with a supervisory authority, where your personal data are not collected from us, any available information as to their source, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details of it;
  • pursuant to Art. 16 GDPR, to obtain without undue delay the rectification or completion of your inaccurate personal data stored with us;
  • pursuant to Art. 17 GDPR, to obtain the erasure of your personal data stored with us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the performance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims;
  • pursuant to Art. 18 GDPR, to obtain restriction of processing of your personal data where you contest the accuracy of the personal data, the processing is unlawful but you oppose the erasure of the personal data and we no longer need the personal data but you require the data for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Art. 21 GDPR pending the verification whether our legitimate grounds override your interests;
  • pursuant to Art. 20 GDPR, to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format or to request that those data be transmitted to another controller, insofar as the processing is based on your consent or a contract and the processing is carried out by automated means;
  • to withdraw any consent you have previously given to us at any time pursuant to Art. 7, clause 3 GDPR. This means that we are not allowed to continue processing your data in the future as we did on the basis of that consent, and
  • to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can turn to the supervisory authority in the state of your habitual residence, place of work or the place of our company’s registered office.
  1. Right to object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6, clause 1, sentence 1, lit. e or f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, provided that there are grounds relating to your particular situation or if the objection is directed against direct advertising.

In the first case, we will no longer process your data unless we can prove compelling reasons that prevail your interests, liberties and rights or our processing serves to establish, exercise or defend legal claims.

In the latter case you have a general right of objection, which we will implement without the need for you to state a particular situation. If you wish to exercise your right to withdraw consent or object to processing, simply send an email to  kontakt@gissler-pass.de

  1. Transfer of data

We will not transfer your personal data to third parties for purposes other than those listed below. We will only pass on your personal data to third parties in the following cases:

  • if you have given your explicit consent according to Art. 6, clause 1, sent. 1, a GDPR;
  • if disclosure is necessary pursuant to Art. 6, clause 1, sent. 1, lit. f GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding protectable interest in the non-disclosure of your information;
  • if disclosure is necessary for compliance with a legal obligation pursuant to Art. 6, clause 1, sent. 1, lit. c GDPR, and
  • where permitted by law and necessary for the performance of a contract with you pursuant to Art. 6, clause 1, sent. 1, lit. b GDPR.

In addition, your personal data are processed by our processors in compliance with instructions, insofar as this is necessary for the fulfilment of the order. Our processors do not have an own right to use your data.

  1. Data security

For visits to our website, we use the common SSL (Secure Sockets Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol or by the use of “https” in front of the address of our (sub)website. We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in accordance with technological development.

  1. Third countries

Data will be transmitted to third countries by us exclusively in accordance with the statutory regulations.

Insofar as we fulfil our contract with you, data are made available to third parties. Appropriate safeguards pursuant to Art. 46 GDPR or an adequacy decision pursuant to Art. 45 GDPR are not required for this.

If you have not consented to the data transfer, if the data transfer does not serve the fulfilment of the contract or if the transfer is necessary for the establishment, exercise or defence of legal claims, the data are only transferred by us if suitable safeguards or an adequacy decision exist.

A suitable safeguard exists, for example, if the EU standard data protection clauses issued by the EU Commission have been concluded or if certification by means of a “Privacy Shield” has been obtained.

The legal basis is Art. 45 and 46 GDPR.

Specific privacy information for data processing operations on the website

  1. When visiting the website

When visiting our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer;
  • date and time of access;
  • name and URL of the retrieved file;
  • website from which access takes place (referrer-URL);
  • the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The aforementioned data are processed by us for the following purposes:

  • to ensure a smooth connection to our website,
  • to ensure a comfortable use of our website,
  • to evaluate the system security and stability as well as
  • for other administrative purposes.

The legal basis for data processing is laid down in Art. 6, clause 1, sent. 1, lit. f GDPR. Our legitimate interest lies in the operation of our website and the related presentation of our company.

Your data will be erased as soon as they are no longer needed for the indicated purposes, but after 6 months at the latest.

  1. When using our contact form

If you have any questions, we offer you the opportunity to contact us by using a form provided on the website. You must provide a valid email address so that we know who sent the enquiry and to enable us to respond to it. Further information can be provided voluntarily.

Data processing for the purpose of making contact with us is made pursuant to Art. 6, clause 1, sent. 1, lit. a GDPR and is based on the consent you have granted voluntarily. The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been dealt with.

If your inquiry is directed to the conclusion of a contract, Art. 6, clause 1, sent. 1, lit. b) GDPR serves as the legal basis. In this case, we will store your data for the duration of the statutory retention periods.

  1. When using the applicant portal

For Gissler & Pass GmbH, it is particularly important to ensure the highest possible protection of your personal data. All personal data collected and processed by Gissler & Pass GmbH as part of an application are protected against unauthorised access and manipulation by technical and organisational measures.

We require your personal data in the application documents to be able to consider you as an applicant in the application process and to check whether you qualify to become an employee of our company. If you provide information that goes beyond the required extent, you provide it to us voluntarily and consent to its processing.

We also offer you the possibility to apply for a job at our company with your “finest jobs” profile. In this case, we receive the application documents and applicant data lodged in your profile from the operator rexx systems GmbH. If you choose to apply via the “finest jobs” portal, you consent to the transfer of such documents and data to us.

Thus, the legal basis for the processing of your application data is Art. 6, clause 1, sent. 1, lit. a and b GDPR. You may withdraw your consent at any time. You can send your withdrawal to kontakt@gissler-pass.de at any time.

After completion of the application process, we will store your documents for further 6 months for evidence purposes.

For a possible conclusion of a contract, it is necessary to provide us with your personal data in the application documents. Otherwise, we will not be able to consider you in the application process.

  1. When using the request form

The data required in the request form are necessary for reviewing your request and sending you an offer. The legal basis for processing is laid down in Art. 6, clause 1, sent. 1, lit. b GDPR. Without these data, we cannot initiate a contract with you.

We store your data for the duration of the contract initiation and the following contract performance, if applicable. Moreover, we store your data for the duration of the statutory retention periods.

  1. Cookies, analysis tools, plug-ins and other elements of third parties

We use cookies on our website. These are small files created automatically by your browser and stored on your end device (laptop, tablet, Smartphone and others). Cookies do not damage your end device and they do not contain any viruses, Trojans or other malware. The cookie is used to store information generated in connection with the specific end device used. However, this does not mean that we will immediately become aware of your identity.

Analysis tools evaluate the user behaviour of the website visitors and enable us to optimise the website and adapt marketing measures.

We use plug-ins and other elements of third parties to integrate the contents of these providers into a website.

  1. Required first-party cookies

On the one hand, the use of our required first-party cookies is intended to make it more pleasant for you to use our services. We therefore use so-called session cookies to confirm that you have already visited individual pages of our website. They are deleted automatically when you leave our website.

In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a specific period of time. If you visit our website again to use our services, we can automatically identify that you have visited us before and the inputs and settings you entered, so that this does not have to be done again.

These data will be deleted after six months at the latest.

We process your data on the basis of our legitimate interest in the external image of our company via the website you have called up and to promote user-friendliness. The legal basis for the processing is Art. 6, clause 1, sentence 1, lit. f GDPR.

Most browsers accept these cookies automatically. However, you can configure your browser in such a way so that no cookies are stored on your computer or a message always appears before such a cookie is generated. However, if cookies are completely deactivated, the website may not be displayed correctly, or you may not be able to use all the features of our website.

  1. Third-party cookies, analysis tools, plug-ins and other elements of third parties

The third-party cookies, analysis tools, plug-ins and other elements of third parties used by us and listed below will be used only with your express consent and therefore on the basis of Art. 6, clause 1, sentence 1, lit. a GDPR. You can withdraw the consent you have granted at any time with effect for the future. You can do this by changing your settings here. The withdrawal of your consent or not giving your consent may lead to an incorrect display of the website or in you being unable to fully use all the features of the website.
By using the third-party cookies, analysis tools, plug-ins and other elements of third parties, we wish to ensure that our website is designed to meet requirements and is continually optimised. In addition, we use tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our services for you.

You can find the relevant function descriptions, any recipients of data, information about possible transmissions to third countries and the duration of storage in the following notes on the individual processing procedures which use third-party cookies, analysis tools, plug-ins and other elements of third parties.

(1) Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”), to continually improve the way our websites work and to tailor them to suit your needs. In this context, we create pseudonymised user profiles and use cookies (see Section 4). The information generated by the cookie regarding your use of this website, such as

  • the type and version of your browser software,
  • the operating system you are using,
  • the referrer URL (the site previously visited),
  • the hostname of the accessing computer (IP address),
  • the time of the server request,

will be transmitted to and stored by Google on servers in the United States. This information is used to analyse the use of our website, to compile reports on website activity and to provide other services relating to website activity and Internet usage for market research purposes and to tailor those websites to suit users’ needs. Under no circumstances will your IP address be combined with other data from Google. IP addresses are anonymised so that they cannot be linked with other data (IP masking).

You can obtain further information on data protection in connection with Google Analytics in Google Analytics support   (https://support.google.com/analytics/answer/6004245?hl=de).

Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI 

 (2) Google Maps

This site uses the maps service Google Maps through API. The provider of the maps service is Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.

The implementation of this plug-in by us is made through the so-called two-click method in order to protect visitors of our websites in the best possible way. This means that your personal data (in particular, your IP address) will not be transmitted to Google when you visit the website. You have to activate the integrated map first by clicking on it. With this click, you give your consent for loading the map with our company location and transferring the data to Google.

Your information is generally transmitted to a server of Google in the United States without being anonymised and is stored there.

You can find more information about the handling of user data in the privacy policy of: www.google.de/intl/de/policies/privacy/.

Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

(3) Google Doubleclick

We use Google Doubleclick, a service of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.; hereinafter referred to as ”Google“) to optimise our online marketing. In this connection, pseudonymised user profiles are compiled and cookies (see Section 4) are used. The information obtained by the cookie on your use of this website is transmitted to a server of Google in the United States and stored there. The information is used to display advertising in line with your interests in the Google advertising network. Under no circumstances will your IP address be combined with other data from Google. IP addresses are anonymised so that they cannot be linked with other data (IP masking)

You can find more information on data protection and data processing by Google in the privacy policy of Google  (https://policies.google.com/privacy).

Google LLC is certified according to the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

  1. Topicality and amendment of the data privacy statement

This Data Privacy Statement is currently valid and was last updated in February 2020. It may become necessary to amend this Data Privacy Statement due to the continuous development of our website and related services, or due to the amendment of statutory regulations or official requirements. The current, up-to-date Data Privacy Statement can be viewed and printed at any time by visiting our website at https://gissler-pass.de/en/imprint/data-protection// .