24h Hotline
+49 180 5443 547
Central reception of new instructions:
schaden@gielisch.de
Central reception of international claims:
international@gielisch.de
Privacy policy (as of 10/01/2024)
INTRODUCTION
Regardless of whether you are a customer, prospective customer, applicant or visitor to our website: We, C. Gielisch GmbH (hereinafter: "C. Gielisch", "we") take the protection of your personal data very seriously. But, what does this mean in concrete terms?
Below we provide you with an insight into what personal data we collect from you and in what form we process it. Furthermore, you will receive an overview of the rights you are entitled to according to the applicable data protection law. In addition, should you have any questions, we will provide you with a contact person.
WHO ARE WE?
Within the meaning of the applicable data protection laws, as Controller,
C. Gielisch GmbH
Neuer Zollhof 1
40221 Düsseldorf
E-mail: info(at)Gielisch.de
Tel.: +49211 13806-01
Fax: +49 211 3236830
we take all measures required by applicable data protection laws to ensure the protection of your personal data.
If you have any questions regarding this privacy policy, please contact our Data Protection Officer (DPO).
C. Gielisch GmbH
Data Protection Officer
2B Advice GmbH
Joseph-Schumpeter-Allee 25
53227 Bonn
E-mail gielisch@2b-advice.com
Tel.: +49 228 926165-120
SCOPE OF THE PRIVACY POLICY
The processing of personal data, as defined by the legislator, means activities such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.
Personal data is all the information that relates to an identified or identifiable natural person.
This privacy policy concerns the personal data of customers, interested parties, applicants or visitors. This privacy policy applies to our website www.gielisch.de
This privacy policy applies to our website www.gielisch.de
WHICH PERSONAL DATA DO WE PROCESS?
When you contact us e.g. as an interested party or customer, we collect your personal data. This may happen, for example, if you are interested in our products, register for our online services, contact us via our communication channels or if you use our products or services in the context of existing business relationships.
We process the following types of personal data:
• personal identifiable information (PII): e.g. first and last name, address data, e-mail address, telephone number, fax number
• Assignment particulars: e.g. claim number, client number, assignment number, invoice data
• Company-related data: e.g. company name, department, activity
• Data on your behaviour online: e.g. IP addresses, user names, data on your visits to our website, actions carried out on our websites, place of access
• Information about your interests and wishes, which you communicate to us: e.g. via our contact form or other communication channels
• Information about your professional career: e.g. vocational training, previous employers, other qualification
• and other information comparable to these categories of data.
USE OF COOKIES
WHAT ARE COOKIES?
Cookies are files that are placed on your computer by our website or client portals when you visit the site. These files store information that makes your use of this site more efficient.
List of cookies used:
User Centric Consent Management Platform: This is a consent management platform. Usercentrics GmbH is used on the website as an order processing agent for the purpose of consent management. The consent information (consent and revocation of consent) will be stored for three years. The data will be erased immediately following this period.
MyFonts
This site uses MyFonts. MyFonts provides fonts that are loaded onto your browser when you access our website, to warrant the provision of a uniform font in the depiction of the website. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.
To be able to ensure compliance with the licensing terms and conditions and to monitor the number of monthly site visits, MyFonts transfers your IP address along with the URL of our website and our contract
data to its servers in the United States. According to Monotype, your IP address will be anonymized immediately after the transfer so that any affiliations with individuals are no longer possible (anonymization).
For details, please consult Monotype’s data privacy policy:
https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:
https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2z3d0000001so6AAA&status=Active
Google Analytics: This is a web analytics service. With this, the user can measure advertisement ROI and track flash, video, and social networking sites and applications. We use Google Analytics to analyse user behaviour on our website and in the client portals. The user information (including the user's truncated IP address) collected by the cookie is transmitted to our servers and stored for analysing user behaviour. We use this information to optimise our website, the client portals, our sales approach and other advertising methods as well as for the purpose of market research. During the process of transmitting the information, the IP address of the user will immediately be truncated so that the user can no longer be traced using their IP address. The data retention period depends on the type of information stored. The user can decide how long Google Analytics may store their information for before it is automatically deleted.
Google Maps: This is a web map service. This site uses the map service Google Maps via an API. This service is provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA To use the functions of Google Maps, it is necessary for your IP address to be stored. This information is generally transmitted to a Google server in the United States and stored there. The provider of this site has no influence on this transmission of data.
More details of how user information is handled can be found in Google's privacy policy: www.google.de/intl/de/policies/privacy/. Data will not be stored longer than needed by us for the purposes of the respective processing.
Please note that the use of Google Maps from our website will involve data transfer to the USA. To protect this data, the European Commission issued an Adequacy Decision, which was published on 10 July 2023. This decision pertains to the EU-US Data Privacy Framework
and concludes that the United States offers an adequate level of protection for personal data transferred from the European Union to participating US organisations. The framework ensures that data transferred to US organisations, including Google LLC as operator of Google Maps, is processed under conditions comparable to the data protection standards of the EU.
More information on the EU-US Data Privacy Framework and the associated protective mechanisms can be found at: www.dataprivacyframework.gov/s.
If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. The Vimeo server is informed of which of our pages you have visited. Vimeo will also obtain your IP address. This applies even if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to a Vimeo server in the United States. If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account. More details of how user information is handled can be found in Vimeo's privacy policy: vimeo.com/privacy. Data will not be stored longer than needed by us for the purposes of the respective processing.
YouTube videos:
This is an online video platform. YouTube is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. We have integrated YouTube videos into our online offering, which are stored at www.YouTube.com and can be played directly from our website. These are all integrated in the "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. When you play the videos, YouTube will at least record and process your IP address, the date and time and the website you visited. In addition, a connection to the advertising network "DoubleClick" is established by Google. We have no influence on this data transfer. This occurs regardless of whether YouTube provides a user account that you are logged in to, or whether no user account exists. When you are logged in, your data will be assigned directly to your account. If you do not wish your profile to be assigned to YouTube, you must log out before activating the button and manually delete your cookies and browser history before logging in again. YouTube stores your data as user profiles and uses them for advertising, market research and/or the design of its website to meet customer demand. Such evaluation is carried out in particular (even for users who are not logged in) in order to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
Google reCAPTCHA: We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. The purpose of reCAPTCHA is to determine whether data entered on this website (e.g., information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g., IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google. reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway. Data are stored and analyzed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time. For more information about Google reCAPTCHA please refer to the Google Data Privacy Declaration and Terms Of Use under the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active
WHAT DO WE PROCESS YOUR PERSONAL DATA FOR - AND ON WHAT LEGAL BASIS?
PERFORMANCE OF THE CONTRACT
We process your data in order to fulfil our contracts. This also applies to information that you provide to us in the context of pre-contractual correspondence. The specific purposes of the data processing depend on the respective product and the submitted request and can also be used to analyse your needs and to check which products and services are suitable for you.
PERFORMANCE OF THE CONTRACTUAL RELATIONSHIP
For the execution of the contractual relationship we need your name, your address, your telephone number or your e-mail address so that we can contact you.
OFFERING GOODS AND SERVICES
We also need your personal data to be able to check whether and which products and services we can and may offer you.
Details on the respective purposes of data processing can be found in the contractual documents and our General Terms and Conditions of Business.
CARRYING OUT THE APPLICATION PROCESS
We process your data that you have sent us as part of your application to check whether your professional qualifications are suitable for the advertised position. We only use your information for the application process and transfer it to your personnel file when a contract is concluded. If no agreement is reached, your information will be deleted or destroyed. We will not use your application information for any other purpose than to conduct the application process.
For further information on data protection within the scope of the application process, please click HERE.
BALANCING INTERESTS: WE IMPROVE OUR SERVICES AND OFFER YOU SUITABLE PRODUCTS
STRIVING TO STREGTHEN AND OPTIMISE CUSTOMER RELATIONS
As part of our endeavour to continuously optimise our customer relations, we request you to take part in our customer surveys. The results of the surveys help us adapt our products and services to your needs.
DATA PROCESSING AND ANALYSIS FOR MARKETING PURPOSES
Your needs are important to us and we try to provide you with information about products and services that exactly suit you. For this purpose, we use the findings of our joint business relationship and market research. Our main goal is to adapt our product proposals to your needs. In this context, we guarantee that we always process the data in accordance with applicable data protection law. Important: You can object to the use of your personal data for this purpose at any time.
What exactly do we analyse and process?
• Results of our marketing activities to measure the efficiency and relevance of our campaigns;
• Information from your visits to our website;
• We analyse the possible needs of our products and services.
SECURITY MEASURES FOR YOUR PROTECTION
Among others, we use your personal data in the following cases:
• We analyse your data to protect you or your company from fraudulent activities.
This may happen, for example, if you have been the victim of identity theft or if unauthorised people have otherwise gained access to your user account;
• Our IT support works closely with you in case of technical problems to improve the reliability of our web applications. In this context, we also evaluate logs of page accesses, actions performed, etc;
• To be able to guarantee IT security;
• In order to be able to record and prove facts in the event of possible legal disputes.
ON THE BASIS OF YOUR CONSENT
If you have consented to the processing of your personal data for one or more specific purposes, we may process your data. You can withdraw this consent at any time for the future without incurring any costs other than the transmission costs according to the basic tariffs (costs of your Internet connection). However, the withdrawal of consent does not affect the legality of the processing up to the withdrawal.
DUE TO LEGAL REQUIREMENTS OR IN THE PUBLIC INTEREST
As a company, we are subject to a wide variety of legal requirements (e.g. from tax legislation). In order to comply with our legal obligations, we process your personal data.
WHERE WE TRANSMIT DATA AND WHY
USE OF DATA WITHIN C. GIELISCH
Within C. Gielisch only those entities that need your personal information in order to fulfil our contractual or legal obligation or to protect our legitimate interest will have access to them.
USE OF DATA OUTSIDE C. GIELISCH
We respect the protection of your personal data and we pass on information about you only if required by law, if you have given your consent or to fulfil contractual obligations.
For the following recipients, for example, there is a legal obligation to pass on your personal data:
• Public authorities or supervisory authorities, e.g. tax authorities, customs authorities;
• Judicial and law enforcement authorities, e.g. police, courts, public prosecutors;
• Lawyers or notaries, e.g. in legal disputes;
• Chartered Accountant/ Auditors.
In order to fulfil our contractual obligations, we cooperate with other companies. These include:
• Transport service providers and freight forwarders;
• Organisers and training service providers, if you have registered through us for certain trade fairs or events;
• Banks and financial service providers to handle all financial matters.
• Our own service providers
In order to make our operations more efficient, we use the services of external service providers who may receive personal data from you for the purposes described, including IT service providers, printing and telecommunications service providers, debt collection, consulting or sales companies.
Important: We pay close attention to your personal data!
In order to ensure that the service providers comply with the same data protection standards as in our company, we have concluded appropriate contracts for order processing.
These contracts regulate, among other things:
• that third parties only have access to the data they need to carry out the tasks assigned to them;
• that the service providers only grant access to your data to employees who have explicitly committed themselves to comply with data protection regulations;
• that the service providers comply with technical and organisational measures that guarantee data security and data protection;
• what happens to the data when the business relationship between the service provider and us is terminated.
For service providers based outside the European Economic Area (EEA), we take special security measures (e.g. by using special contractual clauses) to ensure that the data is treated with the same level of caution that is exercised in the EEA. We regularly check all our service providers for compliance with our specifications.
USE OF DATA WITHIN THE C. GIELISCH GROUP
In order to provide you with the best possible service, we occasionally exchange data within the Group. We guarantee that the applicable data protection regulations are observed and that your personal data is adequately protected at all times.
For this reason, we have taken appropriate measures to ensure compliance with data protection within the C. Gielisch Group:
We have concluded appropriate contracts with the individual subsidiaries to ensure that personal data shared within the Group remains protected at all times.
In accordance with these contracts and applicable data protection laws, we transfer personal data to our production and sales subsidiaries only for the purposes stated in this privacy policy. In doing so, we support our subsidiaries both in their operations and in their compliance with the technical and organisational measures that we also use at the parent company to guarantee the security of your personal data. If possible, we protect your data by using pseudonymisation or anonymisation measures. If subsidiaries are located outside the EEA, we take appropriate measures to ensure that the personal data processed there is just as protected as within the EEA.
ARE YOU OBLIGED TO PROVIDE US WITH PERSONAL DATA?
In the context of the business relationship between you and C. Gielisch, we require from you the following categories of personal data:
• all necessary data for the establishment and implementation of a business relationship;
• data required for the fulfilment of contractual obligations;
• data that we are legally obliged to collect.
Without these data it is not possible for us to enter into or execute contracts with you.
DELETION PERIODS
In accordance with the applicable data protection regulations, we do not store your personal data longer than we need for the purposes of the respective processing. If the data is no longer required for the fulfilment of contractual or legal obligations, it will be regularly deleted by us, unless its temporary storage is still necessary. There may be the following reasons for further storage:
• Obligations under commercial and tax law to retain data must be observed: The periods for storage, primarily in accordance with the provisions of the Commercial Code and the Fiscal Code, are up to 10 years.
• To obtain evidence in the event of legal disputes within the framework of statutory limitation periods: in civil law, statutory limitation periods may be up to 30 years, with the regular limitation period occurring after three years.
YOUR RIGHTS
Within the scope of processing your personal data, you also have certain rights. More detailed information can be found in the corresponding provisions of the General Data Protection Regulation (Articles 15 to 21).
RIGHT TO INFORMATION AND CORRECTION
You have the right to obtain information from us on which of your personal data we process. If this information is not (no longer) correct, you can ask us to correct the data, or, if it is incomplete, to complete it. If we have passed on your data to third parties, we will inform the relevant third parties in the event of a corresponding legal situation.
RIGHT TO DELETION
You can request the immediate deletion of your personal data under the following circumstances:
• When your personal information is no longer needed for the purposes for which it was collected;
• If you have revoked your consent and there is no other legal basis for data processing;
• If you object to the processing and there are no overriding legitimate reasons for data processing;
• If your data is processed unlawfully;
• If your personal data must be deleted in order to comply with legal obligations.
Please note that before deleting your data we must check whether there is not a legitimate reason for processing your personal data.
RIGHT TO RESTRICTION OF PROCESSING ("RIGHT TO BLOCK")
You may request us to restrict the processing of your personal data for one of the following reasons:
• If you dispute the accuracy of the data until we have had the opportunity to verify the accuracy of the data;
• If the data is processed unlawfully, but instead of being deleted, you merely request the restriction of the use of personal data;
• If we no longer need the personal data for the purposes of processing, but you still need them to assert, exercise or defend in the course of legal claims;
• If you have filed an objection against the processing and it is not yet clear whether your legitimate interests outweigh ours.
RIGHT TO OBJECT
RIGHT OF OBJECTION IN INDIVIDUAL CASES
If the processing is carried out in the public interest or on the basis of a balance of interests, you have the right to object to the processing for reasons arising from your particular situation. In the event of an objection, we will not process your personal data further, unless we can prove compelling reasons for processing your data, which outweigh your interests, rights and freedoms, or because your personal data serve to assert, exercise or defend legal claims. The objection shall not preclude the legality of the processing carried out up to the time of the objection.
OBJECT AGAINST THE USE OF DATA FOR ADVERTISING PURPOSES
In cases where your personal information is used for advertising purposes, you can object to this form of processing at any time. We will no longer process your personal information for these purposes.
The objection can be made form-free and should be addressed to:
C. Gielisch GmbH
Neuer Zollhof 1
40221 Düsseldorf
E-mail: info(at)gielisch.de
Tel.: +49211 13806-01
RIGHT TO DATA PORTABILITY
Upon requests, you have the right to receive personal data that you have given us for processing in a transferable and machine-readable format.
RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY (ART. 77 GDPR)
We try to process your requests and claims as quickly as possible in order to protect your rights appropriately. Depending on the frequency of enquiries, however, it may take up to 30 days before we can provide you with further information about your request. If it should take longer, we will inform you promptly of the reasons for the delay and discuss the further process with you.
In some cases we may not or cannot give you any information. If legally permissible, we will inform you of the reason for refusing to disclose the information.
However, should you not be satisfied with our answer and responses or should you be of the opinion that we are violating the current data protection law, you are free to file a complaint with our Data Protection Officer as well as the relevant supervisory authority. The supervisory authority responsible for us is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2-4
40213 Düsseldorf
Tel.: 0211/38424-0
Fax: 0211 - 38424-10
email: poststelle@ldi.nrw.de
VERSION
We retain the right to modify this privacy policy from time to time to ensure ongoing compliance with current legal requirements or to reflect changes in our services in the privacy policy, such as the introduction of new services. The new privacy policy will then apply the next time you visit our site.
This privacy policy is effective as of 10.01.2024.