Privacy Policy

The following privacy policy applies to the website „grc.schleupen.de“. 

The protection of your personal data (hereinafter referred to as "data") is a major and very important concern for us. In the following, we would therefore like to inform you in detail about which data is collected by us and how it is processed by us in the following.

I. Name and contact details of the person in charge

The responsible person in terms of the data protection regulations for the processing of personal data is:

Schleupen SE
Otto-Hahn-Strasse 20
76275 Ettlingen, Deutschland
Telephone: +49 (0) 7243 321-0
Email: info@schleupen.de
Website: grc.schleupen.de              

II. Contact details of the data protection officers

Our data protection officer is:

CL Compliance und Datenschutz GmbH & Co KG
Douglasstr. 11-15
76133 Karlsruhe, Deutschland
Telephone: +49 (0) 721 91250-880
Fax: +49 (0) 721 91250-22
Email: kontakt@compliance-datenschutz.de        

III. Purpose of the processing of personal data, legal basis and storage period

In the following, we inform you about the data processing on our site (a), its purposes (b), legal basis (c) as well as the respective storage period and, if applicable, specific objection and removal possibilities (d).

1. Log files

a)
When you access our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

  • IP address of the requesting computer
  • Date and time of the request
  • Name and URL of the accessed website
  • Website from which the access takes place (referrer URL)
  • Browser used, version of the browser
  • Operating system and version of your computer's operating system and the name of your access provider
  • Transferred data volumes and access status (file transferred, file not found, etc.)
  • Language and version of the browser software.

b)
The above-mentioned data will be processed by us for the following purposes:

  • Ensuring a smooth connection to our website,
  • Ensuring convenient use of our website,
  • Evaluation of system security and stability and
  • for further administrative purposes.

c)
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the above listed purposes for data processing. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

d)
The data in the log files will be deleted after seven days at the latest.

2. Cookies

a)
We use cookies on our site. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage on your end device and do not contain viruses, trojans or other malware.

Information is stored in the cookie that is related to the specific end device used. This does not mean, however, that we obtain direct knowledge of your identity.

We use the following cookies:

  • Session cookies
  • Other temporary cookies (e.g. cookies for analysis purposes or third-party cookies)

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, disabling cookies completely may mean that you will not be able to use all the features of our website.

b)
The use of cookies serves on the one hand to optimize the use of our service for you.

For example, we use so-called session cookies to recognize that you have already visited individual pages of our website.

In addition, we also use other temporary cookies to optimize user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again to make use of our services, we will automatically recognize that you have already been with us and what entries and settings you made so that you do not have to enter them again.

On the other hand, we use cookies to record and evaluate the use of our website pseudonymously and purely statistically in order to further optimize our offer for you. These cookies enable us to automatically recognize that you have already been with us when you visit our site again. The third-party providers of the associated analysis tools as well as the providers of social media plugins use appropriate cookies for this purpose (the details of which can be found in the following descriptions of the associated third-party services).

c)
Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies) or to optimize the website (e.g. cookies to measure web traffic) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question will be carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR); the consent can be revoked at any time.

d)
Session cookies are automatically deleted after leaving our site. Temporary cookies are automatically deleted after a defined time, in this case 2 months. Cookies for analysis purposes or third-party cookies are automatically deleted after the times specified by the respective provider.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. You can delete already stored cookies at any time in the security settings of your browser.

3. Google Analytics

a)
This website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in the event that IP anonymization is activated on this website, your IP address will be shortened
by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this happens. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage.

This website uses Google Analytics with the extension "_anonymizeIp()". This allows IP addresses to be processed in a shortened form, thus excluding the possibility of personal references. If the data collected about you contains a personal reference, this is immediately excluded, and the personal data is immediately deleted.

The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.

b)
We use Google Analytics to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our service and make it more interesting for you as a user.

c)
The legal basis for the use of Google Analytics is Art. 6 para. 1 lit. a GDPR; consent may be revoked at any time.

d)
You can prevent the storage of cookies by adjusting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link:

An opt-out cookie is set to prevent future collection of your information when you visit this site. The opt-out cookie is unique to that browser and to our site and is placed on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again.

Third Party Information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of Use:
http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, and the privacy policy: http://www.google.de/intl/de/policies/privacy.

4. General contact form

a)
There is a contact form on our website which can be used for contacting us electronically. If you take this opportunity, the data entered in the input fields will be transmitted to us and stored.

The mandatory fields, which must be filled out for electronic contact via the contact form, are marked with (*). If you provide us with additional data, this is done voluntarily.

b)
The data will be processed to enable us to contact you and process your request, to prevent misuse of the contact form and to ensure the security of our information technology systems.

c)
The legal basis for the processing of the mandatory information is Art. 6 para. 1 sentence 1 lit. f GDPR. The aforementioned purpose also includes the legitimate interest in the processing of the data. If the email contact or callback request is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

The legal basis for the processing of the data you have voluntarily provided us with is Art. 6 para. 1 p. 1 lit. a GDPR.

d)
We use "Google reCAPTCHA" for our contact form. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). ReCAPTCHA is a service provided by Google that helps protect websites from spam and abuse during use. With reCAPTCHA we can determine whether a serious request has actually reached us and whether a robot or other spam software is attacking it. With the classic CAPTCHAS, you usually have to solve text or image puzzles to check them. With reCAPTCHA from Google, we don't have to bother you with such puzzles most of the time. In most cases, it is sufficient if you simply tick the box and confirm that you are not a bot.

For more information about Google reCAPTCHA and Google's privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/  and  https://www.google.com/recaptcha/intro/android.html.

e)
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data from the input fields of the contact form/from your email or the callback service, this is the case when the respective conversation with you has ended. The conversation is finished when it can be concluded from the circumstances that the matter in question has been finally clarified. Should a contract be concluded, the data will be stored until the end of the legal retention period (6 years after the end of the year in which the contract was terminated) and then deleted, unless we are obliged to store the data for a longer period of time due to tax and commercial law obligations to store and document data (from the HGB (German Commercial Code), StGB (German Penal Code) or AO (German Fiscal Code)) or you have consented to
storage beyond this period in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR.

In addition, you have the possibility to revoke your consent to the processing of your personal data at any time. If you contact us by email, you can object to the storage of your personal data at any time. In this case, we will immediately act upon your request. To exercise the right of revocation, see section VII. All personal data stored in the course of the contact will be deleted in this case.

5. Customer registration

a)
On our website, we offer users the possibility to register as a customer by entering personal data. The data will be entered into an input mask, transmitted to us and stored.

The following personal data is collected as mandatory information during the registration process (*):

  • Email address
  • User's first and last name

At the time of registration of the message, the following data is also stored:

  • The IP address of the user
  • Date and time of registration
  • Your password (also mandatory)

The provision of further data is voluntary.

During the registration process, the user's consent to the processing of this data is obtained.

We use the so-called double-opt-in procedure for registration, i.e. your registration is only complete once you have confirmed your registration by clicking on the link contained in a confirmation email sent to you for this purpose. If you do not confirm within 24 hours, your registration will be automatically deleted from our database.

b)
Registration on your part with the mandatory data is necessary for the provision of certain contents and services on our website, namely, to receive further information and tips on the use of the software and to receive information on training courses and web seminars. You can also use it to gain access to our "Energy and Water Management" section, as well as the "Governance, Risk & Compliance" section.

We will use any further voluntarily provided data to address you personally.

The collection of the time of registration and confirmation, as well as your IP address, is carried out to fulfill our legal obligation to provide proof of registration. The password is for your security.

c)
Legal basis is Art. 6 para. 1 p. 1 lit. a GDPR for the mandatory data, as well as your other voluntary data, and additionally Art. 6 para. 1 p. 1 lit. c GDPR, Art. 7 para. 1 GDPR for the time of registration and confirmation, as well as your IP address.

d)
You have the possibility at any time to revoke your consent to the processing of the data voluntarily provided during registration and thus automatically deregister as a customer. You can declare the revocation to the responsible person mentioned under point I. At the same time, you have the possibility to adjust the data you provided in the customer area or to delete your account. After deletion or revocation, your personal data will be deleted immediately.

6. Speculative application - registration

a)
If you would like to apply to us for a job, you can send us a speculative application via our website. All details are contained in a separate data protection declaration, which is made available to you as part of the online application process.

7. Embedded YouTube videos

a)
We have integrated YouTube videos into our online offer, which are stored
on www.YouTube.com and can be played directly from our website. YouTube is a service of Google Inc. The videos are all integrated in the "extended data protection mode", i.e. that no data about you as a user is transferred to YouTube if you do not play the videos. At the same time, only a preview image loaded from our own web server is displayed. Only when you play the videos, the data mentioned under section III 1 will be transmitted. We have no influence on this data transfer. The data transfer is carried out regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account.

b)
YouTube stores your data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide advertising tailored to your needs and to inform other users of the social network about your activities on our website.

c)
The advertising purpose behind this is to be regarded as a legitimate interest in the sense of the GDPR. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR, unless another legal basis is stated. The website operator has a legitimate interest in the underlying advertising purpose. If consent to the storage of cookies has been requested, the storage of the cookies in question will be based exclusively on this consent (Art. 6 para. 1 lit. a GDPR); consent may be revoked at any time. If you do not wish to have the assignment with your profile on YouTube, you must log out of YouTube before starting the video. You also have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. Further information on data processing, in particular on the legal basis and storage period by YouTube, can be found in the provider's privacy

policy. There you will also find further information about your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy .  

8. Online presence in social media

We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services.

We have no influence on the data collection and its further use by social networks. There is no knowledge of the extent to which, where and for how long the data is stored, to what extent the networks comply with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. We therefore expressly point out that your data (e.g. personal information, IP address) is stored and used for business purposes by the operators of the networks in accordance with their data use guidelines.

Please note that user data may be processed outside the European Union. This may result in risks for the users, e.g. because enforcement of the users' rights could be made more difficult.

Furthermore, user data is generally processed for market research and advertising purposes. For example, user profiles can be created from the user behavior and the resulting interests of the users. The user profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and interests of the users are stored. Additionally, data may also be stored in the user profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

The processing of users' personal data is based on our legitimate interest in effective information of users and communication with users in accordance with Art. 6, Paragraph 1Lit.f. GDPR. If the users are asked by Schleupen SE or the respective providers of the platforms to give their consent to the aforementioned data processing, the legal basis of the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.

For a detailed presentation of the respective processing and the possibilities of objection (opt out), we refer to the following linked information of the providers.

Also, in the case of requests for information and the assertion of user rights, we would like to point out that these can most effectively be asserted with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. Should you nevertheless require assistance, please contact us.


IV. Cooperation with contract processors and third parties

In some cases, we use external service providers (contract processors) to process your data. These have been carefully selected and commissioned by us, are bound by instructions and are checked regularly. These are external service providers who support us technically (web hosts, programmers). This is done on the basis of order processing contracts in accordance with Art. 28 GDPR.

Otherwise, we will only pass on your data to third parties if:

  • you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • there is a legal obligation to pass on the data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR, or
  • this is legally permissible and, in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR, necessary for the fulfillment of contractual relationships with you.

Service providers in a third country are only commissioned if the special requirements of Art. 44 ff. GDPR are fulfilled.

V. Rights of data subjects

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details of the data;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • in accordance with Art. 17 GDPR to demand the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims
  • pursuant to Art. 18 GDPR, to demand the restriction of the processing of your personal data, if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defense of legal claims or if you have lodged an objection to the processing pursuant to Art. 21 GDPR
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request that it be transferred to another responsible party
  • complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or the place of the suspected infringement.

VII. Right to revoke consent under data protection law

According to Art. 7 para. 3 GDPR, you have the right to revoke your consent to us at any time. As a result, we are not allowed to continue the data processing that was based on this consent in the future. This does not affect the legality of the processing of data based on this consent until revocation.

VIII. Actuality and changes to this privacy policy

This privacy policy is valid as of November 2020.

Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to change this privacy policy. You can access and print out the current privacy policy at any time on the website at www.schleupen.de/datenschutz/.