Data Privacy

Koehler Holding SE & Co. KG would like to promote user confidence in the Web and is therefore laying out its policy for handling personal data. The following section will show you what information we collect for what purposes and how we use it.

The Privacy Policy contains special instructions for applicants as well as general information both for the applicants as well as other visitors to our website.

It is a matter of course for us to deal with your data carefully and to treat it as confidential. We therefore ask you to send us only serious applications and to check attached files in advance for viruses etc. before you forward them to us.

1. Objective and responsibility

1. This Privacy Policy informs you about the type, scope, and purpose of the processing of personal data within our website and associated websites, functions, and content (hereinafter jointly referred to as “online offer” or “website”). This Privacy Policy is applicable regardless of the domains, systems, platforms, and devices (for example desktop or mobile) on which the online offer is running.

2. The provider of online content, and therefore legally responsible for data privacy, is Koehler Holding SE & Co. KG, Hauptstraße 2, D-77704 Oberkirch, Germany, Email: info@koehler.com (hereinafter referred to as “we” or “us”). For details of representatives and more contact options, please refer to our masthead: Imprint.

3. Our data privacy officer can be contacted at the Email address: datenschutz@koehler.com

4. The term “users” used in the following includes the applicant as well as other website visitors. All terms used such as “applicants” are to be understood as gender-neutral.

2. General information regarding data processing and legal bases

1. We process the personal data of users strictly in compliance with the relevant data protection laws. This means that the data of users will only be processed if this is permitted by law, i.e., in particular, if data processing is required in order for us to perform our contractual services (e.g. process an order) and online services, where it is prescribed by law, if we have the consent of the user or if processing is based on our legitimate interests (i.e. our interest in the analysis, optimization and economic operation and security of our online service in terms of Art. 6 (1) (f) GDPR), particularly with regard to measuring coverage, creating profiles for advertising and marketing purposes, collecting access data and the use of services of third-party providers.

2. With regard to the processing of personal data on the basis of the General Data Protection Regulation (GDPR), the legal basis regarding consent is Art. 6 (1) (a) and Art 7 GDPR, the legal basis for processing in order to perform our services and contractual activities is Art. 6 (1) (b) GDPR, the legal basis for processing in order to fulfill our statutory duties is Art. 6 (1) (c) GDPR and the legal basis for processing to maintain our legitimate interests is Art. 6 (1) (f) GDPR.

3. Irrespective of the aforementioned purposes, we also process your contact data (particularly your name, address and email address) within the legally permissible scope for marketing and advertising purposes, i.e. for example in order to send you information about our products, our company, special offers or events. Finally, if we have obtained your contact data in the context of a business event, a business meeting (e.g. by exchanging business cards) or an order, we also process them to manage our business contacts and transfer them to our CRM system (customer relationship management system).

As we have a legitimate economic interest in maintaining contacts established in the course of conducting business beyond the first contact, to use the same to establish a business relationship and to maintain contact with the respective persons for this purpose, the aforementioned processing of your personal data is performed on the basis of Art. 6 (1) (f) GDPR.

3. Security measures

1. We take organizational, contractual, and technical security measures in accordance with the state of the art in order to ensure that the provisions of the data privacy laws are complied with and to ensure that the data processed by us is protected from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.

2. The security measures include, in particular, the encrypted transfer of data between your browser and our server.

4. Disclosure of data to third parties and third-party suppliers

1. Forwarding of data to third parties only takes place within the framework of the legal guidelines. We forward the data of users to third parties only if this is necessary, for example, for billing purposes or for other purposes if these are necessary in order to fulfill our contractual obligations vis-à-vis the users.

2. If we use subcontractors in order to provide our services, we will take appropriate legal measures and appropriate technical and organizational measures for the protection of personal data in accordance with the relevant statutory provisions.

3. If content, tools, or other resources from other suppliers (hereinafter jointly referred to as “third-party suppliers”) are used within the framework of this Privacy Policy and the third-party supplier is located in a third country, it is to be assumed that a data transfer into the countries of the third-party supplier takes place.

4. Third countries are countries in which the GDPR is not directly applicable, i.e., in principle, countries outside the European Union (EU) or the European Economic Area (EEA)

5. The transfer of data to third countries is carried out if an adequate level of protection for the data, user consent, or otherwise legal permission exists.

5. Purpose and scope of the processing of applicant data

1. We process applicant data only for the purpose and within the framework of the application procedure in accordance with the legal requirements. The processing of applicant data is carried out in order to fulfill our contractual obligations and on the basis of our legitimate interests, as well as the interests of the applicant in the implementation of a rapid and effective application process.

2. The application process requires that applicants provide us with the applicant data. The required applicant data is marked as such in our secure online form. This includes the personal information, postal and contact addresses, and documents belonging to the application such as a cover letter, résumé, and references. Furthermore, applicants may voluntarily provide us with additional information. Upon transmission of the application to us, the applicant consents to the processing of their data for the purposes of the application procedure according to the manner and scope set out in this Privacy Policy.

6. Transfer of applicant data

1. In general, we do not pass on applicant data to third parties. In the context of the application process, however, we may receive support from external service providers or other companies within our group. In this case, the service provider may also process data of the applicant. The service providers process the data of the applicant only on our behalf and on the basis of contractual obligations that stipulate compliance with the agreed-upon organizational and technical measures.

2. Furthermore, a transfer of applicant data may also occur if a position has been expressly advertised by several companies within our group, i.e. the application procedure is carried out by several companies.

3. In all other cases, we ask the applicant for permission before we share their data.

7. Type of transmission of applications

1. Applicants can submit their applications to us by using the contact form on our website. The data is transmitted in encrypted form to us in accordance with the state of the art of technology.

2. Alternatively, applicants can submit their applications to us via e-mail. In this case, however, we note that Emails are not sent in encrypted form. We can therefore assume no responsibility for the transmission path of the application between the sender and receipt on our server. For this reason, we recommend using the online form.

3. Rather than the application via the online form or Email, applicants still have the opportunity to submit their application by mail.

8. Retention and deletion of applicant data

1. In the case of a successful application, the data provided to us by the applicant can be further processed by us for the purposes of employment.

2. Otherwise, if the application for a position is not successful, the data of the applicant will be deleted. The data of the applicant will also be deleted if an application is withdrawn, which the applicant is entitled to do at any time.

3. The deletion will be carried out, subject to a justified revocation of the applicant, after the expiry of a period of six months so that we can answer any follow-up questions regarding the application and meet our obligations of proof arising from the General Act on Equal Treatment (AGG).

9. Contact

1. When a user makes contact with us (using the contact form, by Email, in the context of an order or, for example, by exchanging business cards), the user’s information is processed for the purpose of processing the contact request and responding to the inquiry.

2. The data of users may be stored in our customer relationship management system (“CRM system”) or similar inquiry organization systems for the further maintenance of the business relationship and, as commercial correspondence, must be kept for six years, due to statutory requirements, and, in the case of statutory tax relevance, for a period of ten years.

10. Collection of access data

1. Log file information is collected by the provider solely as part of monitoring.

2. For security reasons (e.g. for the elucidation of abuse or fraud), log file information is stored for a maximum of seven days and then deleted. Data whose further retention is required for evidential purposes is excluded from deletion until the final clarification of the respective incident.

11. Cookies and audience measurement

1. Cookies are pieces of information that are transferred to the Web browser of the user by our Web server or third-party Web servers and stored there for subsequent retrieval. Cookies can be small files or other types of information storage. Users are notified about the use of cookies within the framework of pseudonymous audience measurement within this Privacy Policy.

2. If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional limitations of this online offer.

3. You can object to the use of cookies that serve the purpose of audience measurement and advertising via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and, in addition, the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Necessary Cookies

These cookies are essential for the website's functionality and therefore cannot be disabled.

WSESSIONID
Duration of storageSession
Necessary standard cookie to use with PHP session data.

hideCookieNotice
Duration of storageUp to 30 days depending on the selection.
Saves that the cookie or data protection notice is not displayed again each time you access the site.

hideCookieNotice2
Duration of storageUp to 30 days depending on the selection.
Saves that the cookie or data protection notice is not displayed again each time you access the site.

allowLoadExternRessources
Duration of storageUp to 30 days depending on the selection.
Remembers the user decision whether external components may be loaded automatically.

allowTracking
Duration of storageUp to 30 days depending on the selection.
Remembers the user decision that visitor behaviour may be tracked.

Marketing/tracking Cookies

These cookies are used for marketing purposes and analyse your visitor behaviour.

_pk_id.1.3659
Duration of storage: 13 months
Saves some details about the user such as the unique visitor ID.

_pk_ref.1.3659
Duration of storage: 6 months
This cookie is used as a reference to the anonymous tracking session on the site.

_pk_ses.1.3659
Duration of storage: 30 minutes
Stores data for the visit temporarily.

_pk_testcookie..undefined
Duration of storage: Session
Checks whether the visitor's browser supports cookies.

_pk_testcookie.1.3659
Duration of storage: Session
Checks whether the visitor's browser supports cookies.

12. Social media buttons and links

1. The links/buttons to social networks and platforms (hereinafter referred to as “social media”) used within our online offer do not create a connection between social networks and the users until users click on the links/buttons and the respective networks, or their websites, are accessed. This function corresponds to the operation of a regular online link.

2. The following diagram provides an overview of the linked social media providers, along with links to their respective privacy policies, which contain more information about the processing of data and, in some cases already mentioned here, objection options (so-called opt-out):

13. Web analysis by Matomo (formerly PIWIK)

Extent of personal data processing:
On our website, we use the open-source software tool Matomo (formerly PIWIK) to analyze the surfing behavior of our users. The software places a cookie on the user’s computer (regarding cookies, see above). If individual pages of our website are accessed, the following data is stored:

  • two bytes of the IP address of the accessing system of the user
  • the website accessed
  • the website from which the user accessed the website (referrer)
  • the subpages of the website that are accessed
  • the duration of the visit to the website
  • the frequency of access to the website

The software used for this purpose runs exclusively on the servers of our website. Users’ personal data is stored there only. The data is not disclosed to third parties.

2. Legal basis for processing personal data: The legal basis for the processing of personal data of the user is Article 6, Paragraph 1, Subparagraph F, of the GDPR.

3. Purpose of data processing and legitimate interest: Processing the personal data of users makes it possible for us to analyze the surfing behavior of our users. The data gained through this analysis allows us to compile information about the use of the individual components of our website. This helps us to continually improve our website and make it more user-friendly. In these purposes, we also have a legitimate interest in processing the data according to Article 6, Paragraph 1, Subparagraph F, of the GDPR. Anonymizing the IP address sufficiently takes into account the users’ interest in protecting their personal data.

You will find more information about the privacy settings of the Matomo software at the following link: https://matomo.org/docs/privacy/

14. Integration of third-party services and Content

1. Within our online offer, and on the basis of our legitimate interests (i.e. interest in the analysis, optimization, and economic operation of our online offer within the meaning of Article 6, Paragraph 1, Subparagraph F, of the GDPR), we use content or service offerings from third-party suppliers to embed their contents and services such as videos or fonts (hereinafter referred to uniformly as “content”). This always requires that the third-party supplier of the content learn the IP address of the user, because the content can not be sent to the browser without the IP address. The IP address is therefore required for the presentation of that content. We strive to use only such content whose respective provider only uses IP addresses for delivery of the content. Furthermore, third-party suppliers may also use so-called pixel tags (invisible graphics, also known as “Web beacons”) for statistical and marketing purposes. Through the pixel tags, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the device of the user and may contain, among other things, technical information about the browser and operating system, referring websites, visit time, and other information about the use of our online offer; the information can also be connected with other information from other sources.

2. The following diagram provides an overview of third-party suppliers and their content, along with links to their respective privacy policies, which contain more information about the processing of data and, in some cases already mentioned here, objection options (the so-called opt-out):

15. Rights of users

1. Users have the right to request, free of charge, to receive information about the personal data that we have stored about them. In addition, users have the right to correct incorrect data, to limit the processing and deletion of their personal data, if applicable, to assert their right to data portability, and, in the case of suspicion of unlawful data processing, to file a complaint with the competent supervisory authority (the data privacy office in the German state of Baden-Württemberg, Königstrasse 10a, 70025 Stuttgart, Germany).

2. Users can also, in general with future effect, withdraw their consent without giving reasons.

16. Deletion of data

1. The data stored on our servers will be deleted as soon as it is no longer required for its intended purpose and the deletion does not violate any statutory retention obligations. If the data of the user cannot be deleted because it is required for other purposes permitted by law, the processing of this data is restricted, which means that the data is locked and cannot be used for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons.

2. In accordance with the legal requirements, retention is carried out for six years pursuant to Section 257, Paragraph 1, of the German Commercial Code (trade books, inventories, opening balances, annual financial statements, business letters, receipts, etc.) and for ten years pursuant to Section 147, Paragraph 1, of the German Fiscal Code (books, records, financial reports, receipts, trade and business letters, tax-related documents, etc.).

17. Right to object

Users can object to the future processing of their personal data in accordance with the statutory provisions at any time without giving reasons. The objection may relate, in particular, to processing for purposes of direct marketing.

18. Changes to the privacy policy

1. We reserve the right to amend the Privacy Policy in order to adapt it to changing legal situations or if changes are made to the service and data processing. However, this only applies with regard to explanations of data processing. If user consent is required or if components of the Privacy Policy contain provisions governing the contractual relationship with the users, the changes are made only with the consent of the user.

2. Users are asked to regularly inform themselves about the contents of the Privacy Policy.