Datenschutz

Data protection

Data protection Glas Trösch

Thank you for visiting our website and your interest in our Group. The protection of your personal data is an important concern for Glas Trösch. The following explanations provide information about which data we collect on our websites, the purpose for which the data is collected and to whom the data is transmitted.

Personal data is all information that refers to a specific or identifiable person. This includes information such as your name, your address, your telephone number, your date of birth and your e-mail address. Statistical data that cannot be linked either directly or indirectly with a natural person is not included in this. These statistics could refer to which pages are particularly popular in particular.

 

1.1 Purpose of collecting personal data

In principle, even when designing our websites, we are keen for their contents to be accessible without the need for registration or the disclosure of personal data. Therefore we do not collect any personal data that you do not divulge to us voluntarily, apart from server log files, which are monitored for security purposes and to prevent cyber attacks. Data that you have shared with us voluntarily is collected by us for the purpose of optimising our offer and answering your enquiries, as well as to send you our newsletters, if you have specifically requested this.

 

1.2 Security and confidentiality

In order to guarantee the security and confidentiality of your personal data that we have registered online, in close collaboration with our hosting providers we use data networks that are protected by means of standard firewalls and password systems that are usual in the industry. When handling your personal data, we adopt appropriate measures to protect it from loss, misuse, unauthorised access, disclosure, alteration or destruction.

 

1.3 Server log files

Glas Trösch collects data via access to the web sites, so-called server log files. The access data includes:

  • Name of the website accessed
  • File
  • Date and time of access
  • Data volume transferred
  • Report on successful access
  • Browser type and version
  • The operating system of the user
  • URL (the previously visited web page)
  • IP address and the requesting provider.

Glas Trösch uses the log data exclusively for the purpose of the operation, security and optimisation of the offer. However, Glas Trösch reserves the right to monitor the log data retrospectively, if there is a justified suspicion of illegal use based on concrete evidence.

 

1.4 Data transfer abroad

If you have given your consent to this, or if we are authorised based on another form of permission, we pass on your personal data for the above-mentioned purposes to group companies in the Glas Trösch Group outside of the European Economic Area. Not all the countries have similar legislation that protects personal data to the same degree as is guaranteed in the EEA. If the legislation in place lacks the safeguards to protect personal data to the same degree, we conclude contracts whereby it is ensured that the recipients shall maintain an adequate level of protection.

 

1.5 Contact form and e-mail

If you have contacted Glas Trösch, your details are recorded for the further processing of your enquiry as well as for the eventuality that further questions may arise.

 

1.6 Newsletter

In order to send you the newsletter we use the so-called Double Opt-In procedure. This means that we first of all send you a newsletter by e-mail, if you have already expressly confirmed to us that we can activate the newsletter service. We will then send you an information e-mail and ask you to confirm that you want to receive our newsletter by clicking on a link contained in the e-mail. If you no longer wish to receive our newsletter, you can cancel it by clicking on the link that you will find in the relevant newsletter.

 

1.7 Links

The websites of Glas Trösch can contain hyperlinks to other websites that are not managed or monitored by Glas Trösch. Third party websites are not subject to the above-mentioned privacy declaration. Glas Trösch cannot be held responsible for their content or for how they deal with your personal data.

Insofar as this can be identified by us, we only process and use the personal data of children with the permission of their legal representatives. Persons under the age of 18 must obtain the permission of their legal representatives before they provide us with personal information.

This website uses cookies. Cookies are small text files that are saved to your computer on a temporary or permanent basis when you visit this website. The main purpose of the cookies is the analysis of your use of this website for statistical evaluation as well as for continuous improvements.

You can deactivate the cookies in the settings in your browser either permanently or temporarily at any time. However, if the cookies are deactivated it is possible that all the functionalities of the Glas Trösch websites will no longer be available.

We use Google Analytics on our websites, which is a web analysis service of Google Inc., headquartered in Mountain View, California, USA (hereinafter "Google").

Google Analytics uses so-called "cookies". These are text files that are saved to your computer and facilitate the analysis of the use of the website. The information gathered by the cookie about the use of this website is generally transferred to a Google server in the USA, where it is stored. You IP address is also transferred, but it is anonymised by Google before it is stored so that it can no longer be linked back to you. Google uses the method _anonymizeIp() for this.

By using our website, the following data can be stored and anonymised, to be finally used anonymously and exclusively for statistical purposes:

  • The pages visited and the order of the visits,
  • The operating system and browser used,
  • Date and time that the page was accessed,
  • The address of the website that was viewed prior to your visit, if your visit was made via a direct link that was placed there and
  • Information about the location of the user.

Google can expand this list and possibly transfer information to third parties, if this is prescribed by law or insofar or said third parties process this data on behalf of Google.

We use Social Plugins on our websites. Social Plugins are additional programmes that are linked to our websites by means of a predefined interface and that expand the scope of functionality.

We use the plugins for the following networks:

 

5.1 Facebook

Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA («Facebook»).
Privacy statement Facebook

 

5.2 LinkedIn

LinkedIn Inc., Mountain View California, USA («Linked In»).
Privacy statement LinkedIn

 

5.3 Twitter

Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA («Twitter»).
Privacy statement Twitter

 

5.4 YouTube

Youtube, which is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States («YouTube»).
Privacy statement YouTube

 

5.5 Xing

Xing AG, Gänsemarkt 43, 20354 Hamburg Deutschland.
Privacy statement Xing

 

Any changes to this Privacy Statement will be published on this page so that you are comprehensively informed about the types of information we collect, how we use it and under which circumstances it can be passed on. Our Data Privacy statement can be found both on our homepage as well as on every page that asks for your personal data.

By using this website, you declare yourself in agreement with the collection and processing of your data as described for the above-mentioned purposes.

You can object to the collection and storage of your data at any time, with effect for the future:

You can delete cookies on your computer or generally set your browser in such a way that no cookies are saved, or use a special, anonymous browser. In all of these cases you must be aware, however, that certain contents of the website will have restricted deliverability and not all the functions will be available.

This Privacy Statement is applicable to all the Glas Trösch websites. This Privacy Statement does not refer to the links to the websites of other suppliers contained in the Glas Trösch websites.

You have the right at all times to free information about your data that is stored about you as well as the right to correction, deletion and blocking.

If you have any questions or complaints about our compliance with this Privacy Statement, or if you have any recommendations or comments regarding improvements to our data protection, please send us an e-mail to: datenschutz(at)glastroesch.de

Handling of customer data

Information pursuant to Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR)

 

Dear Customers,

In accordance with Articles 13, 14 and 21 of the GDPR, we hereby provide you with information about how we process your personal data and the claims and rights to which you are entitled under the data protection regulations.

Which data are processed in detail and how they are used depends largely on the requested or agreed services.

The responsible body is:

Glas Trösch Euroholding AG & Co. KGaA
Im Lehrer Feld 30,
D-89081 Ulm
E-mail address: datenschutz(at)glastroesch.de

 

You can contact our company data protection officer at:
Glas Trösch Euroholding AG & Co. KGaA
Im Lehrer Feld 30,
D-89081 Ulm
Telephone: +49 731 4096-218
E-mail address: datenschutz(at)glastroesch.de

 

On the one hand, we process personal data that we receive from you within the framework of our business relationship.

In addition, we process personal data, insofar as this is necessary for the provision of our services, that we receive from other companies or from other third parties on a permissible basis (e.g. for the performance of orders, for the fulfilment of contracts or based on your consent).

On the other hand we process personal data that we have received from publicly accessible sources on a permissible basis (e.g. debtor registers, land registers, the press, the media) and that we are permitted to process.

Relevant personal data includes your personal details (name, address and other contact details, date and place of birth and nationality), identification information (e.g. passport details) and authentication data (e.g. sample signature). In addition, this can also be order data (e.g. delivery order), data from the fulfilment of our contractual obligations (e.g. sales data, credit limits, product data, etc.) advertising and distribution data, contractual and documentation data (e.g. business letters), registry data, payment transactions data (account number, bank details), communication data (telephone number, e-mail address, etc.) data about your use of our telemedia offerings (e.g. time of accessing our websites, apps or newsletter, which of our pages you clicked and/or entries) as well as other data comparable with the named categories.

We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR):

 

a) For the fulfilment of contractual duties (Art. 6 Para. 1 (b) GDPR)

The processing of personal data (Art. 4 No. 2 GDPR) is carried out for the provision of services, the delivery of goods, in particular for the performance of our contracts with you and the execution of your orders, as well as for all the necessary activities linked with the operation and management of a company.

The purposes for the data processing are primarily dictated by the specific products and services (e.g. the recording of address data, in order to be able to guarantee delivery to the correct location or the recording of account details in order to process debit and credit notes following the delivery or service).

 

b) Within the framework of the balancing of interests (Art. 6 Para. 1 (f) GDPR)

Insofar as necessary, we process your data beyond the actual fulfilment of the contract in order to maintain our justified interests or those of third parties. Some examples:

  • Checking and optimising processes for needs analysis and direct customer contact;
  • Advertising or market and opinion research, if you have not objected to the use of your data;
  • Exercising legal claims and defence in the event of legal disputes; 
  • Guaranteeing IT security and IT operations;
  • Prevention and investigation of crimes;
  • Video surveillance to collect proof in the event of crimes or to increase security in hazardous areas. This serves the protection of our clientele and employees.
  • Measures for building security and safety on the premises (e.g. access controls);
  • Measures to ensure domiciliary rights;
  • Measures for business management and the further development of services and products.

 

c) Based on your consent (Art. 6 Para. 1 (a) GDPR)

Insofar as you have given us your consent to process your personal data for specific purposes (e.g. the transfer of data to third parties, the evaluation of data for marketing purposes), the legality of this processing on the basis of your consent is given. You can revoke your consent at any time.

Please note that any revocation only has effect on the future. Processing that has been carried out prior to revocation is not affected by this.

 

d) Based on legal provisions (Art. 6 Para. 1 (c) GDPR) or in the public interest (Art. 6 Para. 1 (e) GDPR)

In addition, we are subject to various legal obligations, in other words, legal regulations (e.g. commercial law, tax law, customs law, competition law, etc.). Insofar as data affected by these laws is being processed, it is carried out exclusively on the basis of these regulations.

Within the company, all those departments that require data for the fulfilment of our contractual and legal obligations are provided with your data.  Also, those contract processors that we have commissioned (Art. 28 GDPR) can receive your data for these stated purposes. These can be companies in the categories IT services, logistics, debt collection, consultancy, marketing and consulting.

With regard to passing on data to recipients outside the company, it must be noted that we only pass on your data if this is permitted by the statutory provisions or required by law, you have consented to this or we are authorised to provide information. Subject to these conditions, recipients of personal data can be, for example:

  • Public bodies and institutions (e.g. public prosecutor's office, police, supervisory authorities, auditors) in the event of legal or official obligations.
  • Other companies, to whom we transfer your personal data for the performance of the business relationship with you (depending on the contract, e.g. banks, credit agencies, suppliers, commercial agents).

Further data recipients could be those departments you have authorised us to send data to.

Insofar as this is required, we process and save your personal data for the duration of our business relationship, which, for example, also includes the initiation and the processing of the contract and the fulfilment of the contractual purpose.

In addition, we are subject to various storage and documentation duties that arise, amongst others, from commercial law (HGB = Handelsgesetzbuch [German Commercial Code], OR = Organisationsreglement [bylaws], etc.), tax law (e.g. AO = Abgabenordnung [Regulation of Taxation) or labour law. The durations specified therein for storage and documentation respectively generally last between two to ten years, but in individual cases can be considerably longer.

Finally, the storage duration is governed by the statutory periods of limitation.

Data transfer to third counties (countries outside the European Economic Area – EEA) takes place in our server rooms in Bützberg and Oftringen within the Glas Trösch Group for the purpose of data security, so that in the case of downtime or a cyber attack on our IT systems we can be once again up and running in the shortest time possible. Otherwise transfer only takes place insofar as this is required for the fulfilment of your orders (e.g. payment orders), or it is prescribed by law of you have given us your consent. We will inform you separately about any individual details insofar as they are prescribed by law.

Every person affected has the right to information pursuant to Art. 15 GDPR, the right to correction pursuant to Art. 16 GDPR, the right to deletion  pursuant to Art. 17 GDPR, the right to a limitation to processing pursuant to Art. 18 GDPR as well as the right to data transferability pursuant to Art. 20 GDPR. In the case of the right to information and the right to deletion, the restrictions according to §§ 34 and 35 BDSG (Bundesdatenschutzgesetz [German Federal Data Protection Act]) apply. In addition, there is a right to object to the data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).

Within the framework of our business relationship, you must only provide the personal data that is required for the initiation, performance, and completion of a business relationship or the data that we are required to collect by law. Without this data we will generally be obliged to refuse the conclusion of a contract or no longer be able to process an existing contract and possibly have to end it.

In accordance with the anti-money laundering regulations in particular, we can be obliged to ask you to identify yourself, usually by means of your ID card for example, before establishing a business relationship, and thereby record your name, place and date of birth, nationality and your residential address. Further obligations can arise for example from the mandatory export controls (e.g. checks of sanctions lists). In order for us to be able to meet this statutory obligation, you have to provide us with the necessary information and documents in compliance with the anti-money laundering regulations and to report any changes that occur during the course of the business relationship immediately. In contrast, pursuant to the export controls, a so-called Statement Of End Use may be required. If you should fail to provide us with the necessary information and documents, we shall not be permitted to accept the business relationship that you are requesting or we shall be unable to continue it.

For the initiation and performance of the business relationship we fundamentally do not use any fully automated decision making process pursuant to Art. 22 GDPR. If we were to use such a system in individual cases, we should inform you of this separately, insofar as this is prescribed by law.

We sometimes process your data automatically with the aim of assessing specific personal aspects (profiling). We use profiling in the following cases for example:

Within the framework of assessing your creditworthiness (payment targets, payment breaks, payments by instalments), we use scoring for private customers and a rating system for corporate clients. In this the probability of a customer meeting their payment obligations according to the contract is calculated. In the calculation, income levels, outgoings, existing liabilities, career, employer, length of employment, payment behaviour (e.g. account transactions, balances), experience from previous business relationships and information from credit bureaus can be taken into consideration. In the case of corporate clients, further data such as sector, annual results and financial circumstances are considered. Both scoring and rating are based on mathematically/statistically recognised and well-trusted procedures. The score thus calculated and the credit standing support us in coming to a decision within the framework of product sales and are included in the current risk management.

1. Right to object based on an individual case

Based on reasons arising from your specific situation, you have the right to object at any time to the processing of your personal data, which is being carried out based on Article 6 Para. 1 (e) GDPR (data processing in the public interest) and Article 6 Para. 1 (f) of the General Data Protection Regulation (data processing on the basis of a balance of interests); this also applies for any profiling based on this provision within the meaning of article 4 No. 4 GDPR, that we use for the assessment of creditworthiness or for advertising purposes.

If you file an objection, we will no longer process your personal data unless we can provide compelling legitimate reasons that are worthy of protection for the further processing that take precedence over your interests, rights and freedoms, or the processing serves the enforcement, implementation or protection of legal claims.

 

2. Right to object to the processing of data for the purpose of direct advertising

In individual cases we process your personal data for the purpose of direct advertising. You have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to any profiling insofar as it is associated with such direct advertising.

If you object to processing for the purpose of direct advertising, we shall no longer use your personal data for these purposes.

 

You can register your objection without a form and ideally to the following address:

Glas Trösch Euroholding AG & Co. KGaA
Im Lehrer Feld 30,
D-89081 Ulm
E-mail address: datenschutz(at)glastroesch.de

 

Handling of applicant data

Information according to art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)

 

Dear Candidate,

in accordance with art. 13, 14 and 21 GDPR (regardless of whether you are resident in the EU or not), we inform you about the processing of your personal data and about claims and rights that you have under the provisions of the regulations concerning protection of personal data.

What specific data is processed and how it is used depends to a large extent on the services ordered or agreed upon.

The department responsible is:

Glas Trösch Euroholding AG & Co. KGaA
Im Lehrer Feld 30,
D-89081 Ulm
E-mail address: datenschutz(at)glastroesch.de

 

You can contact our company data protection officer at: 

Martina Pscheidt
Glas Trösch Euroholding AG & Co. KGaA
Im Lehrer Feld 30,
D-89081 Ulm
Telephone: +49 731 4096-218
E-mail address: datenschutz(at)glastroesch.de

 

 

We process personal data that you provide as part of your application. In addition, we process data that you place on external career platforms in the form of applications and which you make available to us. The relevant personal data are your personal details (name, address, communication data (e-mail,  telephone number), date and place of birth, nationality, school certificates, references and testimonials).

We process personal data in compliance with the provisions of the European General Data Protection Regulation (GDPR):

 

a) In order to carry out contractual measures (Art. 6 Para. 1 (b) GDPR)

The processing of personal data (Art. 4 No. 2 GDPR) is carried out for the purpose of checking, establishing contact and initiating a potential future work collaboration, all of which is carried out following your enquiry.

 

b) Within the framework of the balancing of interests (Art. 6 Para. 1 (f) GDPR)

In order to find the appropriate position/function for you, it is necessary to forward your application documents to the specialist departments in our company and to the units responsible.

We process your data beyond the initial completion of the application form in order to initiate and establish an employment relationship.

 

c) Based on your consent (Art. 6 Para. 1a GDPR)

Insofar as you provide your consent for us to save and process your personal data for the further application process and inclusion in a "Talent pool" (following a separate enquiry on our part), the legitimacy of this processing on the basis of your consent is given. You can revoke your consent at any time.

Please note that the revocation is only valid for the future. Any processing that was carried out prior to the revocation is not affected by this.

Within the company, those units who require your data for the purpose of checking it and possibly fulfilling your request for employment. Also processors whom we have commissioned (Art. 28 GDPR) can receive your data for these above-mentioned purposes. These can be companies in the area of candidate management as well as in the category of personal consultancy (e.g. for assessments).

Further recipients of your data could be those units for which you have given your consent for data transfer.

We store your personal data during the application process. If no employment contract comes to fruition, we delete your data 3 months after our last contact with you (e.g. interview, letter or rejection).

Insofar as necessary, we process and store your personal data for the duration of the application procedure, which possibly also includes the initiation and processing of an employment contract.

In the final analysis, the duration of storage is determined by the statutory periods of limitation.

Data transfer to third counties (countries outside the European Economic Area – EEA) takes place in our server rooms in Bützberg and Oftringen within the Glas Trösch Group for the purpose of data security, so that in the case of downtime or a cyber attack on our IT systems we can be once again up and running in the shortest time possible.

The data on the external application portal "Talentsoft" is saved on a server in the Netherlands. We have a data protection compliant contract processing agreement in place.

Otherwise transfer only takes place insofar as it is necessary for the processing of your application and you have given us your consent.

Every person affected who is resident in the EU has the right to information pursuant to Art. 15 GDPR, the right to correction pursuant to Art. 16 GDPR, the right to deletion  pursuant to Art. 17 GDPR, the right to a limitation to processing pursuant to Art. 18 GDPR as well as the right to data transferability pursuant to Art. 20 GDPR. In the case of the right to information and the right to deletion, the restrictions according to §§ 34 and 35 BDSG (Bundesdatenschutzgesetz [German Federal Data Protection Act]) apply. In addition, there is a right to object to the data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).

Within the framework of your application you are only obliged to provide the personal data that is necessary for the initiation, performance, and completion of an employment relationship or the data that we are required to collect by law. Without this data we cannot process your application or carry out the conclusion of an employment contract.

In principle, for establishing and processing the application process we do not use any fully automated decision making process pursuant to Art. 22 GDPR.

Right to object based on an individual case

Based on reasons arising from your specific situation, you have the right to object at any time to the processing of your personal data, which is being carried out based on Article 6 Para. 1 (e) GDPR (data processing in the public interest) and Article 6 Para. 1 (f) of the General Data Protection Regulation (data processing on the basis of a balance of interests).

If you file an objection, we will no longer process your personal data unless we can provide compelling legitimate reasons that are worthy of protection for the further processing that take precedence over your interests, rights and freedoms, or the processing serves the enforcement, implementation or protection of legal claims.

You can register your objection without a form and ideally to the following address:

Glas Trösch Euroholding AG & Co. KGaA
Im Lehrer Feld 30,
D-89081 Ulm
E-mail address: datenschutz(at)glastroesch.de