Privacy Policy

General

1. Your personal data within the meaning of Art. 4 No. 1 GDPR (e.g. IP address, name, e-mail address) will only be processed by us in accordance with the provisions of German data protection law and taking into account the European General Data Protection Regulation (GDPR). The following regulations inform you about the type, scope and purpose of the collection, processing and use of personal data.
2. The processing of personal data within the meaning of Art. 4 No. 2 GDPR is lawful in accordance with Art. 6 GDPR if one of the following conditions is met:
   1. The data subject has given their consent to the processing of their personal data for one or more specific purposes;
   2. the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
   3. processing is necessary for compliance with a legal obligation to which the controller is subject;
   4. processing is necessary to protect vital interests of the data subject or another natural person;
   5. the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been delegated to the controller;
   6. processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data prevail, in particular if the data subject is a child acts.
3. The processing of special personal data (e.g. health data) within the meaning of Art. 9 Para. 1 GDPR is lawful in accordance with Art. 9 Para. 2 GDPR if one of the following conditions is met:
   • there is an explicit consent of the person;
   • the processing is necessary for the establishment, exercise or defense of legal claims or in the case of actions by the courts in the context of their judicial work.
4. There is no automatic decision-making or profiling of personal data within the meaning of Art. 22 GDPR.
5. The operator ensures the security of the data in accordance with Art. 32 GDPR, taking into account the principle of proportionality, by means of suitable technical measures.
6. If, contrary to expectations, there is a breach of data protection, the competent supervisory authority in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR will be notified.

Scope

This data protection declaration only applies to our websites. If you are redirected to other sites via links on our site, please inform yourself there about the respective handling of your data.

Duration of data storage

The duration of the storage of the data transmitted by you depends on the legal storage obligations. In accordance with commercial and tax laws, invoices must be retained for a period of 10 years.

Disclosure of Data to Third Parties

Data transmitted as part of the contractual relationship will only be passed on to third parties (Art. 4 No. 10 GDPR) if you have expressly given your consent (Art. 4 No. 11 GDPR) or if the transfer is necessary to fulfill the contract. Consent can be revoked informally at any time. Data collected by visiting the website is only collected by third parties who are expressly named below.

Responsible in the sense of the GDPR

The person responsible within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws applicable in the European Union and other provisions of a data protection nature is:

Elco Industrie Automation GmbH
Benzstrasse 7
71720 Oberstenfeld
Germany

Phone: + 49 (0) 7062 6599-260
Fax: +49 (0) 7062 6599-261
Email: info@elco-automation.de

Data Protection Officer

We have appointed a data protection officer for our company:

Elco Industrie Automation GmbH
Benzstrasse 7
71720 Oberstenfeld

Telephone: + 49 7062 6599-260
Email: datenschutz@elco-automation.de

Cookies

We use cookies on our site. These are small files that your browser creates automatically and that are stored on your end device (PC, laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not damage your end device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity.
On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specific period of time. If you visit our site again to make use of our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.
These cookies enable us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined period of time. The data processed by cookies are required for the stated purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR required. Most browsers accept cookies automatically. However, you can configure your browser so that no
Cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

Storage of access data in log files

You can visit our website without providing any personal information.
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type/ browser version
• operating system used
• Referrer URL
• Host name of the accessing computer
• Time of server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently check this data if we become aware of specific indications of illegal use.
The purpose of the processing results from our legitimate interest within the meaning of Art. 6 Para. 1 S. 1 lit. f) GDPR.
A contract for order processing was concluded with our hoster.

YouTube

This website includes videos from the YouTube website. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
If you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited.
Furthermore, YouTube can store various cookies on your end device. With the help of these cookies, YouTube can receive information about visitors to this website. This information is used, among other things, to collect video statistics, to improve user-friendliness and to prevent attempts at fraud. The cookies remain on your end device until you delete them.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If a corresponding consent was requested (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be revoked at any time.
Further information on handling user data can be found in YouTube's data protection declaration at: https://policies.google.com/privacy?hl=de

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

Google Maps (with consent)

This website uses the Google Maps map service via an API. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
To ensure data protection on this website, Google Maps is deactivated when you first enter this website. A direct connection to the Google servers is only established if you activate Google Maps yourself (consent according to Art. 6 Para. 1 lit. a GDPR). This prevents your data from being transmitted to Google the first time you enter the site.
After activation, Google Maps will save your IP address. This is then usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer after the activation of Google Maps.
You can find more information on handling user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/

Google reCAPTCHA

We use “Google reCAPTCHA ” (hereinafter “ reCAPTCHA ”) on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to check whether data entry on this website (e.g. in a contact form) is done by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the website visitor spends on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyzes run completely in the background. Website visitors are not informed that an analysis is taking place.
The data processing takes place on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM.
Further information on Google reCAPTCHA can be found in the Google data protection regulations and the Google terms of use under the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de

Contact form

When using the contact form offered on these pages, the information you enter is transmitted and stored for the purpose of answering your request. The data will not be passed on to third parties. The legality of the use of the form results from Art. 6 Para. 1 Sentence 1 lit. f) GDPR.

Chat

When using the chat offered on these pages, the information you enter is transmitted and stored for the purpose of answering your request. The data will not be passed on to third parties. The legality of the use of the chat results from your consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a ) GDPR.

Newsletter

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter . Further data is not collected or only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Article 6 (1 ) (a) GDPR ). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected.
After you have been removed from the newsletter distribution list , your e-mail address may be stored in a blacklist by us or the newsletter service provider in order to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.

Shipping via Sendinblue

This website uses Sendinblue to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Sendinblue is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter will be stored on the Sendinblue servers in Germany.
If you do not wish to be analyzed by Sendinblue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.
With the help of Sendinblue it is possible for us to analyze our newsletter campaigns. So we can e.g. For example, see whether a newsletter message has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links were clicked particularly often.
Sendinblue also allows us to subdivide ("cluster") newsletter recipients into different categories. The newsletter recipients can be divided according to the selection of the desired newsletter. In this way, the newsletters can be better adapted to the respective target groups.
After you have been removed from the newsletter distribution list, your e-mail address may be stored in a blacklist by us or the newsletter service provider in order to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of § 6 Para. 1 lit. g KDG). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.
We have entered into a contract with Sendinblue in which we oblige Sendinblue to protect our customers' data and not to pass it on to third parties.
For more information, see Sendinblue's privacy policy at: https://de.sendinblue.com/datenschutz-uebersicht/?rtype=n2go

PitchView Collect

We use PitchView Collect software to record our customer contacts. In this context, we collect the customer data from business cards that have been handed over. You must agree by signature on a tablet on site that we may process your data and that you receive information from us by post, e-mail, etc. You have to tick a box for this.
The data will be passed on to the following company:
achelos GmbH, Vattmannstrasse 1, 33100 Paderborn
The processing of the data is justified on the basis of your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR.

Job application

We offer you the opportunity to apply to us (e.g. by e-mail, by post or via the online application form). In the following we will inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data takes place in accordance with the applicable data protection law and all other statutory provisions and that your data will be treated with the utmost confidentiality.
If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes from job interviews, etc.) insofar as this is necessary to make a decision on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-new according to German law (initiation of an employment relationship), Art. 6 Para. 1 lit. b GDPR (general contract initiation) and - if you have given your consent - Art. 6 Para. 1 lit. a GDPR. The consent can be revoked at any time. Within our company, your personal data will only be passed on to people who are involved in processing your application.
If the application is successful, the data you have submitted will be processed on the basis of § 26 BDSG-new and Art. 6 Para. 1 lit. b GDPR stored in our data processing systems for the purpose of carrying out the employment relationship.
If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to store the data you have transmitted on the basis of our legitimate interests (Art. 6 Para. 1 lit. f GDPR) for up to 6 months to be kept with us from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), it will only be deleted if the purpose for further storage no longer applies.
A longer storage can also take place if you have given your consent (Art. 6 Para. 1 lit. a GDPR) or if statutory storage obligations prevent the deletion.

Inquiry by e-mail, telephone or fax

If you contact us by e-mail, fax or telephone, your inquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.
This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 Para. 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 Para. 1 lit. f GDPR), since we have a legitimate interest in the effective processing of inquiries addressed to us.
The data you sent to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.

Social media links

social media pages for the third-party providers that can be reached via links from this website . By using the links you get to the respective websites of the third-party providers and can also share our content. No data transfer takes place when you visit our website. As soon as you have called up the third-party provider's website, you are in the area of responsibility of the respective third-party provider, so that their data protection declaration or their declarations on the use of data also apply. We have no influence on this, but to avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider before using a corresponding link , so that usage profiles cannot be created by the third-party provider simply by using the link.

Security of your data / SSL encryption

In accordance with legal regulations, this site uses SSL encryption, recognizable by a lock symbol in the address bar of your browser. Transmitted data cannot be read by third parties if SSL encryption is activated.
This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

User Rights

You can request information about the personal data stored about you at any time and free of charge. Your rights also include a confirmation, correction, restriction, blocking and deletion of such data and the provision of a copy of the data in a form suitable for transmission, as well as the revocation of a given consent and the objection. Statutory retention requirements remain unaffected.
Your rights arise in particular from the following standards of the GDPR:

• Article 7(3) – Right to withdraw consent under data protection law
• Article 12 - Transparent information, communication and modalities for exercising the rights of the data subject
• Article 13 - Obligation to provide information when collecting personal data from the data subjec
• Article 14 - Information to be provided when the personal data have not been collected from the data subject
• Article 15 - Right of access of the data subject, right to confirmation and to be provided with a copy of the personal data
• Article 16 – Right to rectification
• Article 17 – Right to erasure (“right to be forgotten”)
• Article 18 – Right to restriction of processing
• Article 19 – Obligation to notify in relation to rectification or erasure of personal data or restriction of processing
• Article 20 – Right to data portability
• Article 21 – Right to object
• Article 22 - Right not to be subject to a decision based solely on automated processing, including profiling
• Article 77 – Right to lodge a complaint with a supervisory authority

To exercise your rights (with the exception of Art. 77 GDPR), please contact the office named under “Responsible within the meaning of the GDPR” (e.g. by email).

Supervisory authority:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstrasse 20
70173 Stuttgart

Telephone: 0711/615541-0
Fax: 0711/615541-15
Email: poststelle@lfdi.bwl.de
Homepage: https://www.baden-wuerttemberg.datenschutz.de/