Privacy Policy

Data protection declaration

 

Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.

Server log files
You can use our websites without submitting personal data. 
Every time our website is accessed, user data is transferred to us or our web hosts/IT service providers by your internet browser and stored in server log files. This stored data includes for example the name of the site called up, date and time of the request, the IP address, amount of data transferred and the provider making the request. The processing is carried out on the basis of Article 6(1) f) GDPR due to our legitimate interests in ensuring the smooth operation of our website as well as improving our services.

 

Contact

 

Responsible person/Data protection officer

Contact us if you wish. The contact details of the person responsible for data processing can be found in our imprint.

Data protection officer:

DSB Münster GmbH

Telefon: 0251 718790

info@dsb-ms.de

Proactive contact of the customer by e-mail

If you make contact with us proactively via email, we shall collect your personal data (name, email address, message text) only to the extent provided by you. The purpose of the data processing is to handle and respond to your contact request.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.
If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will subsequently be deleted in compliance with statutory retention periods, unless you have agreed to further processing and use.
Collection and processing when using the contact form 
When you use the contact form we will only collect your personal data (name, email address, message text) in the scope provided by you. The data processing is for the purpose of making contact.
If the initial contact serves to implement pre-contractual measures (e.g. consultation in the case of purchase interest, order creation) or concerns an agreement already concluded between you and us, this data processing takes place on the basis of Article 6(1)(b) GDPR.

If the initial contact occurs for other reasons, this data processing takes place on the basis of Article 6(1)(f) GDPR for the purposes of our overriding, legitimate interest in handling and responding to your request. In this case, on grounds relating to your particular situation, you have the right to object at any time to this processing of personal data concerning you and carried out on the basis of Article 6(1)(f) GDPR.
We will only use your email address to process your request. Finally your data will be deleted, unless you have agreed to further processing and use.

Cookies 

Our website uses cookies. Cookies are small text files which are saved in a user’s internet browser or by the user’s internet browser on their computer system. When a user calls up a website, a cookie may be saved on the user’s operating system. This cookie contains a characteristic character string which allows the browser to be clearly identified when the website is called up again.

Cookies will be stored on your computer. You therefore have full control over the use of cookies. By choosing corresponding technical settings in your internet browser, you can be notified before the setting of cookies and you can decide whether to accept this setting in each individual case as well as prevent the storage of cookies and transmission of the data they contain. Cookies which have already been saved may be deleted at any time. We would, however, like to point out that this may prevent you from making full use of all the functions of this website.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Chrome Browser: https://support.google.com/accounts/answer/61416?hl=en
Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Technically necessary cookies

Insofar as no other information is given in the data protection declaration below we use only these technically necessary cookies cookies to make our offering more user-friendly, effective and secure. Cookies also allow our systems to recognise your browser after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. These services require the browser to be recognised again after a page change.

The use of cookies or comparable technologies is carried out on the basis of Art. 25 para. 2 TTDSG. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our largely justified interest in ensuring the optimal functionality of the website as well as a user-friendly and effective design of our range of services.
You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR, for reasons relating to your personal situation.

Information obligation on handling of personal data for business associates of Franz Ziel GmbH
Conformable to article 13, 14 EU General Data Protection Regulation (EU DS-GVO) we subsequently
inform you about the processing of your personal data by us as well as your rights
resulting from this process in the following.
1. Name and contact details of the person in charge
Franz Ziel GmbH, Raiffeisenstraße 33, 48727 Billerbeck
Phone: 02543 / 23350
E-Mail: mail@ziel-gmbh.com
2. Contact details of the data security administrator
DSB Münster GmbH, Martin-Luther-King-Weg 42-44, 48155 Münster
Phone: 0251 / 71879-110
E-Mail: datenschutz@ziel-gmbh.com
3. Purpose and legal basis for processing of personal data
We process personal data insofar these are necessary for contract reason, -execution, fulfillment
and for execution of contractual measures (Art. 6 Abs. 1 lit. b DS-GVO, e.g. in connection
with preparation, execution and administration of orders), for fulfillment of a legal obligation
(Art. 6 Abs. 1 lit. c DS-GVO, e.g. compliance of storage obligation with regard to commercial
and fiscal law pursuant to § 257 HGB und § 147 AO), for protection of vested interests of
responsible persons or a third person (Art. 6 Abs. 1 lit. f DS-GVO, e.g. for storage of data
during a period adequate for acquisition efforts or for assertion of legal claims and for defense
in legal disputes)
4. Sources and categories of processed personal data
We process personal data which we receive within the scope of contacting and our business
relationship, e.g. for processing of an enquiry or an order, from your or public sources as e.g.
trade register, World Wide Web and directories or from third parties such as financial institutions,
rating agencies or business associates.
Relevant personal data are especially personal details (such as name, given name, address,
bank details, invoice address, tax number respectively turnover tax ID) and other contact details
(e.g. phone number, email address). Furthermore this could also be contract- or order
data (such as sales data, order volume), information about your financial background (e.g.
solvency) and data about yourself (e.g. profession, position, responsibilities and authority) as
well as other, comparable to the aforementioned, kinds of data.
5. Recipients or categories of recipients of personal data
Within the company only those positions are granted access to data which require it for fulfillment
of contractual and legal obligations, respectively in order to implement our vested interest (e.g. sales) Data processors according to Art. 28 DS-GVO can process data for these purposes,
such als IT services, cloud provider and data disposal contractors. All service providers
are contractually obliged, to handle your data confidentially.
Transfer of data to recipients outside the company only takes place in compliance with valid
data protection regulations to be applied. Recipients of personal data could, amongst others,
be logistic companies, service providers, suppliers, subcontractors, tax consultants, auditors,
credit- and financial institutions, information bureaus, collection agencies, lawyers and public
authorities. In these cases information will be passed on to these companies or individuals in
order to enable further handling.
6. Transfer to a third party country (outside EU/EEA) or to an international organisation
Transfer of personal data to a third party country takes place within the scope of order processing
principally due to a EU-adequacy decision and signature of standard data protection regulations
considering contractual, technical and organisational measures to achieve compliance
of EU data protection level. Should data transfer be executed to a third party country not
adhering to the named criteria, this does take place in exceptional cases on basis of a legal
obligation or consent by the party concerned.
7. Duration of data storage and criteria for determination of this period
Necessary personal data will be stored for the validity of warranty claims. Furthermore personal
data are stored in accordance with statutory periods. Corresponding burden of proof and
retention obligation are defined by the „Handelsgesetzbuch“ (HGB) and „Abgabenordnung“
(AO). Maturities for storage or documentation given there amount to up to ten years. Data not
requried for fulfillment of contractual or legal obligations any more will be deleted on a regular
basis.
In addition to the aforementioned information please find an overview of miscellaneous
data privacy laws hereafter:
  • Right of access to respective personal data (Art. 15 DS-GVO)
    Right to rectification (Art. 16 DS-GVO), erasure (Art. 17 DS-GVO) and restriction of processing
    (Art. 18 DS-GVO)
  • Right of objection against processing (Art. 21 DS-GVO)
  • Right to data portability (Art. 20 DS-GVO)
  • Right to withdraw consent at all times without affecting lawfulness of all data processing
    occurred conformable to consent until withdrawal (Art. 7 Sec. 3 DS-GVO)
  • Right to lodge a complaint with a supervisory authority (Art. 77 DS-GVO)

We do not use fully automated decision-making pursuant to Art. 22 DS-GVO for reasoning,
fulfillment or execution of business relationship on a principle basis. Should we apply this method
in individual cases, we will inform you respectively obtain your consent if this is stipulated
by law.

Is there an obligation to provide data?
Within the scope of the contractual relationship, respectively within the contract negotiation
phase you only have to provide data necessary for this process. There is no obligation to make data available. Without data, we will usually not be able to carry out necessary precon-tractual measures respectively execute a contractual relationship with you.
Separate information regarding your right of objection in accordance with Artikel 21 DS-GVO
Pursuant to Art. 21 Abs. 1 DS-GVO you have the right to file an objection against processing of your data taking place because of Artikel 6 Abs. 1 lit, DS-GVO, due to reasons resulting from your particular situation.
Should you file an objection, we will not continue processing your data unless we can proof compelling, worthy of protection reasons for processing, which predominate your interests, rights and liberties or if processing serves assertion, executing or defence of legal claims.
Should processing be carried out in order to conduct direct advertising, you have the right to object against processing of personal data according to Art. 21 Abs.2 for the purpose of this kind of advertising; this is also valid for profiling, insofar it is connected with this kind of direct advertising. Should you object against processing for the purpose of direct advertising, we will not continue to process your personal data for these purposes.
Should you wish to make use of your right of objection or other rights of the individual, notifi-cation in written form shall be sufficient. You can contact us via letter post, fax or email.

 

8. Information on Data Protection for external Online Meetings via MS Teams

 

Conformable to article 13, 14 EU General Data Protection Regulation (EU DS-GVO) as well as the Bundesdatenschutzgesetz (BDSG) we hereafter inform you about the processing of your personal data in connection with the conduct of so called “Online Meetings” via the video conference software “Microsoft Teams”.

Name and contact data of the responsible body

Responsible for data processing directly related to the conduct of so-called “Online Meetings” is

 

Franz Ziel GmbH

Raiffeisenstraße 33

48727 Billerbeck

Telefon: 02543 / 2335 – 0

mail@ziel-gmbh.com

 

Note: When entering the “Microsoft Teams” website, responsibility for the data processing lies with the provider. However, using the website is only required once when downloading the software.

Should you not wish or not be able to use the “Microsoft Teams” App, usage of “Microsoft Teams” can also be carried out via your browser. In that case the service is provided by the website of “Microsoft Teams” as well. Responsibility for data processing thereby passes on to the “Microsoft Teams” provider.

Contact details of the responsible data protection officer

Franz Ziel has appointed a data protection officer. Contact details are as follows:

 DSB Münster GmbH

Martin-Luther-King-Weg 42-44

48155 Münster

Telefon: 0251 / 71879-110

datenschutz@ziel-gmbh.com

Purpose of processing

We use “Microsoft Teams” as a tool to conduct telephone conferences, video conferences and webinars (hereafter referred to as „online meetings“). “Microsoft Teams” is a service provided by the Microsoft Corporation.

Legal bases for data processing

Legal basis for processing of personal employee data of Franz Ziel GmbH is § 26 BDSG.

Processing of personal employee data of Franz Ziel GmbH is carried out on the legal basis of § 26 BDSG. If, in connection with the use of “Microsoft Teams”, personal data is not required for the establishment, performance or termination of the employment relationship however simultaneously crucial part in applying “Microsoft Teams”, use of this data is subject to 6 Abs. 1 lit. f DS-GVO. Our focus in these cases lies exclusively on the effective execution of online meetings.

Insofar as the processing of personal data in the context of online meetings is required for the fulfilment of a contract to which you are a party or for the implementation of precontractual measures that are taken at your request, Art. 6 (1) lit. b DS-GVO serves as legal basis for the processing of personal data.

Type and scope of data processing

We use “Microsoft Teams” as a tool to conduct online meetings. Should the need to record online meetings arise, we will inform you accordingly in advance and obtain your consent. Should these recordings be necessary in order to document results of an online meeting, chat contents will be filed. However, this will mostly not be the case.

An automated decision-making according to Art. 22 DS-GVO will not be applied.

When using “Microsoft Teams” the personal data mentioned hereafter are undergoing processing, whereby the scope of these data is also dependant on the information you’re providing during participation in an online meeting.

  • User information (registration information e.g. user name, activation- and conference codes, email address, first name, surname, company, organisation Id., participant Id., profile picture (optional))
  • Configuration- and communication data such as device name, IP-address, geo data, time zones, activity logs, hardware type
  • Conference information e.g. date, time, duration, number of participants, dial-in mode, diagnosis information

Text-, audio- and video files: In an online meeting you may have the opportunity of using the chat function. Text entered by you will be processed insofar as to be displayed in the online meeting. To enable video and audio mode, data of your device’s microphone and video camera will be processed during the duration of the meeting. You can switch off or mute the camera as well as the microphone autonomously at all times.

Recipient / Transfer of data

When processing personal data in connection with participation in online meetings no data will be passed on to third parties in principle unless they are specifically intended to be passed on. Please note that content from online meetings as well as from face-to-face meetings is often intended to communicate with and pass on information to customers, interested parties or third parties. It is therefore destined to be shared.

A further recipient of the data provided by you is the Microsoft Corporation in its function as provider of “Microsoft Teams”.

Data processing outside the European Union

As a matter of principle data processing in third countries does not take place, as we, respectively the service provider, have strictly limited the storage location to data centres within the EU or the EEA.

However, we cannot rule out the possibility that the service provider also uses servers outside the EU or EEA or that the routing of data takes place via internet servers that are located outside the EU or EEA. In this case, an adequate level of data protection is guaranteed by means of applicable EU standard data protection clauses. Furthermore, the data is encrypted during transport via the internet as a supplementary protective measure and thus fundamentally secured against unauthorised access by third parties.

Duration of data storage

Your personal data processed as part of your use of “Microsoft Teams” will generally be deleted as soon as it is no longer required for the purpose it was collected for. A requirement for storage may exist in particular if the data is still needed to fulfil contractual services and to be able to check and grant or defend against warranty or, if applicable, guarantee claims. In case of statutory retention obligations of 6 years or 10 years according to commercial and tax law, deletion can only be carried out after expiry of the respective retention obligation. If and insofar as the processing is based on your consent, the data will only be stored until you revoke your consent, unless there is also another legal basis for the processing.

Your right as a person concerned

As a person concerned you can assert the rights granted to you by the DS-GVO at all times insofar as these are applicable to the processing.

        • Right of information about the personal data processed by us (Art. 15 DS-GVO)
        • Right of rectification or completion of data relating to you (Art. 16 DS-GVO)
        • Right of deletion of data relating to you in accordance with Art. 17 DS-GVO
        • Right to demand a restriction of the processing of the data in accordance with Art. 18 DS-GVO;
        • Right of data transfer accordant to Art. 20 DS-GVO;
        • Right of objection to future processing of data concerning you in accordance with Art. 20 DS-GVO

Revocability of your consent

You have the right to withdraw consent at all times. Should the processing take place on base of a jurisdictional consent, this can be withdrawn at all times without affecting lawfulness of all data processing occurred conformable to consent until withdrawal (Art. 7 Sec. 3 DS-GVO). The withdrawal shall not affect the lawfulness of the processing carried out up to the point of revocation.You have the right to lodge a complaint with a supervisory authority (Art. 77 DS-GVO)