Privacy policy

General introduction:

We take the protection of your personal data very seriously and want you to be safe when visiting our website. Our data protection practices comply in particular with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetzes (TDDDG). At this point, we would like to inform you about the type, scope and purpose of the processing of your personal data. We would like to point out in advance that this data protection declaration only refers to our websites and does not apply to third-party websites to which we refer in the form of links.

Object of protection:

The object of protection is personal data. This is all information that relates to an identified or identifiable natural person (hereinafter “data subject”). This primarily includes information that allows conclusions to be drawn about your identity (e.g. details such as name, address, email address and telephone number, but also IP addresses, as well as browser and device fingerprints).

Technical requirements:

To enable you to establish a connection to our website, your browser transmits certain data to the web server of our website. This is a technical necessity so that the information you have called up can be made available by the website. To make this possible, your IP address, the date and time of your request and the type of operating system you are using are stored and used for a maximum of 30 days. We reserve the right to store this data for a limited period of time to safeguard our legitimate interests in order to initiate a derivation of personal data in the event of unauthorized access or an attempt to deliberately harm us in this way (Art. 6 para. 1 f GDPR). The data will only be stored or forwarded by us for these and no other purposes without us informing you in advance and asking for your permission.

Cookies:

Cookies are small text files that are stored on your computer or mobile device via your browser, e.g. to recognize whether you visit websites repeatedly from the same device or browser.Cookies are generally used to improve the user-friendliness of the website.In principle, however, you can also access these websites without cookies.As a rule, cookies can be deactivated or removed with the help of tools that are available in most commercial browsers. The settings must be defined separately and set individually for each browser you use.The various browsers offer different functions and options for this purpose.

In order to be able to use our website fully and conveniently, you should accept those cookies that enable the use of certain functions or make use more convenient.You can see the purpose for which the cookies we use are used and for how long they are stored in the following overview:

Cookie list:

When visiting our website, only cookies necessary to provide you with our digital service are set (§25 Section 2 No. 2 TDDG).

Contact Options:

On our website, there is a “Contact” button that allows you to get in touch via email with our Bleistahl locations worldwide. We process your name, email address, and any additional information you provide to respond to your inquiry and provide you with the best possible service. This processing enables us to deliver the expected service and continually improve our services, and it is based on our legitimate interest according to Art. 6 Section 1 f of the GDPR.

Processing of Applicant Data:

On our website, you have the opportunity to apply for job postings we advertise online. During the application process, we process the data you provide through the online form and (subsequently) in personal interviews. This includes contact details and all information related to your application (resume, certificates, qualifications, photos, potential references, information on the degree of disability, etc.).

We use this data to conduct the application process and assess whether we can offer you the position you applied for and whether you can be integrated into our team. The legal basis for this is Art. 88 Section 1 GDPR in conjunction with § 26 Section 1 Sentence 1 BDSG. If we receive health-related data from you, such as the degree of disability, this processing takes place according to Art. 9 Section 2 lit. b GDPR in conjunction with § 26 Section 3 BDSG.

We have commissioned coveto ATS GmbH with the provision of our applicant management system. As part of this data processing agreement, the company (potentially) also has access to your personal data. The processing is based on a data processing agreement according to Art. 28 Section 3 GDPR.

Your personal data will only be processed within a member state of the European Union or in a state party to the European Economic Area. A transfer of your data to a third country will only occur with your prior consent and if the requirements of Art. 44 ff. GDPR are met (e.g., an adequacy decision by the European Commission or standard data protection clauses).

The personal data collected during the application process will be retained for 6 months after the application process is concluded in the event of a rejection, to defend against claims under the General Equal Treatment Act (AGG). You have the option to consent to a longer retention period (until revoked) via the online application form according to Art. 6 Section 1 a GDPR, in order to be included in our applicant pool and be informed about further job offers.

Additional General Information:
Changes to this Privacy Policy:

We periodically review the privacy policy for compliance with legal regulations, court rulings, the guidelines of supervisory authorities, and in response to emerging trends and technological developments. Therefore, we reserve the right to make changes to this privacy policy to adapt it to new legal requirements or other changes in factual or legal circumstances. Please always check the privacy policy at the beginning of your use of our online services to stay informed about the applicable privacy policy at that time.

Who is responsible for data processing? (Art. 13 Section 1 a, b GDPR)

The entity responsible for data processing on our website is BleiStahl Produktions GmbH & Co. KG. You can find the contact details in the imprint:

https://www.bleistahl.com/impressum/

You can reach our Data Protection Officer at:

Thorsten Werning (CONCEPTEC GmbH)
Bleichstraße 5
45468 Mülheim an der Ruhr
Email: datenschutz@bleistahl.de

Who receives your personal data? (Art. 13 Section 1 e, f GDPR)

We treat your personal data confidentially and generally do not share it with third parties, unless you have given your consent, the provision is due to a legal or contractual obligation, or the disclosure is necessary for pre-contractual measures or the fulfillment of a contract. In some cases, we commission data processors to process your personal data. This is done according to Art. 28 GDPR and based on a data processing agreement.

How long will the data be stored? (Art. 13 Section 2 a GDPR)

Legislation has introduced numerous retention requirements and periods.

In general, we store your data only as long as it is legally required.

After these periods (or if the data is not subject to specific retention periods), the corresponding data is routinely deleted, provided that it is no longer necessary for the purposes for which it was collected or otherwise processed. Data that we process based on your consent is stored until revoked or as long as the data is needed. Data that we process based on a legitimate interest is stored as long as the legitimate interest exists.

Commercial or financial data from a completed fiscal year will be deleted according to legal regulations after an additional ten years, provided no longer retention periods are required or justified. If data is not subject to specific retention periods, it will be deleted when the purposes for which it is processed no longer apply.

For what purposes and on what legal basis do we process your personal data? (Art. 13 Section 1 c, d GDPR)

We have already explained the purposes and legal bases of data processing. In general, the following applies: If necessary, we process your data to protect the legitimate interests of ourselves or third parties in accordance with Art. 6 Section 1 f GDPR, for example, to assert legal claims and defend in legal disputes or to ensure IT operations and security.

If we have a legitimate interest or you have given us written consent to process your personal data, we process your data for external communication and marketing purposes based on Art. 6 Section 1 a or f GDPR. You have the right to revoke your consent at any time.

For the fulfillment of legal requirements, we may or must, if necessary, process your data and pass it on to third parties (in accordance with Art. 6 Section 1 c GDPR).

We do not use your data for automated decision-making or profiling in any way.

We also use cookies to provide you with improved service when using our website and to make using this website easier for you (Art. 6 Section 1 f GDPR).

What rights and obligations do you have? (Art. 13 Section 2 b, c, d, e GDPR)

Every data subject has the following rights:

According to Art. 15 GDPR, you have the right to access. This means you can request confirmation from us as to whether personal data concerning you is being processed. If we process personal data about you, you can also request a copy of the data from us.
According to Art. 16 GDPR, you have the right to rectification. This means you can request the correction of inaccurate personal data concerning you.
According to Art. 17 GDPR, you have the right to deletion (“Right to be Forgotten”). This means you can request that we delete personal data concerning you without undue delay, unless we are unable to delete your data due to legal retention obligations.
According to Art. 18 GDPR, you have the right to restrict processing. This means that, apart from storing your personal data, we may not process it further.
According to Art. 20 GDPR, you have the right to data portability. This means you have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format and to transfer this data to another controller.
According to Art. 7 Section 3 GDPR, you have the right to withdraw consent at any time with future effect.
According to Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority.

In addition, you have a right to object, which we will explain in more detail at the end of this privacy policy.

If you wish to exercise your rights, please contact the Data Protection Officer (contact details above).

Competent Supervisory Authority

Landesbeauftragte für Datenschutz
Nordrhein-Westfalen
Street address: Kavalleriestr. 2-4, 40213 Düsseldorf
Postal address: Postfach 200444, 40102 Düsseldorf

Phone: +49 (0) 211 38424 -0
Email: poststelle@ldi.nrw.de

Information on Your Right to Object under Article 21 of the General Data Protection Regulation (GDPR)

You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you that is carried out on the basis of Article 6 Section 1 lit. f of the GDPR (data processing based on a balancing of interests); this also applies to profiling based on this provision as defined by Article 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.

Please submit your objection in writing (via email or post) to our Data Protection Officer (contact details provided above).