Lipoid Lipoid Lipoid
 

Privacy Policy

I. Privacy policy

Thank you for visiting this internet site. We take compliance with data protection laws for the protection of your personal data very seriously. Therefore we would like to inform you transparently about all data processing on our website.


1. Controller

The data controller in the sense of Article 4 (7) General Data Protection Regulation (GDPR) is the company named in the imprint.


2. Website and server log files

When you visit our website, the data collected from the use of the website is temporarily stored on our web server for statistical purposes in order to improve the quality of our website. This data set contains:

• the name and address of the information accessed,
• the date and time of the query,
• the amount of data transferred,
• the access status (file transmitted, file not found),
• a description of the type of browser used,
• referrer URL,
• the IP address of the requesting computer shortened to such an extent that no reidentification of any persona data is possible

The listed usage data is stored anonymously.


3. Data security

To avoid unauthorized access to your data, we have implemented technical and or-ganizational measures. We use encryption technologies on our website. Your data will be transferred to our servers and back again via a connection that is protected by a TLS encryption technology. You can recognize that you are browsing on an encryption secured website by the lock-symbol shown in the address bar of your browser and by the address bar starting with https://.


4. Cookies

Cookies are small text files that can be stored and read on your end device. Cookies may contain data which makes possible the recognition of the device used. However, sometimes cookies also only contain information on certain settings that cannot be traced to people. We use session cookies on our websites. The cookie is deleted at the end of the browser session and does not remain on your computer.
The data is processed in accordance to Art. 6 para. 1 lit. f GDPR and in the interest of optimizing or enabling user guidance and improving our website presence.
Please be aware that you can set your browser to inform you when cookies are being stored or used on the website you are visiting. Thus, any use of cookies is transparent to you. You have the possibility to delete your browser configuration at any time and prevent any use of new cookies. In the event you refuse the use of cookies, please note that our websites may not be displayed optimally and some functions are then no longer technically available.


5. Recipients

We transfer your data to service providers who support us in the operation of our website and the associated processes. This transference is made under the scope of a data processing agreement in accordance to Art. 28 GDPR. These are e.g. hosting service providers. Our service providers are bound to us by strict instructions and contractual obligations.


6. Communication by email / telephone / mail

Purpose of data processing/ lawful basis:
Personal data that you provide to us by email, telephone or mail will be treated confidentially. We will use your data exclusively for the purpose of dealing with the enquiry. The legal basis for the data processing is Article 6 para. 1 lit. f GDPR. Our legitimate interest arises from the interest to respond to the enquiries of our customers, business partners and stakeholders with the aim of maintaining and promoting their satisfaction.
Recipient/ categories of recipients:
We do not disclose data to any third parties. Data may be processed on our behalf by data processors in exceptional cases. These data processors have been carefully selected, are audited by us and are bound by contract in accordance with Article 28 of the GDPR.
We may also be required to pass on enquiries to other companies within Lipoid where this is necessary for processing.
Storage period/ criteria to determine the storage period:
All personal data provided by you in the context of enquiries will be deleted after we finally processed your enquiries and unless there are no legal storage obligations.


7. Online- Applications

Purpose of data processing/ lawful basis:

You have the opportunity to apply for the jobs posted on our website. You determine the data you want to submit to us as part of your application. Applications are sent by e-mail to our human resources department, and processed as soon as possible. Please note that our e-mail server is SSL transport-encrypted. Nevertheless, under certain circumstances the data may be read or manipulated by unauthorised parties. Therefore we offer you the opportunity to send us your application as an encrypted attachment. If you would like to do this, please contact us using the contact options listed in our imprint and send us the encryption code by telephone.

We process your personal data in compliance with applicable data protection regulations pursuant to Art. 88 GDPR i.c.w. § 26 German Federal Data Protection Act (BDSG). We process the data you provide us in the context of your application strictly for the purpose of selecting applicants. Data will not be processed for other purposes.
If we may also consider your application for other or future job openings, please indicate this on your application. We will then process your data on the basis of Art. 6 para. 1 lit. a GDPR.

Recipient/ categories of recipients:

We do not disclose your data to any third parties. Within the company where you are applying for the job, your personal data is only made available to those persons, who are involved in the decision-making process. A disclosure to other companies within Lipoid is only possible with your consent.

Storage period/ criteria to determine the storage period:

In case of a successful application, your personal data will be stored for the duration of your employment. After termination of the employment relationship, your tax-relevant data will be archived for a period of up to 10 years in line with the legal retention periods under § 257 (1) point 1 and § 257 (4) of the German Commercial Code, § 147 of the German Fiscal Code. In case of an unsuccessful application, your personal data will be deleted four months after the negative message. A longer storage period despite the negative message is only possible with your consent.


8. Rights of the Data Subjects

In light of the processing of your personal data, the GDPR grants you as a user of social media pages the following rights:

1. Right of access to your data (Art. 15 GDPR):

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, obtain access to the personal data and the information as specified in Art. 15 GDPR.

2. Right to rectification and erasure (Art. 16 and 17 GDPR):

You have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
You also have the right to obtain an erasure of the personal data concerning you without undue delay, if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data is no longer necessary for the intended purpose.

3. Right to restriction of processing (Art. 18 GDPR):

You have the right to request restriction of the processing of your data if one of the conditions set out in Article 18 GDPR is met, for instance if you have objected to the processing of your data or for the duration of a possible evaluation, if our legitimate interests overrides the interests of the data subject.

4. Right to data portability (Art. 20 GDPR):

In certain situations, listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or demand a transmission of the data to another third party.

5. Right to object (Art. 21 GDPR):

If the data is processed pursuant to Art. 6 para. 1 lit. e or lit. f GDPR (data processing for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or for the purpose of the legitimate interests), you have the right to object to the processing at any time for reasons arising out of your particular situation. We will then no longer process your personal data, unless there are demonstrably compelling legitimate grounds for processing, which override the interests, rights and freedoms of the person concerned, or the processing serves the purpose of asserting, exercising or defending legal claims.

6. Withdrawal of consent

In case you consented to the processing of your data, you have the right to revoke this consent at any time with effect for the future. The lawfulness of data processing prior to your withdrawal remains unchanged.

7. Right to lodge a complaint with a supervisory authority

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes applicable data protection regulations. Your right to lodge a complaint may be enforced in the Member State of your habitual residence, place of work or the place of the alleged infringement.


9. Contact details of our Data Protection Officer

Our data protection officer will be happy to provide you with information regarding data protection related inquiries:
datenschutz süd GmbH
Wörthstraße 15
97082 Würzburg
Web: www.datenschutz-nord-gruppe.de
E-Mail: office [at] datenschutz-sued [dot] de

II. Information concerning data protection according to Art. 13 DSGVO for business partners

1. Controller

The responsible body is the company with which you are initiating or conducting a business relationship.

2. Data processing in order to fulfil contractual obligations (Art. 6 para. 1 lit. b GDPR)

The purposes of the data processing result from the execution of pre-contractual measures, which precede a contractually regulated business relationship and in the fulfilment of the obligations from the concluded contract.

3. Data processing in order to fulfil a legal obligation (Art. 6 para. 1 lit. c GDPR)

The purposes of the data processing result in individual cases from legal obligations. These legal obligations include, for example, the fulfilment of storage and identification obligations, e.g. s part of the regulations for the prevention of money laundering, tax control and reporting obligations, and the data processing required as a result of enquiries from authorities.

4. Data processing in order to fulfil legitimate interests (Art. 6 para. 1 lit. f GDPR)

We process your data for internal purposes, for example for measures to ensure proper business operations, for establishing contact, for auditing, etc. Data processing is carried out on the basis of a legitimate interest on the basis of Art. 6 para. 1 lit. f DSGVO. The legitimate interests here are in particular the selection of appropriate business partners, enforcement of legal claims, defence against liability claims, access or access controls, clarification of possible compliance violations, prevention of criminal offences and the settlement of damages resulting from the business relationship as well as contact data of business partners who are not themselves contractual partners.

5. Storage period

Personal data will be kept for as long as is necessary to fulfil the above-mentioned purposes. In particular, the statutory storage obligations from the German Commercial Code (HGB) and the Fiscal Code (AO), are relevant here.

6. Statutory or contractual requirement to provide personal data

As part of our business relationship, you must provide us with the personal data necessary to establish, conduct and terminate a business relationship and to perform the duties associated therewith, which we are required to collect by law or have the right to do so in our legitimate interests. Without this data, we will usually not be able to enter into a business relationship with you.

7. Recipient

Within our company, the areas that need the data provided by you to fulfil their contractual or legal obligations or to fulfil their legitimate interests are given access to it. As part of the contractual relationship, we also commission contract processors or service providers who may have access to your personal data. Compliance with data protection regulations is contractually ensured. The data may also be transferred to companies within the Lipoid group of companies in order to fulfil contractual obligations.
If we transfer personal data to recipients outside the European Economic Area (EEA), this transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection, if an adequate level of data protection has been agreed with the data recipient (e.g. by means of EU standard contract clauses) or if we have received your consent to do so.

8. Rights of the data subject

You have the right, upon request and free of charge, to receive information about your personal data stored by us. In addition, you have a right to the correction and deletion of this personal data, if one of the reasons stated in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued. You have the right to data transferability and a right to restriction of processing in accordance with the statutory provisions. If we process your personal data on the basis of your consent, you have the right to at any time revoke this consent with effect for the future. If data is collected on the basis of Art. 6 para. 1 lit. e (data processing for the fulfilment of official tasks or the protection of the public interest) or lit. f (data processing for the safeguarding of legitimate interests), the data subject shall have the right to object to the processing at any time for reasons arising from their particular situation. We will then no longer process the personal data unless there are verifiable compelling legitimate grounds for processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves the assertion, exercise or defence of legal claims. In such cases, please contact us in writing or by e-mail at the following address:

Lipoid GmbH
Frigenstr. 4
D - 67065 Ludwigshafen
datenbeauftragter [at] lipoid [dot] com

9. Right to lodge a complaint with a supervisory authority

Any data subject has the right to lodge complaint with a supervisory authority if they consider that the processing of data concerning them is in breach of data protection provisions. The right to complain can in particular be exercised before a supervisory authority in the Member State where the data subject is staying or where the alleged infringement took place.

10. Contact details of the Data Protection Officer

datenschutz süd GmbH
Wörthstraße 15
97082 Würzburg
E-Mail: office [at] datenschutz-sued [dot] de
Telefon: +49-931-304976-0