Privacy Policy

We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the HeMaTech Prüftechnik GmbH & Co. KG. The use of the Internet pages of the HeMaTech Prüftechnik GmbH & Co. KG is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the HeMaTech Prüftechnik GmbH & Co. KG. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

As the controller, the HeMaTech Prüftechnik GmbH & Co. KG has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.

1. Definitions

The data protection declaration of the HeMaTech Prüftechnik GmbH & Co. KG is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.

In this data protection declaration, we use, inter alia, the following terms:

a) Personal data

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject

Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

c) Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

e) Pseudonymisation

Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

f) Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

g) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

h) Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

i) Third party

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

j) Consent

Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and Address of the controller

Responsible for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

HeMaTech Prüftechnik GmbH & Co. KG
Siemensstr. 7
71409 Schwaikheim
Deutschland
Phone: +49 7195 1369-0
Email: info@hematech.de
Website: www.hematech.de

4. Collection of general data and information

Every time you visit our website, a range of general data and information is collected. This general data and information is stored in the server's log files. The following can be recorded: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites that use an accessing system on our website can be controlled, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information that serves to avert risks in the event of attacks on our information technology systems.

When using this general data and information, HeMaTech Prüftechnik GmbH & Co. KG does not draw any conclusions about the person concerned. Rather, this information is required to (1) deliver the content of our website correctly, (2) optimize the content of our website and the advertising for it, (3) to ensure the long-term functionality of our information technology systems and the technology of our website and ( 4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack. This anonymously collected data and information is therefore statistically evaluated by HeMaTech Prüftechnik GmbH & Co. KG on the one hand and also with the aim of increasing data protection and data security in our company in order to ultimately provide an optimal level of protection for the personal data processed by us Ensure data. The anonymous data of the server log files are stored separately from all personal data provided by a data subject and automatically deleted on a daily basis.

4. Contact option via the website

5. Basis of data processing

The basis of data processing in accordance with Article 6 Paragraph 1 Sentence 1 GDPR are:

• your consent (lit. a);
• the processing of data to fulfill a contract or to initiate a contract (lit. b);
• the fulfillment of a legal obligation (lit. c);
• the data collection is based on a legitimate interest of our company (lit. f);

6. Cookies

7. Data protection regulations for the application and use of the following services

Usercentrics

On our website we use the Usercentrics consent management tool from Usercentrics GmbH (Rosenthal 4, 80331, Munich; “Usercentrics”). The tool enables you to give your consent to data processing on the website, in particular the setting of cookies, and to exercise your right of withdrawal for consent that has already been given. Data processing serves the purpose of obtaining and documenting the necessary consent to data processing and thus complying with legal obligations. Cookies may be used. Here u. a. the following information is collected and transmitted to Usercentrics: date and time of the page visit, information about the browser you are using and the device you are using, anonymized IP address, opt-in and opt-out data. This data is not passed on to other third parties. Data processing takes place to fulfill a legal obligation on the basis of Art. 6 Para. 1 lit. c GDPR. The proof of cancellation of a previously given consent is kept for a period of three years. You can find more information on data protection at Usercentrics at: https://usercentrics.com/privacy-policy/.

Use of the Google Tag Manager

We use the Google Tag Manager from Google LLC on our website. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws. This application manages JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of the needs-based design and optimization of our website. The Google Tag Manager itself does not save cookies nor does it process personal data. However, it enables the triggering of further tags that can collect and process personal data. You can find more information on terms of use and data protection at https://www.google.com/analytics/tag-manager/use-policy/.

Use of Google Analytics with anonymization function

We use the web analysis service Google Analytics from Google LLC on our website. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws. Data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google will use the information obtained on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. Among other things, The following information is collected: IP address, date and time of the page visit, click path, information about the browser and device you are using, pages visited, referrer URL (website through which you accessed our website) ), Location data and buying activities. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Google Analytics uses technologies such as cookies, web storage in the browser and tracking pixels, which enable an analysis of your use of the website. The information generated by this about your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymization is activated on this website. As a result, Google will shorten your IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transferred to a Google server in the USA and abbreviated there in exceptional cases. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines. Data processing, in particular the setting of cookies, takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent until you revoke it. You can find more information on terms of use and data protection at https://marketingplatform.google.com/about/analytics/terms/us/ or at https://policies.google.com/technologies/cookies?hl=en.

Use of the remarketing or "similar target group" function of Google Inc.

We use the remarketing or "similar target group" function of Google LLC on our website (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws. The application serves the purpose of analyzing visitor behavior and visitor interests. Google uses cookies to carry out the analysis of website use, which forms the basis for the creation of interest-based advertisements. Cookies are used to record visits to the website and anonymized data on the use of the website. There is no storage of personal data of the visitors of the website. If you visit another website in the Google Display Network below, you will see advertisements that are very likely to take account of previously accessed product and information areas. Your data may be transferred to the United States. Google has certified itself according to the US-EU data protection agreement “Privacy Shield” and thus committed to comply with the European data protection guidelines. Data processing, in particular the setting of cookies, takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent until you revoke it. You can find more information on Google remarketing and the associated data protection declaration at: https://policies.google.com/technologies/ads?hl=en

Use of Google Ads and conversion tracking

We have integrated Google Ads on this website and use conversion tracking in this context (visit campaign evaluation). Google Conversion Tracking is an analysis service provided by Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws. If you click on an advertisement placed by Google, a cookie for the conversion tracking is placed on your computer. These cookies have a limited validity, do not contain any personal data and are therefore not used for personal identification. If you visit certain pages of our website and the cookie has not yet expired, Google and we can recognize that you clicked on the advertisement and were forwarded to this page. Every Google Ads customer receives a different cookie. There is therefore no possibility that cookies can be traced via the websites of Ads customers. The information that is obtained using the conversion cookie is used to create conversion statistics. Here we find out the total number of users who clicked on one of our ads and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users. Your data may be transferred to the United States. Google has certified itself according to the US-EU data protection agreement "Privacy Shield" and thus committed to comply with the European data protection guidelines. Data processing, in particular the setting of cookies, takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent until you revoke it. You can also object to Google's interest-based advertising. To do this, you must call up the link www.google.de/settings/ads from each of the Internet browsers you use and make the desired settings there.You can find more information and Google's privacy policy at: https://policies.google.com/privacy?gl=de&hl=en

Use of Google Maps

On our website, we use Google Maps to show our location and to create a route description. Google Maps is a map service provided by Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google"). If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the person responsible for your data. Google Ireland Limited is therefore the company affiliated with Google, which is responsible for the processing of your data and compliance with the applicable data protection laws. Through certification under the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI[&[status=ActiveGoogle guarantees that the EU data protection regulations will also be observed when processing data in the USA.If you call up the Google Maps component integrated into our website, Google stores a cookie on your device via your Internet browser. Your user settings and data are processed in order to display our location and create a route description. We cannot rule out that Google uses servers in the USA. The legal basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website. The connection to Google established in this way enables Google to determine from which website your request was sent and to which IP address the directions are to be sent. If you do not consent to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. You can find details on this under the point "Cookies". In addition, Google Maps and the information obtained via Google Maps are used in accordance with the Google terms of use https://policies.google.com/terms/update?hl=en and the terms and conditions for Google Maps https://www.google.com/help/terms_maps/. Google also offers at https://policies.google.com/privacy?gl=en&hl=en further information.

LinkedIn Analytics

We use "LinkedIn Analytics on our website. LinkedIn Analytics stores and processes information about your user behavior on our website. Among other things, LinkedIn Analytics uses cookies for this purpose, i.e. small text files that are stored locally in the cache of your web browser on your device and that analyze the Enable you to use our website.LinkedIn Ads is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, IrelandWe use LinkedIn Analytics for marketing and optimization purposes, in particular to analyze the use of our website and to be able to continuously improve individual functions and offers as well as the user experience. Through the statistical evaluation of user behavior, we can improve our offer and make it more interesting for you as a user. This is also our legitimate interest in the processing of the above data by the third party. The legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR.You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all functions of our website to their full extent.LinkedIn has submitted to the Privacy Shield Agreement between the European Union and the USA and has certified itself. As a result, LinkedIn undertakes to comply with the standards and regulations of European data protection law. You can find more information in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0[&[status=ActiveFurther information on data protection can be found on the following website: https://www.linkedin.com/legal/privacy-policy

8. Your rights and assertion of rights

You can assert the following rights against us:

a) Right to information

• personal data are stored;
• for what purpose the data is processed;
• which categories of data are processed;
• To whom has the personal data been or will be disclosed, in particular to recipients in third countries or to international organizations
• How long will the personal data be stored, if this is not possible, the criteria for determining this duration;
• what rights do you have

b) Right to rectification

You have the right to request the correction of incorrect personal data stored by us. You also have the right to request the completion of incomplete personal data, also by means of a supplementary statement, taking into account the purposes of the processing.

c) Right to erasure (right to be forgotten)

You can request that we delete your personal data if one of the following reasons applies and if processing is not necessary:

• The personal data were collected for such purposes or otherwise processed for which they are no longer necessary;
• You revoke your consent to data processing and there is no other legal basis for the processing;
• You object to the processing and we have no overriding legitimate reasons for the processing;
• The personal data was processed illegally;
• The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the controller is subject;
• You are under 16 years of age.

d) Right to restriction of processing

You have the right to request that processing be restricted if one of the following conditions is met. In these cases, the data will be marked with a blocking notice and will not be processed further:

• the accuracy of the personal data is disputed for the duration of our review;
• the processing is unlawful and you refuse to delete your personal data and instead request that the use of the personal data be restricted;
• we no longer need your personal data for the purposes of processing and should actually have to delete them, but you will still need them to assert, exercise or defend legal claims;
• you have objected to the processing and it is not yet clear whether the legitimate reasons of the person responsible outweigh yours.

e) Right to objectif

The processing of your personal data is based on legitimate interests on our part, you can object to the processing for reasons arising from your particular situation.In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing, or the processing serves to assert, exercise or defend legal claims.

f) Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time.If you would like to exercise your right to withdraw consent, you can contact an employee of the controller at any time or send an e-mail to  verkauf@hematech.de. Alternatively, this can be done in writing by letter to the postal address listed at the beginning of this declaration. If you object to the storage of your personal data, a conversation cannot be continued.

9. Data protection for applications and in the application process

The controller collects and processes the personal data of applicants for the purpose of processing the application process. Processing can also be done electronically. This is particularly the case if an applicant submits corresponding application documents electronically, for example by email. If the controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the data controller does not conclude an employment contract with the applicant, the application documents will be deleted six months after the announcement of the rejection decision, provided that there are no other legitimate interests of the data controller that conflict with the deletion. Other legitimate interest in this sense is, for example, an obligation to provide evidence in a procedure under the General Equal Treatment Act (AGG).

10. Right to lodge a complaint with the data protection supervisory authority

You have the right to contact the supervisory authorities with a data protection complaint. The responsible supervisory authority is the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg. The complaint can be made to any supervisory authority, regardless of responsibility.