Data Protection

Privacy Policy

The purpose of the following text is to inform you about how we process your personal data in connection with our website.

Controller

Hela Gewürzwerk Hermann Laue GmbH

Beimoorweg 11
22926 Ahrensburg, Germany
Tel +49 (0)41 024 960
Fax +49 (0)41 0249 6104
Email: info@hela.eu

Contact Data Protection Officer

datenschutz@hela.eu

When we process personal and what data we process

We process your personal data in the following cases:
a.    When you visit our website, the browser in use on your device automatically sends information to our website server. This information is stored temporarily in a log file. The following information is collected without your involvement and stored until its automatic erasure:
•    The IP address of the requesting computer
•    The date and time of access
•    The name and URL of the retrieved file
•    The website from which access is made (the referrer URL),
•    The browser used and the operating system of your computer plus the name of your access provider
In addition to this we use cookies when you visit our website. For more information on this please consult the section entitled ‘Analytical tools’.

b.    If you have any questions we offer you the option of contacting us using the form provided on the website. When you do so you will need to provide us with a valid email address so that we know who the query comes from and are able to answer it. Any further details are provided voluntarily.

c.    If you want to send us an application for an advertised position or initiative, we will process the documents and personal data you send us.
•    In the case of (unsolicited) job applications we will need your name, address and other contact details, date and place of birth, nationality and documents proving your qualifications. In addition to this you may voluntarily provide us with details which in your opinion help your application for employment.

Purpose of Data Processing

We use the personal data you actively disclose only for the specific agreed purpose and only to the extent necessary.
a.    The above-mentioned data is used by us for the following purposes:
•    To guarantee the seamless establishment of a connection to this website
•    To guarantee that our website is easy and convenient to use
•    To evaluate system security and stability
•    For other administrative purposes
The legal foundation for data processing is laid down in Article 6, paragraph 1, sentence 1 (f) of the General Data Protection Regulation (GDPR). Our legitimate interest derives from the above-listed data collection purposes. Under no circumstances do we use the collected data for the purpose of making inferences about your personal characteristics.

b.    Pursuant to Article 6 paragraph 1, sentence 1 (b) of the GDPR, data processing for the purpose of making contact with us constitutes the steps necessary prior to entering into a contract. Once a contract has been concluded the data may be transferred to our customer care system. The data will not be processed for any other purpose.

c.    The purpose of the data processing is to establish and conduct an employment relationship pursuant to Article 88 of the GDPR in conjunction with section 26 of the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). In the event of a positive decision the personal data will be transferred to our personnel file to be used for staff management purposes.

Categories of recipients of personal data

Your personal data is not transferred to third parties other than for the purposes set out below.

We only pass on your personal data to third parties if:
•    you have given us your express consent pursuant to Article 6 paragraph 1, sentence 1 (a) of the GDPR;
•    the transfer is necessary, pursuant to Article 6 paragraph 1, sentence 1 (f) of the GDPR, for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being transferred;
•    circumstances render the transfer necessary, pursuant to Article 6 paragraph 1, sentence 1 (c) of the GDPR, for compliance with a legal obligation and
•    it is lawful and necessary pursuant to Article 6 paragraph 1, sentence 1 (b) of the GDPR for the performance of the contract with you.
Data is only transferred to third countries if you have given us your consent.

Duration for which the personal data is stored

a)    Cookies are stored in your browser as so-called session cookies, meaning that your browser automatically erases them when you leave the website. In this case the duration of their storage depends on the technical functionality of the browser you use.

b)    Personal data transferred to us in connection with a contact request on our website are stored only for the duration of the processing of that request. If a contract is concluded, the data you disclose will generally be stored in our customer care system for ten years unless some other legal requirement obliges us to store them for a longer period.

c)    In the event of
a.    rejection: the personal data collected will be stored for a minimum of three months and a maximum of six months.
b.    appointment: our storage periods duly apply; the information you are entitled to will be provided for you on your appointment.

d)    The personal data disclosed by you will be stored until you withdraw your consent to its storage.

Please note that we will erase your data if its storage is unlawful (in particular if the data is inaccurate and its correction is impossible). If there are legal or actual obstacles to its erasure (for example special storage obligations under provisions of commercial or tax law) it will instead be blocked.

Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Article 6 paragraph 1, sentence 1 (f) of the GDPR you have the right, pursuant to Article 21 of the GDPR, to object to the processing of your personal data on grounds relating to your particular situation or if the objection is directed at processing for direct marketing purposes. In the latter case you have a general right to object which will be implemented by us without reference to any particular situation.
If you wish to exercise your rights to withdraw consent or to object, sending an email to datenschutz@hela.eu is sufficient.

Right of acess, rectification, erasure and restriction

The data subject has a right of access to the relevant personal data as well as to rectification, erasure or restriction of the processing. The data subject also has the right to object to the processing.

Right to data portability

The data subject has a right to data portability.

Right to complain to the supervisory authority

You have the right to complain to the supervisory authority.

Provision of the personal data

You do not have a statutory right to the provision of personal data.

Automated decision-making, including profiling

Under certain circumstances automated profiling may take place, with the aim of evaluating personal aspects. We make use of profiling in the following circumstances:
In compliance with statutory and regulatory provisions we are obliged to combat money laundering, the financing of terrorism and criminal offences which jeopardise assets. In such cases, data evaluations, for instance checks against legally prescribed lists, may be made.

Analytical Tools

We use cookies on our website. These are small files which your browser automatically creates and which are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device, nor do they contain any viruses, Trojans or other malware.
Information is saved to the cookies which is associated with the specific device being used. However, this does not mean that we thereby gain direct knowledge of your identity.
Employing cookies enables us to make the use of our services more convenient for you. In this regard we use session cookies in order to detect that you have already visited certain pages of our website. These are automatically deleted as soon as you leave our website.
In addition to this, likewise with the aim of optimising user-friendliness, we use temporary cookies which are stored on your device for a certain fixed period. When you revisit our website to make use of our services the website automatically detects that you have visited it in the past, as well as what entries you made and settings you chose, so that you do not have to do these things again.
We also use cookies to keep statistical records of the use of our website and in order to evaluate and optimise what we offer you. When you revisit our website these cookies enable us to automatically detect that you have visited us in the past. These cookies are automatically deleted after a preset time.
The data processed by cookies is required pursuant to Article 6 paragraph 1, sentence 1 (f) of the GDPR for the above-mentioned purposes to uphold our legitimate interests as well as those of third parties.
Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer, or alternatively so that a warning always appears before a new cookie is stored. However, the complete deactivation of cookies may lead to you being unable to use all the functions of our website.

Google Fonts

On our website we use Google fonts. These are typefaces provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA – ‘Google’). We do this to enable our website to load as smoothly and as clearly as possible. In order for the website to be displayed properly a connection is made between your browser and the Google server. The content of this communication is the IP address. The legal foundation for the processing actions stated above this Article 6, paragraph 1, sentence 1 (f) of the General Data Protection Regulation (GDPR), through which we justify our legitimate interest in a standardised display. The possibility to opt out of this can be found by following this link: adssettings.google.com/authenticated. You can also revoke your consent at any time by communicating that with us. You can find more information about Google ’s data protection policy at: https://www.google.com/policies/privacy/

Facebook

Our website uses the share button of the social network Facebook which is operated by Facebook Inc., 1601 S.
California Ave, Palo Alto, CA 94304, USA. If you are habitually resident in the European Union, the services are provided to you by Facebook Ireland Limited, Hanover Reach, 5–7, Hanover Quay, Dublin 2, Ireland. The share button can be identified by the characteristic Facebook logo. When you visit a website with an embedded social plug‐in, your browser – after you click to activate the button – will use cookies to establish a direct connection with Facebook and, according to the information we have, transmits the following data directly to Facebook:
· date and time of your visit
· the URL of the page you are currently visiting
· your IP address
· the device you are using
· your browser
· your operating system
· your user ID if you are a registered Facebook user and potentially even your name and surname
· as well as the information that you used that specific plug‐in on our website

Unfortunately, we have no control over what data Facebook actually collects, uses or stores. Please also see
the privacy policy and cookie guidelines of Facebook. Additionally, you should be aware that Facebook collects data on you through these social plug‐ins on our website (e.g. the specific page you were on) and is able to associate them with your Facebook profile data, regardless of whether you actually use the share feature of the plug‐in or just click on it once. As far as we know, it is absolutely possible for Facebook to use persistent cookies in order to associate the data collected through activated social plug‐ins with user profiles at a later date.
Consequently, you should prevent the installation of Facebook cookies in your browser settings.

Privacy Policy regarding the use of Adobe Flash Player

This website uses Flash media. The Flash Player plug-in needed to play back this media uses cookies. Flash cookies or local shared objects (LSO) are files in which websites which integrate Flash media write user-specific data onto the computer of the accessing user and can subsequently read that data for local evaluation purposes. These files are administered not by the web browser itself but by its Flash Player plug-in. As a website operator we have no influence on these cookies.
With the standard Flash Player settings you will not be asked for permission to store cookies on the local hard disk. However, Flash cookies can be deleted via the Macromedia website. For details go to: http://www.macromedia.com/support/documentation/de/flashplayer/help/settings_manager07.html.

Data security

During your visit to the website we use the distributed SSL (Secure Sockets Layer) technique in conjunction with the highest available encryption level which your browser will support. As a rule this involves 256-bit encryption. If your browser does not support 256-bit encryption we instead fall back on 128-bit v3 technology. You can determine whether an individual page on our website has been transmitted in encrypted form from the fact that the key or lock symbol in your browser’s lower status bar is shown in its closed form. However, the page can also be accessed in unencrypted form.
We also take suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or total loss, destruction and unauthorised third-party access. Our security measures are continuously being improved in line with technological developments.

Updating and changes to this Privacy Policy

This privacy policy is currently valid and was last updated in August 2020.
It may prove necessary to amend this privacy policy due to the ongoing development of our website and services or in response to changes to statutory provisions or official requirements. The current privacy policy can be accessed on our website and printed out at any time.

We are pleased that you want to inform yourself about data processing. For a cooperation we regularly process personal data of contact persons and employees of customers electronically. In order to fulfil our information obligations in accordance with Art. 12, 13 of the Basic Data Protection Regulation (DSGVO), we are pleased to present our information on data protection below:

Who is responsible for data processing?

The person responsible within the meaning of the data protection law is

Hela Gewürzwerk Hermann Laue GmbH

Beimoorweg 11
22926 Ahrensburg
Phone +49 (0) 41 02/ 496-0
Fax +49 (0) 41 02/496-104
E-mail: info@hela.eu

You will find further information about our company, details of the persons authorized to represent us and further contact possibilities in our imprint.

For which purposes are your data processed by us? And what data is this?

If we have received data from you, we will only process it for the purposes for which we received or collected it.
As a rule, these purposes are:

- Communication with business partners about products, services and projects, e.g. to process inquiries from the business partner or to provide information about products.

- Planning, implementation, administration and maintenance of the (contractual) business relationship, e.g. to process orders for products and services, for accounting and billing purposes and to carry out deliveries or services. In order to maintain our business relations, we transfer your data to the CRM system we use. We have a legitimate interest within the meaning of Art. 6 Para. 1 S.1 lit. f) to maintain the contacts established in the course of business transactions even beyond the initial contact and to use them to establish and maintain a business relationship.

- Carrying out customer surveys, marketing campaigns, competitions or similar campaigns and events.

- Maintaining and protecting the security of our products and services, as well as our websites, preventing and detecting security risks, fraudulent actions or other criminal acts.

- Compliance with (1.) legal regulations (e.g. tax and commercial law retention requirements), (2.) existing obligations to conduct compliance screenings (to prevent white-collar crime and money laundering), as well as (3.) HELA internal guidelines.

- Settlement of legal disputes, enforcement of existing contracts and the assertion, exercise and defense of legal claims.

These data are usually:

- Contact information, such as first and last name, business address, business phone number, business mobile phone number, business fax number and business e-mail address.

- Payment data, such as information required for the processing of payment transactions or fraud prevention.

- Further information whose processing is necessary within the scope of a project or the handling of a contractual relationship with HELA or which is voluntarily provided by business partners, e.g. within the scope of orders, inquiries or project details.

- Personal data that is collected from publicly available sources, information databases or credit agencies.

- as far as legally required in the context of compliance screenings: date of birth, information on relevant legal proceedings and other legal disputes in which business partners are involved

and other personal data that you provide us voluntarily. Please note that we cannot name all potential data. However, we only collect data that you actively communicate to us or that is publicly accessible. Data processing for other purposes will only be considered if the necessary legal requirements according to Art. 6 para. 4 DSGVO are met. In this case we will of course comply with any information obligations under Art. 13 Para. 3 DSGVO and Art. 14 Para. 4 DSGVO.

What is the legal basis for data processing?

The legal basis for the processing of personal data is in principle - unless there are specific legal provisions - Art. 6 DSGVO. The following possibilities are particularly relevant here:

- Consent (Art. 6 para. 1 lit. a) DSGVO)

- Data processing for the performance of contracts (Art. 6 para. 1 lit. b) DPA

- Data processing based on a balancing of interests (Art. 6 para. 1 lit. f) FADP)

- Data processing for the fulfilment of a legal obligation (Art. 6 para. 1 lit. c) DPA)

If personal data are processed based on your consent, you have the right to revoke this consent at any time with effect for the future.
If we process data based on a weighing of interests, you as the data subject have the right to object to the processing of your personal data, considering the provisions of Art. 21 DSGVO.

How long is the data stored?

We process the data as long as it is necessary for the respective purpose.
Insofar as there are legal storage obligations - e.g. in commercial law or tax law - the personal data concerned will be stored for the duration of the storage obligation. Upon the expiration of the obligation to retain data, we will check whether there is any further need for processing. If a necessity no longer exists, the data will be deleted.
As a matter of principle, towards the end of a calendar year, we examine data regarding the need for further processing. Due to the volume of data, this examination is carried out regarding specific types of data or the purpose of processing.

Of course, you can at any time (see below) request information about your personal data stored by us, if it is not necessary, you can request that the data be deleted or processing restricted.

To which recipients will the data be forwarded?

Your personal data will only be passed on to third parties if this is necessary for the execution of the contract with you, if the passing on is permitted based on a weighing of interests within the meaning of Art. 6 para. 1 lit. f) DSGVO and if we are legally obliged to pass on the data or if you have given your consent. In the course of deliveries, these may be transport and logistics service providers, for example.

Where is the data processed?

Your personal data will be processed by us exclusively in computer centers in the European Union and therefore the basic data protection regulation always applies to the processing.
Your rights as a "data subject”  You have the right to be informed about the personal data we process about you.
In the case of a request for information that is not made in writing, we ask for your understanding that we may then require you to provide evidence that proves that you are the person you claim to be. Furthermore, you have the right to correct or delete your personal data or to restrict its processing to the extent that you are legally entitled to do so.
Furthermore, you have the right to object to the processing within the framework of the legal requirements. The same applies to a right to data transferability. You have a right of objection in accordance with Art. 21 Paragraphs 1 and 2 DSGVO against the processing of your data in connection with a direct advertising campaign, if this is based on a weighing of interests.

Our data protection officer

We have appointed a data protection officer in our company. You can reach him or her at the following contact details:

datenschutz@hela.eu

Right of appeal

You have the right to complain about the processing of personal data by us to a data protection supervisory authority.
You can download the data processing principles HERE.