Data Privacy Statement

PRIVACY POLICY

Protecting your personal data during the collection, processing and use of personal data when you visit our website is important to us. Your data is protected in accordance with statutory provisions. In the following, we would like to inform you about the nature and scope of the processing of personal data through this website in accordance with Article 13 of the General Data Protection Regulation (GDPR).

I. Information on the responsible controller

BESTAR Stahlhandelsgesellschaft Remscheid mbH
Auf dem Knapp 43
42855 Remscheid
Tel.: +49 (0) 2191 – 36 42 – 0
E-Mail: info.de@BESTAR-STEEL.com

II. Information on the data protection officer

Our external data protection officer is happy to answer any questions about data protection:

Herr Arndt Halbach von der GINDAT GmbH Wetterauer Str. 6, 42897 Remscheid
Mail: datenschutz@gindat.de
Tel. 02191 / 909 430

III. Data processing through the website

Your visit to our website is recorded. We generally collect the following data that your browser sends to us:

  • IP address currently used by your computer or your router
  • Date and time
  • Browser type and version
  • Operating system of your computer
  • Webpages you visit
  • Name and size of requested file(s)
  • URL of referral website, if applicable

This data is only collected for the purposes of data security, improving our website offer and analysing errors on the basis of Art. 6 (1) f) GDPR. The IP address of your PC is only analysed in anonymised form (shortened by the last three digits). In all other respects, you are able to visit our website without providing information on your identity.
We would like to point out that data transmission on the Internet (such as email communication) is subject to security vulnerabilities. It is not possible to completely protect data from access by third parties. Confidential data should therefore be sent to us by other means, such as by post.

Applications

We can only process applications that are sent to the email address: jobs.de@bestar-steel.com. Should you use a different email address belonging to our company, your application will unfortunately not be recognised by our systems and will not therefore be taken into consideration. Please consider that email is not a secure means of communication. Should your application reach our server via the above-mentioned email address, we will protect your application with suitable technical and organisational measures. We have no influence on data protection while your application is transmitted to our company via the public Internet and we are not therefore able to guarantee the level of protection for your application. Should your dispatching email server support STARTTLS, our email server will also support STARTTLS and thus offer transport encryption.

Contact form

Personal data (such as your name, address data or contact details) which you voluntarily disclose to us, for example in connection with a request or otherwise, will be stored by us and only processed for correspondence with you and only for the purpose for which you have provided us with this data. This data is processed on the basis of Art. 6 (1) a) and Art. 6 (1) f) GDPR.

Registration on this website

You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration. To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration. We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed. We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Secure data transmission

In order to protect the security of your data during transmission, we use encryption techniques (SSL) via HTTPS, which accord with state-of-the-art technology.

IV. Recipients of personal data

We may utilise service providers in connection with data processing in order to perform and execute processes.

Specifically, we have involved service providers for the purpose of hosting our website.

Contractual relationships are established with our service providers, which meet the requirements of Art. 28 GDPR; the contractual provisions contain the statutorily required points on data protection and data security.

V. Data collection by Google Analytics

This website uses Google Analytics, a web analysis service by Google Inc. (‘Google’). Google Analytics uses ‘cookies’ – text files that are stored on your computer and enable analysis of your visit to the website. The information obtained by the cookie regarding your use of the website are generally transmitted to a Google server in the USA, where it is then stored. The basis for data processing is Art. 6 (1) f) GDPR.

In the event that IP anonymisation is activated on this website, your IP address will first be shortened by Google within the member states of the European Union or in other contractual states of the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. We would like to point out that Google Analytics has been expanded on this website with the code ‘anonymizeIp’, in order to ensure the anonymised collection of the IP address.

Google uses this information on behalf of the operator of this website in order to analyse your use of the website, to compile reports on website activity and to provide other services relating to website use and Internet use to the website operator. The IP address transmitted by your browser in connection with Google Analytics is not combined with other data held by Google.

You may prevent the storage of cookies by configuring your browser software settings accordingly; however, we would like to point out that, in this case, you may not be able to use the full functionality of this website. Moreover, you may prevent the collection of the data obtained by the cookie relating to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available via the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
The basis for data processing is Art. 6 (1) f) GDPR.

VI. reCAPTCHA

To protect your requests submitted via online form, we use the service reCAPTCHA provided by the company Google Inc. (Google). This query serves to determine whether an entry has been made by a person or improperly by means of an automated machine program. The query involves the sending of the IP address and other data that may be required by Google for the reCAPTCHA service to Google. For this purpose, your entry is transmitted to Google, where it is further processed. Your IP address will first be shortened by Google within the member states of the European Union or in other contractual states of the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. This service is performed on behalf of the operator of this website.
The service is conducted on the basis of Art. 6 (1) Clause 1 f) GDPR.

VII. Google Maps

This website uses the map service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

In order to use the functions of Google Maps, it is necessary to store your IP address. This information is generally transmitted to a Google server in the USA, where it is then stored. The provider of this website has no influence on this data transmission.

The use of Google Maps occurs in the interest of providing an attractive presentation of our website offers and allowing the user to find the locations indicated on our website more easily. This constitutes a legitimate interest in the meaning of Art. 6 (1) f) GDPR.

If you do not agree to this processing of your data, you have the option to deactivate the service of ‘Google Maps’ and to thereby prevent the transmission of data to Google. To this end, the JavaScript function in your browser must be deactivated. However, we would like to point out that, in this case, you will only be able to use ‘Google Maps’ to a limited extent if at all. More information on the handling of user data can be found in the Google privacy policy:
https://www.google.de/intl/de/policies/privacy

VIII. Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. If your browser does not support web fonts, a standard font is used by your computer. Further information about handling user data, can be found at

https://developers.google.com/fonts/faq

and in Google’s privacy policy at

https://www.google.com/policies/privacy/

IX. Google Adwords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”). As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page. Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics. Conversion cookies are stored based on Art. 6
(1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising. For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy:

https://www.google.de/policies/privacy/

You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

X. Social media

YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under

https://www.google.de/intl/de/policies/privacy

Facebook-Plugins (Like & Share-Button)

Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see

https://developers.facebook.com/docs/plugins/

When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook’s privacy policy at

https://de-de.facebook.com/policy.php

If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.

LinkedIn

Our site uses functions from the LinkedIn network. The service is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn features is accessed, your browser establishes a direct connection to the LinkedIn servers. LinkedIn is informed that you have visited our web pages from your IP address. If you use the LinkedIn “Recommend” button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website to your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by LinkedIn. More information can be found in the LinkedIn privacy policy at

https://www.linkedin.com/legal/privacy-policy

Xing

Our website uses features provided by the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing XING features is accessed, your browser establishes a direct connection to the XING servers. To the best of our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored nor is usage behavior evaluated. For more information about data protection and the XING Share button, please see the XING privacy policy at

https://www.xing.com/app/share?op=data_protection

XI. Use of cookies

Cookies are used in our website offer. Cookies are small text files that are saved by your browser and stored on your computer. The use of cookies allows the website offer to be designed in a more user-friendly manner. For instance, it is possible to recognise the user for the duration of the session, without the user being required to constantly re-enter their user name and password. Cookies do not cause any damage to your computer and are deleted after your session is ended. The basis for data processing is Art. 6 (1) f) GDPR.

Some of the cookies we use are deleted directly after you close your browser (‘session cookies’).

Other cookies remain on your terminal device and enable your browser to be recognised when you next visit the website (‘persistent cookies’).

Data processing in connection with cookies, which only serve to facilitate the functionality of our website offer, occurs on the basis of our legitimate interest pursuant to Art. 6 (1) f) GDPR.

If you do not wish to use cookies, you can configure your browser to prevent the storage of cookies. However, please note that, in this case, you may not be able to use the full functionality of our websites.

XII. Your rights

According to Articles 15–21 GDPR, you may exercise the following rights with respect to personal data we store provided the relevant requirements of the GDPR are met.

Right of access

You have the right to access information about your personal data that we process.

Right of rectification

You are able to request the correction of incomplete or incorrectly processed personal data.

Right of erasure

You have the right to the deletion of your personal data, in particular on the basis of one of the following reasons:

  • Your personal data is no longer required for the purposes for which it was collected or processed.
  • You withdraw your consent on which the processing of your data was based.
  • You have asserted a right of objection to processing.
  • Your data was unlawfully processed.

The right of erasure does not apply, however, if such deletion is opposed by the legitimate interest of the controller. For instance, this may include:

  • Personal data that is required for the assertion, exercising or defence of legal claims.
  • Deletion is not possible due to retention obligations.

Insofar as data cannot be deleted, you may exercise a right to the restriction of processing (as follows).

Right to the restriction of processing

You have the right to request us to restrict the processing of your personal data, if:

  • You dispute the correctness of the data and we must therefore review the correctness.
  • The processing is unlawful and you decline data erasure and instead request restriction of use.
  • We no longer require the data, but you still need the data in order to assert, exercise or defend legal claims.
  • You have submitted an objection to the processing of your data and it has not yet been determined whether our legitimate interests prevail over your interests.

Right of data portability

You have the right to receive your personal data, which you have provided to us, in a structured, commonly available and machine-readable format. Moreover, you have the right to have us transmit this data to another controller without hindrance by us, provided that the processing is based on a contract or consent, and our processing takes place with the aid of automated processes.

Right of withdrawal

The data subject has the right at any time to submit an objection to the processing of their personal data, which takes place on the basis of Art. 6 (1) e) or f), for reasons arising from

their particular situation; this also apples to profiling based on one of these conditions. Insofar as the processing of your personal data is based on a consent, you have the right to withdraw this consent at any time.

XIII. Statutory deadlines for the erasure of data

Insofar as no statutory retention obligation applies, the data shall be deleted or destroyed once it is no longer required for fulfilling the purpose of data processing. Various deadlines apply to the retention of personal data. For instance, data of tax relevance is generally stored for ten years, while other data is typically retained for six years in accordance with provisions under the Commercial Code. Furthermore, the storage period may also be determined by statutory limitation periods, which may generally amount to three years in the case of Articles 195 et seqq. of the Civil Code, for example, or in certain cases up to even thirty years.

XIV. Right to lodge a complaint with a supervisory authority

In accordance with Art. 77 GDPR, each data subject has the right to lodge a complaint with a supervisory authority, if they believe that the processing of their personal data is in violation of the GDPR. The competent supervisory authority in data protection matters is the state data protection officer of the federal state in which our company has its registered office.

XV. further information for the use of Hotjar

We use the Hotjar service of Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta.

Hotjar registers the surfing behaviour of a user on our website to create so-called heat maps. This enables us to determine which areas of our website are preferred. This allows us to better tailor our website to the needs of our existing and potential customers.

Hotjar uses cookies for this purpose. However, your personal data is pseudonymised and aggregated with other data for the purpose of compiling statistics.

The legal basis for the processing is your consent (Art. 6 para. 1 lit. a DSGVO). If you wish to object to data collection in general via opt-out, please follow the steps at http://www.hotjar.com/opt-out. You can find Hotjar's privacy policy at https://www.hotjar.com/legal/policies/privacy.