Privacy policy

We take data protection serious

The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers by default store the IP address of your Internet service provider, the website from which you visit us, the web pages you visit on our site, and the date and duration of your visit. This information is absolutely necessary for the technical transmission of the web pages and secure server operation. A personalized evaluation of this data does not take place.

If you send us data via contact form, this data will be stored on our servers. Your data will only be used by us to process your request. Your data will be treated strictly confidential. Your data will not be passed on to third parties.

Responsible entity:

Günter Stahl GmbH
Personal- und IT-Unternehmensberatung
Eichenstraße 12
92442 Wackersdorf
Germany
Phone: +49 9431 5287-0
Fax: +49 9431 5287-10
E-mail: info@ubstahl.de

Personal data

Personal data are data about your person. This includes your name, address and email address. You do not have to disclose any personal data to visit our website. In some cases we need your name and address as well as further information to be able to offer you the requested service.

The same applies in the case that we supply you with information material on request or when we answer your inquiries. In these cases we will always point this out to you. In addition, we only store the data that you have transmitted to us automatically or voluntarily.

When you use one of our services, we usually only collect the data that is necessary to provide you with our service. We may ask you for additional information, but this is voluntary. Whenever we process personal data, we do so to provide you with our service or to pursue our commercial objectives.

Contacting

When contacting us (e.g. via contact form, email, telephone or via social media), the information of the inquiring persons is processed to the extent necessary to respond to the contact requests and any requested actions.

The response to the contact inquiries in the context of contractual or pre-contractual relationships is carried out to fulfill our contractual obligations or to respond to (pre)contractual inquiries and otherwise on the basis of legitimate interests in responding to the inquiries.

  • Types of data processed: inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), application documents,  content data (e.g. entries in online forms).
  • Data subjects: Communication partners.
  • Purposes of processing: contact requests, applicant management and communication.
  • Legal basis: contract performance and pre-contractual inquiries (Art. 6 para. 1 lit. b. GDPR), Legitimate interests (Art. 6 para. 1 lit. f. GDPR).

Automatically stored data

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Web browser and operating system used
  • Complete IP address of the requesting computer
  • Amount of data transferred

This data is not merged with other data sources. The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

For reasons of technical security, in particular to defend against attempted attacks on our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. The data is also processed anonymously for statistical purposes; it is not compared with other data or passed on to third parties, even in part.

Cookies

When you visit our website, we may store information on your computer in the form of cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

We use the consent tool “Real Cookie Banner” to manage the cookies used and their regarding consent settings. Details on how “Real Cookie Banner” works can be found on the developer’s website. The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. c GDPR and Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the management of cookies and similar technologies used and their respective consent settings. The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide personal data. If you do not provide personal data, we will not be able to manage your consent settings.

Through the use of session cookies, the responsible party can provide the users of this website with a user-friendly service that would not be possible without the cookie setting. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily agree to tracking or analysis via the cookie banner that appears. If necessary, your data will be passed on to partners or third-party providers. Only if you explicitly agree to this will these cookies be stored, the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR.
You can change your settings for the use of cookies at any time here:

Matomo (local)

This website uses the open source web analytics service Matomo. Matomo uses technologies that enable cross-page recognition of the user to analyze user behavior (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymized before storage.

With the help of Matomo, we are able to collect and analyze data about the use of our website by website visitors. This allows us to find out, among other things, when which page views were made and from which region they come. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, etc.).

The use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both their website and advertising. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

We use IP anonymization for the analysis with Matomo. In this case, your IP address is shortened before analysis so that it can no longer be clearly assigned to you.

We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

Application form: Online application on the website https://www.ubstahl.de

What data is collected?

Günter Stahl GmbH only collects the information required for an application process with us. If you apply for a position with us, you will be asked for certain personal data (name, address, e-mail). In addition, position-related questions may be asked. For an application at our company, it is also mandatory to include your professional background. Please note that your data will not be stored anonymously, but will be accessible to the HR department and to the departments at our company that are relevant to the position.

Application information

By submitting your application, you represent that the information you have provided is true and accurate. Please note that any false statement or omission may be grounds for rejection or subsequent dismissal. Günter Stahl GmbH seeks the best applicants regardless of race, ethnic origin, gender, religion, ideology, disability, age or sexual identity. We do not require any information from you that is not usable under the General Equal Treatment Act. Please also do not forward to us any confidential internal information or even trade secrets of your former or current employer. In addition, please do not provide any unnecessary information regarding: Illnesses, pregnancy, ethnic origin, political views, philosophical or religious beliefs, trade union membership, physical or mental health, sex life, defamatory or slanderous information, as well as information that has nothing to do with the job profile.

Who processes the data?

The data we collect is processed exclusively internally or by contractually associated service providers. Personal data is only passed on for specific purposes within the framework of order processing in accordance with data protection regulations to bodies which, for example, operate our servers or provide certain services. These bodies are located in Germany and in the countries of the EU and are bound by contractual obligations and data protection instructions to handle personal data in accordance with data protection law. The data and files you provide will be processed and used exclusively for the purpose of processing your application. The data and files provided by you may, if your application is successful, be further processed and used in an employment relationship by our client for employment purposes. If the application for a job offer is unsuccessful and you gave your consent to the storage of the data when uploading it, Günter Stahl GmbH will store the transmitted data and files in an applicant database until you revoke this consent, in order to be able to answer later questions about the application or to continue to propose new job offers that match your profile. If you revoke the storage, the data and files will be deleted. You have the option of withdrawing your application at any time. If you withdraw your application, your data and files will be deleted from the applicant database immediately, subject to the restrictions set out below. Furthermore, you can request at any time that individual data or files you have submitted to Günter Stahl GmbH be deleted as part of the application process. However, we reserve the right to store a limited amount of your data for a limited period of three months in order to be able to comply with legal requirements, in particular obligations to provide evidence under the General Equal Treatment Act (AGG).

With whom do we share your personal data?

The information you provide to us will be treated confidentially and will only be shared with those persons (internally or at our client) who are involved with the specific application process for which you have applied. If you have given us your consent to store your data even after a concrete application procedure until revoked, we will continue to match your profile with suitable positions. If necessary, we will then forward your anonymized profile to interested clients or contact you in advance to determine whether the vacancy is suitable for you.

Right of access, editing and deletion of your resume

Of course you have the possibility to have your data and documents deleted at any time. To do so, please contact us via our contact form or send us an e-mail to info@ubstahl.de. Please understand that, for legal reasons, it is not possible to change or delete data during an ongoing application process or for a period of approximately three months after the end of an ongoing application process.

Security

We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorized access. All our employees as well as service providers working for us are bound by the applicable data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transmitted. This means that your data cannot be misused by third parties. Our security measures are subject to a continuous improvement process and our data protection statements are constantly being revised. Please make sure to read the latest version.

Data subject rights

You have a right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can demand that we correct or complete it at any time.

Right to erasure:

You can request that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.

Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there is no legal or statutory obligation to retain data in this respect.

Right to restriction of processing:

You may request us to restrict the processing of your data if

  • you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse erasure and request restriction of data use instead,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • you have objected to the processing of the data.

Right to data portability:

You may request that we provide you with your data that you have provided to us in a structured, common and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

  • we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
  • this processing is carried out with the aid of automated procedures.

If technically feasible, you may request us to transfer your data directly to another controller.

Right to object:

If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of complaint:

If you are of the opinion that we violate German or European data protection law when processing your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

Changes to this data protection statement

We reserve the right to change our privacy policy if necessary due to new technologies. Please make sure that you read the latest version. If fundamental changes are made to this privacy statement, we will announce them on our website.

All interested parties and visitors to our website can contact us regarding data protection issues at:

Mr. Fabian Fromm
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Germany
Phone: +49 941 2986930
Fax: +49 941 29869316
E-mail: anfrage@projekt29.de
Internet: www.projekt29.de

Data transparency according to Art. 5, 12, 13 & 26 GDPR:

Privacy Policy Facebook Page: https://www.facebook.com/Guenter.Stahl.GmbH

Responsible parties:

Meta Platforms Ireland Limited (hereinafter referred to as “Facebook”)
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Ireland

and

Günter Stahl GmbH
Personal und Dienstleistungs GmbH
Eichenstraße 12
92442 Wackersdorf
Germany
Phone: +49 9431 5287-0
Fax: +49 9431 5287-10
E-mail: info@ubstahl.de

Information about the Facebook page of: Günter Stahl GmbH
Personal- und IT-Unternehmensberatung

We use the technical platform and services of Meta Platforms Ireland Limited for the information service offered here.
We would like to point out that you use this Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website at https://www.ubstahl.de/. When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more detailed information on this at the following link: http://de-de.facebook.com/help/pages/insights.

The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union in the process. Facebook describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information on how to contact Facebook and on the settings options for advertisements.

The data usage guidelines are available at the following link:

http://de-de.facebook.com/about/privacy

Facebook’s full data policies can be found here (login required):

https://de-de.facebook.com/full_data_use_policy

In what way Facebook uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, is not conclusively and clearly stated by Facebook and is not known to us.

When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for “German” IP addresses). Facebook also stores information about the devices of its users (e.g. as part of the “login notification” function); this may enable Facebook to assign IP addresses to individual users.

If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is located on your device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Via Facebook buttons embedded in websites, it is possible for Facebook to record your visits to these website pages and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you.

If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies present on your device and exit and restart your browser. In this way, Facebook information through which you can be directly identified will be deleted. This will allow you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (like, comment, share, message, etc.), a Facebook login screen will appear. After any login, you will again be recognizable to Facebook as a specific user.

Information on how to manage or delete information about you can be found on the following Facebook support pages: https://de-de.facebook.com/about/privacy#.

As the provider of the information service, we do not collect or process any other data from your use of our service.

You can find this data protection declaration in the currently valid version under the item “Data protection” on our Facebook page.

If you have any questions about our information service, you can contact us at info@ubstahl.de.

The shared responsibility agreement pursuant to Art. 26 GDPR (as of 21.8.2020) with Facebook can be found at:

https://www.facebook.com/legal/controller_addendum

Data subject rights of the users

Unfortunately, I/we cannot fulfill our information obligations according to Art. 13 GDPR, as only Facebook has full access to user data. If you wish to exercise your data subject rights, please contact Facebook directly here. These rights include the following:

Right of access:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

You may request that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.

Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there is no legal or statutory obligation to retain data in this respect.

Right to restriction of processing:

You may request us to restrict the processing of your data if

  • you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse erasure and request restriction of data use instead,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • you have objected to the processing of the data.

Right to data portability:

You may request that we provide you with your data that you have provided to us in a structured, common and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

  • we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
  • this processing is carried out with the aid of automated procedures.

If technically feasible, you may request us to transfer your data directly to another controller.

Right to object:

If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of complaint:

If you are of the opinion that we violate German or European data protection law when processing your data, please contact us to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

Meta Platforms Ireland is solely responsible for implementing these rights under Articles 15-20 of the GDPR with respect to data stored by Meta Platforms Ireland after joint processing. You also have a right of objection and right of complaint, as described herein, against us.

If you require assistance in this regard or have any other questions, please feel free to contact us by email at info@ubstahl.de.

If you no longer wish to have the data processing described here in the future, please cancel the connection of your user profile to our site by using the functions “I no longer like this page” and/or “Do not subscribe to this page”.

If you have any questions about data protection, you are also welcome to contact our data protection officer at:

Mr Fabian Fromm
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Germany
Phone: +49 941-2986930
Email: anfrage@projekt29.de

General information obligations according to Art. 13 GDPR

The protection of your personal data is of particular concern to us. We therefore process your personal data (in short “data”) exclusively on the basis of the statutory provisions. With this data protection declaration, we want to inform you about the processing of your data in our company and the data protection claims and rights to which you are entitled comprehensively according to Art. 13 of the General Data Protection Regulation (GDPR).

1. Who is responsible for data processing and whom can you contact?

Responsible is

Günter Stahl GmbH
Personal- und IT-Unternehmensberatung
Eichenstraße 12
92442 Wackersdorf
Germany
Phone: +49 9431 5287-0
Fax: +49 9431 5287-10
E-mail: info@ubstahl.de

The company data protection officer is

Fabian Fromm
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Germany
Phone: +49 941-2986930
E-mail: anfrage@projekt29.de

2. Which data are processed and from which sources do these data originate?

We process the data that we have received from you in the context of contract initiation or processing, based on consent.

Personal data includes:

Your master/contact data, for customers, interested parties, applicants, this includes e.g. first and last name, address, contact data (e-mail address, telephone number, fax), application documents, health data, bank data.

In the case of business partners, this includes, for example, the designation of their legal representatives, company, commercial register number, VAT registration number, company number, address, contact person contact data (e-mail address, telephone number, fax), bank data.

In addition, we also process the following other personal data:

  • Information on the type and content of contract data, order data, sales and document data, customer and supplier history and consulting documents,
  • advertising and sales data,
  • information from your electronic dealings with us (e.g. IP address, log-in data),
  • other data that we have received from you in the course of our business relationship (e.g. in customer meetings),
  • data that we generate ourselves from master / contact data and other data, e.g. by means of customer demand and customer potential analyses,
  • documentation of your declaration of consent to receive e.g. newsletters.

3. For what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018, as amended:

  • for the fulfillment of (pre-)contractual obligations (Art 6 para. 1 lit.b GDPR):
  • Your data will be processed online or at our location in Wackersdorf for the purpose of contract processing. In particular, the data is processed when initiating business and executing contracts with you.
  • For the fulfillment of legal obligations (Art 6 para. 1 lit.c GDPR):
  • Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g. from the German Commercial Code or the German Fiscal Code.
    For the protection of legitimate interests (Art 6 para. 1 lit.f GDPR):
  • Based on a balancing of interests, data processing may be carried out beyond the actual fulfillment of the contract to safeguard legitimate interests of us or third parties. Data processing for the protection of legitimate interests occurs, for example, in the following cases:

– Advertising or marketing (see No. 4)
– Measures for business management and further development of services
– Maintenance of an internal customer database to improve customer service
– in the context of legal prosecution

  • within the scope of your consent (Art 6 para. 1 lit. a GDPR):
    If you have given us consent to process your data

4. Processing of personal data for advertising purposes

You can object to the use of your personal data for advertising purposes at any time, either in whole or for individual measures, without incurring any costs other than the transmission costs according to the basic rates.

We are entitled, under the legal conditions of § 7 para.3 UWG, to use the e-mail address you provided when concluding the contract for direct advertising for our own similar services. You will receive these recommendations from us regardless of whether you have subscribed to a newsletter.

If you do not wish to receive such recommendations from us by e-mail, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the prime rates. A message in text form is sufficient for this purpose. Of course, an unsubscribe link is always included in every e-mail.

5. Who receives my data?

If we use a service provider in the sense of commissioned processing, we still remain responsible for the protection of your data. All commissioned processors are contractually obligated to treat your data confidentially and to process it only in the context of providing the service. The processors we commission receive your data insofar as they require the data to fulfill their respective service. These are, for example, IT service providers that we require for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.

Your data is processed in our customer database. The customer database supports the enhancement of the data quality of the existing customer data (duplicate cleansing, moved/deceased indicators, address correction), and enables the enrichment with data from public sources.

In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.

In addition, for the purpose of contract initiation and fulfillment, insurance companies, banks, credit agencies and service providers may be recipients of your data.

6. How long will my data be stored?

We process your data until the termination of the business relationship or until the expiry of the applicable statutory retention periods (such as from the Commercial Code, the Fiscal Code); in addition, until the termination of any legal disputes in which the data is required as evidence.

7. Will personal data be transferred to a third country?

In principle, we do not transfer any data to a third country. A transfer takes place in individual cases only on the basis of an adequacy decision of the European Commission, standard contractual clauses, appropriate guarantees or your express consent.

8. What data protection rights do I have?

You have the right to information, correction, deletion or restriction of the processing of your stored data at any time, the right to object to the processing as well as the right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:
You can request information from us as to whether and to what extent we process your data.

Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:
You may request that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.

Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, provided that there is no legal or statutory obligation to retain data in this respect.

Right to restriction of processing:
You may request us to restrict the processing of your data if

  • you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse erasure and request restriction of data use instead,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • you have objected to the processing of the data.

Right to data portability:
You may request that we provide you with your data that you have provided to us in a structured, common and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

  • we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
  • this processing is carried out with the aid of automated procedures.

If technically feasible, you may request us to transfer your data directly to another controller.

Right to object:
If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of complaint:
If you are of the opinion that we violate German or European data protection law when processing your data, please contact us to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

9. Am i obliged to provide data?

The processing of your data is necessary for the conclusion or fulfillment of your contract with us. If you do not provide us with this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and consequently have to terminate it. However, you are not obliged to give your consent to data processing with regard to data that is not relevant for the fulfillment of the contract or that is not required by law.

Applicant management Information requirements according to Art. 13

In the employment relationship, personal data is collected from you. Therefore, due to the new regulations in the General Data Protection Regulation (GDPR), we are obliged to inform you in accordance with Art. 13 ff. GDPR to inform you about the following:

Your employer is responsible for the collection and processing of your data:

Günter Stahl GmbH
Personal- und IT-Unternehmensberatung
Eichenstraße 12
92442 Wackersdorf
Germany
Telephone: +49 9431 5287-0
Fax: +49 9431 5287-10
E-mail: info@ubstahl.de

The contact details of our data protection officer are:

Fabian Fromm
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Germany
Phone: +49 941-2986930
Email: anfrage@projekt29.de

Your data will be collected and processed as part of the recruitment process or to implement the employment relationship.

The required data includes, in particular, your master data (especially first and last name, name affixes, nationality), your contact data (especially private address, mobile and landline number, e-mail address), other data from the employment relationship, such as time recording data, vacation periods, periods of incapacity to work, social data, bank details, social insurance number, pension insurance number, salary data, tax identification number, special health data and, if applicable, criminal records) as well as log data that accrue when using the IT systems.

Your personal data is mainly collected directly from you. However, due to legal regulations, your data is also sometimes collected from other offices, such as the tax office for occasion-related queries of tax-relevant information, the health insurance company for information on periods of incapacity for work or, if applicable, from other third parties, such as an employment agency or from publicly accessible sources (e.g. professional networks).

Within our company, your personal data will be disclosed only to those persons who need it to fulfill our contractual and legal obligations, such as the human resources department, the accounting department or the specialist department.

If we use service providers to fulfill our contractual and legal obligations, they also receive the required data. These are, for example, the following service providers: IT companies, software companies, waste disposal service providers.

Outside of the company, we transmit your data to other recipients, insofar as this is necessary for the fulfillment of our contractual and legal obligations. These are in particular the social insurance institutions, the health insurance fund, the pension insurance fund, professional pension institutions, the employment agency, the employers’ liability insurance association, the tax authorities, accident and liability insurers, courts, banks, competent bodies in order to be able to guarantee claims from the company pension scheme or capital-forming benefits, third-party debtors in the case of wage and salary garnishments or insolvency administrators in the case of private insolvency.

Your data will not be transferred to a third country.

We process your personal data in compliance with all relevant laws, such as the GDPR, the Federal Data Protection Act (BDSG), the TTDSG, the Working Hours Act, etc.

Primarily, the data processing serves the purpose of establishing, implementing and terminating the employment relationship. The relevant legal basis for this is Art. 6 para. 1 b) GDPR in conjunction with. § Section 26 (1) BDSG. In addition, collective agreements and collective bargaining provisions pursuant to Art. 6 (1) b) in conjunction with Art. 88 (1) GDPR may apply. Art. 88 para. 1 GDPR in conjunction with. § 26 para. 4 BDSG as well as, if applicable, your separate consents pursuant to Art. 6 para. 1 a), 7 GDPR in conjunction with. § 26 para. 2 BDSG (e.g. in the case of video recordings) may be used as a data protection permission provision.

We also process your data in order to be able to fulfill our legal obligations as an employer, in particular in the area of tax and social security law. This is done on the basis of Art. 6 (1) c) GDPR in conjunction with § 26 BDSG.

Where necessary, we also process your data on the basis of Art. 6 (1) f) GDPR in order to protect legitimate interests of us or of third parties (e.g. authorities). This applies in particular to the investigation of criminal offences (legal basis § 26 para. 1 p. 2 BDSG) or for administrative purposes.

Insofar as special categories of personal data are processed pursuant to Art. 9 (1) GDPR, this serves the exercise of rights or the fulfillment of legal obligations arising from labor law, social security law and social protection within the framework of the employment relationship (e.g. disclosure of health data to the health insurance fund, recording of severe disability due to additional leave and determination of the severe disability levy). This is done on the basis of Art. 9 para. 2 b) GDPR in conjunction with. § 26 (3) BDSG. In addition, the processing of health data for the assessment of your ability to work pursuant to Art. 9 para. 2 h) in conjunction with. § 22 para. 1 b) BDSG may be necessary.

In addition, the processing of special categories of personal data may be based on consent pursuant to Art. 9 (2) a) GDPR in conjunction with. § 26 (2) BDSG (e.g. occupational health management).

If we want to process your personal data for a purpose not mentioned above, we will inform you in advance.

If your job application is rejected, the data you submitted will be deleted six months after notification of the rejection. This does not apply if longer storage is necessary due to legal requirements (for example, the duty of proof under the General Equal Treatment Act) or if you have expressly consented to longer storage in our database of interested parties.

The storage period of the collected data is limited to the employment relationship. We delete your personal data as soon as they are no longer required for the above-mentioned purposes. After termination of the employment relationship, the data will be stored and then deleted in accordance with the statutory or official retention periods, which result, among other things, from the German Commercial Code and the German Fiscal Code. The storage periods thereafter amount to up to ten years. In addition, personal data may be stored for the statutory limitation period of three or up to 30 years if claims can be asserted against us.

You have the right to information from the employer about the data stored about you. Under certain conditions, you can demand the correction or deletion of your data. You may furthermore have the right to restrict the processing of your data as well as the right to have the data provided by you returned to you in a structured, common and machine-readable format.

Right of objection:

You also have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data to protect legitimate interests, you may object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You have the right to lodge a complaint regarding the handling of your personal data with the above-mentioned data protection officer or the data protection supervisory authority. The supervisory authority responsible for you is:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18
91522 Ansbach
Germany
Phone: +49 981 180093-0
Fax: +49 981 180093-800
E-mail: poststelle@lda.bayern.de

The provision of personal data is necessary for the establishment, implementation and termination of the employment relationship and represents a secondary contractual obligation of the employee. If we do not receive the required data, it will not be possible to carry out the employment relationship with you.

General information obligations according to Art. 13 GDPR about the LinkedIn page of Günter Stahl GmbH

Responsible parties

LinkedIn Ireland Unlimited Company
Wilton Place,
Dublin 2, Ireland

and

Günter Stahl GmbH
Personal- und IT-Unternehmensberatung
Eichenstraße 12
92442 Wackersdorf
Germany
Phone: +49 9431 5287-0
Fax: +49 9431 5287-10
E-mail: info@ubstahl.de

Information about the LinkedIn page of: Günter Stahl GmbH

We use the technical platform and services of LinkedIn Ireland Unlimited Company for the information service offered here.

We would like to point out that you use this LinkedIn page and its functions on your own responsibility. This applies in particular to the use of the interactive functions. Alternatively, you can also access the information offered via this page on our website at https://www.ubstahl.de/.

When you visit our LinkedIn page, LinkedIn collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the LinkedIn pages, with statistical information about the use of the LinkedIn page.

The data collected about you in this context is processed by LinkedIn and, if necessary, transferred to countries outside the European Union. What information LinkedIn receives and how it is used is described in general terms by LinkedIn in its data usage guidelines. There you will also find information on how to contact LinkedIn and on the settings options for advertisements.

The data usage guidelines are available at the following link:
https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

In which way LinkedIn uses the data from the visit of LinkedIn pages for its own purposes, to what extent activities on the LinkedIn page are assigned to individual users, how long LinkedIn stores this data and whether data from a visit of the LinkedIn page is passed on to third parties, is not conclusively and clearly stated by LinkedIn and is not known to us.
When accessing a LinkedIn page, the IP address assigned to your end device is transmitted to LinkedIn. According to information from LinkedIn, this IP address is anonymized (for “German” IP addresses). LinkedIn also stores information about the devices of its users (e.g. as part of the “login notification” function); LinkedIn may thus be able to assign IP addresses to individual users.
If you are currently logged in to LinkedIn as a user, a cookie with your LinkedIn identification is located on your device. This enables LinkedIn to track that you have visited this page and how you have used it. This also applies to all other LinkedIn pages. Via LinkedIn buttons embedded in websites, it is possible for LinkedIn to record your visits to these web pages and assign them to your LinkedIn profile. Based on this data, content or advertising can be offered tailored to you.
If you want to avoid this, you should log out of LinkedIn or deactivate the “stay logged in” function, delete the cookies present on your device and exit and restart your browser. In this way, LinkedIn information through which you can be directly identified will be deleted. This allows you to use our LinkedIn page without revealing your LinkedIn identifier. When you access interactive features of the site (like, comment, share, news, etc.), a LinkedIn login screen will appear. After any login, you will again be recognizable to LinkedIn as a specific user.
Information on how to manage or delete information about you can be found on the following LinkedIn support pages: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

We, as the provider of the information service, do not collect or process any other data from your use of our service.

You can find this data protection declaration in the currently valid version under the item “Data protection” on our LinkedIn page.

If you have any questions about our information service, you can contact us at info@ubstahl.de.

The shared responsibility agreement pursuant to Art. 26 GDPR (as of 21.8.2020) with LinkedIn can be found at:
https://legal.linkedin.com/pages-joint-controller-addendum

Data subject rights of the users

Unfortunately, I/we cannot fulfill our information obligations according to Art. 13 GDPR, as only LinkedIn has full access to the user data. If you wish to exercise your data subject rights, please contact LinkedIn directly. These rights include the following:

Right of access:

You can request information from us about whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

You may request that we delete your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests in protection. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.
Irrespective of the exercise of your right to deletion, we will delete your data immediately and completely, insofar as there is no legal or statutory obligation to retain data in this respect.

Right to restriction of processing:

You may request us to restrict the processing of your data if

  • you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
  • the processing of the data is unlawful, but you refuse erasure and request restriction of data use instead,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • you have objected to the processing of the data.

Right to data portability:

You may request that we provide you with your data that you have provided to us in a structured, common and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that

  • we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
  • this processing is carried out with the aid of automated procedures.

If technically feasible, you may request us to transfer your data directly to another controller.

Right to object:

If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.

Right of complaint:

If you are of the opinion that we violate German or European data protection law when processing your data, please contact us to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert any of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

LinkedIn Ireland is solely responsible for implementing these rights under Articles 15-20 of the GDPR with respect to data stored by LinkedIn Ireland after joint processing. You also have a right of objection and right of complaint, as described herein, against us.
If you require assistance in this regard or have any other questions, please feel free to contact us by email at info@ubstahl.de. If you no longer wish to have the data processing described here in the future, please cancel the connection of your user profile to our site by using the functions “I no longer like this page” and/or “Do not subscribe to this page”.
If you have any questions about data protection, you are also welcome to contact our data protection officer at:

Mr Fabian Fromm
Project 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Germany
Phone: +49 941-2986930
E-mail: anfrage@projekt29.de