Data Protection

Privacy policy

Thank you for visiting our website and for your interest in Diersch & Schröder GmbH & Co KG and its affiliated companies (hereinafter "DS Group") and our services.

The protection and security of our customers' and users' data is important to us. The following privacy statement explains what information we collect during your visit to our website and what parts of this information are used, if any, and how.

Scope

This data protection declaration applies to the Internet offers of the DS Group. It does not apply to the Internet offers of other service providers to which reference is merely made by means of a link.

Name and contact details of the data controller and the company data protection officer

This data protection information applies to data processing by:

(Contents and maintenance of the Internet pages)
Diersch & Schröder GmbH & Co.KG
Cuxhavener Str. 42/44
D-28217 Bremen, Germany
E-mail: marketing@ds-bremen.de
 Phone: +49 (0)421 396 99 0

 (Data Protection Officer)
The company data protection officer of the DS Group is datenschutz nord GmbH, Konsul-Smidt-Str. 88, 28217 Bremen, Germany, or can be contacted at office@datenschutz-nord.de.

Collection and storage of personal data and the nature and purpose of their use

When visiting the website

When you visit our website www.ds-bremen.de, information is automatically sent to our website server by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which the access is made (referrer URL),
  • The browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The above data will be processed by us for the following purposes:

  • Ensuring a smooth connection of the website,
  • Ensuring a comfortable use of our website.
  • Evaluation of system security and stability as well as for other administrative purposes.

The legal basis for data processing is article 6(1)(f) GDPR. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

In addition, we use cookies and analysis services when you visit our website.

When using our contact form

If you have any questions, we offer you the possibility of contacting us via a form provided on the website. In doing so, it is necessary to provide a valid e-mail address so that we know who the enquiry is from and so that we can answer it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Article 6(1)(a) GDPR on the basis of your voluntarily given consent.
 The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.

Data processing for advertising purposes

The following statements refer to the processing of personal data for advertising purposes. If the advertising is directed at existing customers, the processing of the required personal data is based on our legitimate interest pursuant to Article 6(1)(f) GDPR. If you are not an existing customer, the data processing for advertising purposes will only be carried out on the basis of your consent in accordance with Article 6(1)(a) GDPR. The duration of data storage for advertising purposes does not follow any rigid principles and is based on the question of whether the storage is necessary for the advertising approach. At DS Group, we also follow the principle of deleting data for promotional use after 90 days. Please refer to the relevant text section in the data subject rights for information on how to proceed in the event of your objection or withdrawal of your consent.

Advertising purposes of the DS Group

If you have concluded a contract with us, we list you as an existing customer. In this case, we process your postal contact data outside of the existence of a specific consent in order to send you information about new products and services in this way. We process your email address in order to send you information about our own, similar products outside of the existence of specific consent.

Interest-based advertising

To ensure that you only receive information that is of supposed interest to you, we categorise and add further information to your customer profile. Statistical information as well as information about you (e.g. basic data of your customer profile) is used for this purpose. The aim is to send you advertising that is geared solely to your actual or perceived needs and not to bother you with useless advertising.

Newsletter

We offer you the opportunity to subscribe to our newsletter on our website. If you no longer wish to receive our newsletter, you can unsubscribe at any time, e.g. by sending an e-mail to marketing@ds-bremen.de or using the link provided in the newsletter. You can find further information at de.sendinblue.com/newsletter-software/.

For the dispatch and statistical evaluation of the newsletter, we use the service of the service provider Sendinblue GmbH (Brevo); the data required to receive the newsletter is stored on Sendinblue servers in Germany. For evaluation purposes, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files. In this way, it can be determined whether a newsletter message has been opened and which links have been clicked on, as well as which actions, e.g. purchases, have been made after opening or clicking. The use of these tools and the associated data processing requires your consent, in accordance with the requirements of § 25(1) TTDSG in conjunction with Article 6(1)(a) GDPR. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type and operating system). The data is collected exclusively in pseudonymised form and is not linked to your other personal data; direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. You can object to the data analysis for statistical evaluation purposes by unsubscribing from the newsletter.

Furthermore, Sendinblue may use this technical information (e.g. time of retrieval, IP address, browser type and operating system) based on your consent for the needs-based design and optimisation of its service, as well as for market research purposes. However, Sendinblue does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.

After unsubscribing from the newsletter, your data will be deleted immediately. After you have unsubscribed from the newsletter distribution list, your email address will be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Article 6(1)(f) GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

We have concluded an order processing contract with Sendinblue, with which we oblige Sendinblue to protect the data of our customers and not to pass it on to unauthorised third parties. Sendinblue uses subcontractors for the processing of personal data, among others, which are located in third countries outside the European Union and do not have an adequacy decision according to Article 45 GDPR. Sendinblue therefore provides appropriate safeguards for the protection of your personal data and data subject rights under Article 46(1)(c) GDPR. Please note that there may nevertheless be a risk that your personal data may be processed by persons or institutions that are not authorised to do so under the law of the European Union and its Member States, for example US security authorities.

Passing on data

We will only share your personal information with third parties if:

  • you have given your express consent to this in accordance with Article 6(1)(a) GDPR,
  • the disclosure is necessary in accordance with Article 6(1)(f) GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that a legal obligation exists for the disclosure pursuant to Article 6(1)(c)GDPR, as well as
  • this is legally permissible and necessary according to Article 6(1)(b) GDPR for the processing of contractual relationships with you.

We pass on your data to service providers who support us in the operation of our websites and the associated processes as part of commissioned processing pursuant to Article 28 GDPR. These are, for example, hosting service providers. Our service providers are strictly bound by instructions to us and are contractually obligated accordingly. For the purpose of deciding on the establishment, implementation or termination of the contractual relationship, we also collect or use automatically generated probability values, the calculation of which may include address data.
Detailed information on our contractual partner, the IHD, within the meaning of Article 14 GDPR, i.e. the business purpose, the purpose of the data storage there, the legal basis, the data recipients of the IHD, the right to self-disclosure and the right to deletion and correction as well as profiling can be found at www.ihd.de/datenschutz/Artikel14.html. Information on their contractual partners in the area of the credit agency can be found at: www.ihd.de/datenschutz#vertragspartner *.

Protection of minors

Consent to the processing of personal data can only be given by a person of legal age. For information society services, the consent of a child is permissible from the age of sixteen in accordance with Article 8 GDPR.

Cookies

We use cookies on our site. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.
Information is stored in the cookie that is related to the specific end device used. However, this does not mean that we gain direct knowledge of your identity.
The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognised that you have already been to our site and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These cookies enable us to automatically recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time.

The processing of personal data by non-essential cookies is only carried out on the basis of your consent in accordance with § 25(1) TTDSG in conjunction with the Articles 6(1)(a), 7 GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

Links to other websites (other Holding websites)

Where we provide links to websites of other organisations, this privacy notice does not apply to the processing of personal data by that organisation. We therefore recommend that you read the privacy notices on the other websites you visit.

Analysis tools

Tracking tools

With the tracking measures used, we want to ensure a needs-based design and the ongoing optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

Matomo

We use the web analysis tool "Matomo" to design our websites in line with demand. Matomo creates user profiles based on so-called fingerprints, consisting of the hash values for the following information:

  • the anonymised IP address of the user
  • the sub-page called up and the time of the call-up
  • the page from which the user reached our website (referrer)
  • Which browser with which plugins, which operating system and which screen resolution is used
  • the length of stay on the website
  • the pages that are accessed from the sub-page called up
  • the downloads (e.g. PDFs)

This way we are able to recognise and count returning visitors as such.

The information is read out on the basis of your consent in accordance with § 25(1) TTDSG in conjunction with Article 7 GDPR, provided you have given your consent via our banner.

You can revoke your consent at any time. To do so, please follow this link and make the appropriate settings via our banner. You can find more information about your right of withdrawal at the data subject rights below.

Data subjects' rights

You have the right:

  • to request information about your personal data processed by us in accordance with Article 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, detailed information about its details;
  • demand the correction of incorrect or incomplete personal data stored by us without delay in accordance with Article 16 GDPR;
  • pursuant to Article 17 GDPR to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Article 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Article 21 GDPR;
  • pursuant to Article 20 GDPR to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
  • revoke your consent at any time in accordance with Article 7(3) GDPR. This has the consequence that we may no longer continue the data processing based on this consent for the future and
  • complain to a supervisory authority in accordance with Article 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
     

Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Article 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Article 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation.
If you object, the contact address concerned will be blocked for further data processing for advertising purposes. We would like to point out that in exceptional cases, advertising material may still be sent temporarily after receipt of your objection. This is technically due to the necessary lead time for advertisements and does not mean that we will not implement your objection. Thank you for your understanding.

If you wish to exercise your right of revocation or objection, simply send an e-mail to datenschutz@ds-bremen.de.

Data security

We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and has the status September 2023.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://www.ds-bremen.com/datenschutz.

Data protection information for applicants

We are pleased that you are interested in us and are applying or have applied for a position in our company. In the following, we would like to provide you with information on the processing of your personal data in connection with the application.

Who is responsible for data processing?
The responsible party in terms of data protection law is
Diersch & Schröder GmbH & Co KG
P.O. Box 10 61 49
28061 Bremen
Cuxhavener Straße 42/44
28217 Bremen
Phone +49 (0) 421 396 99 0
Fax +49 (0) 421 396 99 79
info@ds-bremen.de
www.ds-bremen.de

You will find further information about our company, details of the persons authorised to represent it and also further contact options in the imprint of our website: www.ds-bremen.com/impressum.

2 Which of your data do we process? And for what purposes?
We process the data you have sent us in connection with your application in order to check your suitability for the position (or other open positions in our companies, if applicable) and to carry out the application procedure. If you consent, your application and personal data will be stored in
our applicant pool in order to be able to inform you about vacancies in our company in line with your needs.

3 What is the legal basis for this?
The legal basis for processing your personal data in this application process is Article. 6(1)(b) GDPR in conjunction with Article 88(1) GDPR and § 26 BDSG. According to this, the processing of data required in connection with the decision on the establishment of an employment relationship is permissible.

Should the data be required for legal prosecution after completion of the application procedure, data processing may be carried out on the
basis of the exercise of legitimate interests pursuant to Article 6(1)(f) GDPR. Our interest then consists in the assertion or defence of claims.

The inclusion of personal data in the applicant pool is based on your consent in accordance with Article 6(1)(a) GDPR. The consent can be revoked at any time with effect for the future. The non-granting or revocation of your consent has no effect on ongoing application procedures.

4 How long will the data be stored?
Applicants' data will be deleted after 6 months in the event of rejection.
In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years.

If you have been awarded a position during the application process, the data will be transferred from the applicant data system to our personnel information system.

5 To which recipients is the data passed on?
We use specialised service providers
for the application process and the applicant portal. These service providers may also receive knowledge of your personal data in connection with the application management and the hosting, maintenance and servicing of the systems. We have concluded so-called order processing agreements with these providers, which ensure that the data processing is carried out in a permissible manner.

After receiving your application, your applicant data will be viewed by the HR department. Suitable applications are then forwarded internally to the person responsible for the respective open position. The further procedure is then coordinated. In principle, only those persons in the company have access to your data who need this for the proper course of our application procedure.

Where is the data processed?
The data is processed exclusively in computer centres in the Federal Republic of Germany.

7. your rights as a "data subject"
When your personal data is processed, the GDPR grants you certain rights as a data subject:

Right to information (Article 15 GDPR).

You have the right to request confirmation as to whether personal data relating to you is being processed; if this is the case, you have a right of access to this personal data and to the information listed in detail in Article 15 GDPR.

 Right to rectification (Article 16 GDPR)

You have the right to request without undue delay the rectification of any inaccurate personal data concerning you and, where applicable, the completion of any incomplete data.

Right to erasure (Article 17 GDPR)

You have the right to request that personal data concerning you be erased without delay, provided that one of the reasons listed in detail in Article 17 GDPR applies.

Right to restriction of processing (Article 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Article 18 GDPR applies, e.g. if you have objected to the processing, for the duration of the review by the controller.

Right to data portability (Article 20 GDPR).

In certain cases, which are listed in detail in Article 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to demand the transfer of this data to a third party.

Right of withdrawal (Article 7 GDPR)

If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Article 7(3) GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

Right of objection (Article 21 GDPR)

If data is processed on the
basis of Article 6(1)(f) GDPR (data processing for legitimate interests), you have the right to object to the processing at any time on grounds relating to your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right of complaint to a supervisory authority (Article 77 GDPR)

Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right to lodge a complaint may in particular be asserted before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

 Assertion of your rights

Unless otherwise described above, please contact the office named in the imprint to assert your data protection rights.

8. our data protection officer
You can reach our data protection officer at:
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Phone +49 (0) 421 6969320
office@datenschutz-nord.de