Data privacy - Graphite Materials

Protecting your data

Data protection:

We are pleased that you visit our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point about which of your personal data we collect when you visit our website and for what purposes it is used.

This data protection declaration applies to the Graphite Materials website, which can be accessed under the domain www.graphite-materials.com and the various subdomains (“our website”).

Who is responsible and how can I contact you?

Responsible

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

Graphite Materials Ltd
Rothenburger Str. 76
90522 Oberasbach
Phone: +49 911 999 01 03-0
E-Mail:

Data Protection Officer

Datenschutz Pöllinger GmbH
Dresdner Str. 38
92318 Neumarkt
Phone: 09181 – 2705770
E-Mail:

What is it about?

This data protection declaration meets the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address or user behavior when visiting a website. Information that we cannot (or only with a disproportionate amount of effort) relate to your person, e.g. through anonymization, is not personal data. The processing of personal data (e.g. collection, querying, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We inform you in the individual processing operations about the specific storage periods or criteria for storage. Irrespective of this, we store your personal data in individual cases to assert, exercise or defend legal claims and if there are statutory storage obligations.

Who gets my data?

We only pass on your personal data that we process on our website to third parties if this is necessary for the fulfillment of the purposes and is covered by the legal basis (e.g. consent or protection of legitimate interests) in individual cases. In addition, we pass on personal data to third parties in individual cases if this serves to assert, exercise or defend legal claims. Possible recipients can then be, for example, law enforcement agencies, lawyers, auditors, courts, etc.

Insofar as we use service providers for the operation of our website who process personal data on our behalf within the scope of order processing in accordance with Art. 28 DSGVO, these can be recipients of your personal data. More information on the use of processors and web services can be found in the overview of the individual processing operations.

Do you use cookies?

Cookies are small text files that are sent to the browser of your end device and stored there when you visit our website. As an alternative to the use of cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to perform various analyses, so that we are able, for example, to recognize the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by understanding how you use our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not damage your end device. They cannot run programs and do not contain viruses.

We provide information about the respective services for which we use cookies in the individual processing operations. You can find detailed information on the cookies used in the cookie settings or in the Consent Manager of this website.

What rights do I have?

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as the data subject have the following rights:

Information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data.
Correction in accordance with Art. 16 GDPR of incorrect or incomplete data stored by us.
Deletion in accordance with Art. 17 DSGVO of the data stored by us, insofar as the processing is not necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims .
Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, we no longer need the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have raised an objection to the processing pursuant to Art. 21 GDPR.
Data transferability Data transferability in accordance with Article 20 GDPR, insofar as you have given us personal data within the framework of consent in accordance with Article 6 Paragraph 1 lit. a GDPR and Section 25 Paragraph 1 TTDSG or on the basis of a contract in accordance with Article 6 Paragraph 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, common and machine-readable format or we will transmit the data directly to another person in charge, insofar as this is technically feasible.
Objection pursuant to Article 21 GDPR against the processing of your personal data, insofar as this is based on Article 6 Paragraph 1 lit. e, f GDPR and there are reasons for this that arise from your particular situation or the objection against direct mail. The right to object does not exist if predominantly compelling reasons worthy of protection for the processing can be proven or the processing is carried out to assert, exercise or defend legal claims. If there is no right to object to individual processing operations, this is stated there.
Revocation according to Art. 7 Para. 3 DSGVO of your given consent with effect for the future.
Complaint in accordance with Article 77 GDPR with a supervisory authority if you believe the processing.

How is my data processed in detail?

Below we inform you about the individual processing operations, the scope and purpose of data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Type and scope of processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by us, but by a service provider who processes data on our behalf for the above purposes in accordance with Article 28 GDPR.

Purpose and Legal Basis

The processing is carried out to protect our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of Article 6 (f) GDPR. The collection of the data and the storage in log files is absolutely necessary for the operation of the website. A right to object to the processing does not exist due to the exception under Article 21 (1) GDPR. Insofar as further storage of the log files is required by law, processing is carried out on the basis of Article 6 (1) (c) GDPR. There is no legal or contractual obligation to provide the data, but it is technically not possible to access our website without providing the data.

Storage duration

The aforementioned data is stored for the duration of the website display and, for technical reasons, for a maximum of 7 days.

Contact form

Type and scope of processing

On our website we offer you the option of contacting us using a form provided. The information collected via mandatory fields is required to process the request. In addition, you can voluntarily provide additional information that you believe is necessary for processing the contact request.

When you use the contact form, your personal data will not be passed on to third parties.

Purpose and Legal Basis

Your data will be processed by using our contact form for the purpose of communicating and processing your request on the basis of your consent in accordance with Article 6 (1) (a) GDPR and Section 25 (1) TTDSG. Insofar as your request relates to an existing contractual relationship with us, the processing is carried out for the purpose of fulfilling the contract on the basis of Article 6 (1) (b) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing the information in the mandatory fields. If you do not wish to provide this data, please contact us by other means.

Storage duration

If you use the contact form on the basis of your consent, we will store the data collected for each inquiry for a period of three years, starting with the completion of your inquiry or until you revoke your consent.

If you use the contact form as part of a contractual relationship, we will store the data collected for each inquiry for a period of three years from the end of the contractual relationship.

Contact form for applicants

Type and scope of processing

We collect and process the personal data of applicants. Corresponding data processing can also take place electronically, for example if applicants send us application documents by e-mail or via a web form on our website. On our website we offer you the opportunity to send us applications for advertised vacancies by e-mail.

Your data will only be stored in an applicant database beyond the current application process if you have given us your separate consent to do so.

Purpose and Legal Basis

The processing of your data in connection with your application takes place for the purpose of processing your application and making a decision on the establishment of an employment relationship on the basis of § 26 BDSG. If your application documents are passed on to third parties, in particular to companies affiliated with us, and if your data is stored beyond the current application process, your data will be processed on the basis of Article 6 (1) sentence 1 lit. a GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to process your application without providing the information.

Storage duration

We store the collected data for a period of six months from the date the position was filled.

Newsletter

Type and scope of processing

If you register on our website to receive our newsletter, we collect your e-mail address and your name… and store this information together with the date of registration and your IP address. You will then receive an e-mail in which you must confirm your subscription to the newsletter (double opt-in). If you do not confirm your registration within XX hours, it will automatically expire and the data will not be processed for sending the newsletter.

To send the newsletter, we use a service from Newsletter2Go, which processes your personal data on our behalf in accordance with Art. 28 GDPR. Your data will not be passed on to third parties.

Purpose and Legal Basis

We process your data for the purpose of sending the newsletter on the basis of your consent in accordance with Article 6 (1) (a) GDPR. By unsubscribing from the newsletter, you can declare your revocation at any time with effect for the future in accordance with Article 7 (3) GDPR. There is no legal or contractual obligation to provide your data, but it is not possible to send the newsletter without providing your data.

Storage duration

After registering for the newsletter, we store the data for a maximum of XX hours until the registration is confirmed. After successful confirmation, we will store your data until you revoke your consent (unsubscribe from the newsletter) and, for technical reasons, for a maximum of 7 days.

Registration on this site

You can register on our website to use certain functions. The transmitted data is used exclusively for the purpose of using the respective offer or service. Mandatory information requested during registration must be provided in full. Otherwise we will refuse the registration.

In the event of important changes, for example for technical reasons, we will inform you by e-mail. The e-mail will be sent to the address given during registration.

The data entered during registration is processed on the basis of your consent (Article 6 (1) (a) GDPR). You can revoke your consent that you have already given at any time. An informal message by e-mail is sufficient for the revocation. The legality of the data processing that has already taken place remains unaffected by the revocation.

We store the data collected during registration during the period that you are registered on our website. Your data will be deleted if you cancel your registration. Statutory retention periods remain unaffected.

Product Recommendations

Independent of the newsletter, we will regularly send you product recommendations by email. In this way we provide you with information about products from our range that you may be interested in based on your recent purchases of goods or services from us. We strictly follow the legal requirements. You can object to this at any time without incurring any costs other than the transmission costs according to the basic tariffs. A message in text form to the contact details mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient for this. Of course, you will also find an unsubscribe link in every e-mail.

The legal basis for this is the legal permission according to Art. 6 Para. 1 S. 1 f) DSGVO in conjunction with § 7 Para. 3 UWG

Presence on social media platforms

We maintain so-called fan pages or accounts or channels on the networks mentioned below in order to provide you with information and offers within social networks and to offer you other ways of contacting us and finding out about our offers. In the following, we will inform you about which of your data we or the respective social network process in connection with accessing and using our fan pages/accounts.

Data that we process from you

If you want to contact us via messenger or direct message via the respective social network, we usually process your user name, which you use to contact us, and store any other data you have provided to the extent necessary to process/answer your request is.
The legal basis is Art. 6 Para. 1 Sentence 1 f) GDPR (processing is necessary to protect the legitimate interests of the person responsible).

(Static) usage data that we receive from the social networks

(Static) usage data that we receive from the social networks
We receive automated statistics about our accounts via Insights functionalities. The statistics include, among other things, the total number of page views, “Like” information, information on page activity and post interactions, reach, video views/views and information on the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be referred to individual persons. You are not identifiable for us in this way.

Which data the social networks process from you

In order to be able to view the content of our fan pages or accounts, you do not have to be a member of the respective social network and in this respect no user account is required for the respective social network.

Please note, however, that the social networks also collect and store data from website visitors without a user account (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies when the respective social network is called up, over which we have no influence have. For details, please refer to the privacy policy of the relevant social network (see relevant links above).

If you want to interact with the content on our fan pages/accounts, e.g. want to comment on, share or like our postings/contributions and/or want to contact us via messenger functions, prior registration with the respective social network and the Provision of personal data required.

We have no influence on data processing by the social networks as part of your use. As far as we know, your data will be stored and processed in particular in connection with the provision of the services of the respective social network, as well as to analyze usage behavior (using cookies, pixels/web beacons and similar technologies) on the basis of advertising based on your interests is played both inside and outside the respective social network. It cannot be ruled out that your data will also be stored by the social networks outside the EU/EEA and passed on to third parties.

Information, among other things, on the exact scope and purposes of processing your personal data, the storage period/deletion and guidelines for the use of cookies and similar technologies in the context of registration and use of the social networks can be found in the data protection regulations/cookie guidelines of the social networks. There you will also find information on your rights and options to object.

Facebook site

When you visit our Facebook page, Facebook (Meta) records, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more information on this under the following link: https://facebook.com/help/pages/insights..

The transmitted statistical information does not enable us to draw conclusions about individual users. We only use them to respond to the interests of our users and to continuously improve our online presence and ensure its quality.

We only collect your data via our fan page in order to realize a possible provision for communication and interaction with us. This survey usually includes your name, message content, comment content and the profile information you have provided “publicly”.

The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with Article 6 Paragraph 1 f) GDPR. If you as a user have given your consent to the data processing to the respective provider of the social network, the legal basis for the processing extends to Art. 6 Para. 1 a), Art. 7 DSGVO.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access options are limited to your data. Only the provider of the social network is authorized to have full access to your data. Because of this, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of corresponding rights is therefore most effective directly against the respective provider.

Together with Facebook, we are responsible for the personal content of the fan page. Data subject rights can be exercised at Meta Platforms Ireland Ltd. as well as be asserted against us.

According to the GDPR, primary responsibility for the processing of Insights data lies with Facebook and Facebook fulfills all obligations under the GDPR with regard to the processing of Insights data, Meta Platforms Ireland Ltd. makes the essence of the Page Insights supplement available to the data subjects.

We do not make any decisions regarding the processing of Insights data and the storage duration of cookies on user devices.

Further information can be found directly on Facebook (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum..

Instagram page

When you visit our Instagram page, Instagram (Meta) records, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page. Instagram provides more information on this under the following link (note: clicking on the following link will take you to the website of the social network Facebook, also part of the Meta Group. However, the information provided via the link applies equally to the social network Instagram): https://facebook.com/help/pages/insights.

Using the transmitted statistical information, it is not possible for us to draw conclusions about individual users. We only use them to respond to the interests of our users and to continuously improve our online presence and ensure its quality.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access options are limited to your data. Only the provider of the social network is authorized to have full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of corresponding rights is therefore most effective directly against the respective provider.

Together with Instagram, we are responsible for the personal content of the fan page. Data subject rights can be exercised at Meta Platforms Ireland Ltd. as well as be asserted against us.

According to the GDPR, the primary responsibility for the processing of Insights data lies with Instagram and Instagram fulfills all obligations under the GDPR with regard to the processing of Insights data, Meta Platforms Ireland Ltd. makes the essence of the Page Insights supplement available to the data subjects.

We do not make any decisions regarding the processing of Insights data and the storage duration of cookies on user devices.

Further information can be found directly on Instagram (supplementary agreement with Facebook): https://www.facebook.com/legal/terms/page_controller_addendum.

For more information, including the exact scope and purposes of processing your personal data, the storage period/deletion and guidelines for the use of cookies and similar technologies as part of registration and use, see Instagram’s data protection regulations/cookie guidelines (Note: by Clicking on the link below will take you to the website of the social network Facebook):
https://help.instagram.com/519522125107875/?helpref=uf_share
This information can also be viewed in the help section of the Instagram website via the following link:
https://help.instagram.com/581066165581870

LinkedIn page

LinkedIn is a social network of LinkedIn Inc. based in Sunnyvale, California, USA, which enables the creation of private and professional profiles of natural persons and company profiles. Within the social network, users can maintain their existing contacts and make new ones. Businesses and other organizations can create profiles that upload photos and other company information to present themselves as employers and hire employees. Other LinkedIn users have access to this information and can write their own articles and share this content with others. The focus of the network is on the professional exchange on specialist topics with people who have the same professional interests.

Bei der Nutzung oder dem Besuch des Netzwerks sammelt LinkedIn während der Nutzung bzw. des Besuches automatisch Daten von den Nutzern bzw. Besuchern, beispielsweise Nutzername, Jobtitel und IP-Adresse. Dies geschieht mit Hilfe verschiedener Tracking-Technologien. LinkedIn stellt Nutzen unter anderem auf Basis der so erhobenen Daten Informationen, Angebote und Empfehlungen bereit.

When using or visiting the network, LinkedIn automatically collects data from the users or visitors during use or the visit, such as user name, job title and IP address. This is done with the help of various tracking technologies. LinkedIn provides information, offers and recommendations based on the data collected in this way.

We only collect your data via our company profile in order to realize a possible provision for communication and interaction with us. This survey usually includes your name, message content, comment content and the profile information you have provided “publicly”.
The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with Article 6 Paragraph 1 f GDPR. If you as a user have given your consent to the data processing to the respective provider of the social network, the legal basis for the processing extends to Art. 6 Para. 1 a, Art. 7 DSGVO.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access options are limited to your data. Only the provider of the social network is authorized to have full access to your data. As a result, only the provider can directly take and implement appropriate measures to fulfill your user rights (request for information, request for deletion, objection, etc.). The assertion of corresponding rights is therefore most effective directly against the respective provider.

Together with LinkedIn, we are responsible for the personal content of our company profile. Rights of data subjects can be asserted with LinkedIn Inc. and with us.

We do not make any decisions regarding the data collected on the LinkedIn site using tracking technologies.

For more information about LinkedIn, visit: https://about.linkedin.com.

Further information on data protection at LinkedIn can be found at: https://www.linkedin.com/legal/privacy-policy.

You can find more information on the storage period/deletion and guidelines for the use of cookies and similar technologies when registering and using LinkedIn at: https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy.

XING page

XING is a social network of New Work SE based in Hamburg, Germany, which enables the creation of private and professional profiles of natural persons and company profiles. Within the social network, users can maintain their existing contacts and make new ones. Businesses and other organizations can create profiles that upload photos and other company information to present themselves as employers and hire employees. Other XING users have access to this information and can write their own articles and share this content with others. The focus of the network is on the professional exchange on specialist topics with people who have the same professional interests.

When using or visiting the network, XING or third parties used automatically collect data from users or visitors, such as user names, job titles and IP addresses, during use or visits. This is done with the help of various tracking technologies. XING provides information, offers and recommendations based on the data collected in this way.

The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel in accordance with Article 6 Paragraph 1 f GDPR. If you as a user have given your consent to the data processing to the respective provider of the social network, the legal basis for the processing extends to Art. 6 Para. 1 a, Art. 7 DSGVO.

Together with XING, we are responsible for the personal content of our company profile. Rights of data subjects can be asserted with New Work SE and with us.

We do not make any decisions regarding the data collected on the XING site using tracking technologies.

You can find more information about XING at: https://corporate.xing.com/de/unternehmen.

Further information on data protection at XING can be found at: https://privacy.xing.com/de/datenschutzerklaerung.

Google Analytics

Type and scope of processing

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of views of our online offer, visited sub-pages and the length of stay of visitors.

Google Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.

This information is used, among other things, to compile reports on website activity.

Purpose and Legal Basis

The use of Google Analytics takes place on the basis of your consent in accordance with Article 6 Paragraph 1 lit. DSGVO and § 25 Abs. 1 TTDSG.

We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. In cases where there is no adequacy decision by the European Commission (e.g. in the USA), we have agreed other suitable guarantees within the meaning of Art. 44 et seq. GDPR with the recipients of the data. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can find a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE einsehen.

In addition, prior to such a transfer to a third country, we obtain your consent in accordance with Article 49 (1) sentence 1 lit. DSGVO, which you give via the consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that in the case of transfers to third countries there are risks that are unknown in detail (e.g. data processing by security authorities in the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and which you may not be aware of) can exist.

storage duration

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the data protection declaration for Google Analytics: https://policies.google.com/privacy.

Google Tag Manager

Type and scope of processing

We use the Google Tag Manager from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through an interface and allows us to control the precise integration of services on our website.

This allows us to flexibly integrate additional services to evaluate user access to our website.

Purpose and Legal Basis

Google Tag Manager is used on the basis of your consent in accordance with Article 6(1)(a). DSGVO and § 25 Abs. 1 TTDSG.

storage duration

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. You can find further information in the data protection declaration for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy