Privacy Policy
Last updated: September 2022
Auto-Kabel appreciates your visit to our website and your interest in our company and our products. Pursuant to the applicable data protection regulations, the following will inform you about the type and scope of the personal data that we, or a service provider or third-party provider we employ, collect as part of
- your visit to our website,
- our social media presences,
- the use of the contact form,
- job advertisements, and
- sending the newsletter
(jointly referred to hereinafter as the “Website”), the purpose for which we use those data, how we use them to optimise our services for you, and about your rights as the data subject.
A. General
1. Controller / Data protection officer
(1) The Controller according to Art. 4 (7) EU General Data Protection Regulation (GDPR) is
Auto-Kabel Management GmbH
Im Grien 1, 79688 Hausen im Wiesental
Germany
Phone: +49 (0) 7622 / 3903 – 0
Fax: +49 (0) 7622 / 3903 – 400
E-Mail: info@autokabel.com
hereinafter referred to as “Auto-Kabel”, “we” or “us”.
You can find more information about the provider in our Legal Notice.
(2) You can reach the company data protection officer as follows: datenschutzbeauftragter@autokabel.com or via our postal address with the addition “For attention of Data Protection Officer”.
2. Types of data processed, categories of data subjects
2.1 Nature of the data processed
- Contact details (e.g., email, telephone numbers)
- Content data (e.g., text input, photographs, videos)
- Communication data and history
- Meta/communication data (e.g. device information, IP addresses)
- Usage data (e.g. websites visited, interest in content, access times)
- Geolocation (data indicating the location of an end user’s terminal device)
- Tracking data
- Data within the scope of the use of JITSI
- Your contributions, especially posted content
2.2 Categories of data subjects
- Visitors and users of the website
- Customers, interested parties, suppliers
- Video conference participants
- Applicants
- Other communication partners
(Hereafter, we also refer to the data subjects collectively as “users”.)
3. Purposes of processing
We use your personal data
- for the provision of the website and the online offer, its functions and content
- for support purposes
- for conducting video conferences
- for managing and responding to contact requests and communication with users
- for the provision of contractual benefits and services
- for the assertion, enforcement, exercise or defence of and against legal claim(s) and legal dispute(s) and for the detection, investigation and prevention of criminal offences
- for the implementation of security measures
- for direct marketing purposes, such as the email newsletter, surveys, and invitations to events
4. Provision of the website and log files
(1) In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser automatically transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 (1)(1)(f) GDPR):
· IP address
· Date and time of the request
· Time zone difference from Greenwich Mean Time (GMT)
· Content of the request (specific page)
· Access status/HTTP status code
· Data volume transferred in each case
· Website from which the request comes
· Browser
· Operating system and its interface
· Language and version of the browser software
· Transmission protocol
(2) The IP addresses of the users are deleted or anonymised after termination of use. In the case of anonymisation, the IP addresses are changed in such a way that the individual data on personal or factual circumstances can no longer be attributed to a specific or identifiable natural person or can only be attributed to a specific or identifiable natural person with a disproportionate amount of time, cost and labour.
5. Cookies
(1) In addition to the aforementioned log files, cookies are stored on your computer when you use our website. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive and through which certain information flows to the body that sets the cookie (in this case us). Cookies cannot execute programs or transmit viruses to your computer. They serve to make the internet offer as a whole more user-friendly and effective and also collect information for this purpose.
(2) Use of cookies:
a) This website uses the following types of cookies, the scope and functionality of which are explained below:
- Session Cookies (see b)
- Persistent Cookies (see c).
b) Session Cookies store a so-called session ID, with which various requests from your browser can be assigned to the joint session. Session cookies are automatically deleted one hour after you log out or close the browser. If you restart your browser and go back to the website, the website will not recognise you. You will need to log in again (if a login is required) or reset templates and preferences if the website offers these features. A new session cookie is then generated which stores your information and remains active until you leave the site and close your browser.
c) Persistent Cookies are automatically deleted after a predefined duration, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
(3) For what purposes do we use cookies?
We use cookies to personalise content and ads, provide social media features and analyse traffic accessing our website. We also share information about your use of our website with our social media, advertising and analytics partners. Our partners may combine this information with other data that you have provided to them or that they have collected in the course of your use of the Services. You give consent to our cookies when you continue to use our website.
(4) Overview
Purpose | Description | Retention period |
Technically necessary cookies | Technically necessary cookies enable the use of our website by providing basic functions such as page navigation and access to secure areas of the website. Visiting our website cannot function properly without these cookies. | Session cookies – these are deleted when the browser is closed |
Performance (e.g. user’s browser) and preferences | When using our website, cookies are used (e.g. to recognise the browser) to improve performance (e.g. faster loading of content). When you visit our website, the country and language selection determined or selected by you is stored in cookies to save you having to make the selection again on subsequent visits. In advance, we check whether your browser supports cookies and this information is stored in another cookie. Subsequently, you will be shown contact information localised according to country and language, which will also be stored. The legal basis for this is Art. 6 (1)(1)(f) GDPR, § 25 TTDSG [German Telecommunication Act]. | Session cookies – these are deleted when the browser is closed. |
Analytical cookies (statistics) | We use analytical cookies from third-party providers to understand how visitors use our site. This helps us improve our site’s quality and content. The aggregated statistical information contains data, such as the total number of visitors. For example, we learn how frequently and in what sequence the individual sites were retrieved and how much time the visitors spend on our sites on average. We also learn whether users have visited our internet services before. The legal basis for this is a consent granted (Art. 6 (1)(a) GDPR, § 25 TTDSG). For additional information see section B). | Permanent cookies remain, but are deleted automatically after 26 months if the website is no longer visited (unless shorter retention periods apply in individual cases). |
Security setting | Cookies from Cloudflare · __cfduid · Usage: Security settings for each individual visitor (see Section 10) · Example value: d798bf7df9c1ad5b7583eda5cc5e78331599407465 | Persistent cookie |
(5) Using such cookies is legally based on the European ePrivacy Directive (the “Cookie Law”) in conjunction with the German Telemedia Act (§§ 12 et seqq. TMG, up to 30 November 2021) or, beginning on 1 December 2021 – the German Law to Regulate Data Privacy and Protect the Private Sphere in Telecommunication and Telemedia (§ 25 et seq. TTDSG)) and the GDPR.
(6) Control over cookies
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally, and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
6. E-Mail contact
(1) Auto-Kabel provides contact details for contact persons on its website. The legal basis for the processing of the data transmitted to us in the course of sending a contact enquiry by email is Art. 6 (1)(f) GDPR. The processing of this data is necessary to protect your and our legitimate interests, in particular to respond to your enquiry. If the email contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 (1)(b) GDPR. If the contact request is aimed at initiating an employment relationship, the additional legal basis is Section 26 BDSG (German Federal Data Protection Act).
(2) The data shall be deleted as soon as it is no longer required to achieve the purpose of its collection. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.
7. Online application
(1) Vacancies are advertised on our website under the heading “Jobs”. A contact person with contact details for queries is named for the respective position. We collect, process and use your personal data to process your online application. Your online application data will be sent directly to the personnel department by email and will, of course, be treated confidentially. Suitable technical and organisational measures ensure that your personal data is treated confidentially within the legal requirements.
(2) When filling out your online application, please note that the transmission of data by email is not encrypted and the data could possibly be accessed or falsified by unauthorised persons. You are welcome to send us your documents by post. If you have applied for a specific position and this position has already been filled or if we consider you to be equally or even more suitable for another position, we would be happy to forward your application within our company. Please inform us if you do not agree with this procedure. After the end of the application process, but after 6 months at the latest, your personal data will be automatically deleted unless you expressly consent to its storage for a longer period.
8. Retention period
We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. We delete your personal data as soon as it is no longer required for the above-mentioned purposes. Cookies are automatically deleted in accordance with Section 5. In this context, personal data may be retained for the period during which claims can be asserted against our companies (statutory limitation periods of three or up to thirty years). We also store your personal data insofar as we are legally obliged to do so. Corresponding proof and retention obligations result from commercial, tax and social security regulations.
9. Automated decision making
As a matter of principle, we do not use fully automated decision-making or profiling in accordance with Article 22 of the GDPR to establish and implement the business relationship.
B. Data processing by third party providers / video conference
10. Cloudflare
(1) We use Cloudflare from Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) on this website to make our website faster and more secure. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network and various security services. These services are located between the user and our hosting provider and act as a reverse proxy for websites.
(2) Cloudflare generally only forwards data that is controlled by website operators. The content is therefore not determined by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information on the use of our website and process data that is sent by us or for which Cloudflare has received appropriate instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data and performance data for websites derived from browser activity. Log data helps Cloudflare to detect new threats, for example. In this way, Cloudflare can ensure a high level of security protection for our website. Cloudflare processes this data within the scope of the services in compliance with applicable laws. This of course also includes the General Data Protection Regulation (GDPR).
(3) For security reasons, Cloudflare also uses a cookie. The cookie (__cfduid) is used to identify individual users behind a shared IP address and to apply security settings for each individual user. This cookie becomes very useful, for example, if you are using our website from a location where there are a number of infected computers. However, if your computer is trustworthy, we can recognise this from the cookie. This means that you can surf our website unhindered, despite infected PCs in the vicinity. It is also important to know that this cookie does not store any personal data. This cookie is absolutely necessary for the Cloudflare security functions and cannot be deactivated.
(4) Cloudflare stores your information primarily in the United States and the European Economic Area. Cloudflare may transfer and access the information described above from around the world. In general, Cloudflare stores user-level data for domains in the Free, Pro and Business versions for less than 24 hours. For Enterprise domains that have Cloudflare Logs (formerly Enterprise LogShare or ELS) enabled, data can be stored for up to 7 days. If IP addresses trigger security alerts at Cloudflare, there may be exceptions to the above retention period.
(5) The data is processed on the basis of the EU standard contractual clauses (Cloudflare Data Processing Addendum).
11. Use of Jitsi Meet
(1) Jitsi is a collection of free software for IP telephony (VoIP), video conferencing and instant messaging. The provider of the Jitsi Meet platform is Auto-Kabel. We host and operate Jitsi on our servers (self-hosted).
(2) We process the following categories of data:
- User details: First name, last name, telephone (optional), email address, password (if “single sign-on” is not used), profile picture (optional),
- Meeting meta data: Subject, description (optional), participant IP addresses, device/hardware information
- For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
- When dialling in by telephone: Information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
- Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device is processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the “JITSI” applications.
- Device/hardware data: e.g. IP addresses, MAC addresses, Clint version
In order to participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.
(3) The legal basis for the processing is your consent according to Art. 6 (1)(a) GDPR.
(4) Personal data processed in connection with participation in “online meetings” will not be disclosed to third parties as a matter of principle, unless they are specifically intended to be disclosed. Please note that the content of online meetings, as well as personal meetings, is often used to communicate information with customers, suppliers, stakeholders or third parties and is therefore intended to be passed on.
12. Google Maps
(1) This website uses Google Maps to display interactive maps. Google Maps is a map service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
(2) By using Google Maps, information about the use of this website, including your IP address, may be transmitted to Google in the USA. When you call up a web page on our website that contains Google Maps, your browser establishes a direct connection with Google’s servers. The map content is transmitted by Google directly to your browser, which then integrates it into the website. We therefore have no influence on the scope of the data collected by Google in this way. According to our knowledge, this is at least the following data:
- Date and time of the visit to the website in question,
- Internet address or URL of the accessed website,
- IP address, (start) address entered as part of route planning.
(3) We have no influence on the further processing and use of the data by Google and can therefore accept no responsibility for this.
(4) If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display.
(5) The purpose and scope of the data collection and the further processing and use of the data by Google, as well as your rights in this respect and setting options for protecting your privacy by Google, can be found at: https://www.google.com/intl/de/policies/privacy/
13. Social Media
13.1 General information
(1) Auto-Kabel is interested in presenting itself on social media channels, being approachable for customers, service providers, other business partners, contenders, and stakeholders, and advertising topics and products on social networks. Besides the respective provider of a social network, we also collect and process personal user data on our social media channels. For the respective data processing purposes and data categories, see the individual social media channels explained in detail in the following.
(2) The data processing basically serves the following purposes:
- Communication with the visitor to Auto-Kabel’s social media channel;
- job advertisements,
- Processing inquiries from visitors to our Auto-Kabel social media channel; collecting statistical information on the reach of Auto-Kabel’s social media channels;
- Conducting customer surveys, marketing campaigns, market analyses, lotteries, competitions and similar actions or events;
We must process your personal data to attain those purposes.
(3) We include postings and recommendation functions from Facebook, Instagram, LinkedIn, Xing, and YouTube in our site. These services are inactive by default, but can be activated by the user. The services are mostly headquartered in the USA, but are governed by the usual data privacy regulations in the EU and EEA States. If, for example, you actively use a recommendation switch on our site or read an article with an embedded post or YouTube video, general framework data such as your IP address can be transmitted back to the social networks and platforms due to the embedding technology. We have no influence on how the platforms use the data (including to create user profiles, if applicable). Please see Facebook, YouTube, etc. directly in this regard and adjust your privacy settings on those sites accordingly.
(4) In social networks and on other external platforms, the data privacy policy of the company in question applies even if we disseminate our brand information and maintain presences on those platforms. To that end, the US company provides us with its content management system and general usage data, such as the number of visits, the usage duration, reader demographics, and the user names of all the contacts – here you can find out more about the network’s data privacy regulations.
(5) Under the following links, you can learn about the privacy policy of the individual third-party providers:
- Content of Facebook: We use the Facebook plug-in to integrate Facebook content into our internet services. Facebook’s privacy policy: https://www.facebook.com/privacy/explanation. https://facebook.com/. Terms of use: https://facebook.com/legal/terms?ref=pf, Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Meta Platforms Ireland Limited is a company registered in accordance with the laws of the Republic of Ireland. Commercial Register Number: 462932
- Content of Instagram: Instagram’s “Embed” function allows us to integrate its images and videos into our services. Instagram’s privacy policy: https://www.instagram.com/legal/privacy/
- Content of YouTube: We use the YouTube player to integrate Videos from a YouTube channel or videos from other providers into our internet services. Google’s privacy policy: https://support.google.com/youtube/answer/2801895?hl. Information on the third-party provider “YouTube” https://www.youtube.com/ . Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, telephone: +353 1 543 1000 Fax: +353 1 686 5660, Email: support-deutschland@google.com, E-Mail to make contact electronically: https://www.youtube.com/t/contact_us
13.2 LinkedIn
The Auto-Kabel LinkedIn sites are operated on LinkedIn, a social network of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). If you visit the Auto-Kabel LinkedIn sites, LinkedIn will process your personal data in accordance with their privacy policy, which you will find here.
We process the following personal data:
- Your LinkedIn username and commentary on our Auto-Kabel LinkedIn sites and messages that you send us about our Auto-Kabel LinkedIn sites.
- Other information that is necessary to answer inquiries from our visitors or clearly identify our visitors in our systems.
13.3 Auto-Kabel on XING
(1) The Auto-Kabel XING sites are operated on Xing, a social network of XING SE, Dammtorstr. 30, 20354 Hamburg, Germany (“XING”). If you visit the Auto-Kabel XING sites, XING will process your personal data in accordance with their privacy policy, which you will find here.
(2) We use the statistical information (the scope of interactions, statistics on our visitors’ age composition and working relationships) on the use of the Auto-Kabel XING sites, which XING provides through their statistical service in anonymised form. Auto-Kabel cannot draw any conclusions on individual users or access individual user profiles.
(3) We process the following personal data:
- Your XING username and commentary on our Auto-Kabel XING sites and messages that you send us about our Auto-Kabel XING sites.
- Your activity on our Auto-Kabel XING sites via the XING statistical service, such as the scope of interactions and statistics on our visitors’ age composition and working relationships.
- Other information that is necessary to answer inquiries from our visitors or clearly identify our visitors in our systems.
13.4 Your contributions / terms of use
(1) You can submit your own comments and other content as contributions on our social media presences at any time, provided those functionalities are activated. You are not entitled to their publication, however. We reserve the right to reject individual content, entire discussions, or both at any time without providing further grounds if they violate statutory provisions or we believe such rejection is justified by legal or content-related reasons. We do not allow
- discriminating, racist, or sexist statements
- criminally relevant content – especially insults, slander, defamation, slurs, political propaganda, or the use of symbols of unconstitutional organisations
- incitement to violence of any kind; content that glorifies or trivialises violence, war, or terrorism
- commentary aiming to discredit the author or infringe on the privacy of third parties
- false allegations of fact
- content that infringes on third-party rights, especially copyright
- comments that do not relate to the post being commented on and links to sites having nothing to do with the post being commented on
(2) We may edit posts (while protecting your moral rights) by supplementing or shortening, or correcting it, for example, and protect people mentioned by making them unrecognisable. Please understand that we must punish infringements against these terms of use – from deleting individual posts to excluding and blocking the user account without further explanation.
(3) By posting content (text, images, graphics, videos, or anything else), you grant us non-exclusive usage rights to that content. That means we (or at our instigation, others) may publish, make publicly available, and/or disseminate that content, without paying you a fee; and may do so as often as desired; without restriction as to time or place within our digital presence. You will receive no remuneration for granting us those usage rights.
Links to other websites
(1) Our website might contain links to websites that are operated by third parties and not subject to this data privacy statement. Those third party websites have their own privacy policies and under certain circumstances also use cookies or other tracking technologies. The controller is the respective operator (or the individual or entity named as the controller) of the website in question.
(2) We examine the links to external websites before they are linked. However, we have no influence on whether their operators comply with the data protection provisions. If we become aware of violations or legal infringements, we will remove the offending links immediately.
C. Rights of the data subjects
15. Your rights
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis us as the controller:
a) Rights according to Art. 15 ff. GDPR
The data subject has the right to obtain confirmation from the controller as to whether personal data concerning him or her are being processed. If this is the case, he or she has the right to be informed about this personal data and to receive the information listed in detail in Article 15 GDPR. Under certain legal conditions, you have the right to rectification under Article 16 GDPR, the right to restriction of processing under Article 18 GDPR and the right to erasure (“right to be forgotten”) under Article 17 GDPR. In addition, you have the right to receive the data you have provided in a structured, common and machine-readable format (right to data portability) in accordance with Article 20 of the GDPR, insofar as the processing is carried out with the help of automated procedures and is based on consent in accordance with Article 6 (1)(a) or Article 9 (2)(a) or on a contract in accordance with Article 6 (1)(b) of the GDPR.
b) Withdrawal of consent pursuant to Art. 7 (3) GDPR
If the processing is based on consent, you can withdraw your consent to the processing of personal data at any time. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is not affected.
c) Right of complaint
You have the option of contacting us or a data protection supervisory authority with a complaint (Article 77 GDPR). The supervisory authority in Baden-Württemberg responsible for Auto-Kabel Management GmbH at its headquarters in Hausen is: Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit (State Commissioner for Data Protection and Freedom of Information), Postfach 10 29 32, 70025 Stuttgart, Tel.: 0711/615541-0, FAX: 0711/615541-15, Email: poststelle@lfdi.bwl.de.
d) Right to object pursuant to Article 21 GDPR
In addition to the above rights, you have the right to object as follows:
Right to object on a case-by-case basis
You have the right to lodge an objection at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1)(1)(e) GDPR (data processing in the public interest) and Article 6 (1)(1)(f) GDPR (data processing on the basis of a balance of interests). If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
D. Final provisions
16. Security
(1) We have taken technical and organisational security measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are obliged to comply with the requirements of the GDPR and to handle personal data confidentially.
(2) In the case of the collection and processing of personal data via contact forms, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in accordance with technological developments.
17. Amendment of our Privacy Policy
We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments. In these cases, we will also adapt our Privacy Policy accordingly. Please therefore note the current version of our Privacy Policy.
18. Video surveillance
Information on video surveillance at the Hausen i.W. site can be found here
Your cookie selection history
Date | Version | Consents |
---|