We attach great importance to the protection of your data. In order to inform you fully about the use of personal data, we ask you to take note of the following privacy notices.
Haubis GmbH in the episode shortly called "Haubis".
(A) 3252 Petzenkirchen
2. Purpose of data processing
Haubis processes personally identifiable information about employees, partners, customers, suppliers and visitors for the purpose of doing business and fulfilling related legal and contractual requirements. Personal data that you transmit electronically on this website, such as name, e-mail address, address or other personal information, will only be used by us for the specified purpose, kept safe and not disclosed to third parties. The provider automatically collects and stores information on the web server, such as the browser, operating system, reference page, IP address, time of access, etc. These data can not be assigned to specific persons without checking other data sources and we will not evaluate these data any further as long as they are not illegal Use of our website.
2.1 Processing of customer data
Haubis stores and processes the personal data provided by interested parties and customers for the preparation of offers and the processing of assignments as well as the fulfillment of the associated contractual and legal obligations. To fulfill legal obligations, the data is also forwarded to authorities and public authorities.
User data is collected to facilitate the provision of services and for the following purposes: interaction with external social networks and platforms and data analysis. The personal data used for the purpose is described in the relevant sections of this document.
Personal data is collected for the following purposes and for the use of the following services: Google Analytics and Google Maps. Provider is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
2.2 Processing of visitor data
Haubis stores and processes personal data of visitors for the purpose of organizing and hosting events within the Haubiversum - Breadworld.
The contact details and application documents submitted in the course of an application will be electronically processed by us for the purpose of selecting suitable candidates for employment. In case of cancellation, the application documents will only be kept in evidence, if you agree.
2.4 Form data and comments
When website visitors leave comments or form entries, the data entered and their IP addresses are saved. This is for security, if someone authorizes unlawful content (insults, right-wing or extreme right propaganda, hate mailings, etc.). In this case, we are interested in the identity of the author.
2.5 Website & Cookies
2.5.1 IP address
When visiting our website, information is automatically stored on the web server. This includes the browser used, the operating system used, which page you brought to our website, the IP address, the time of access and other information. These data are pseudonymized from the perspective of Haubis and can not be assigned to unique people without additional data sources. Haubis does not evaluate this data as long as there is no illegal use of the website. 2.5.2 Cookies Cookies are small files that allow this website to store on the visitor's computer specific user-related information while our website is being visited. Cookies help us to determine the frequency of use and the number of users of our websites, as well as to make our offers comfortable and efficient for you. On the one hand, we use session cookies, which are cached exclusively for the duration of your use of our website, and on the other, permanent cookies, in order to record information about visitors who repeatedly access our website. The purpose of the use of these cookies is to be able to offer an optimal user guidance and to recognize visitors and to be able to present an attractive website and interesting contents with repeated use. The content of a permanent cookie is limited to an identification number. Name, IP address etc. are not saved. A single profile about your usage behavior does not take place. A use of our offers is also possible without cookies. You can disable cookies in your browser, restrict them to certain websites, or set your web browser (Chrome, IE, Firefox, ...) to notify them when a cookie is sent. You can also delete cookies from your PC hard drive at any time. Please note, however, that in this case you will have to reckon with a limited representation of the page and with limited user guidance.
2.5.3 Google Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution that enables marketers to manage website tags from one interface. The tool itself (which implements the tags) is a cookie-less domain and does not collect personally identifiable information. The tool triggers other tags, which may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
2.5.4 Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a server of Google in the US transferred and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google. You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to use all the functions of this website in full. In addition, you can prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by using the link below (https://tools.google.com/dlpage/gaoptout?hl=en) to download and install the available browser plugin.
2.5.5 Google Maps
2.5.6 Social Media Plugins
This website uses plugins for social media. These plugins are only activated by clicking on the visitor of the website. Haubis does not process any personal data here.
126.96.36.199 Inclusion of YouTube videos
2.5.5 Facebook Pixels, Facebook Custom Audiences and Facebook Conversion
Within our online presence, the so-called "Facebook Pixel" of the social network Facebook, which is Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are located in the EU, Facebook Ireland Ltd ., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland operated ("Facebook").
On the one hand, with the help of the Facebook pixel, Facebook is able to designate you as a visitor to our online offer as a target group for the presentation of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook Pixel to display the Facebook Ads we have been sent only to those Facebook users who have also shown an interest in our online offering or certain features (eg interests in certain topics or products that have been visited by them) Web pages determined), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to make sure that our Facebook ads are in line with the potential interest of users and are not annoying. With the help of the Facebook pixel, we can continue to understand the effectiveness of the Facebook ads for statistical and market research purposes, in which we see whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").
The processing of the data by Facebook is within the scope of the data usage policy of Facebook. Accordingly, general notes on the presentation of Facebook Ads, in the data usage policy of Facebook. Special information and details about the Facebook pixel and how it works can be found in the Help section of Facebook.
- EU-US-Privacy Shield
Facebook is certified under the Privacy Shield Agreement, providing a guarantee to comply with European privacy legislation. basis The use of Facebook Pixel as well as the storage of "conversion cookies" is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in analyzing user behavior in order to optimize both our web site and our advertising.
- Order Data Processing Contract
For the processing of the data in which Facebook acts as a data processor, we have a contract data processing contract with Facebook, in which we commit Facebook to protect the data of our customers and not to pass them on to third parties.
We use your information provided in the course of subscribing to the newsletter to keep you up to date on company news and current offers. To ensure that the newsletter is sent to us, we use the double-opt-in procedure. In the course of this, the potential recipient can be included in a distribution list. Afterwards, the user receives a confirmation e-mail to confirm the application legally. Only when the acknowledgment is made, the address is actively included in the distributor. We use this data exclusively for the delivery of the requested information and offers. You can revoke the granted consent to the storage of data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. As Newsletter Software CleverReach GmbH & Co. KG is used. Your data will be transmitted to CleverReach. CleverReach is prohibited from selling your data and using it for purposes other than sending newsletters. CleverReach is a German, certified provider, which was selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act. Further information can be found here: https://www.cleverreach.com/de/datensicherheit/
2.7 TimeSloth reservation tool
To make reservations available worldwide as quickly as possible, TimeSloth is a cloud-based web tool. All technical solutions are GDPR-compliant and the technical partners were selected on this basis. TimeSloth uses Google Firebase for the database, user accounts and web hosting. Google Firebase is a service from Google. The database runs on a distributed Google data center with locations in Western Europe (Belgium, Great Britain, Germany, the Netherlands and Switzerland). More about Google and GDPR compliance: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://cloud.google.com/security/gdpr/?fbclid=IwAR2SadDf4BhHwBDhFXo1U96QIXsShgidhXXZjiLI_IrmHdCKbUVnMV
Heroku is used as the interface server. No personal data is saved. Here is the information about Heroku and GDPR compliance: Salesforce Inc, 50 Fremont St, Suite 300, San Francisco, California 94105, https://devcenter.heroku.com/articles/gdpr?fbclid=IwAR1n2HR5nIODGTl_l7cyER2-3pxhsF9sDhI_i5Dxp7kU
The ticket emails are sent via AWS. AWS is GDPR-compliant: Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxemburg, https://aws.amazon.com/de/compliance/gdpr-center/?fbclid=IwAR2bDddaUcQCVYz88D7FbkD3_8S4MjWmAQtND3_8S4MjWmAQtND3Q8A4XND3Q
TimeSloth uses Sentry to be able to react quickly to runtime errors. Sentry is also GDPR compliant: Functional Software Inc., Sentry, 132 Hawthorne Street, San Francisco, California 94107, https://sentry.io/security/ .
2.8. Principles of processing of personal data
The processing of personal data is based on strict principles, which regard the protection and security of the data and the rights of those concerned as the highest goods.
2.8.1 Legality & Transparency Data
processing is lawful, in good faith. The data subject will be informed when collecting data on the planned processing and handling of the data. Thus, affected persons are informed at least about the following points:
- Responsible for data processing
- Purpose of data processing
- Legal basis of processing
2.8.2 Purpose limitation
The data is collected and processed for specified, explicit and legitimate purposes. The processing of the data is not done in a manner incompatible with these purposes.
2.8.3 Data minimization
Only those data are collected and processed which are absolutely necessary for the stated purposes. If it is possible to achieve the purpose and the effort is reasonable, only anonymous data will be processed.
2.8.4 Memory limit and deletion
Personal data is deleted as soon as the purpose for which it was originally collected expires and legal retention periods do not prevent deletion. If, in individual cases, there are legitimate interests in these data, they will continue to be stored until the interest worthy of protection has been legally clarified.
2.8.5 Data security
Personal data is subject to data secrecy. The data are to be treated confidentially and are protected by appropriate organizational and technical measures against unauthorized access, unlawful manipulation or disclosure as well as loss and destruction.
2.8.6 Material accuracy
Personal data is correct, complete and up-to-date. Appropriate measures are taken to correct outdated, incorrect or incomplete data.
3. Commitment to data secrecy
All employees of Haubis are contractually bound to secrecy and are regularly advised and trained on the safe handling of personal and other critical data.
4. Data security
Protecting the confidentiality, availability and integrity of data is a key task for Haubis. This applies equally to company secrets, customer data, personal data and other critical information. For this purpose technical and organizational safety measures according to the state of the art and internationally recognized best practices as well as safety standards are established and constantly improved.
5. Data Protection
Haubis is not in the need to designate a data protection officer, since Article 37 (1) of the EU GDPR is not applicable.
6. Rights of the persons concerned
Every affected person whose personal data is processed by Haubis, has the opportunity at any time to assert their data subject rights. To exercise your rights, you can always contact us in writing via e-mail to email@example.com.
You also have the right to lodge a complaint with the data protection authority at any time: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, Tel: 0043 152 152-0, email firstname.lastname@example.org.
Affected parties may at any time request information about which personal data is processed about them and which purposes this processing serves.
Affected parties have the right to demand the immediate correction of incorrect personal data concerning them.
Affected persons have the right to restrict processing if the accuracy of the data concerning them is disputed, the processing is unlawful, the data are no longer needed for processing or the data subjects have objected to the processing.
Affected persons have the right to object at any time to the processing of personal data concerning them.
Affected individuals have the right to receive personally identifiable information they have provided to Haubis in a structured, common and machine-readable format. You also have the right to request the transfer of this data to another person responsible, if technically feasible. The transferability applies only to personal data that is processed using automated procedures.
6.6 Deletion - right to be forgotten
The data subject has the right to demand the immediate deletion of personal data concerning him if the legal basis for the processing of the data is missing or omitted, the data processing is objected, the data processing is unlawful and no legal retention periods make deletion impossible. Data security also has a high priority with regard to the rights of the victims, which is why the assertion of data subject rights is only possible after a doubtless identification of the data subject. You also have the right to complain to the data protection authority at any time.
7. Data transmission
A transfer of personal data to recipients outside the group and recipients in EU third countries will only be in accordance with applicable laws and on a lawful basis, and with the utmost confidentiality and data security. Outside the EU, only IP addresses are transmitted. Haubis uses various processors for processing. All processors are contractually bound to comply with applicable data protection laws through a contract processor agreement.
8. Continuous control and improvement
The continuous improvement of quality and processes has a very high priority at Haubis. Compliance with data protection policies, applicable legislation and the effectiveness of data protection and data protection measures is continuously measured and enhanced to ensure the best possible protection of data protection.