Name and contact details of the data controller and of the company’s data protection officer:
The data protection officer for the website www.horn-company.de is:
Dr. Oliver Laitenberger
He can be reached at the following address:
Dr. Oliver Laitenberger
Horn & Company
Phone.: +49 (0)211 302726-0
Fax.: +49 (0)211 302726-25
Collection and storage of personal data, and the nature and purpose of its use
When you visit our website www.horn-company.de, the browser on your end device automatically sends information to the server of our website. This information is stored temporarily in what is known as a log file. The following information is collected without any action on your part, and stored until automatically deleted:
The aforementioned data is processed by us for the following purposes:
When you subscribe to our newsletter
If you have expressly declared your consent to your data being processed in accordance with Art. 6(1)(a), first sentence, GDPR, we will use your email address to send you a newsletter on a regular basis.
Entering your email address is sufficient for the newsletter to be delivered.
You can terminate your subscription to the newsletter at any time, for example by using the corresponding link at the end of each newsletter. Alternatively, you can mail your unsubscribe request at any time to firstname.lastname@example.org.
When using our contact form
Should you have any questions, you can contact us via a form provided on the website. This requires you to provide a valid email address so that we know who the enquiry has come from and can reply accordingly. Further information may be provided voluntarily. If your consent has been given, the legal basis for processing the data in order to establish contact is Art. 6(1)(a), first sentence, GDPR.
The personal data we collect when you use the contact form is deleted once we have dealt with your enquiry.
Sharing of data
Your personal data will not be shared with third parties other than for the purposes listed below.
We will share your personal data with third parties only:
Data processing by cookies is necessary for the purposes mentioned above to protect our legitimate interests and those of third parties in accordance with Art. 6(1)(f), first sentence, GDPR. Most browsers accept cookies automatically. You can configure your browser so that no cookies are stored on your computer or that an alert always appears before a new cookie is created. However, fully deactivating cookies may mean that you will not be able to use all the functions provided by our website.
Use of newsletters
We send newsletters, emails and other electronic notifications with promotional information (hereinafter referred to as “newsletter”) only with the consent of the recipients or where legal permission has bene granted. The user’s consent is deemed to have been obtained insofar as the content of the newsletter is specifically described in the course of the registration process.
Use of Sendinblue (formerly Newsletter2Go)
Sendinblue is the software we use for our newsletter. When you subscribe, your data is sent to Sendinblue GmbH. Sendinblue is not permitted to sell your data or use it for purposes other than delivering newsletters. Sendinblue is a German, certified provider selected in accordance with the requirements of the General Data Protection Regulation (EU GDPR) and the German Data Protection Act. You can find more information here: de.sendinblue.com/informationen-newsletter-empfaenger/
If you would like to receive the newsletter offered on the website, we require an email address from you together with information that will allow us to verify that you are the owner of the specified email address and that you agree to receive the newsletter.
To ensure that newsletters are delivered with your consent, we use what is known as the double opt-in procedure with this service provider to add the potential recipient to a distribution list. Subsequently, the user is sent a confirmation mail so that he/she has the opportunity to acknowledge registration in a legally-compliant manner. Only once confirmation has been received is the address physically included in the distribution list. We use this data exclusively to deliver the requested information and any offers.
You can revoke your consent to this data and the email address being stored, together with this data being used to deliver the newsletter at any time via Newsletter2Go, for example via the “unsubscribe” link in the newsletter. Alternatively, you can mail your unsubscribe request at any time to email@example.com.
Analysis tools / tracking tools
We used the following tracking tools on the basis of Art. 6(1)(f), first sentence, GDPR. These tracking tools help us to continuously improve our website in accordance with user needs. At the same time, we use tracking tools to collect statistics on how our website is being used and to evaluate it for optimisation purposes. These interests can be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and categories of data can be found in the information on the corresponding tracking tools.
To help us continuously improve our website in accordance with user needs, we use Google Analytics, an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). In this context, pseudonymised usage profiles are created and cookies used (see section 4). The information generated by the cookie about your usage of this website, such as
are transferred to a Google server in the USA and stored there. The information is used to evaluate website usage, compile reports on the website activities, and to provide further services connected to website usage and Internet usage for the purposes of market research and user-centric website design. Here too, Google may transfer this information to third parties where there is a legal requirement to do so or where third parties need to process this data on behalf of Google. Under no circumstances will your IP address be associated with other Google data. The IP addresses are anonymised so that assignment is not possible (IP masking).
You may adjust the settings in your browser software to prevent cookies from being stored; we should point out, however, that doing so may prevent you from making full use of all the functions on this website.
Furthermore, you can prevent the data created by the cookie relating to your usage of the website (including your IP address) from being sent to Google and prevent Google from processing this data by downloading and installing the browser add-on which is available at the following link: [http://tools.google.com/dlpage/gaoptout?hl=de]. As an alternative to the browser add-on (especially for browsers on mobile devices), you can prevent Google Analytics from collecting your data by clicking on this link: Deactivate Google Analytics. This sets an opt-out cookie that prevents any further collection of your data when you visit this website. The opt-out cookie is valid only in this browser and only for our website, and it is stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found on the Google Analytics help page (https://support.google.com/analytics/answer/6004245?hl=de).
Google Adwords Conversion Tracking
We use Google’s reCaptcha service to determine whether a human or a computer is making an entry on our contact or newsletter form. Google uses the following data to verify whether you are a human or a computer: the IP address of the device used, the website you are visiting on which the captcha is embedded, the date and duration of your visit, data to identify your browser and operating system, your Google account (if you are logged into Google), mouse movements on the various reCaptcha squares, and tasks that require you to identify images. The legal basis for the data processing described is Art. 6(1)(f) GDPR. Our legitimate interest is ensuring the security of our website and protecting ourselves from automated attacks.
MailChimp newsletter distribution service
The newsletter is sent out by “MailChimp”, a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
Recording of statistics and analysis
The newsletters contain what is known as a web beacon, a file the size of a pixel that is called up by the MailChimp server whenever the newsletter is opened. During access, technical information such as data on the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used to improve the services on the basis of technical data or target groups and their reading behaviour based on their access locations (which can be determined with the help of the IP address) or access times.
Statistical surveys also include determining whether newsletters are opened, when they are opened, and which links are clicked on. For technical reasons, this information can be associated with individual recipients. However, it is neither our nor MailChimp’s intention to monitor individual users. Rather, these analyses help us to identify the reading habits of our users and tailor content, or to deliver different content to reflect the interests of our users.
Online retrieval and data management:
Social Media Plug-ins
We use plug-ins of the social networks Facebook, Twitter, Instagram, YouTube, XING, LinkedIn, and kununu, etc. on our website on the basis of Art. 6(1)(f), first sentence, GDPR to raise our company’s profile. The underlying promotional purpose is the legitimate interest in terms of the GDPR. The respective providers are responsible for operating their networks in a manner commensurate with the pertinent data privacy laws. We integrate these plug-ins using the “two-click method” to afford visitors to our website the best possible protection.
Placement of company profiles on social media platforms (XING, LinkedIn, etc.)
Horn & Company uses company profiles on platforms such as XING, LinkedIn, kununu, etc. for advertising and recruitment purposes.
The information is used – to the degree authorised by the user on the respective platform – for the purpose of establishing contact.
Online job applications and use of the contact form
Data collected during the application process is used solely for selecting suitable applicants to fill vacancies. Data is not collected for any other purpose. The applicant independently decides how much information he/she wishes to provide in the online application. The data collected in online applications is transmitted electronically to our personnel department for further processing. Data is transmitted in encrypted format. As a rule, applications are forwarded to the responsible recruiters in our company and then used as preparation for interviews. It goes without saying that the information provided by applicants is treated in the strictest confidence; the data is not shared outside the application process.
The personal data of applicants is stored until the advertised position is filled. If the applicant wishes the data to be stored for a longer period during the application process, we ask that he/she informs us accordingly. Lengthier storage periods may also arise if the data is needed to assert, exercise, or defend legal claims before an authority, or if there is a legal requirement to retain the data. In that case, the data will be stored for as long as is necessary to fulfil the purpose in hand.
To be able to contact applicants later, we store profiles electronically. The applicant may, at any time, informally revoke his/her consent to storing the data with future effect. Applicants also have the right to obtain, at any time, information on the personal data stored about them, to have that data corrected or deleted, and to restrict processing thereof. Please contact us by email at firstname.lastname@example.org to assert these rights or obtain additional information on them.
Rights of the data subject
You have the right:
in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned period of storage, the existence of a right to rectification, erasure, limitation of processing or objection, the origin of your data, if not collected by us, and the existence of an automated decision-making process including profiling and, where appropriate, request meaningful information on the details thereof;
in accordance with Art. 16 GDPR, to demand the correction, without delay, of inaccurate or incomplete personal data stored by us;
in accordance with Art. 17 GDPR, to demand the erasure of your personal data stored by us insofar as processing is not necessary for the exercise of the right of freedom of expression and information, the fulfilment of a legal obligation, for reasons of public interest, or for the assertion, exercise, or defence of legal claims;
in accordance with Art. 18 GDPR, to demand that processing of your personal data be restricted insofar as you dispute the accuracy of the data, the processing is unlawful and you oppose the erasure of the personal data, we no longer need the data, but you do need it to establish, exercise or defend legal claims, or you have lodged an objection against processing pursuant to Art. 21 GDPR;
in accordance with Art. 20 GDPR, to receive – in a structured, commonly used, and machine-readable format – the personal data you have provided, and to have that data transmitted to another controller;
in accordance with Art. 7(3) GDPR, to withdraw, at any time, the consent you granted us. The consequence of the above is that we will no longer be permitted to continue data processing based on this prior consent, and
in accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you should reach out to the competent supervisory authority of your habitual residence, place of work, or of our company headquarters.
Right of objection
If we are processing your personal data for a legitimate interest pursuant to Art. 6(1)(f), first sentence, GDPR, you have the right, under Art. 21 GDPR, to object to said processing insofar as the grounds for doing so arise from your particular situation, or if you are lodging an objection because the data is being processed for direct marketing purposes. In the latter case, you have a general right of objection which we shall implement without your having to specify a particular situation. If you wish to exercise your right of revocation or lodge an objection, simply send an email to email@example.com
During visits to our website, we use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser. We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with the latest technological advancements.
Quelle und Basis für diese Datenschutzerklärung: Deutscher Anwaltsverein (April 2018)