X
espa

GDPR

Privacy Policy

 

01. General

Thank you for your interest in the company websites and other online offers of GLASSCON GmbH, Mergenthalerallee 77, 65760 Eschborn (at Frankfurt am Main), Germany; hereafter referred to as „GLASSCON“.

We take the issues of data protection and confidentiality very seriously and follow applicable European and national data protection rules; In particular, these are the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), the Telemedia Act (TMG) and the Hessian Data Protection and Freedom of Information Act (HDSIG).

For this reason, with the following information we would like to give you an overview of the processing of your personal data by us and of your rights under data protection law, in particular set out in articles 13, 14 and 21 GDPR.

Which data will be processed in detail and in which way it will be used depends on the requested or agreed services. Therefore, not all parts of this information will apply to you.

02. Definitions set out in art. 4 GDPR

This Privacy Policy should be easy to read and to understand as well for the public as for our customers and business partners. Therefore, we orientate ourselves to the following definitions, which are also simple and understandable, set out in art. 4 GDPR.

a) Personal data

„Personal data“ means any information referring to an identified or identifiable natural person(hereinafter the “data subject”). A natural person is considered to be identifiable, who, directly or indirectly can be identified, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, which expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

b) Processing

„Processing“ is any operation or set of operations performed upon personal data with or without the aid of automated procedures, such as specification, collection, organization, ordering, storage, adaptation or modification, reading, querying, use, disclosure through submission, dissemination or any other form of provision, reconciliation or association, restriction, erasure or destruction.

c) Restriction of processing

„Restriction of Processing “is the marking of personal data retained with the aim of limiting its future processing.

d) Profiling

„Profiling“ is any kind of automated processing of personal data that consists in using this personal information to evaluate certain personal aspects relating to a natural person, and in particular to analyze or predict aspects related to job performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts, or relocation of that natural person.

e) Pseudonymization

“Pseudonymization” means the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the help of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that that personal data information is not assigned to an identified or identifiable natural person.

f) The person concerned

”The person concerned” means any identified or identifiable natural person whose personal data is processed by the controller.

g) File system

“File system” means any structured collection of personal data accessible by specific criteria, whether that collection is centralized, decentralized or organized according to functional or geographical considerations.

h) Controller

„Controller“ is a natural or legal person, public authority, agency or other entity, who decides alone or jointly with others on the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.

i) Processor

“Processor” means a natural or legal person, public authority, agency or other entity that processes personal data on behalf of the controller.

j) Receiver

“Receiver” is a natural or legal person, public authority, agency or other entity to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered to be beneficiaries.

k) Third party

“Third party” means a natural or legal person, public authority, agency or other entity than the data subject, the controller, the processor and the persons empowered under the direct responsibility of the controller or the processor to process the personal data

l) Consent

“Consent” means any expression of will voluntarily and unambiguously delivered by the data subject in the form of a statement or other unambiguous confirmatory act by which the data subject indicates that they agree with the processing of the personal data concerning them.

03. Name and contact details of the responsible authority (art. 13 paragraph 1 lit. a GDPR)

The responsible position for the data processing is:

GLASSCON GmbH
Mergenthalerallee 77
D-65760 Eschborn (near Frankfurt am Main)
Germany

Telefon: +49 (0) 61967889560
Mail: info@glasscon.com
Web: https://de.glasscon.com/impressum

VAT identification number: DE 295 381 120
Registry Court: Local court Frankfurt am Main
Registry Number: HRB 109242
Representative managing director: Mr. Dipl.-Ing. Konstantinos Kotalakidis

04. Which data do we use?

We only process personal data that we have received from you as part of our contractual or other business relationship.

In addition, we process personal information that we have legitimately gained from publicly available sources (such as debtor directories, land registers, trade and association registers, press, media) and have permission to process.

Finally, we also work with personal information that we have legitimately received from other third parties (such as Schufa); for example, on the basis of your consent. These are used to execute orders or to fulfill contracts.

Below is an example of some data that we process in cooperation with our customers, suppliers and employees:

  • Personal and standard data (name, address, birthday and place, nationality, pension insurance number, bank details, telephone, fax, Mail);
  • Credentials and authentication data (ID data, signature sample);
  • Business data (documentation and advice logs, payment order, payment transactions).

05. Legal basis and purpose of data processing

We process personal data only for the fulfillment of contractual obligations, due to legal requirements, for our own advertising purposes and for the protection of legitimate interests. The lawfulness of the processing is based on the provisions listed under no. 1 (see above), in particular on art. 6 GDPR.

Depending on the nature of the contract, we process personal data as listed below:

a) Based on your consent
(art. 6 paragraph 1 (a) GDPR)

Insofar as you have given us consent to the processing of personal data for specific purposes (for example, disclosure of personal data to tax consultants as processors within the meaning of art. 28 GDPR or to financial and social authorities, etc.; evaluation of customer data for internal marketing purposes, for example, to Schufa), the legality of this processing is based on your consent.

A given consent can be revoked at any time; see art. 7 para. 3 GDPR. This also applies to the revocation of declarations of consent, which – such as the SCHUFA declaration – were granted to us before the validity of the GDPR, that is before 25 May 2018.

Please note that the revocation only works for the future. Processing that occurred before the revocation is not affected.

a) For the fulfillment of contractual obligations
(art. 6 paragraph 1 (b) GDPR)

The processing of personal data is done, for example

  • to carry out any pre-contractual measures;
  • to enter into, execute or otherwise fulfill our contracts (leases and sales contracts with GLASSCON customers, contracts for work and services with third parties such as suppliers, etc.);

Further details on the purpose of data processing can be found in the respective contract documents and the terms and conditions.

b) Due to legal requirements, for the protection of vital interests or in the public interest
(art. 6 paragraph 1 (c, d, e) GDPR)

In addition, as GLASSCON we are subject to various legal obligations, which means legal requirements that may also be justified in the public interest:

The processing of personal data may therefore be necessary, for example, to fulfill tax control and reporting obligations, to prevent fraud and money laundering and / or to verify identity and age; such arise among others from the banking act, money laundering act and / or various tax laws.

In rare cases, the processing of personal data may be required even if the vital interests of the data subject or another natural person are to be protected. This would be the case, for example, if a visitor (for example customer) would be injured in our company based in Mergenthalerallee 77, 65760 Eschborn), on one of our exhibition stands, transfer areas of the motorhomes or in our rented seminar facilities and then his data (including name, age, health insurance data or other vital information) would have to be forwarded to a doctor, hospital or other third party.

c) In the context of the balance of interests
(art. 6 paragraph 1 (f) GDPR)

In the end, processing of your personal data can be based on art. 6 I lit. f GDPR. Processing operations are based on this legal basis if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail.

An overriding legitimate interest can also be accepted according to the second sentence of recital 47 GDPR if the person concerned is a customer of the person responsible.

Therefore, we process your data in addition to the actual fulfillment of the contract for the protection of legitimate interests of us or third parties. Examples are:

  • the further development and marketing of GLASSCON products and own services;
  • the offered marketing of products or product parts of our contractual partners;
  • the legally permissible documentation of business contacts;
  • advertising, as long as you have not objected to the use of your data;
  • asserting legal claims and defense in legal disputes;
  • ensuring the IT security and the IT operations of GLASSCON;
  • prevention and investigation of criminal offenses;
  • Video surveillance (as permitted by law) is used to collect evidence of crime. They hereby serve the protection of customers and employees as well as the exercise of the house right; building security measures (such as access controls);
  • measures to prevent the unauthorized use of GLASSCON products;
  • measures for business management and further development of services and products

06. How long will my data be retained?

If necessary, we process and store your personal data at least for the period required by applicable law. The respective legal storage and documentation obligations serve the fulfillment of legal claims; they result from the Commercial Code (HGB), the Tax Code (AO), the Banking Act (KWG) or the Money Laundering Act (GwG).

However, the storage period is also judged by the statutory limitation periods, which, for example, after §§195 ff. of the Civil Code (BGB) can generally be 3 years, but in certain cases up to 30 years.

Longer retention periods are possible as far as operational needs (for example: proper administration of customer, supplier and personal data) or the compliance with official regulations require this.

For example, we at GLASSCON retain most customer data for the duration of the contract and for a period of 11 years after the end of the contract.

This is due to the 10-year limitation period pursuant to §199 paragraph 3 sentence 1 no. 1 and paragraph 4 BGB. For interested parties without subsequent contract conclusion, depending on the intensity of the contract initiation, a retention period of six to 14 months applies; in special cases up to 3 years (limitation of claims for damages due to culpa in contrahendo in accordance with § 311 paragraph 2 BGB i.V.m. § 195 BGB).

07. Who gets my data?

Within the company GLASSCON, those entities receive your data, which they need to fulfill our contractual and legal obligations. External processors (within the meaning of article 28 GDPR) employed by us may also receive data for these purposes. These are companies in the categories of credit-related services, IT services, logistics, printing services, telecommunications, debt collection, tax consultancy and sales and marketing.

With regard to the data transfer to recipients outside of GLASSCON, it should first be noted that we are bound to secrecy about all customer-related facts and valuations of which we become aware.

We may only disclose information about you if statutory provisions require it, if you have consented to it or if we are otherwise authorized to do so. Under these conditions, recipients of personal data may be, for example: tax authorities; social funds and authorities; employment agencies; bureaus; Schufa; other public entities and institutions.

08. Encryption of personal data (SSL- or TLS-encryption)

For security reasons and to protect the transmission of confidential content, our company homepage uses a transmission method based on the SSL protocol (Secure Sockets Layer) or on a TLS (Transport Layer Security) encryption.

These protocols allow encryption of all traffic between your browser and our servers. This protects your data during transmission against manipulation and unauthorized access by third parties as far as possible.

An encrypted connection is indicated by the browser’s address bar changing from “http: //” to “https: //” and by the lock icon in your browser bar. If SSL or TLS encryption is enabled, the data you submit to us can basically not be read by third parties

09. Special data protection advice on the use of data collection, analysis tools and advertising in our online offers

Our social media appearances are designed to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of article 6 (1) (a) GDPR).

09.1 Privacy policy for the use of so-called “cookies”

We have a legitimate interest in making our websites attractive and enabling the use of certain features, as well as making our offering more user-friendly, effective and secure. In order to optimize our web offers and continue to provide them technically error-free, we use cookies.

a) Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or in the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. Ruft ein Nutzer eine Website auf, so kann ein Cookie auf dem Betriebssystem des Nutzers gespeichert werden. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is reopened.

We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser be identified even after a page break.

b) Legal basis for data processing

The legal basis for the processing of personal data using cookies is article 6 (1) lit. F GDPR.

c) Purpose of the data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page break.

Among other things, we need cookies for the following applications:

aa) simplification of the login process (storage subdomain, if necessary username)
bb) if necessary assignment of a registration to a cooperation partner (affiliate)
cc) permanent storage of UI settings (here: preferred language)

The user data collected by technically necessary cookies will not be used to create user profiles. For these purposes, our legitimate interest in the processing of personal data pursuant to art. 6 paragraph 1 lit. f GDPR.

d) Duration of retention, objection and disposal

Cookies are stored on the computer of the user and transmitted by him to our site. Therefore, as a user, you have full control over the use of cookies.

So you have the option to allow or block the setting of cookies only for individual cases or to exclude them in general and to delete already set cookies. In such a case, we must point out that certain features on our website no longer work, or not properly or only partially. If needed you can deactivate the storage of cookies in the corresponding settings for “third party cookies” of your web browser. The settings can be found for the respective common browsers under the following links:

09.2 Data protection advice on the use of so-called “server log data”

a) Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected here:

(1) information about the browser type and version used
(2) the operating system of the user as well as the internet service provider of the user
(3) the IP address of the user; date and time of access
(4) websites from which the system of the user gets to our website
(5) websites that are accessed by the user’s system through our website

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection In the case of collecting the data for providing the website, this is the case when the respective session is completed.

b) Legal basis for data processing

The lawfulness of the processing (temporary storage of data and log files) is based – in order to safeguard our legitimate interest in improving the functionality and stability of our website – on art. 6 (1) lit. f GDPR.

c) Purpose of the data processing

The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user’s IP address must be kept for the duration of the session.

Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. For these purposes, we have our legitimate interest in the processing of data according to art. 6 paragraph 1 lit. f GDPR.

d) Contradiction and removal option

The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.

09.3 Data protection advice on the use of ZOHO

a) CRM system via: ZOHO CRM

On our website is a contact form available, which can be used for electronic contact:
https://www.glasscon.com/contact

If a user uses this possibility, the data entered in the input mask is transmitted to us and stored. At the time of sending the message, the following data is also saved: the IP address of the user and the date and time of the registration. For the processing of the data, your consent is obtained during the sending process and reference is made to this privacy policy.

Personal data that you have communicated to us through a contact request described above, but also via telephone, fax or in person, a newsletter subscription or direct business relationships, are processed and maintained by us using a customer relationship management system(in short “CRM system”).

In this connection we use the Customer Relationship Management System “ZOHO CRM”.

b) Order and send newsletters via: ZOHO Campaigns

We offer on our website the possibility of ordering a newsletter. For sending our newsletter we use the service “ZOHO Campaigns”.

The only requirement for sending the newsletter is your e-mail address. We save your e-mail address for the purpose of delivering the newsletter. The specification of further separately marked data and information is voluntary. They are used for the purpose of personal contact and / or personalization of the e-mail newsletter.

Registration for our newsletters takes place in a so-called “double opt-in procedure”. This means that after signing up you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with external e-mail addresses. By subscribing to our newsletter your data will be automatically transferred to our account at Zoho Campaigns; If necessary, we feed your data into Zoho Campaigns.

Registration for the newsletter will be logged in order to prove the registration process according to the legal requirements. This includes the storage of both the login and the confirmation time as well as the IP address.

It also logs the changes to your data stored in Zoho Campaigns. In addition, the newsletter sent via Zoho Campaigns contains a so-called counting pixel, also known as web beacon. With the help of this pixel we can evaluate, if and when you have read our newsletter and if you have followed the links in the newsletter. In addition to other technical data, such as the data of your computer system and your IP address, the data processed thereby are stored, so that we can optimize our newsletter offer and respond to the interests of our subscribers. The data will thus be used to increase the quality and attractiveness of our newsletter offer.

c) ZOHO Corporation B.V. as our contract partner

Both “ZOHO CRM” and “ZOH Campaigns” are services of “Zoho Corporation Pvt. Ltd “, located in: Chennai, Estancia IT Park, Plot No. 140 & 151, GST Road, Vallancherry Village, Chengalpattu Taluk, Kanchipuram District 603 202, INDIA (India);https://www.zoho.com/contactus.html

Our direct contractor is Zoho Corporation B.V. with headquarter in: Hoogoorddreef 15, 1101 BA Amsterdam, Netherlands, and therefore fully subject to European data protection law. Zoho Corporation B.V. stores data exclusively on servers in the EU. For technical support purposes, Zoho employees in India can access the data. The Indian subsidiary of Zoho has a corresponding data protection agreement according to European standards.

Zoho’s complete privacy policy can be found at https://www.zoho.com/privacy.html. Also, an overview of the data controllers in the Zoho Group can be found at: https://www.zoho.com/privacy/zoho-group.html

We have entered into a corresponding contract data processing (“DPA” or “Data Processing Agreement”) with Zoho Corporation.

d) Legal basis and purposes of the newsletter, contact form and e-mail contact

Legal basis for the data processing is in the presence of the consent of the user art. 6 paragraph 1 lit. a GDPR i.V.m. art. 7 GDPR. The legal basis for the data processing, which is transmitted by sending an e-mail, is article 6 (1) lit. f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is art. 6 para. 1 lit. b GDPR.

The processing of the personal data from the input mask serves us only to process the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data.

The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

e) Duration of storage

The personal data from the input form of the contact form and those sent by e-mail will be deleted when the respective conversation with the user has ended (this is the case after termination of the newsletter or revocation of your consent). The conversation ends when it can be inferred from the circumstances that the matter in question has been finally clarified. The additional personal data collected during the sending process will be deleted at the latest after a period of ninety days. After your cancellation or after the revocation of your consent, we store data purely statistically and anonymously.

f) Contradiction and removal option

The user has the opportunity to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he may object to the storage of his personal data at any time. In such a case, the conversation cannot continue. All personal data stored in the course of contacting will be deleted in this case.

You can also revoke your consent to the transmission of the newsletter at any time and unsubscribe from the newsletter (so-called opt-out). You can cancel the cancellation by clicking on the link provided in each newsletter or by sending an e-mail to info@glasscon.com.

The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.

09.4 Data protection advice on the use of YouTube

On our website we use the “Social Bookmark” of the social video portal YouTube, a subsidiary of Google LLC. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to YouTuber and no YouTube cookie will be placed on your computer. As soon as you click on the button without being logged in to YouTube, the following login window opens in a new window: https://www.youtube.com/user/TheGlasscon

At the same time YouTube places cookies on your hard drive. If you click the button as an already logged in YouTube user, YouTube can assign the visit to your YouTube account.

Information about GLASSCON GmbH via the social video portal YouTube is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.

Sites within Twitter are operated exclusively by the company “YouTube LLC“, located at: 901 Cherry Ave., San Bruno, CA 94066, California, USA. Which data YouTube collects on their pages is beyond our knowledge and sphere of influence. For general information, see the privacy policy of the parent company of YouTube, available at: https://policies.google.com/privacy?hl=en&gl=de

09.5 Data protection advice on the use of Instagram

On our website we use the “social bookmark” of the social network Instagram. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to Instagram and no Instagram cookie will be placed on your computer. As soon as you click on the button without being logged in to Instagram, the following login window opens in a new window: https://www.instagram.com/explore/tags/glasscon/

At the same time Instagram places cookies on your hard drive. If you click the button as an already logged in Instagram user, Instagram can assign the visit to your Instagram account.

Information about GLASSCON GmbH via the social network Instagram is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.

Sites within Instagram are operated exclusively by the company Instagram LLC, located at: 1601 Willow Road, Menlo Park, CA 94025, California, USA. Which data Instagram collects on their pages is beyond our knowledge and sphere of influence. For general advice, see the privacy policy of Instagram, available at: https://help.instagram.com/519522125107875?helpref=page_content

09.6 Data protection advice on the use of Facebook

On our website we use the “Social Bookmark” of the social network Facebook. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to Facebook and no Facebook cookie will be placed on your computer. As soon as you click on the button without being logged in to Facebook, the following login window opens in a new window: https://www.facebook.com/GlassconGmbH

At the same time Facebook places cookies on your hard drive. If you click the button as an already logged in Facebook user, Facebook can assign the visit to your Facebook account.

Information about GLASSCON GmbH via the social network Facebook is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.

Sites within Facebook are operated exclusively by the company “Facebook Inc.”, located at: 1601 S. California Ave, Palo Alto, CA 94304, California, USA. Which data Facebook collects on their pages is beyond our knowledge and sphere of influence. For general advice, see the privacy policy of Instagram, available at: https://www.facebook.com/about/privacy

09.7 Data protection advice on the use of Twitter

On our website we use the “Social Bookmark” of the online short message service Twitter. This is just a link and not a so-called “social plugin”. If you do not use the button, no information will be transmitted to Twitter and no Twitter cookie will be placed on your computer. As soon as you click on the button without being logged in to Twitter, the following login window opens in a new window:
https://twitter.com/glasscon

At the same time Twitter places cookies on your hard drive. If you click the button as an already logged in Twitter user, Twitter can assign the visit to your Twitter account.

Information about GLASSCON GmbH via the social network Twitter is made in the interest of an appealing presentation of our online offers. This constitutes a “legitimate interest” within the meaning of art. 6 (1) lit. f GDPR.

Sites within Twitter are operated exclusively by the company “Twitter Inc.“, located at: 1601 S. California Ave, Palo Alto, CA 94304, California, USA. Which data Twitter collects on their pages is beyond our knowledge and sphere of influence. For general advice, see the privacy policy of Instagram, available at: https://twitter.com/en/privacy#update

09.8 Data protection advice on the use of Google Analytics

We include functionality in our web analytics service “Google Analytics” provided by the US company “Google LLC” at: 1600 Amphitheater Parkway, Mountain View, CA 94043, California, USA.

Google Analytics processes the website usage data on our behalf and is contractually committed to taking measures to ensure the confidentiality of the processed data. During your visit to the Site, the following information is recorded, including:

Your IP address (in abbreviated form, so that no unique assignment is possible); called websites; Your approximate location (country and city respectively); technical information such as browsers, internet service providers, end devices; Source of origin of your visit (ie via which website or via which advertising material you came to our website).

The storage of this data is based on art. 6 para. 1 lit. f DS-GMO. The website operator has a legitimate interest in the anonymous analysis of user behavior in order to optimize both its website and its advertising.

Google Analytics stores the cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID that will allow you to be recognized during future website visits. These cookies contain a randomly generated user ID that will allow you to be recognized during future website visits. The recorded data is stored together with the randomly generated user ID, which allows the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form for an indefinite period.

You have the option to prevent the storage of cookies on your device by making the appropriate settings in your browser. However, there is no guarantee that you will be able to access all features of this website without restrictions if your browser does not allow cookies. Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google and used by Google; This is done by installing the browser add-on for disabling Google Analytics once: https://tools.google.com/dlpage/gaoptout?hl=en

Although Google LLC. undertakes not to disclose information to third parties under its own privacy policy, it makes certain exceptions. The data collected in this way may therefore be transferred to third parties if required by law in the USA or if third parties process the data on behalf of Google. In doing so, Google respects the privacy policy of the “EU-US Privacy Shield” agreement:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

The Privacy Policy of Google LLC. can be found here: http://www.google.com/policies/privacy/

There you will also find information about how to change your privacy settings, e.g. in your user account.

09.9 Data protection advice on the use of LinkedIn

We have a LinkedIn profile: https://www.linkedin.com/company/glasscon

Provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.

If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on how to handle your personal information, see the LinkedIn privacy statement: https://www.linkedin.com/legal/privacy-policy.

09.10 Data protection advice on the use of Pinterest

Within our online offer functions and contents of the service Pinterest can be integrated: https://www.pinterest.de/GLASSCONgmbh

This may include, for example, content such as images, videos, or text and buttons that users use to promote their content, subscribe to the content creators, or subscribe to our submissions. If the users are members of the platform Pinterest, Pinterest can assign the call of the abovementioned contents and functions to the profiles of the users there.

Provider is Pinterest Inc., located at, 635 High Street, Palo Alto, CA, 94301, United States. Pinterest is certified under the EU-US Privacy Shield. Pinterest uses advertising cookies.

Privacy Policy of Pinterest: https://policy.pinterest.com/en/privacy-policy

Pinterest processes the data as part of Pinterest’s Data Usage Policy: https://policy.pinterest.com/en/ad-data-terms

You may also object to the use of cookies used for metering and promotional purposes through the opt-out page of the Network Advertising Initiative (http://optout.networkadvertising.org/).

09.11 Other links to external providers

Insofar as links are made to websites of other providers, this privacy policy also does not apply to their content. Which data may be collected by the operators of the external websites is beyond the knowledge and influence of GLASSCON. You may receive information in the privacy policy of the respective websites.

10. Privacy protection for applications and in the application progress

We collect and process personal data of applicants for the purpose of proceeding with the application process.

The processing can also be done electronically. This is particularly the case if an applicant submits the corresponding application documents to us electronically, for example by e-mail. To this end, we reserve the right to offer on our website the possibility to send an application by e-mail (career@glasscon.com) to us via a click of a corresponding e-mail address listed there.

If there is a contract of employment with an applicant, we store the data transmitted to us for the purpose of processing the employment relationship in accordance with the legal regulations.

However, if no contract of employment is concluded with the applicant, the application documents will be automatically deleted seven months after notification of the rejection decision, unless we claim any other legitimate interests in deletion. Another legitimate interest in this sense is, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).

11. Rights of the data subject (art. 12 ff. GDPR)

Your rights as a “data subject” are fully guaranteed by GLASSCON. With regard to your stored personal data, you are entitled to the following listed rights that you can assert against us.

To exercise these rights, please refer to the following chapter (“Exercise of the rights of the affected person”).

a) Right to information (art. 15 GDPR)

In principle, you have the right to request confirmation from us as to whether personal data relating to you is being processed. However, this right to information is subject to certain restrictions under § 34 BDSG.

b) Right to rectification (art. 16 GDPR)

If, in your opinion, your personal information is incorrect or incomplete, you may request that such information be changed accordingly.

c) Right to delete (art. 17 GDPR)

You may request that your personal information be (immediately) deleted, to the extent permitted by applicable law. Restrictions are provided for in § 35 BDSG.

d) Right of restriction of processing (art. 18 GDPR)

Each data subject is entitled to a restriction of the processing of his data (under the further requirements of art. 18 paragraph 1 of the GDPR).

e) Right of data transferability (art. 20 GDPR)

As far as legally possible, you can have the personal data provided to us reclaimed or have it transmitted to a third party, if this is technically feasible.

f) Right of withdrawal (art. 7 paragraph 3 GDPR)

You have the right to revoke your consent to data collection at any time. This right applies with effect for the future; the data collected up to the legal force of the revocation remain unaffected.

g) Right to object (art. 21 GDPR)

aa) Individual right of objection

You have the right at any time, for reasons arising from your particular situation, to object against the processing of personal data concerning you, e.g. based on art. 6 para. 1 lit. f GDPR (“data processing on the basis of a balance of interests”; this also applies to a profiling based on this provision (in the sense of article 4 No. 4 GDPR), which we use, for example, for advertising purposes.

If you object, we will no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, pursuing or defending legal claims. This also applies to profiling based on these provisions.

bb) Right to object against the data processing for direct marketing purposes

In individual cases, we process your personal data in order to operate direct marketing. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising or market and opinion research; this also applies to profiling insofar as it is associated with such direct marketing.

If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes; for this purpose, the data must then be blocked.

h) Right to complain to a data protection supervisory authority (art. 77 GDPR in connection with § 19 BDSG)

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of its place of residence, employment or the place of the alleged infringement, if you believe that the processing of the personal data concerning you is against the GDPR violates.

The addresses of the respective supervisory authorities can be found in the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

The supervisory authority responsible for us is:

The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1, 65189 Wiesbaden
tel: 0611 – 1408 0
Fax: 0611 – 1408 611
Mail: poststelle@datenschutz.hessen.de
Web: https://datenschutz.hessen.de/impressum

12. Exercise of the rights of the data subject

To claim your rights listed in No. 11, please contact us in writing or by e-mail:

GLASSCON GmbH
Mergenthalerallee 77
D-65760 Eschborn (near Frankfurt am Main)
Germany
Mail: info@glasscon.com

Please understand that we may have to verify your identity before any information. Please enclose a (scanned) copy of your identity card (front and back) or of a corresponding official ID or passport.

13. Other

This Privacy Policy is amended from time to time against the background of ongoing European-wide harmonization of data protection law and the further development of our web content. The date of the last update can be found at the beginning of this statement. The current version is always available online, you can find it under the following link:
https://de.glasscon.com/datenschutz