Privacy Policy of Bochumer Fleisch GmbH & Co KG

1. Introduction

We are very pleased about your interest in our company.

Personal data is any information that relates to an identified or identifiable person. Even pseudonymous data that we cannot assign to you directly, e.g. via a name or an e-mail address, is personal data.

Since the protection of your personal data is very important to us, we inform you in this privacy policy about the nature, scope, purpose of the personal data processed by us and the rights as a data subject.

At the end of the privacy policy, you will find under the item definitions the various explanations of the terminology.

Responsible for the processing of personal data is:

Bochumer Fleisch GmbH & Co KG
Freudenbergstraße 45K
44809 Bochum
Telefon +49 (0) 2 34 / 52 90 40
Telefax +49 (0) 2 34 / 52 90 42 8
E-Mail: info@bochumer-fleisch.de

The external company data protection officer is:

dokuworks GmbH

Mr. Markus Weber
Birlenbacher Str. 20
57078 Siegen

Phone: +49 271 77237-60
Email: datenschutz@doku.works

If you have any questions or suggestions on the subject of data protection, please feel free to contact us as the person responsible or our data protection officer at any time.

2. Data Subject Rights

You may assert the following rights with respect to your personal data against us:

• Right to information (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR) or deletion (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing (Art. 21 GDPR)

If you submit a request for information to us, we will inform you whether and which data we have collected from you in accordance with data protection law. It is our endeavor to always ensure an up-to-date and error-free data collection. If, however, incorrect information has been recorded, we will correct it immediately following a corresponding request.

To do this, please send us a request to: info@willms-fleisch.de

In addition to exercising your rights against us, you also have the right to file a complaint with a supervisory authority if you suspect a breach of data protection law (Art. 77 DSGVO).

3. Data Protection Notice for Business Partners

We are pleased that you are interested in Willms Fleisch GmbH and that you are contacting us.

The protection of your data is very important to us. With the data protection notice, we provide you with the following information in accordance with Art. 13 DSGVO on the processing of your personal data in connection with our business relationship.

Further information about our company, details of the persons authorized to represent us and further contact options can be found at www.willms-fleisch.de/impressum/.

What data do we process and for what purposes?

We only process personal data that we have received from you or, if applicable, from publicly accessible sources in the course of our business relationship.

Personal data in the sense of Art. 4 No. 1 DSGVO can be: Names, telecommunication data and address data. In addition, we also process offer, inquiry and order data, data from the fulfillment of our contractual obligations, product data, documentation data, as well as other data comparable with the aforementioned categories.

The provision of your personal data is necessary for the initiation, implementation and processing of the contractual relationship. If it is not provided, it is unfortunately not possible for us to contact you to clarify the pre-contractual or contractual issues.

On what legal basis is the processing of your personal data based?

Your personal data is processed in accordance with the legal provisions of the DSGVO and the Federal Data Protection Act for the fulfillment of contractual obligations or for measures to initiate contracts (Art. 6 para. 1 p. 1 lit. b DSGVO). Furthermore, we may use this data for additional purposes within the scope of our business relationship.

How long is the data stored?

We process and store your personal data for the duration of our business relationship and at least in accordance with the statutory retention periods such as the German Commercial Code or the German Fiscal Code.

To whom is the data passed on and where is it processed?

We use the personal data only for our own purposes in the course of the business relationship. We would like to point out that we generally assume that our e-mail correspondence is business-related and therefore forward e-mails to your representatives in the absence of employees for better service.

4. Applicant Management

The controller collects and processes the personal data of applicants for the purpose of managing the application process. The processing may also be carried out electronically. This is the case, in particular, if an applicant submits relevant application documents to the controller by electronic means, for example, by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.

The legal basis for this processing is Section 26 (1) sentence 1 BDSG in conjunction with Article 88 (1) GDPR.

If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted six months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act.

In this case, the legal basis is Art. 6 Para. 1 lit. f GDPR and § 24 Para. 1 No. 2 BDSG. Our legitimate interest lies in the legal defense or enforcement.

If you expressly consent to a longer storage of your data, e.g. for your inclusion in a database of applicants or interested parties, the data will be processed on the basis of your consent. The legal basis is then Art. 6 para. 1 lit. a GDPR. However, you can of course revoke your consent at any time in accordance with Art. 7 (3) GDPR by declaration to us with effect for the future.

5. Data Protection when Visiting our Website

Nature and Purpose of Processing:

When you access our website, i.e., when you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like.

In particular, they are processed for the following Purposes:

• Ensuring a smooth connection setup of the website,
• Ensuring a smooth use of our website,
• evaluating system security and stability, and
• to optimize our website.

We do not use your data to draw conclusions about you personally. Information of this kind is statistically evaluated by us anonymously, if necessary, in order to optimize our website and the technology behind it.

Legal Basis and legitimate Interest:

The processing is carried out in accordance with Art. 6 (1) lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

Recipients:

Recipients of the data may be technical service providers who act as order processors for the operation and maintenance of our website.

Storage Period:

The data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for data used to provide the website, when the respective session has ended.

In the case of storage of data in log files, this is the case after 14 days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are anonymized, so that an assignment of the calling client is no longer possible.

Provision prescribed or required:

The provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website is not guaranteed. In addition, individual services and services may not be available or may be limited. For this reason, an objection is excluded.

6. Hosting

We host the contents of our website with the following provider:

Host Europe GmbH
c/o WeWork
Friesenplatz 4
50672 Cologne
Germany

by phone: +49 221 99999 301 
by telefax: +49 221 99999 350
by E-Mail: info@hosteurope.de

For details, please refer to the provider's privacy policy:

https://www.hosteurope.de/en/terms-and-conditions/privacy/

The use of provider is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the most reliable presentation of our website. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TDDDG. The consent can be revoked at any time.

7. Use of Analysis Tools, Tracking Tools and Cookies.

Cookies are small text files that are placed on your device and collect data that can later be read by a web server of the domain that placed the cookie.

Cookies and similar technologies are used on our website to provide a more user-friendly service to users of this website, to analyze the performance of our products and to fulfill other legitimate purposes.

The data subject can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

The following types of cookies can be distinguished:

7.1 Technically necessary Cookies

Technically necessary cookies are those that secure basic functions of the website and thus enable its operation. This is merely a matter of technical necessity, not economic aspects.

The legal basis is our legitimate interest in providing a functional website according to Art. 6 para. 1 lit. f GDPR or the fulfillment of a legal obligation according to Art. 6 para. 1 lit. c GDPR.

For the aforementioned purposes, we use the services of third parties listed below, who are responsible for the data processing taking place via their respective service in accordance with Art. 4 (7) GDPR. Further information on data processing by these providers and your rights as a data subject can be found in the privacy statements of the providers linked below:

• Google Fonts (local hosting) (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
  https://policies.google.com/privacy   

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must establish a connection to our server. Your data is not passed on to Google in this way. The use of Google Web Fonts is in the legitimate interest of a uniform and appealing presentation of our online offers within the meaning of Art. 6 (1) lit. f GDPR.

If your browser does not support web fonts, a standard font will be loaded from your computer.

7.2 Statistics Cookies, Marketing Cookies and Functional Cookies

Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

Marketing cookies store user information regarding the website visited. This data is used, for example, to display advertisements tailored to the user's interests, to optimize offers, to recognize the user or to simplify website use.

Functional cookies make it possible to increase the user-friendliness of the website by storing personal data such as location or form data. In particular, improved and personalized functions can be provided.

The legal basis is your consent pursuant to Art. 6 para. 1 lit. a GDPR.

For the aforementioned purposes, we use the services of the third parties listed below, who are responsible for the data processing that takes place via their respective service in accordance with Art. 4 para. 7 GDPR. Further information on data processing by these providers and your rights as a data subject can be found in the providers' privacy policies linked below:

• Google API (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland)

https://www.google.com/policies/privacy/

• Cloudflare (Cloudflare Inc. 101 Townsend St., San Francisco, CA 94107, USA)

https://www.cloudflare.com/de-de/privacypolicy/

8. Use of Social Media Profiles

We access the technical platform and services of the respective social media providers to display our content on a social media profile.

As the operator of the social media profile, we, Willms Fleisch GmbH, are jointly responsible with the operator of the social network within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When you visit our social media profile, personal data is processed by the controller. In the following, we will inform you about what data is involved, how it is processed and what rights you have in this regard.

Please note that you use this website and its functions under your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating, etc.). We may take your comments and ratings as an opportunity to respond to them with our own comments. For this purpose, we make use of our legitimate interest in interacting with active users of our profile (Art. 6 para. 1 lit. f GDPR).

If you have questions of any kind, you have the option of contacting us via personal messages. Your user name may be automatically communicated to us. Further information can be provided voluntarily, in particular options for contacting us outside of social media. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent. The personal data processed by us for the purpose of contacting you will be automatically deleted after your request has been dealt with, unless statutory retention obligations prevent this (e.g. because a contractual relationship has been established between us on the basis of your request).

When you visit our social media profile, the provider collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide us, as the operator of the social media profile, with statistical information about the use of the website.

The data collected about you in this context is processed by the providers and may be transferred to countries outside the European Union. What information the provider receives and how it is used is described by the provider in general terms in its data usage guidelines. There you will also find information on how to contact the provider and on the settings options for advertisements.

The way in which the providers use the data from visits to social media profiles for their own purposes, the extent to which activities on the websites are assigned to individual users, how long this data is stored and whether data is passed on to third parties is not conclusively and clearly stated by the social media provider and is not known to us. When you access a social media profile, the IP address assigned to your end device is transmitted to the provider. It may be possible for the provider to assign IP addresses to individual users. If you are currently logged in to a social media provider as a user, a cookie with your identifier is stored on your device.

This enables the provider to track that you have visited this page and how you have used it. If you wish to avoid this, you should log out of the respective social media provider or deactivate the “stay logged in” function, delete the cookies on your device and close and restart your browser.

Further information on the rights to which you are entitled as a data subject under the GDPR can be found under point 2 Data Subject Rights.

The provider provides further information on this under the following link

• LinkedIn (LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland)

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_join-form-privacy-policy

8. Contact

If you contact us (e.g. via contact form, chat or e-mail), we process your data to process the request and in the event that follow-up questions arise.

If the data processing is carried out for the implementation of pre-contractual measures, which are carried out on your request, or, if you are already our customer, for the implementation of the contract, the legal basis for this data processing is Art. 6 para. 1 p. 1 lit. b GDPR.

9. Storage Period

Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued. In some cases, the legislator provides for the retention of personal data, such as in tax or commercial law. In these cases, we only continue to store the data for these legal purposes, but do not process it in any other way and delete it after the legal retention period has expired.

10. Definitions

The data protection declaration is based on the terms used by the European Directive and Ordinance Maker when issuing the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject

Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

Processing

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

Profiling

Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Controller or person responsible for the processing

The controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

Processor

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient

Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.

Third Party

Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

Consent

Consent shall mean any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner, in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.

11. Transfer of Data to Third Parties

We do not transfer your personal data to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if:

• you have given your express consent to do so in accordance with Art. 6 (1) p. 1 lit. a GDPR,
• the disclosure is required under Art. 6 (1) p. 1 lit. f GDPR for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
• in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) p. 1 lit. c GDPR, as well as
• this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b GDPR for the processing of contractual relationships with you.

12. Data Security

We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities.

Your personal data is transmitted encrypted with us. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but we would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

13. Topicality and Change of this Data Protection Explanation

This data protection declaration is currently valid and has the status July 2024. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.