Last updated on: April 12th 2019
Registration court: Amtsgericht Charlottenburg (Berlin, Germany)
Registration number: HRB 167185 B
Authorized Managing Directors and those responsible for content
Dr. Marco Neuhaus
Data Protection Officer
You can reach our data protection officer at:
Data Protection Officer
Types of data processed
Elinvar processes inventory data (e.g. names, addresses), contact data (e.g. e-mail), usage data (e.g. websites visited, access times), metadata (e.g. IP addresses) and employee information (e.g. photos, names, positions) within the scope of this website.
Processing of special categories of data (Art. 9 para. 1 GDPR)
Elinvar does not process any special categories of data within the scope of this website.
Categories of individuals affected by the processing operation
Within the scope of this website, Elinvar processes data from visitors and interested parties, hereinafter collectively referred to as “users”, as well as from employees.
Purpose of processing
Within the scope of this website, Elinvar processes personal data in accordance with the provisions of the European Data Protection Regulation (GDPR) for the purpose of providing the website and related content and functions, for the purpose of advertising, marketing and market research, for communication with users, for answering contact enquiries and within the framework of security measures (IT security). Elinvar processes personal data only if legally permitted to do so and in compliance with the relevant data protection regulations. Accordingly, personal data will only be processed if this is necessary or legally required, in particular
- for the provision of contractual services (order processing)
- for the provision of online services
- in the case of user consent
- and in the legitimate interest of Elinvar.
The personal data processed by Elinvar are subject to the following legal principles in accordance with Art. 13 GDPR:
- Art. 6 para. 1 lit. a. GDPR for consents
- Art. 6 para. 1 lit. b. DSCGO for the processing for the fulfilment of the services rendered by us and the implementation of contractual measures
- Art. 6 para. 1 lit. c. GDPR for processing for the fulfilment of our legal obligations
- Art. 6 para. 1 lit. d. GDPR for processing for the purpose of fulfilling the vital interests of the data subject or another natural person
- Art. 6. para. 1 lit. f. GDPR for processing to safeguard our legitimate interests
Subject of data protection
Subject of data protection are personal data in the sense of the. Art. 4 of the General Data Protection Regulation (GDPR), i.e. all information relating to an identified or identifiable natural person (hereinafter referred to as the data subject). An identifiable natural person is one who can be identified directly or indirectly, by assigning an identifier, via the data required for the transaction. This includes, for example, your name, your address, your telephone number, your e-mail address and other data required for business transactions. Data that cannot be associated with your person are not included.
In accordance with Art. 32 GDPR, Elinvar shall take appropriate technical, organisational and contractual measures to ensure processing, taking into account the state of the art as well as the type, scope, circumstance, purpose of processing and implementation costs, in order to protect the user’s personal data against unintentional or unlawful manipulation, destruction, deletion, loss and against unauthorised access or disclosure.
Security measures include, in particular, ensuring the confidentiality, integrity and availability of data through physical access and logical access controls as well as other controls relating to the input, transmission, security, availability and separation of personal data. This also includes the encrypted transmission of data between your browser and our server.
Elinvar also has procedures in place to respond to data breaches, data deletion, and the exercise of data subjects’ rights.
Disclosure of data to third parties and third-party providers
Elinvar will only pass on data within the framework of the legal requirements on the basis of Art. 6 Para. 1 lit. b. GDPR (contract purposes), in accordance with Art. 6 Para. 1 lit. f. GDPR (legitimate interest), on the basis of a consent given by you or if a legal obligation provides for this.
The following services of third parties are used within the scope of this website:
All external service providers are carefully selected by us and checked for compliance with the contractual requirements and thus also the provisions of the GDPR. All external service providers are obliged to treat the information in accordance with this data protection declaration or the applicable data protection regulations. They are contractually obliged to comply with data protection regulations and are not regarded as third parties in the sense of data protection law. Inclusion in data processing is then based on an agreement on order processing pursuant to Art. 28 GDPR. Personal data will not be passed on or sold.
Transfers to third countries
A data transfer to places in states outside the European Union (so-called third countries) in the context of a processing (e.g. by using the services of third parties) or a disclosure or transfer of data to third parties only takes place to fulfill our (pre)contractual obligations, due to a statutory provision or according to your consent. Here the requirements of Art. 44 ff. GDPR with regard to the requirement of guarantees for compliance with a data protection level corresponding to the EU on the basis of international agreements (e.g. EU-US Privacy Shield) or EU standard contract clauses.
Collection and storage of personal data
Your personal data will only be collected if you provide it to us on request for specific purposes – e.g. to answer enquiries. Personal data that you voluntarily provide to us when using electronic forms, such as contact forms, or by e-mail, is only collected, processed and used for the purpose for which it was provided, such as registering for personalized services, responding to inquiries, technical administration or processing a contractual relationship. Your personal data will always be treated confidentially and will only be stored until the purpose for which it was provided has been fulfilled or the legal obligation to retain it has expired. The personal data is used to provide services. If you have explicitly agreed to this, you will also receive product information.
If you contact us by e-mail or contact form, your details will be processed in accordance with Art. 6 para. 1 lit. b. GDPR for the treatment and processing of the contact inquiry. The requests will be deleted if they are no longer necessary. They are checked once a year.
Collection of access data
On the basis of the legitimate interest of Elinvar within the meaning of Article 6(1)(f) GDPR, data on access to the server is collected via so-called server log files. The data collected includes the name of your Internet service provider and an IP address assigned by this provider, the website from which you visit us, the web pages you visit on our site, the files accessed, the browser used, the operating system used and the date and time of your visit. The access data is stored in order to ensure the functionality of our Internet offer. This information is used to optimize the website and to ensure the security of our IT systems and services. An evaluation for marketing purposes does not take place in this context.
For security reasons, the server log files and the information contained therein are stored for a period of 30 days and then deleted. If certain server log files are necessary for the clarification of fraud or abuse actions or for evidence purposes, they are stored until the final clarification of the respective incident and then deleted.
We cooperate with business partners who support us in making the website more interesting for you. This means that when you visit our website, cookies from these partner companies are also stored on your hard drive. The cookies stored in this way are automatically deleted after the given date.
You have the option of controlling the storage of cookies on your computer by making the appropriate settings in your web browser, i.e. you can prevent it from accepting new cookies, be notified when you receive a new cookie, or deactivate all cookies received. Please note, however, that in this case you may only be able to use our website to a limited extent or not at all. If you only want to accept our own cookies, but not the cookies of our service providers and partners, select the appropriate setting in your browser.
- Deactivation page of the network advertising initiative (http://optout.networkadvertising.org/)
- Deactivation page for US websites (http://www.aboutads.info/choices)
- Deactivation page for European websites (http://www.youronlinechoices.com/uk/your-ad-choices/)
Reach analysis with Matomo (formerly PIWIK)
Furthermore, by clicking on the link below, users have the possibility to object to the anonymous data collection by the Matomo program at any time with effect for the future. If a user clicks on the link below and objects, a so-called opt-out cookie is stored in the browser, which ensures that Matomo no longer collects any session data. If, however, the user deletes the cookies in his browser, the opt-out cookie is also deleted in this context, so that the user must activate it again via the link.
On our websites you will find links which refer to pages of third parties. We have no influence whatsoever on the design and content of websites operated by third parties. For this reason, our assurances given to you do not apply to them.
Furthermore, we link from our website to the Elinvar pages of Twitter, Facebook and LinkedIn. The operators of the respective services are responsible for the collection, storage and processing of personal data. We refer to their respective data protection declarations. Elinvar will only process user data if users communicate with Elinvar within social networks in the form of posts or messages.
Integration of third-party services and content
It may happen that on the basis of our legitimate interests (including optimization and analysis of the online offer in terms of Art. 6 para. 1 lit. f. GDPR), within this online offer, we integrate content from third parties, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites. This always presupposes that the providers of this content (hereinafter referred to as “”third-party providers””) perceive the IP address of the users. Without the IP address, they would not be able to send the content to the user’s browser. The IP address is therefore required for the presentation of this content. We make every effort to only use content whose respective providers merely use the IP address to deliver the content. However, we have no influence on this if the third party provider stores the IP address, e.g. for statistical purposes. As far as this is known to us, we inform the users about it.
- On our website we use Recruitee, a recruiting service of Recruitee B.V., Johan Huizingalaan 763A, 1066VH, Amsterdam (“Recruitee”).
o Information on security and data protection: https://recruitee.com/pricing#security-and-privacy
o You can contact us directly via the application form provided on the website. You have the opportunity to provide us with the following information:
First name and surname
Link to your profiles in social networks (LinkedIn) and the application portal (Indeed) We collect, process and use the information provided by you via the application form exclusively for the processing of your specific request. The information you provide will be transferred by Recruitee to EU servers and stored there.
We use various social networks and platforms to communicate with users and interested parties and to provide information about our range of services on the basis of our legitimate interest in modern and effective information and communication pursuant to Art. 6 Para. 1 lit. f GDPR. In the event that the operator of a social network or platform obtains consent for such data processing, this shall be done on the basis of Art. 6 para. 1 lit. a DSGVO. In this context, personal data may also be processed outside the European Union. With regard to the services we use from providers domiciled in the USA, we ensure that there is a certification in accordance with EU-US Privacy Shield or processing in accordance with EU standard contract clauses.
During this use, user data is also processed for market research and advertising purposes, from which statements on user behavior and user profiles are generated. On the basis of these user profiles, advertisements can be placed within or outside social networks and platforms. Cookies from network and platform operators are generally used for this purpose. The following social networks and platforms are currently used by us:
- Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA or for EU citizens Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Ireland on the basis of a Joint Controller Agreement. (Joint Controller Agreement)
- LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA
- XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland
In case of requests for information as well as the assertion of your user rights, it is best to contact the respective provider directly due to the data storage by the providers and their access to the data. We have documented the necessary links to the data protection declarations of the providers above.
Protection for minors
Right of information, revocation and deletion
Pursuant to Art. 15 GDPR, as an affected party you have the right at any time to request free information on the personal data stored by us, its origin and recipient as well as the purpose of the data processing.
In addition, you have the right to have personal data corrected (pursuant to Art. 16 GDPR), blocked (pursuant to Art. 18 GDPR) and deleted (pursuant to Art. 17 GDPR) and, if applicable, to have data portability (pursuant to Art. 20 GDPR). Furthermore, you have the right to file a complaint (pursuant to Art. 77 GDPR) with the responsible supervisory authority if unlawful data processing is assumed. Please send a corresponding request or a request for correction, blocking, deletion or data portability of your personal data stored by us via e-mail to firstname.lastname@example.org. Alternatively, please state in the subject line: “Data deletion” or “Data blocking” or “”Data correction”” or “Data portability”. We will arrange for the deletion or blocking of your data or make the necessary corrections or data portability as far as legally possible.
You also have the right to revoke your consent, in principle with effect for the future, pursuant to Art. 7 para. 3 GDPR. Please send a corresponding request or a request for revocation by e-mail to email@example.com. As an alternative, please state “Revocation” in the subject line.
Furthermore, you may object to future processing of your personal data in accordance with Art. 21 GDPR at any time. To do so, it is sufficient to send us an according e-mail to firstname.lastname@example.org.
The stored personal data will be deleted if there are no legal obligations to retain the data or if the personal data is no longer required for its intended use in accordance with Art. 17 GDPR. If there is a legally permissible reason for the further storage of the personal data, Elinvar will restrict its processing in accordance with Art. 18 GDPR, in which this data is blocked and no longer processed for other purposes. This applies in particular to data which must be stored for tax and commercial reasons.
The duration of the storage of personal data depends on the respective legal requirements. According to § 257 para. 1 HGB (German Commercial Code) (including commercial books, annual financial statements and commercial letters) the data must be kept for 6 years and according to § 147 para. 1 AO (including records, books and commercial and business letters) the data must be kept for 10 years.
If you have any questions about the collection, processing and use of your personal data, about data protection in general or in the event of complaints, please contact our data protection officer, who is also available to you in the event of complaints at email@example.com
We will endeavor to answer your questions as quickly as possible.
Subject to change
We therefore ask you to observe the current version of this data protection declaration and to inform yourself regularly about the content of the data protection declaration.
A printout or a storage of the data protection regulations is possible at any time.