Data protection

The operators of these website pages take the protection of your personal data very seriously. We treat your personal data confidentially, in accordance with legal data protection regulations and this privacy policy.

The use of our website is usually possible without providing personal data. As far as personal data (e.g. names, addresses or e-mail addresses) is collected on our pages, this is always done on a voluntary basis, as far as possible. This data will not be passed on to third parties without your express consent.

We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.

 

Responsibility

Entity responsible within the meaning of the General Data Protection Regulation (GDPR):

HEIN, LEHMANN GmbH
Alte Untergath 40
47805 Krefeld, Germany
info@heinlehmann.com

 

Legal basis for data processing

Insofar as we obtain your consent for the processing of your personal data, Art. 6 (1) (a) of the General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which you are a party, Art. 6 (1) (b) of the GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which HEIN, LEHMANN GmbH is subject, Art. 6 (1) (c) of the GDPR serves as the legal basis.

If it is necessary to process personal data in order to safeguard the legitimate interests of HEIN, LEHMANN GmbH, Art. 6 (1) (f) of the GDPR serves as the legal basis.

 

Data erasure / storage duration

Your personal data will be deleted as soon as the purpose for which it was stored no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU ordinances, laws or other regulations to which HEIN, LEHMANN GmbH is subject. Data is also deleted when a storage period, prescribed by the aforementioned standards, expires unless there is a need for further storage of the data for the conclusion or performance of a contract.

 

Creation of log files

Every time you access the website pages of HEIN, LEHMANN GmbH, temporary information transmitted by your browser is automatically stored. In the log file created, the browser type/version, operating system used, name and URL of the file accessed, reference URL (the page visited previously), host name of the accessing computer (IP address) as well as the date and time of the server request are recorded. This data is not merged with any other data sources. The storage and processing of this data serves exclusively for system security and the optimisation of the Internet offering. The legal basis for this is Art. 6 (1) (f) of the GDPR.

 

Cookies

We also use so-called cookies for data collection and storage. Cookies are data packages that your browser stores in your terminal device at our instigation. They do not cause any damage. They contain no executable code and therefore no viruses and do not allow us to spy on you. There are two types of cookies: temporary, so-called session cookies and persistent cookies.

Session cookies are automatically deleted when you close your browser. They store a so-called session ID, with which various requests from your browser can be assigned to the common session. This allows your computer to be recognised when you return to our website. The use of session cookies is necessary for us to be able to provide you with the website. The legal basis for the processing of your personal data using session cookies is Art. 6 (1) (f) of the GDPR. You can object to the use of session cookies but please note that without cookies some functions on our website cannot be provided.

Persistent cookies are automatically deleted after a specified period of time, which may vary depending upon the cookie. You can delete cookies in the security settings of your browser at any time. With the help of cookies, we are able to track your usage behaviour and thus improve our service to you. Cookies are also intended to enable you to browse our website more efficiently. Persistent cookies can be differentiated according to whether they are technically necessary or not. If the technical necessity is affirmed in individual cases, they are also based on Art. 6 (1) (f) of the GDPR. The use of technically unnecessary cookies takes place with your consent. The cookies, which are based on your consent, are only set if you have actively given them. The legal basis for data processing is Art. 6 (1) (a) of the GDPR. You may revoke your consent at any time. Revocation of consent does not affect the lawfulness of the processing carried out on the basis of consent until revocation. You can set your Internet browser so that our cookies cannot be stored on your terminal device or that cookies already stored are deleted. If you do not accept cookies, this may lead to restrictions on how our website pages function.

The following cookies are used on our website: 

Technisch erforderliche Cookies:

NameProviderProcedurePurpose
cookieconsent_notrack 1 yearStorage of the user's decision within the cookie banner
cookieconsent_dismissed 1 yearStorage of the user's decision within the cookie banner

 

Cookies requiring consent:

NameProviderProcedurePurpose
_pk_sesMatomo30 minutesStatistical evaluation of visitor access
_pk_idMatomo13 monthsTransfer of specific personal data (e.g. unique visitor ID)

 

Cookies which will be set after declining the tracking:

NameProviderProcedurePurpose
piwik_ignoreMatomo1 yearInformation storage of tracking deactivation (note: this cookie does not store nor send any personal data)

 

With your consent, we also integrate cookies from third parties. In this case, the corresponding data packages from third parties are stored in your browser or transmitted to them. You can also generally prevent the use of third-party cookies by adjusting your browser settings accordingly. The legal basis for processing your personal data using third-party cookies is Art. 6 (1) (a) of the GDPR. In this case, you may also revoke your consent at any time. Revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

If you have agreed to using consent requiring cookies, you can revoke them later by using this link.

 

Use of Matomo

Our website uses the web analysis service Matomo from InnoCraft Ltd. from New Zealand. Matomo is an open source software for statistical evaluation of visitor access. Cookies are used for this. The information generated by the cookies about your use of the website is collected, stored and processed on our server in Germany and is not transmitted to third parties. The IP address is automatically anonymized by making parts of the IP address unrecognizable.

The legal basis for data processing using Matomo cookies is your consent in accordance with Art. 6 Para. 1 lit. a) GDPR. You can withdraw your consent at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. Your other existing rights can be found in the point "Rights of the data subject" below.

More information about InnoCraft Ltd. and Matomo can be found on the website https://www.innocraft.com/#aboutus.

 

Making contact

HEIN, LEHMANN GmbH offers you the opportunity to use the website to obtain information or contact us with respect to various questions concerning HEIN, LEHMANN GmbH. You have the option of contacting HEIN, LEHMANN GmbH via the contact form, by calling, or arranging a callback. In the course of contacting us, data such as your name, e-mail address and telephone number are recorded. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored. Without the provision of this data, we cannot process your request.

This data is processed within the framework of pre-contractual measures required to provide the service offered, in accordance with Art. 6 (1) (b) of the GDPR. If the contact does not involve either your own pre-contractual measure or a contract that you yourself have already concluded with HEIN, LEHMANN GmbH, then we will process your personal data on the basis of Art. 6 (1) (f) of the GDPR within the scope of our justified interest in processing your request via this channel. The data will then be deleted unless the data is still required for the performance of a contract or pre-contractual measures. Insofar as HEIN, LEHMANN GmbH is obliged to archive your personal data due to legal obligations, for example, compliance with the storage obligations in accordance with the German Commercial Code (HGB) and the German Fiscal Code (AO), such data will be blocked with respect to further processing. Once the storage periods have expired, the data will be deleted without any problems and in accordance with data protection regulations.

Your existing rights in relation to us can be viewed in the “Rights of the data subject” section below in the general principles of data processing.

Involvement of other members of the group of companies.

Insofar as the enquiry relates to the activities of subsidiaries, associated or managing companies of HEIN, LEHMANN GmbH and this is necessary for efficient processing of the enquiry, your data may be passed to the company concerned. The legal basis for this is Art. 6 (1) (f) of the GDPR in conjunction with recital 48, as we have a legitimate interest in the transfer for internal administrative purposes.

 

Application

You can apply for an advertised position on our site. For this purpose, we will need your personal data such as your name, date of birth, address, qualifications, e-mail address and telephone number. We require this data to carry out the application process. This data will be processed for the purposes of the employment relationship in accordance with section 26 (1) of the German Federal Data Protection Act (BDSG). At the end of the application process, the data will be deleted with a period of notice of six months, unless the data is still needed to carry out the employment relationship.

 

SSL Encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser address bar.

If SSL encryption is activated, the data you send to us cannot be read by third parties.

 

Categories of recipients

In addition to the categories of recipients mentioned in other sections of this document, we share personal information with processors contracted by us.

 

Rights of the data subject

If personal data is processed about you, you are the data subject in the sense of the GDPR and you are entitled to the rights described below.

You may request information in accordance with Art. 15 of the GDPR about your personal data that is processed by us. In your request for information, you should be specific in order to make it easier for us to compile the necessary data.

If the information concerning you is not (or is no longer) correct, you may request a correction in accordance with Art. 16 of the GDPR. If your data is incomplete, you may request that it be completed.

You can request the deletion of your personal data under the conditions of Art. 17 of the GDPR.

As part of the provisions of Art. 18 of the GDPR, you have the right to request a restriction on the processing of data concerning you.

As part of data transferability pursuant to Art. 20 of the GDPR, you have the right to receive the personal data concerning you that you have provided us with in a structured, common and machine-readable format.

Under Art. 21 of the GDPR, you have the right to object to the processing of data concerning you at any time for reasons arising from your particular situation.

In order to exercise your rights, please contact the above-mentioned person in charge, as your rights must also be actioned there. You may also contact the data protection officer directly, especially if your request requires greater confidentiality:

Data Protection Officer for HEIN, LEHMANN GmbH

c/o migosens GmbH

Wiesenstr. 35

45473 Mülheim an der Ruhr

Germany

dsb-hein-lehmann@dsb24.net

 

Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are resident, your place of work or the place of the suspected infringement, if you consider that the processing of personal data concerning you is in breach of the GDPR.

 

Our Presence on Social Networking Sites

HEIN, LEHMANN GmbH maintains publicly accessible professional company profiles on various social networking sites (social media). We use these to publish and disseminate content, offers and product recommendations from our company and help us, for example, to promote direct exchange with our customers and interested persons.

The use of one of these networking sites sets in motion a large number of data processing operations. This data is processed even if you do not have your own profile with this network. When you visit one of our profiles, your personal data is not only processed by us but also by the operator of the respective networking site and stored if necessary. Personal data constitutes, for example, your name, age, e-mail address, photos and other information that you have voluntarily shared in the networking sites, as well as information on your usage behaviour and interactions with the contents of the respective company profile. Under certain circumstances, your IP address may also be collected. There is no obligation on your part to provide us with your personal data in order to visit our company profiles. However, this may be necessary in order to use individual functions of our profiles (such as commenting on articles or contacting us).  

HEIN, LEHMANN GmbH has no influence on the data processing triggered by the operators as a result of your visit to any social networking sites, which may differ between the individual networks and are not necessarily traceable by us (e.g. the setting of cookies). For further information regarding details of the collection and storage of your personal data as well as the purpose, type and scope of processing, we would refer you to the data protection declarations of the respective operators of the social networking sites. These can be found below:

The YouTube privacy policy, operated by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, can be found at https://policies.google.com/privacy?hl=de&gl=de

The data protection information of Xing, operated by New Work SE, Dammtorstrasse 30, 20354 Hamburg, can be found at https://privacy.xing.com/de/datenschutzerklaerung

LinkedIn's privacy policy, operated by LinkedIn Ireland Limited Company, Wilton Place, Dublin 2, Ireland, can be found at https://www.linkedin.com/legal/privacy-policy

If you use our presence in social networking sites to contact us (e.g. through private messages or commenting on/sharing contributions or reactions to such), we will process the data you provide us with solely for the purpose of contacting you and will not merge it with any other data available to us. The legal basis for the collection of data is, therefore, Art. 6 (1) (b) of the EU’s GDPR. If the contact does not relate to a pre-contractual measure of your own or a contract that you yourself have already concluded with HEIN, LEHMANN GmbH, we will process your personal data on the basis of Art. 6 (1) (f) of the GDPR in the context of our justified interest in processing your request in this way.

Your personal data will be deleted as soon as the purpose for which it was stored no longer applies or you request us to delete it. Furthermore, data may be stored if this has been provided for by the European or national legislator in accordance with EU ordinances, laws or other regulations to which HEIN, LEHMANN GmbH is subject. The data will also be deleted when a storage period prescribed by the above-mentioned standards expires unless it is necessary to continue storing the data in order to conclude or fulfil a contract. For the length of time that operators of the social networking sites store your personal data, please refer to the respective data protection notices mentioned above.