Privacy policy

As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that says something about you and with which you can be identified. In this privacy policy, we would like to explain to you how, for what purpose and on what legal basis we process your data.

The person responsible for data processing on this website and in our company is:

Metal Envelope Engineering GmbH
Max-Eyth-Straße 2
74532 Ilshofen-Eckartshausen
Deutschland

Phone: +49 (0) 7904 / 29899 – 30
E-mail: info@metal-envelope.com

General information

SSL or TLS encryption

When you enter your data on websites, place online orders or send e-mails over the Internet, you must always expect that unauthorized third parties will access your data. There is no complete protection against such access. However, we do everything we can to protect your data in the best possible way and to close the security gaps as far as we can.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data that you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the entered Internet address in your browser and by the fact that our Internet address begins with https:// and not with http://.

How long do we store your data?

At some points in this Privacy Policy, we will inform you about how long we or the companies that process your data on our behalf will keep your data. If such information is missing, we will store your data until the purpose of the data processing no longer applies, you object to the data processing or you revoke your consent to data processing.

In the event of an objection or revocation, however, we may continue to process your data if at least one of the following conditions applies:

  • We have compelling legitimate grounds for continuing to process data that override your interests, rights and freedoms (only if you object to the processing; if the objection is directed against direct marketing, we cannot provide grounds worthy of protection).
  • The data processing is necessary to establish, exercise or defend legal claims (does not apply if your objection is directed against direct marketing).
  • We are required by law to retain your data.

In this case, we will delete your data as soon as the requirement(s) no longer applies.

Your rights

Objection to data processing

IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS FOR THE PROCESSING OF YOUR DATA AND THEREFORE RELY ON ART. 6 PARA. 1 SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT TO LODGE AN OBJECTION TO IT UNDER ART. 21 GDPR. THIS ALSO APPLIES TO PROFILING THAT IS CARRIED OUT ON THE BASIS OF THE AFOREMENTIONED PROVISION. THE PREREQUISITE IS THAT YOU GIVE REASONS FOR THE OBJECTION THAT ARISE FROM YOUR PARTICULAR SITUATION. A JUSTIFICATION IS NOT REQUIRED IF THE OBJECTION IS DIRECTED AGAINST THE USE OF YOUR DATA FOR DIRECT ADVERTISING.

THE CONSEQUENCE OF THE OBJECTION IS THAT WE ARE NO LONGER ALLOWED TO PROCESS YOUR DATA. THIS ONLY DOES NOT APPLY IF ONE OF THE FOLLOWING CONDITIONS IS MET:

  • WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS.
  • THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECTED AGAINST DIRECT ADVERTISING OR PROFILING RELATED TO IT.

Other rights

Withdrawal of your consent to data processing

Many data processing operations are based on your consent. You can do this, for example, by ticking the appropriate box for online forms before you submit the form, or by allowing certain cookies when you visit our website. You can revoke your consent at any time without giving reasons (Art. 7 para. 3 GDPR). From the time of revocation, we are no longer allowed to process your data. The only exception: We are legally obliged to keep the data for a certain period of time. Such retention periods exist in particular in tax and commercial law.

Right to lodge a complaint with the competent supervisory authority

If you believe that we are violating the General Data Protection Regulation (GDPR), you have the right to complain to a supervisory authority in accordance with Art. 77 GDPR. You can contact a supervisory authority in the Member State of your residence, your place of work or the place where the alleged infringement took place. The right of appeal exists in addition to administrative or judicial remedies.

Right to data portability

Data that we process automatically on the basis of your consent or in performance of a contract must be handed over to you or a third party in a commonly used machine-readable format if you request it. We can only transfer the data to another controller to the extent that this is technically possible.

Right to data access, deletion and correction

In accordance with Art. 15 GDPR, you have the right to receive information free of charge about what personal data we have stored about you, where the data comes from, to whom we transmit the data and for what purpose it is stored. If the data is incorrect, you have a right to rectification (Art. 16 GDPR), under the conditions of Art. 17 GDPR you may request that we delete the data.

Right to restriction of processing

In certain situations, you can request that we restrict the processing of your data in accordance with Art. 18 GDPR. The data may then only be processed as follows – apart from storage:

  • with your consent
  • to assert, exercise or defend legal claims
  • to protect the rights of another natural or legal person
  • for reasons of important public interest of the European Union or of a Member State

The right to restriction of processing exists in the following situations:

  • You have contested the accuracy of your personal data held by us and we need time to verify this. In this case, the right exists for the duration of the examination.
  • The processing of your personal data is unlawful or has been unlawful in the past. Here there is the right as an alternative to the deletion of the data.
  • We no longer need your personal data, but you do need it to exercise, defend or assert legal claims. Here there is the right as an alternative to the deletion of the data.
  • You have filed an objection pursuant to Art. 21 (1) GDPR and now your interests and ours must be weighed against each other. The right exists here as long as the result of the balancing has not yet been determined.

Hosting and Content Delivery Networks (CDN)

External Hosting

Our website is located on a server of the following provider of internet services (hosters):

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen

Has a contract for order processing been concluded with the hoster or are standard contractual clauses (SCC) used?

Yes

How do we process your data?

The hoster stores all data of our website. This includes any personal information collected automatically or through your entry. This can include, but is not limited to: your IP address, pages accessed, names, contact details and requests, as well as meta and communication data. When processing data, our host adheres to our instructions and always processes the data only to the extent necessary to fulfil its obligation to perform towards us.

What is the legal basis for processing your data?

Since we address potential customers via our website and maintain contacts with existing customers, the data processing by our hoster serves the purpose of initiating and fulfilling the contract and is therefore based on Art. 6 para. 1 lit. b) GDPR. In addition, it is in our legitimate interest as a company to provide a professional Internet service that meets the necessary requirements for security, speed and efficiency. In this respect, we also process your data on the basis of Art. 6 (1) (f) GDPR.

Data collection on this website

Use of cookies

Our website places cookies on your device. These are small text files that are used for different purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are needed to perform certain actions or functions on the Site (functional cookies). For example, without cookies, it would not be possible to use the advantages of a shopping cart in an online shop. Still other cookies are used to analyze user behavior or optimize advertising measures. If we use third-party services on our website, e.g. to process payment transactions, these companies may also place cookies on your device when you visit the website (so-called third-party cookies).

How do we process your data?

Session cookies are only stored on your device for the duration of a session. So, as soon as you close the browser, they disappear on their own. Persistent cookies, on the other hand, remain on your device unless you delete them yourself. This can lead, for example, to your user behavior being permanently analyzed. You can influence how it handles cookies via the settings in your browser:

  • Do you want to be informed when cookies are set?
  • Do you want to exclude cookies in general or for specific cases?
  • Do you want cookies to be automatically deleted when you close your browser?

If you disable or do not allow cookies, the functionality of the website may be limited.

If we use cookies from other companies or for analysis purposes, we will inform you about this within the framework of this privacy policy. We also ask for your consent in this regard when you visit our website.

What is the legal basis for processing your data?

We have a legitimate interest in ensuring that our online services can be used by visitors without technical problems and that all the desired functions are available to them. The storage of necessary and functional cookies on your device is therefore based on Art. 6 para. 1 lit. f) GDPR. We use all other cookies on the basis of Art. 6 (1) (a) GDPR, provided that you give us your consent. You can revoke this at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when requesting consent, these cookies will also be stored exclusively on the basis of your consent.

Cookie consent with Borlabs Cookie

What is Borlabs Cookie?

Cookie plugin for GDPR compliance and ePrivacy

Who processes your data?

Only us, not the provider of Borlabs Cookie

Where can you find more information about data protection at Borlabs Cookie?

https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

How do we process your data?

We use Borlabs Cookie to obtain your consent to store cookies on your device. When you visit our website and close the Borlabs Cookie cookie window by requesting consent, a Borlabs cookie containing the following content will be stored in your browser:

  • Cookie Duration
  • Cookie version
  • Domain and path of the website
  • Consent
  • a randomly generated ID

This data is not transmitted to the provider of Borlabs Cookie.

We store the data until the purpose of the data storage no longer applies, you delete the Borlabs cookie or ask us to delete the data. This only does not apply if we are legally obliged to retain the data.

What is the legal basis for processing your data?

We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. In order to fulfil this obligation, we use Borlabs Cookie. The legal basis for data processing is therefore Art. 6 para. 1 lit. c) GDPR.

Server log files

Server log files log all requests and accesses to our website and record error messages. They also include personal data, in particular your IP address. However, this is anonymized by the provider after a short time, so that we cannot assign the data to your person. The data is automatically transmitted from your browser to our provider.

How do we process your data?

Our provider stores the server log files in order to be able to track the activities on our website and to find errors. The files contain the following data:

  • Browser type and version
  • operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address (anonymized if necessary)

We do not combine this data with other data, but only use it for statistical evaluation and to improve our website.

What is the legal basis for processing your data?

We have a legitimate interest in ensuring that our website runs error-free. It is also in our legitimate interest to obtain an anonymised overview of access to our website. The data processing is therefore lawful in accordance with Art. 6 (1) (f) GDPR.

 

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally, so there is no connection to Google’s servers when you visit our website.

You can find more information about Google Fonts under https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Own Services / Miscellaneous

Handling of applicant data

If you would like to work for us, we will be happy to accept your application. We treat all personal data transmitted as strictly confidential. This also applies to such data that we collect later in the course of the application process.

How do we process your data?

We store and use all data that we collect as part of the application process to the extent necessary to decide on the establishment of an employment relationship. In addition to contact and communication data as well as application documents, this also applies to notes that we take during job interviews. Within our company, we will only pass on your data to persons who are involved in processing your application.

If the application is successful, we will store the data required to carry out the employment relationship in our data processing systems.

If we are currently unable to offer you a suitable position, we will be happy to include your data in our applicant pool with your consent. This gives them the opportunity to contact you if a position becomes available that matches your profile.

How long do we store your data?

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to keep your documents and other application data for up to 6 months after the end of the application process. The reason is that we may need the data for evidentiary purposes in the event of a legal dispute. After the deadline, we will delete the data and destroy the documents. If there is actually a threat of litigation or if it is already pending, we will delete the data and documents when they are no longer needed for evidentiary purposes.

We delete data in the applicant pool no later than 2 years after consent has been granted. If you withdraw your consent before this period, we will delete it sooner.

The deletion of your data always requires that we are not legally obliged to keep it for longer.

What is the legal basis for processing your data?

Ihre Bewerberdaten verarbeiten wir auf der Grundlage von § 26 BDSG-neu (Anbahnung eines Beschäftigungsverhältnisses) und Art. 6 Abs. 1 lit. b) DSGVO (allgemeine Vertragsanbahnung).

The same applies if your application is successful.

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we have a legitimate interest in using your data for evidentiary purposes in any legal dispute. The data processing is therefore based on Art. 6 para. 1 lit. f) GDPR.

If you have expressly consented to the storage of your data, we will process your data on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future.