Privacy Policy

Baetge & Partner
Baetge & Partner
Baetge & Partner

Contents of this statement

1. General information and mandatory disclosures
2. Data processing when visiting this website
3. Privacy information for applicants
4. Privacy information for business partners

1. General information and mandatory disclosures

This Privacy Policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

This section contains general information that applies to all processing activities covered in this statement. The following sections contain specific information on individual processing activities and groups of data subjects.

Please note that data transmission over the Internet (e.g., when communicating by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.

Controller

The controller responsible for data processing is:

Baetge & Partner GmbH
Mühlenstraße 15
59387 Ascheberg
Germany

Telephone: +49 2593 2959660
Email: datenschutz@baetge-partner.de

Your data protection rights

Every data subject has the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR, and the right to data portability under Article 20 GDPR. The restrictions under Sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply to the right of access and the right to erasure. In addition, you have the right to lodge a complaint with a data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG).

You may revoke any consent you have given for the processing of personal data at any time by contacting the controller. This also applies to the revocation of declarations of consent that you gave us before the EU General Data Protection Regulation came into effect, i.e., before May 25, 2018. Please note that the revocation only takes effect for the future. Processing carried out before the revocation is therefore not affected by the revocation. Please also note that, despite the revocation of consent, we may, under certain circumstances, continue to process your personal data in whole or in part on the basis of a statutory legal basis.

Retention period

We process and store your personal data for as long as it is necessary to fulfil our contractual and legal obligations, or for as long as we have a legitimate interest in storing it and this outweighs your interest in discontinuing the storage.

If the data is no longer required for the purpose of processing or for the fulfilment of contractual or legal obligations, it will be regularly deleted unless its temporary further processing is required for legal reasons or we have a legitimate interest in further processing.

2. Data processing when visiting our website

SSL/TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL/TLS encryption. You can recognise an encrypted connection by the browser address line changing from “http://” to “https://” and by the padlock symbol in your browser bar.

If SSL/TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Cookies

Some of the web pages use so-called cookies. They are used to make our offering more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the next time you visit.

You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version

Operating system used

Referrer URL

Hostname of the accessing computer

Time of the server request

IP address

This data is not merged with other data sources.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions. We do not pass this data on without your consent.

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. When you access a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google’s servers. This enables Google to know that our website was accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.

If your browser does not support web fonts, a standard font from your computer will be used.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

Google Maps

This website uses the Google Maps map service via an API. Google Maps is provided by Google. To use the functions of Google Maps, your IP address must be stored. This data is usually transferred to a Google server in the USA and stored there. The operator of this website has no influence on this data transfer. Further information on how Google handles user data can be found in Google’s privacy notice: https://www.google.de/intl/de/policies/privacy/.

Links to other online services

Our website also provides links to other services (including our online presence on Facebook and XING). These links are not “social plug-ins” (i.e., buttons through which the operator providing the respective service can already collect information about the users of our website when they access our website). Please note, however, that when accessing this other service, the operator of that service may collect information (possibly including personal data) about your visit. Further information can be found in the privacy notice of the operator of the respective service.

Disclosure to third parties

As a rule, your personal data is processed within our company. As a rule, only certain roles have access, and only to the extent required to perform their tasks.

To the extent permitted by law, we may also disclose your personal data to third parties outside our company. In particular, we may disclose data to service providers commissioned by us, as well as their subcontractors, insofar as this is necessary for the provision of the services (in particular processors, shipping companies, credit institutions), as well as to private and public bodies insofar as we are obliged to disclose your personal data due to legal obligations.

Data transfer to third countries

In the context of our web analytics services, plug-ins and tools, as well as in connection with the use of our website and contacting us, information may be transferred to recipients in “third countries”, in particular the USA (e.g., to Google). “Third countries” are countries outside the European Union or the European Economic Area. Before any transfer, we will ensure that an adequate level of data protection is ensured at the recipient.

If there is no “adequacy decision” by the European Commission, we may transfer data in particular on the basis of “EU Standard Contractual Clauses” agreed with a recipient or on the basis of compliance with the principles of the so-called “Privacy Shield” between the EU and the USA.

Information about the safeguards used and the relevant agreements can be obtained from the controller or the data protection officer. Information about participants in the Privacy Shield between the EU and the USA can be found at: www.privacyshield.gov/list; for information on the EU Standard Contractual Clauses, please visit: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF, and information on adequacy decisions can be found here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.

Purposes of data processing and legal bases

The personal data that may be contained in the log files is processed to enable you to use our website; processing is carried out in accordance with Section 15(1) of the German Telemedia Act (TMG) and Article 6(1)(f) GDPR to safeguard our legitimate interest in operating our website.

The data collected via cookies (including web analytics services, plug-ins and tools) and the pseudonymised user profiles are processed for advertising and market research purposes and for the user-friendly design of our website on the basis of Section 15(3) TMG and Article 6(1)(f) GDPR to safeguard our legitimate interest in analysing usage and designing our website in a user-friendly manner.

Data processing in the context of responding to an enquiry is based on Article 6(1)(f) GDPR to safeguard our legitimate interest in establishing and maintaining business contacts. If your enquiry relates to the conclusion of a contract or to pre-contractual measures, we process your personal data on the basis of Article 6(1)(b) GDPR; in the context of employment relationships, on the basis of Section 26 BDSG.

We may also process the personal data processed in connection with your use of our website to fulfil legal obligations to which we are subject; this is done on the basis of Article 6(1)(c) GDPR.

Where applicable, we process personal data, in addition to the purposes stated above, to safeguard our legitimate interests or the interests of third parties; this is done on the basis of Article 6(1)(f) GDPR. Our legitimate interests include the assertion of legal claims and the defence of our interests in legal disputes, the prevention and investigation of criminal offences, and the management and further development of our business activities, including risk management.

3. Data protection for business partners

Categories of data processed

In the context of our business relationship, we process in particular the following personal data:

  • Personal information, e.g., name, position, business contact details (in particular address, telephone, email).
  • Other business information, e.g., your industry, previous business activities, business history with us
  • Other personal information you have provided to us (e.g., your date of birth)
  • Contract data (in particular customer number, bank details, tax number/VAT ID)
  • Creditworthiness information
  • Bank information
  • Personal data that we are permitted to process from publicly accessible sources (e.g., commercial register, creditworthiness information from Creditreform, professional social networks such as XING or LinkedIn)

We generally receive the above data (with the exception of the last item) directly from you. We may also receive further data from your employer, your colleagues or third parties, or collect it from publicly accessible sources (e.g., your company’s website, professional social networks).

Purpose of data processing and legal basis

We process your personal data to initiate and carry out our business relationship, to fulfil legal obligations and, insofar as this is necessary for our legitimate interests, unless your interests or fundamental rights and freedoms prevail.

The legal basis for data processing is, in particular, Art. 6(1)(b) and Art. 6(1)(f) GDPR, or your consent, insofar as you have given us such consent.

Disclosure to third parties

As a rule, your personal data is processed within our company. Only certain roles have access, and only to the extent required to perform their tasks.

To the extent permitted by law, we may also disclose your personal data to third parties outside our company, insofar as this is necessary for the implementation of our business relationship or to safeguard our legitimate interests. In particular, we may disclose data to service providers commissioned by us, as well as their subcontractors, insofar as this is necessary for the provision of the services (in particular processors, shipping companies, credit institutions), as well as to private and public bodies insofar as we are obliged to disclose your personal data due to legal obligations.

Data transfer to third countries

Your applicant data will not be transferred to countries outside the EU/EEA.