Privacy policy

1. Data protection at a glance

General information

The following information provides a simple overview of how we process your personal data when you visit this website. Personal data is any data that can be used to personally identify you as a person. For more detailed information on data protection, please refer to our privacy policy set out below.

Data collection on this website

Who is responsible for collecting data on this website?

All of the data collected on this website is processed by our website operator. Their contact details are listed under “Information about the responsible controller” section in this privacy policy.

How do we collect your data?

There are two ways in which we collect data. One is by storing the data you provide us with, which could, for example, be data that you enter in a contact form.

The other way we collect data is through our IT systems, either automatically or with your consent when visiting our website. This primarily includes technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you access this website.

What do we use your data for?

Some of the data we collect is used to ensure that you can properly view and access our website. We also collect data for analysing user behaviour.

What are your rights regarding your data?

You have the right to request information about the origin, recipient and purpose of the personal data that we hold about you free of charge and at any time. You also have the right to request the correction or deletion of this data. If you have consented to your data being processed, you can revoke this consent at any time with future effect. You also have the right to request that the processing of your personal data be restricted in certain circumstances. You are also entitled to file a complaint with the responsible supervisory authority.

Please do not hesitate to contact us at any time about any of the above or if you have any further questions about data protection.

Analytics and third party tools

When visiting this website, we may statistically analyse your browsing behaviour. This is done primarily using so-called web analytics programs.

For more detailed information about these analytics programmes, please refer to our privacy policy set out below.

2. Hosting

The contents of our website are hosted by the following provider:

Mittwald

The provider is Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp, Germany (hereinafter referred to as “Mittwald”).

For more information, please refer to Mittwald's privacy policy at: https://www.mittwald.de/datenschutz.

The use of Mittwald is based on Art. 6(1)(f) GDPR as we have a legitimate interest in ensuring that our website is hosted as reliably as possible. If you have consented to this, data will be processed exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act), provided your consent covered the storage of cookies or access to information stored on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

3. General and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We treat all of your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, we will collect various types of personal data. Personal data is any data that can be used to personally identify you as a person. This privacy policy explains what kind of data we collect and what we use it for. It also explains how and why we collect this data.

Please note that transmitting data over the Internet (e.g. when communicating by e-mail) may not always be totally secure. Hence, we cannot completely rule out unlawful processing by third parties.

Information about the responsible controller

The controller responsible for data processing on this website is:

kalwar CFT FUSIONSTECHNIK GmbH
CEO: Georg Kalwar

kalwar CIV INNOSERV GmbH & Co. KG
Personally liable partner:
kalwar CIV Verwaltungs-GmbH
CEO: Markus Kalwar

Registered offices and contact details for the companies:
Gartnischer Weg 131
33790 Halle/Westfalen
Germany

Phone: +49 5201 859-0
e-mail: info@remove-this.kalwar.com

The responsible controller is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Storage period

We will store your personal data until the purpose for which it was collected no longer applies, unless another storage period is specified in this privacy policy. If you make a legitimate request for your data to be deleted or revoke your consent to data processing, we will delete your data unless we have other legally permissible reasons for storing it (e.g. tax or commercial law retention periods); where the latter applies, your data will be deleted as soon as these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to data processing, we will process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if the data comprises special categories of data according to Art. 9(1) GDPR. If you have expressly consented to your personal data being transferred to third countries, your data will also be processed on the basis of Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g. via device fingerprinting), your personal data will also be processed on the basis of Section 25(1) TTDSG. This consent can be revoked at any time. If we need your data to perform a contract or to perform any measures in preparation for the same, we will also process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we will also process your data on the basis of Art. 6(1)(c) GDPR if necessary to fulfil a legal obligation. We may also process your data on the basis of our legitimate interest in accordance with Art. 6(1)(f) GDPR. The following section of this privacy policy contains more detailed information about the relevant legal bases for processing data.

Data protection officer

We have appointed a data protection officer.

Phone: +49 5201 859-0
e-mail: datenschutz@remove-this.kalwar.com

Recipients of personal data

As part of our business activities, we work with various external parties. In some instances, we also need to transmit personal data to these external parties. We only pass on personal data to external parties where necessary to perform a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in doing so in accordance with Art. 6(1)(f) GDPR or if another legal basispermits us to do so. When using order processors, we only pass on our customers' personal data to such processors subject to the presence of a valid order processing contract. In the event that orders are processed by more than one party, we will enter into a joint processing agreement.

Revoking your consent to data processing

Many data processing operations can only be performed with your express consent. You can revoke any consent you have already given at any time. The lawfulness of the data processing performed up until you revoke your consent will not be affected by this revocation.

Right to object to the collection of your data in certain cases and to direct advertising (Art. 21 GDPR)

If data is being collected on the basis of Art. 6 (1) (e) or (f) GDPR, you have the right to object to the collection of your personal data for reasons specific to your situation at any time; this also applies to any profiling performed on the basis of this regulation. The applicable legal basis on which this data processing is based will be set out in this privacy policy. If you object to the processing of your data, we will stop processing the relevant personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing is for the establishment, exercise or defence of legal claims (objection in accordance with Art. 21 (1) GDPR).

If your personal data is being processed for direct advertising purposes, you have the right to object to the processing of your personal data for the purpose of such advertising; this also applies to profiling if related to this kind of direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objection in accordance with Art. 21 (2) GDPR).

Right to lodge a complaint with the responsible supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right to be handed the personal data that we are automatically processing on the basis of your consent or for the performance of a contract or to have this data transmitted to a third party in a conventional, machine-readable format. If you request this data to be transmitted directly to another controller, this request will only be granted where technically feasible.

Information, correction and deletion

Within the framework of the applicable legal regulations, you have the right to receive information about the personal data stored about you, its origin, recipients and the purpose of the data processing and, if relevant, a right to demand the correction or deletion of this data at any time and free of charge. Please do not hesitate to contact us at any time if you have any further questions about data protection.

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can do so at any time by contacting us. You may exercise your right to restriction of processing where the following applies:

If you are disputing the accuracy of the personal data we have stored, we generally need some time to verify your claim. While we are doing so, you have the right to demand that we restrict the processing of your personnel data.
If the processing of your personal data is/was unlawful, you have the right to object to its erasure and instead request the processing to be restricted.
If we no longer need your personal data, but you need it for the establishment, exercise or defence of legal claims, you have the right to object to its erasure and instead request for the processing to be restricted.
If you have objected to processing pursuant to Article 21(1) GDPR, it will be necessary to verify whether our interests override yours. While this is being established, you have the right to demand that we restrict the processing of your personnel data.

If you have restricted the processing of your personal data, this data – with the exception of its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL and TLS encryption

This website uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator. You can recognize an encrypted connection by the fact that the browser address line changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by any third parties.

Objecting to advertising e-mails

We hereby object to the use of the contact details published within the scope of our obligation to provide legal information to send advertising and information material that has not been explicitly requested. The operators of this website explicitly reserve the right to take legal steps in the event of the sending of unsolicited advertising information, such as spam e-mails.

4. Data collection on this website

Cookies

Our website uses cookies. Cookies are small data packages and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them or they are automatically deleted by your web browser.

Cookies can be generated by our website (first-party cookies) or third-party companies (third-party cookies). Third-party cookies make it possible to integrate certain third-party services into a website (e.g. cookies for processing payment services).

Cookies have a number of purposes. A lot of cookies are used for technical reasons and are essential for ensuring that all features of a website work properly (e.g. shopping baskets or videos). There are also cookies that are used to analyse user behaviour or for advertising purposes.

Cookies that are necessary for electronic communication processes, for providing certain features that visitors wish to use (e.g. shopping basket) or for optimising the website (e.g. visitor counter cookies) (necessary cookies) are used on the basis of Art. 6(1)(f) GDPR, unless another legal basis has been specified. The website operator has a legitimate interest in using necessary cookies to ensure that its services operate smoothly and can be provided properly. If you have consented to the storage of cookies and comparable recognition technologies, the processing is carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and Section 25(1) TTDSG); this consent can be revoked at any time.

You can configure your browser in such a way that you will be notified of any cookies, to allow cookies only in certain cases, to exclude the acceptance of cookies in certain cases or in general, and to activate the automatic deletion of cookies when you close the browser. Deactivating cookies may impact the performance and the features you will be able to access on this website.

Please refer to this privacy policy for information on the cookies and third-party services used on this website.

Server log files

The provider of this website automatically collects and stores information in server log files, which your browser automatically transmits to us. This information is:

Browser type and version
Operating system used
Referrer URL
Host name of the accessing computer
Time of server request
IP address

This data will not be merged with other data sources.

This data is collected on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the proper presentation and optimisation of the website – which requires recording data in server log files.

E-mail, telephone and fax enquiries

If you contact us by e-mail, telephone or fax, we will store and process your enquiry, including all associated personal data (name, enquiry) for the purpose of processing your request. We will not pass on this data without your consent.

This data will be processed on the basis of Art. 6(1)(b) GDPR, provided that your enquiry is related to the performance of a contract or is necessary to carry out any pre-contractual measures. In all other cases, the processing is based on our legitimate interest in processing the enquiries addressed to us in an effective manner (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), provided this was given. This consent can be revoked at any time.

We will store any data sent to us via contact requests until you ask us to delete it, revoke your consent to its storage or until the purpose for storing it no longer applies (e.g. once your enquiry has been processed). This does not affect any statutory legal provisions – in particular those pertaining to statutory retention periods.

5. Analytics tools and advertising

Piwik Pro

This website uses the web analytics suite Piwik Pro. Piwik Pro uses technologies that make it possible to track users across multiple websites to analyse user behaviour (e.g. cookies or device fingerprinting). The information collected by Piwik Pro about the use of this website is stored on our server. Users' IP addresses are always anonymised before storage.

Piwik Pro enables us to collect and analyse data about the use of our website by visitors to the site. Amongst other things, this allows us to find out about the timing of page views and about the locations from which our website is accessed. We also use it to collect various log files (e.g. IP address, referrer, browsers and operating systems) and to track whether our website visitors carry out certain actions (e.g. clicks, purchases, etc.).

The use of this analytics tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and advertising. If you have consented to this, data will be processed exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act), provided your consent covered the storage of cookies or access to information stored on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

IP anonymisation

Piwik Pro anonymises all IP addresses when analysing data. This means that your IP address will be shortened before analysis so that it can no longer be clearly linked to you.

Hosting

We host Piwik Pro with the following third-party provider:

Piwik Pro GmbH
Kurfürstendamm 21
10719 Berlin, Germany
https://piwikpro.de/
https://piwikpro.de/datenschutz/

Order processing

We have entered into a contract for commissioned data processing (AVV) with the above service provider. This is a contract required under data protection law that ensures that this service provider will only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

6. Plugins and Tools

YouTube with advanced data protection

This website uses videos hosted by YouTube. YouTube is a website operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube with advanced data protection mode. According to YouTube, this mode means that YouTube will not store any information about visitors to this website before they view a video. However, advanced data protection mode does not necessarily prevent data from being transmitted to any YouTube partners. This is because YouTube will automatically establish a connection with the Google Marketing network regardless of whether you watch a video.

As soon as you start watching a YouTube video, YouTube will actively start collecting data from our website. This data will include information about which pages of our website you visited. If you are logged into your YouTube account, you will also enable YouTube to directly link your browsing behaviour to your personal profile. This can be prevented by logging out of your YouTube account.

YouTube will also be able to store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting) once you start watching a video. This is how YouTube is able to collect information about visitors to this website. Amongst others, it will use this information for statistical analyses for its videos, to improve user-friendliness and prevent fraud.

In some cases, starting a YouTube video may trigger other data processing operations over which we have no influence.

We use YouTube in the interests of enhancing the appeal of our online presence. This represents a legitimate interest in terms of Art. 6(1)(f) GDPR. If you have consented to this, data will be processed exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TTDSG (German Telecommunications-Telemedia Data Protection Act), provided your consent covered the storage of cookies or access to information stored on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information about YouTube’s privacy policy, visit: https://policies.google.com/privacy?hl=de.

YouTube is certified as compliant with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. For more information on the DPF, please visit: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

7. Data collected and processed by us

Job applicant data

Visitors to our website are given the opportunity to apply for a job with us (e.g. by e-mail, post or using our online application form). The following section contains information about the scope, purpose and how we use the personal data we collect as part of this application process. All of our data processing operations, from collecting, processing and use, comply with the relevant data protection regulations as well as all other relevant legal regulations, and we treat all data provided as strictly confidential.

Scope and purpose of collecting data

When you send us an application, we process the associated personal data (e.g. contact and communication details, application documents, notes made during interviews, etc.) only to the extent required to make a decision about entering into an employment relationship with you. The legal basis for collecting and processing this data is Section 26 BDSG (German Federal Data Protection Act) in accordance with German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general pre-contractual situations) and – provided you have given your consent – Art. 6(1)(a) DSGVO. This consent can be revoked at any time. Your personal data will only be shared with people within our company who are involved in processing your application.

Should your application be successful, the data you provided will be stored in our data processing systems for the purpose of performing an employment contract on the basis of Section 26 BDSG and Art. 6(1)(b) GDPR.

Duration of data storage

If we do not offer you a job, you reject a job offer or withdraw your application, we reserve the right to store the data you provided on the basis of our legitimate interest (Art. 6(1)(f) GDPR) for up to 6 months following the completion of the application process (rejection or withdrawal of application). On expiry of this period, the data will be deleted and the physical application documents destroyed. We keep the data for this period primarily as potential evidence in the event of a legal dispute. Should it transpire that we need the data following the expiry of the 6-month period (e.g. because of a risk of or a pending legal dispute), it will only be deleted once the reason for its continued storage no longer applies.

The data may also be retained for a longer period of time if you have consented to this (Art. 6(1)(a) GDPR) or if required by law.

Inclusion in our applicant pool

If we have not offered you a job, we may offer to add you to our applicant pool. If so, all of the documents and information from your application will be added to your file in the applicant pool to allow us to contact you should we have a suitable opening.

Inclusion in the applicant pool will be based exclusively on your express consent (Art. 6(1)(a) GDPR). Consenting to being included in the applicant pool is voluntary and will not affect any current job application process. This consent can furthermore be withdrawn at any time. In this event, the data will be irrevocably deleted from the applicant pool unless not permitted by law.

The data in the applicant pool will be irrevocably deleted at the latest two years after consenting to their storage.

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	12 months	HTML	PiwikPro
_pk_ses	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	PiwikPro
ppms_privacy_	missing translation: trackingobject.ppms_privacy_.desc	30 minutes	HTML	PiwikPro
stg_last_interaction	missing translation: trackingobject.stg_last_interaction.desc	1 year	HTML	PiwikPro
stg_traffic_source_priority	missing translation: trackingobject.stg_traffic_source_priority.desc	30 minutes	HTML	PiwikPro
stg_returning_visitor	missing translation: trackingobject.stg_returning_visitor.desc	1 year	HTML	PiwikPro
stg_externalReferrer	missing translation: trackingobject.stg_externalReferrer.desc	session	HTML	PiwikPro