Privacy Policy

Protecting your personal data during your visit to our website is a matter of great importance to us. Your data is protected in accordance with legal regulations. Below, we inform you about the nature and scope of the processing of personal data via this website in accordance with Article 13 of the General Data Protection Regulation (GDPR).

I. Information about the Responsible Entity

Bohrcraft Werkzeuge GmbH & Co. KG
An Eichholz 15
42897 Remscheid
Tel.: +49 (0) 2191 78208 – 0
Fax: +49 (0) 2191 78208 – 24
E-Mail: info@bohrcraft.de

II. Information about the Data Protection Officer

Für Fragen zum Datenschutz steht Ihnen unser externer Beauftragter für den betrieblichen Datenschutz gerne zur Verfügung:

Herr Arndt Halbach from GINDAT GmbH
Wetterauer Str. 6, 42897 Remscheid
Tel. +49 (0) 2191 909 430
Fax: +49 (0) 2191 909 50 430
E-Mail: datenschutz@bohrcraft.de

III. Data Processing via the Website

Your visit to our website is logged. Primarily, the following data transmitted by your browser is collected:

  • The IP address currently used by your PC or your router
  • Date and time
  • Browser type and version
  • The operating system of your PC
  • The pages you viewed
  • Name and size of the requested file(s)
  • And possibly the URL of the referring website.

This data is collected solely for data security purposes, to improve our web offering, and for error analysis based on Art. 6 Para. 1 f GDPR. We reserve the right to use this data in the event of system abuse to identify the reasons and the trigger of the abuse and to take legal steps if necessary. Otherwise, your computer's IP address is only evaluated in an anonymized form (shortened by the last 3 digits).

You can visit our website without providing any personal information. We point out that data transmission over the Internet (e.g., communication by email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible. Confidential data should therefore be sent to us by other means, e.g., by mail.

Applications

The data controller processes the personal data of applicants for the purpose of handling the application process. The legal basis is § 26 para. 1 sentence 1 BDSG (Federal Data Protection Act of Germany). Processing can also take place electronically. This is particularly the case if an applicant submits relevant application documents electronically, for example, by email or via a web form on the website. If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the controller, the application documents will be automatically deleted after the position has been filled, provided that no other legitimate interests of the controller are opposed to deletion. Another legitimate interest in this sense is, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG). In this case, the data will be stored for 6 months after the end of the application process and then deleted.

Applications can only be processed if they are sent to the email address "bewerbung@bohrcraft.de". If you use a different email address of our company, unfortunately, your application will not be recognized by our systems and will therefore not be considered. Please bear in mind that email is not a secure medium. If your application reaches our email server at the aforementioned address, we protect your applications with high technical and organizational measures. We have no influence over the transmission of your application through the public internet and cannot guarantee the level of protection for your application. If your sending email server supports STARTTLS, our email server will also use STARTTLS, thus ensuring transport encryption.

Contact

Personal data (e.g., your name, address data, or contact details) that you voluntarily provide to us, for example, as part of an inquiry or in any other way, will be stored by us and processed only for correspondence with you and only for the purpose for which you have provided us with the data. The processing of this data is based on our legitimate interest in promptly responding to inquiries from interested parties based on Art 6 para. 1 lit. f GDPR.

Secure Data Transmission

To protect the security of your data during transmission, we use encryption methods (SSL) over HTTPS that are current with the state of technology.

Processing of Data (Customer and Contract Data)

We process personal data only to the extent necessary for the establishment, content organization, or change of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. Personal data about the use of our internet pages (usage data) are processed only to the extent necessary to enable the user to utilize the service or to bill the user. The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

Data Transfer Upon Conclusion of Contract for Services and Digital Content

We transfer personal data to third parties only if this is necessary in the context of contract execution, for example, to the companies entrusted with the delivery of the goods or the bank responsible for payment processing. Further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be transferred to third parties without explicit consent, for example, for advertising purposes. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or for pre-contractual measures.

IV. Recipients of Personal Data

For the execution and processing of processing processes, we may use service providers within the framework of order data processing.

Specifically, we have engaged service providers for the hosting of our website.

The contractual relationships with our service providers are regulated according to the provisions of Art. 28 GDPR, which contains the legally required points regarding data protection and data security.

V. Use of Cookies

Cookies are used on our website. Cookies are small text files that are stored on your computer and saved by your browser. The use of cookies serves to make our website more user-friendly. For example, it enables the user to be recognized for the duration of the session without having to re-enter the username and password continuously. The cookies do not cause any damage to your computer and do not contain viruses. They will be deleted after a certain retention period expires.

Some of the cookies we use are deleted immediately after you close your browser (so-called session cookies). Other cookies remain on your device and enable your browser to be recognized on your next visit (persistent cookies).

The data processing associated with cookies, which solely serves to make our online offerings functional, is carried out on the basis of our legitimate interest under Art. 6 para. 1 f) GDPR.

In all other cases, especially for analyzing usage of our websites and for marketing, we use cookies only with your consent. The legal basis is therefore Art. 6 para. 1 a) GDPR, § 25 para. 1 TTDSG.

You can revoke or change your consent at any time by changing your cookie settings via the [Cookie Settings] link.

If you do not wish to use cookies, you can configure your browser so that the storage of cookies is not accepted. Please note, however, that in this case you may not be able to use all functions of our websites to their full extent.

More information about cookies and services as well as storage periods can be found in our privacy policy.

VI. Use of Oxomi

We use OXOMI, a service by scireum GmbH, on our website to display and communicate product and marketing information (e.g., product images and descriptions, documents, etc.).

This is a cloud-based service that loads content from scireum GmbH's servers. When pages incorporating the tool are accessed, connections are made by your browser to servers of scireum GmbH located in Germany.

Due to technical necessity, this involves the transmission of your IP address and possibly browser data like your user agent. OXOMI exclusively processes these data to provide content as well as to maintain security and functionality. Technically necessary cookies may also be stored in your browser by OXOMI. You can prevent the use of OXOMI and the associated data processing by deactivating JavaScript execution in your browser with a script blocker, which may result in not being able to fully use all functions of our website.

We use OXOMI based on our legitimate interest in accordance with Art 6 (1) f DSGVO to enable a platform-independent, always up-to-date, and appealing presentation of our content and product information, which does not require the installation of a PDF viewer in your browser.

Thus, the legal basis for its use is Article 6 (1) lit. f DSGVO.

VII. Google Maps

This site uses Google Maps via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps actively, it is necessary for Google to collect information about your use of the website along with your IP address. This information is usually transferred to a Google server in the USA and stored there. Google Maps will not load without your consent, a so-called 2-click solution is implemented. Only after you click the link to activate Google Maps, data is transmitted to Google.

Regarding the transfer of personal data to the USA, there is an adequacy decision by the European Commission for data processing by US companies that are certified under the EU-U.S. Data Privacy Framework (DPF). The processing by Google LLC is based on the certification under the EU-U.S. Data Privacy Framework.

In addition, to ensure an adequate level of data protection, we have concluded EU standard contractual clauses with the service provider.

The legal basis is your consent in accordance with Art. 6 para. 1 a) DSGVO, § 25 para. 1 TTDSG. You can revoke your consent at any time with effect for the future via our Consent-Tool.

For more information on how user data is handled, please refer to Google's privacy policy: https://www.google.com/intl/de/policies/privacy/.

VIII. Your Rights

Under Articles 15-21 GDPR, you have the right, subject to the conditions described therein, to exercise the following rights concerning the personal data processed by us:

You may request information according to Art. 15 GDPR about your personal data processed by us.

If incorrect personal data is processed, you have a right to correction according to Art. 16 GDPR.

If the legal requirements are met, you may request the deletion or restriction of processing according to Arts. 17 and 18 GDPR.

You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent until the withdrawal.

Right to Object According to Art. 21 GDPR

You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 (1) e) or f) GDPR; this also applies to profiling based on these provisions.

IX. Regular Periods for the Deletion of Data

Unless a legal retention requirement exists, the data will be deleted or destroyed if they are no longer necessary for the purposes of data processing. Different retention periods apply to the retention of personal data; for example, data relevant for tax purposes are usually retained for 10 years, while other data based on commercial law regulations are generally retained for 6 years. Finally, the storage duration can also be based on the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), are usually three years, but in certain cases can also be up to thirty years.

X. Right to Lodge a Complaint with a Supervisory Authority

Any data subject has the right to lodge a complaint with a supervisory authority under Art. 77 GDPR if they believe that the processing of their personal data violates the GDPR. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based.

The State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf, Germany

Tel.: 0211/38424-0
Fax: 0211/38424-999
E-Mail: poststelle@ldi.nrw.de