Elektra Tailfingen would like to thank you for your visit on our webpages and your interest in our company and our services. The protection of your privacy in regard to processing is an important matter to us. Therefore, your data will exclusively be processed in accordance with the provisions of the German Data Protection Act as well as the General Data Protection Regulation of the European Union. We want you to feel safe during your visit on our pages.

INTRODUCTION
With this privacy policy, we attend to our duty of information towards our visitors and users according to art. 3 General Data Protection Regulation (GDPR). We specifically focus on protecting personal data. Personal Data are particulars about personal or material conditions of a specified or specifiable natural person. This includes information as for instance, name, address, e-mail address and phone number. The legal bases of data protection are to be found in the GDPR as well as the German Telemedia Act (TMG) and the EU ePrivacy regulation.

YOUR RIGHTS IN REGARDS TO DATA PROTECTION AS A USER OF THIS WEBSITE (RIGHTS OF THE PERSONS AFFECTED)
The data protection law views you as an affected person of our initiated collection of your personal data in the scope of your visit on our website. Accordingly, the legislator has made provisions for a number of rights of the persons affected that you can make use of as a user of this website. In particular, these rights are the following:

At any time, you have the right of information about your personal data, their origins and recipient and the reason for data processing free of charge and without giving reasons. Likewise, you have the right to adjustment, correction, blockage or deletion of this data. You may also restrict processing of your data or object to processing of your data (right of objection), just as well you generally have the right of data transferability. If you have provided us with your consent to processing of your data, you can revoke it at any time. Additionally, you have the right of appeal with the regulatory authorities according to art. 77 GDPR.

CONTACT DATA: RESPONSIBLE PERSON – DATA PROTECTION COORDINATORS – DATA PROTECTION OFFICER
If you have any questions regarding data protection at Elektra Tailfingen that cannot be answered with the information provided in this privacy policy or if you would like to put your rights as a person affected into practice, you have the following opportunities to contact us:

The management or executive board that you can find in the imprint on www.elektra-tailfingen.de is responsible for data processing. However, given that the management has an abundance of other responsibilities, we recommend contacting our data protection coordinators (datenschutz@elektra-tailfingen.de) directly. You may also send your inquiry by mail; the corresponding address can be found in the imprint as well.

Furthermore, Elektra Tailfingen has commissioned an external data protection officer that is available under datenschutz@elektra-tailfingen.de.

We would like to inform you that you may address any of our employees with your inquiries regarding your rights as a person affected. However, it would present a great relief to us if you would address your concerns directly to our data protection coordinators (datenschutz@elektra-tailfingen.de).

If you would like to make use of your right of appeal according to art. 77 GDPR, please contact the responsible supervisory authority.

RECIPIENTS OF PERSONAL DATA

If you submit your personal data to us, the main recipients are the employees of Elektra Tailfingen that have been entrusted with it. Moreover, it is possible that we commission other companies or individuals with the fulfilment of tasks in our name, for instance services that you requested through the contact inquiry (e.g. a printed product brochure). In this case, it is possible that the companies commissioned by us get to process your data for the intended purpose. For more detailed information regarding this matter, please see the section “Obligations of Employees and external Service Providers” and “Cooperation with external Service Providers”.

TRANSMISSION OF PERSONAL DATA IN A THIRD COUNTRY
We do not have the intention to transmit personal data beyond the geographic scope of the GDPR. However, given that we occasionally use web services provided by Google (e.g. for the graphic layout of the slogans we use “fonts.gstatic.com”), data such as, for instance, IP addresses and/or so-called referral links or online identifiers might be transmitted, depending on your browser settings. Since we do not initiate the combination of that data, it cannot be ruled out that personal data is created and/or processed beyond the geographic scope of the GDPR. It is possible to prevent the transmission in your browser; for more information regarding this matter, please read the section “Use of Google Maps”.

DURATION OF STORAGE
Personal data that has been submitted over our own website will only be stored until its intended purpose is fulfilled. Taking retention periods in accordance with commercial and fiscal laws into consideration, the duration of storage of specific data can be up to 10 years.

INTENTION OF DATA COLLECTION
The use of our page is generally possible without submitting personal data. In order to use particular services on our page, however, different regulations might apply that, in this case, will be individually elaborated and inform you especially about the nature, extent and purpose of the collection and processing of personal data. Nevertheless, we only generally only process personal data whenever it is necessary for providing a functional website as well as contents and services. In case of data collection, it is for the purpose of technical provision of our online presence, for informational purposes and for contractual purposes when providing services. Your personal data will be used exclusively for the aforementioned purposes and only within the scope and to the extent necessary to fulfil these purposes. If you apply for employment at Elektra Tailfingen, another purpose for data processing is the potential conclusion of an employment contract.

LEGAL BASE OF DATA COLLECTION
Personal data may only be processed in accordance with a legal base. Whenever we process personal data in the scope of our web presence, we generally do so due to legitimate interest of the person responsible, article 6, paragraph 1 GDPR.

The preservation of legitimate interests is a balance of interests and includes not only our interests as the company responsible for the processing but also the interests of the users of our websites. We as a company want to inform you about our company as well as our services. You as a user and potential customer, supplier, competitor, information seeker and/or applicant have an interest in informing yourself about is, our services and products in a technically accessible and comfortable way. Moreover, we give our visitors the opportunity to get into contact with us through our website. Respectively, the processing of data complies with the interests on both ends. At the same time, the processing of personal data is reduced to a minimal extent so that we come to the conclusion that the preservation of legitimate interest can act as the legal base for the processing.

In regard to the application process, we use the legal ground of contract and contract initiation (article 6, paragraph 1 GDPR), especially § 26 BDSG (German Data Protection Law, Data Processing for Purposes of Employment Relationships). For more information, see the section “Applications”.

In addition, we use the legal ground of consent in regard to the application process (article 6, paragraph 1 GDPR). This consent is voluntary and serves the purpose of staff recruitment and transmission of your data into an internal talent pool. For more information, see the section “Applications”. You can freely choose whether you would like to give consent or decline. There will be no negative consequences whatsoever in case of declination. You can revoke previously given consent partially or fully at any time. The legality of processing on the legal ground of consent will persist until the revocation. This means that even in case of revocation of consent, the processing that happened in the past will not become unlawful.

COOKIES
Our web site doesn’t use any Cookies.

SERVER LOG
Every visit of the pages of this web presence is registered and stored in the so-called Server Log files. This data serves exclusively to analyse server utilisation.

The collected data in this procedure specifically contains the following:

• The requesting host address
• Time and date of the request
• Name of the requested file
• HTTP status code
• Amount of transmitted data
• Internet page from which you visit us (referrer URL)
• Browser / operating system / interface
• Particulars about which server services were used
• Protocol version

This anonymous data will be stored separately from your possibly submitted personal data and will not allow any inference to a specific person. It will only be transmitted to third parties when prescribed by law or court order. There will be no transmission for commercial or non-commercial purposes. We reserve the right to check this data, should there be concrete indications of unlawful use.

CONTACT OPPORTUNITY
We offer you the option on our page to contact us via e-mail and/or contact forms. Your submissions from the request form, including the contact data you submitted in order for us to process the request and for the case of further questions will be encrypted before they are transmitted to and stored with us. If you would like to contact us via e-mail, we would like to point out that the confidentiality of the transmitted information in unencrypted e-mails is not guaranteed. The content of unencrypted e-mails can be viewed by third parties (see section “Information Security).

APPLICATION
After the selection procedure, the applicants’ data will be stored for up to six months.

Furthermore, we would like to ask you to let us add your data to an internal talent pool when you send us an application. You then consent to letting us process your data for two years for the purpose of staff recruitment. This applies to the case that you generally present an interesting candidate to us but did not get the job you had originally applied for.

USE OF GOOGLE WEB SERVICES
Like many other websites and service providers on the internet we use technical web services by Google. One can assume that Google collects and links the data that, for instance, creates your cookies (such as online identifiers and IP addresses). In combination with explicit identifiers and other information transmitted to Google’s servers, Google can also create profiles of users of this website and expand existing profiles.

GOOGLE ANALYTICS
We make use of Google Analytics, a web analysis service by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google” in the following). Google Analytics uses cookies in order to analyse your use of our website using online services. The information about your use of this website and online offers created by the cookie are transmitted to and stored by Google in the United States of America. We use Google Analytics with the extension “_anonymizelp()”, so that the IP addresses that are transmitted to Google are shortened and processed on servers in Europe to rule out direct personal references. Google will use this information to evaluate your visit on the website, to create reports about the website activities for us and to provide other services concerning website use and internet use. Google will also, if necessary, transmit this information to third parties if they are obliged to do so by law or if third parties process the data on behalf of Google. On no account will Google associate your IP address with other data by Google. You can also disable the installation of the cookie for Google Analytics by adjusting the respecting settings in your browser; however, we would like to point out that in this case, you cannot use all of our online services with full functionality. You can object to the collection and storage of data for Google Analytics by installing a browser plugin by Google. If you visit our website using a mobile device such as a smartphone or tablet, you can use this link to object to using

USE AND TRANSMISSION OF PERSONAL DATA
If you commission us to provide a service, your personal data will only be used to the extent that is necessary for the execution of the commission (e.g. processing of information enquiries or requests for brochures). This especially includes the transmission of your data to transport companies, credit companies or other services used for service delivery or contract processing.

A further transmission, especially sale of your personal data to third parties, does not take place.

This procedure has the following exceptions: we disclose customer accounts and personal data of customers whenever we are legally obligated to do so or whenever such a transmission is necessary to protect our own rights, those of our customers and those of third parties, e.g. in the case of attacks on our network infrastructure. This can, for instance, include an exchange of data with companies that specialise in prevention or minimisation of abuse and credit card fraud and/or IT security. We explicitly point out that in this context there will be no transmission of data for commercial purposes that does not comply with this privacy policy.

OBLIGATIONS OF EMPLOYEES AND EXTERNAL SERVICE PROVIDERS
As a matter of course, our employees and the service providing companies we commission are obligated to discretion and compliance with the provisions of GDPR.

COOPERATION WITH EXTERNAL SERVICE PROVIDERS
We commission other companies and individuals with the fulfilment of task on our account.

This can include, for instance, package delivery, dispatch of letters or e-mails, analysis of our databases, IT services, advertising measures, payment transactions as well as customer service. These service providers have access to personal information that is necessary for the fulfilment of the given tasks. However, they may not use them for other purposes. Furthermore, they are obligated to handle the information in accordance with this privacy policy as well as GDPR. If these sub-companies are processors as per article 28 GDPR, we have concluded respective lawful contracts with them.

INFORMATION SECURITY
Elektra Tailfingen uses technological and organisational security measures in accordance with the current state of knowledge to protect the data you provided us with from random or deliberate manipulation, loss, destruction or access by unauthorised individuals. Therefore, your data will be stored in a secure operating environment that is not accessible to the public. Our security measures will be reviewed periodically and constantly improved pursuant to the technological development. If you want to contact us via e-mail, please be aware that the confidentiality of the submitted information is not ensured for unencrypted e-mails. The content of unencrypted e-mails can be accessed by third parties. Hence, we recommend sending confidential information either in an encrypted manner or by mail. Your e-mail address will exclusively be used for our correspondence with you. There will be no deviating use or transmission to third parties.

PROTECTION OF YOUR DATA VIA TLS / SSL
To ensure safe data transmission on the internet we use the hybrid encryption protocol Transport Layer Security (TLS), more commonly known under its predecessor’s name Secure Sockets Layer Software (SSL). This software encrypts the information you submit. All information relevant to data protection are stored in a protected database in an encrypted state.

CONSENT, STATE AND CHANGE OF THIS PRIVACY POLICY
By using our website, you consent to the aforementioned data processing as of 21.06.2018. We explicitly reserve the right to take legal action in case of unrequested mailing of advertising information, for instance in the shape of spam e-mails.