Data protection

As a company, we have always taken data protection very seriously. This privacy policy applies for Dortmunder Gußasphalt GmbH & Co. KG. You can use our website to find information without providing any details. Insofar as you use the options we provide, it may be necessary for us to collect, process, use and store the personal data that you are asked to provide (e.g. on the contact form etc.).

In all cases, this processing takes place in accordance with the valid data protection laws, in particular in accordance with the requirements of the European General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and supplementary legal regulations. The legal basis for the processing of your personal data on our website is Article 6 (1) Sentence 1 lit. f GDPR.

This privacy policy serves the purpose, for example, of informing you about the purpose, type and scope of the use of personal data by our website.

1. CONTROLLER
The controller within the meaning of the General Data Protection Regulation (“GDPR”) is:
Dortmunder Gußasphalt GmbH & Co. KG
Am Hafenbahnhof 10
44147 Dortmund
Germany
Phone: +49 231 395797-0
E-mail: info@dga.de

2. DATA PROTECTION OFFICER
You may contact our data protection officer in matters relating to data protection:
Basalt-Actien-Gesellschaft data protection officer
Linzhausenstr. 20
53545 Linz am Rhein
Germany
Phone: +49 2644 5630
datenschutz@basalt.de

3. THE PROCESSING OF YOUR PERSONAL DATA/ NATURE AND PURPOSE OF THIS PROCESS/LEGAL BASIS FOR PROCESSING AND STORAGE
Our website collects a series of (general data) and information every time a person or an automated system accesses the website. The collection and storage takes place in the log files of our server.
The following data may be collected and stored:
– The operating system used
– The date and time of access
– Internet Protocol (IP) address
– Browser types and versions
– Referrer (internet page from which our system was accessed),
– Sub-websites controlled by our system
– The internet service provider for the system accessing our website
– Similar data information which protect the user’s system against digital attacks (e.g. anti-virus programmes)

The background to this data collection is:
– Correct provision of the content on our website
– Optimisation of the website
– Ensuring the functionality of our website
– Provision of necessary information to enable prosecution in the event of a cyber attack
– Evaluation in order to increase data protection and security levels to reach an optimum level of protection
– For administrative purposes.

The storage of the server log files takes place separately from the other personal data that is detailed. The legal basis for this processing of your personal data on our website is Article 6 (1) Sentence 1 lit. f GDPR. The legitimate interest results from the abovementioned background to the data collection. No connection will be made to the data subject (user) when collecting and using the abovementioned data. The server log files are deleted on a regular basis.

4. DELETION AND BLOCKING OF PERSONAL DATA
We only process and store your personal data for the period of time necessary to achieve the purpose of the storage or insofar as this is provided for by the GDPR, BDSG, other policies and regulations or other laws.

If the purpose of the storage ceases to be applicable or if a retention period expires, your personal data will be routinely blocked or deleted in accordance with the statutory provisions.

5. SSL OR TLS ENCRYPTION
For security reasons and in order to ensure safe transmission of confidential content that you transmit to us in our capacity as site operator, our website uses SSL or TLS encryption. Thereby, the data you transmit via this website cannot be read by any third party. You can identify an encrypted connection by the “https://“ in your browser’s address bar, as well as by the padlock icon in your browser line.

6. COOKIES
Our website uses cookies. These are small text files stored on your device by your web browser. Cookies help make our website more user-friendly, effective and secure. Some cookies are “session cookies”. These cookies are automatically deleted at the end of your browser session. Whereas, other cookies remain on your device until you delete them yourself. We use only session cookies. With a modern web browser you can monitor, restrict or prevent the use of cookies. Many web browsers can be configured so that cookies are automatically deleted when closing the program. The deactivation of cookies may result in a limited functionality of your website.

7. CONTACT FORM
Data transmitted via the contact form, including your contact information, is stored in order to be able to process your request or to be available for follow-up questions. This information will not be shared without your consent. The processing of data entered into the contact form is carried out exclusively on the basis of your consent (Art. 6(1) point a GDPR). You may revoke your consent at any time. To revoke your consent, an informal notice per email will suffice. The legitimacy of the data processing carried out prior to the revocation remains unaffected by such revocation. Data transmitted via the contact form shall remain with us until you request its deletion, you revoke your consent to storage or until there is no longer a need for data storage. Mandatory statutory provisions – in particular storage periods – remain unaffected.

8. GOOGLE-MAPS
On our website we use Google Maps to display our location and to create a route description. This involves a service provided by Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter simply referred to as “Google”. With the certification according to the “EU-US Privacy Shield” https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active Google guarantees that the EU data protection provisions are also observed during data processing conducted in the USA. To enable the display of specific fonts on our website, a connection to the Google server in the USA is established when the website is visited. If you call up the Google Maps component integrated on our website, Google will store a cookie on your device via the internet browser. Your user configurations and data will be processed in order to display our location and to create a route description. In such case we cannot rule out the possibility that Google will use a server in the USA. The legal basis is Article 6(1) point f GDPR. Our legitimate interest lies in the optimisation of the functionality of our website. As a result of the established connection to Google, Google will be able to determine the website from which your inquiry has been sent and the IP address to which the directions are to be forwarded. If you do not agree with such processing, you can prevent the installation of cookies by selecting the appropriate settings in your internet browser. You will find more details on this under the “Cookies” section. In addition, the use of Google Maps and the use of information obtained via Google Maps takes place in accordance with the Google Terms of use https://policies.google.com/terms?gl=DE&hl=de and the Google Maps Terms and conditions https://www.google.com/intl/de_de/help/terms_maps.html. Moreover, at https://adssettings.google.com/authenticated https://policies.google.com/privacy Google offers further information.

9. VIDEO SURVEILLANCE
Insofar as video surveillance is carried out, the applicable provisions of Section 4 BDSG shall be observed.

In this regard, we would point out that Brief Paper No. 15 of the Data Protection Conference (Datenschutzkonferenz) contradicts CJEU jurisdiction (Judgement v. 11.12.2014, File No.: C-212/13).

10. DATA PROTECTION AND EMAIL APPLICATIONS
We collect and process personal data of applicants for the purpose of facilitating the application process. You can find the data protection information regarding the handling of applicant data of BAG here.

11. YOUR RIGHTS
Your rights are important to us.

In order to exercise your rights that are set out below you can contact our abovementioned data protection officer at any time. In accordance with Article 12 et seq. GDPR, you have the following rights:

A) RIGHT TO CONFIRMATION
In accordance with GDPR, you have the right to obtain confirmation from us as to whether personal data concerning you is being processed.

B) RIGHT TO INFORMATION
In accordance with GDPR, you have the right to obtain information about the personal data that is stored concerning you free of charge and to receive a copy of this information. Furthermore, in accordance with GDPR, you have the right to find out
– the purposes of processing
– the categories of personal data that are being processed
– the recipients or categories of recipients to whom the personal data has been or is still being disclosed
– the planned duration for which the personal data is to be stored
– the existence of a right to rectification or deletion of the personal data concerning you or
– to the restriction of the processing by the controller or
– the right to object to this processing,
– the existence of the right to lodge a complaint with a supervisory authority.

C) RIGHT TO RECTIFICATION
In accordance with GDPR, you have the right to request the rectification of personal data concerning you that is incorrect without undue delay. Taking into account the purposes of the data processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

d) RIGHT TO ERASURE
(Right to be forgotten)
In accordance with GDPR, you have the right to require the personal data concerning you to be erased without undue delay where one of the following grounds applied and processing is not essential:
– The purpose of the processing has been achieved
– You withdraw your consent and there is no other legal basis for the processing
– You object to the processing pursuant to Article 21 (1), (2) GDPR
– Your data has been unlawfully processed
– The erasure of personal data is necessarily erased for compliance with a legal obligation in Union or German law

e) RIGHT TO RESTRICTION OF PROCESSING
You have the right to require restriction of the processing where one of the following prerequisites applies:
– You contest the accuracy of the personal data
– The processing is unlawful. You oppose the deletion of the personal data and request the restriction of the use of your data instead
– We no longer require the personal data for the purposes of the processing. However, you require this data for the establishment, exercise or defence of legal claims

f) RIGHT TO DATA PORTABILITY
You have the right to receive the personal data concerning you with which you have provided us in a structured, commonly used and machine readable format. You have the right to transmit this data to another controller without hindrance from us.

g) RIGHT TO OBJECT
Insofar as the processing results from your particular situation, you have the right to object against the processing of personal data concerning you at any time. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights, and freedoms or the processing is for the purpose of the establishment, exercise or defence of legal claims.

h) RIGHT TO WITHDRAW CONSENT TO DATA PROCESSING
You have the right to withdraw consent to the processing of your personal data at any time.

i) RIGHT TO LODGE A COMPLAINT
In accordance with GDPR, you have the right to lodge a complaint with the authority to which we are accountable.

The supervisory authority responsible for us is:
State commissioner for data protection and freedom of information in North Rhine-Westphalia
Helga Block
Postfach 20 04 44
40102 Düsseldorf

or:

Kavalleriestraße 2-4
40213 Düsseldorf
poststelle@ldi.nrw.de

12. TRANSFER OF DATA TO THIRD PARTIES
The transfer of personal data collected via your visit to our website to third parties, except in the abovementioned cases if you have explicitly provided your consent for this in accordance with Article 6 (1) Sentence 1 lit. a GDPR, if there is a legal obligation to transfer the data in accordance with Article 6 (1) Sentence 1 lit. c GDPR or if the data transfer in accordance with Article 6 (1) Sentence 1 lit. b GDPR is necessary for the fulfilment of a contract between you and others.9.

13. PROFILING
The processing of your personal data carried out by our website is not used for automated decision-making or evaluation (profiling).

14. DEFINITIONS OF TERMS
The terms used in the privacy policy are based on the terms used by the European regulators and issuers of directives for the enactment of GDPR.
These terms are explained below:

j) personal data
This means all information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

k) data subject
This means any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

l) processing
Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

m) restriction of processing
This means the marking of stored personal data with the aim of limiting the processing of this data in the future.

n) profiling
This means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

o) pseudonymisation
This means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

p) controller
The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

q) processor
This is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

r) recipient
This is a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, regardless of whether this is a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

s) third parties
A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

t) consent
Consent means any freely given, specific to the individual case, informed and unambiguous indication of the data subject’s wishes made by the data subject by which he or she, by means of a statement or another clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

15. STATUS OF THIS PRIVACY POLICY
This Privacy Policy has been drafted in August 2019 in accordance with the information that is currently available. The introduction and proper implementation of the GDPR is an ongoing process. We are participating in this process. Therefore, this Privacy Policy will be updated on an ongoing basis in accordance with current legal requirements once these become known.