Menu
BRAND. For lab. For life.®

Data privacy statement

We thank you for visiting our website, and for your interest in our company and our products.
Protecting your privacy when processing personal data and the security of all business data is very important to us. In the following, we would therefore like to inform you how we collect information, what information we collect and how BRAND GMBH + CO KG (hereinafter referred to as BRAND) uses this information.
No data will be transmitted to third parties without the consent of the person concerned or without a legal basis.
For information on handling application data in the context of application procedures, please refer to the section ”Data protection information for applicants

I. General instructions – mandatory information

1. Responsible body within the context of data protection law is
BRAND GMBH + CO. KG
Otto-Schott- Strasse 25
97877 Wertheim
Tel.: +49 9342 808-0
Fax: +49 9342-808 98000
www.brand.de
privacy[at]brand.de

 

2. Handling personal data / collecting and processing personal data
Personal data refers to individual information regarding personal or factual circumstances of a specific or identifiable natural person. This includes, for example, the name, address, e-mail address, telephone and fax number. We collect and process your data when you explicitly communicate it to us (e.g. in a contact form). Other data is collected automatically or based on your consent when you visit our website. This data usually involves technical data, such as the internet browser and operating system in use and time of access. However, almost our entire website can also be used without providing your personal data.

 

On one hand, your data is collected to ensure that the website is displayed without error, but part of the data can also be used to analyze your usage behavior, provided you have given your consent.

 

If we process your personal data on the basis of an express consent within the meaning of Art. 6 para. 1(a) of the General Data Protection Regulation (GDPR), this is done within the limits and purpose specified in the consent, e.g. to process requests for information, prepare batch certificates, order brochures, demo devices or samples, and to process orders and payments in our online shop.

As far as a business relationship exists with you as a customer or business partner, we also use your personal data to inform you about further offers and novelties of our products or to inquire as to your customer satisfaction. Exclusively for processing your specific inquiry (legal basis: Art. 6 para. 1 lit. b, pre-contractual or contractual measures) or after your proper consent, we may pass on data to our sales partners, dealers and affiliated companies. Data will only be forwarded in accordance with the provisions of Art. 26 (joint responsibility) or Art. 28 (order processing) of the GDPR.

3. Retention period
As long as this data privacy statement does not contain a more specific regulation on the storage period, the personal data stored by us will be stored until the purpose of the data processing ceases to apply. If the storage of your personal data is not permitted by law (e.g. due to tax or commercial retention periods), you can have your data deleted earlier if you make a justified request for deletion or revoke the consent given to us to process your personal data.

 

4. Transferring data to the USA
Embedded in our website are tools from companies based in the USA as well as companies that may store data on servers located in the USA. If these tools are activated, your personal data can also be stored on servers in the USA. However, there is currently no adequate level of data protection in the USA that meets European standards, as US companies in certain sectors (including IT and telecommunications companies) are obligated by the Clarifying Lawful Overseas Use of Data Acts (the so-called CLOUD Act) to give US authorities access to personal data stored by them. Therefore, it cannot be excluded that the US authorities process, analyze or permanently save your data, which is stored on the US servers. We have no control over the data handling process in the USA.

II. Your rights

You have the right at any time and free of charge to obtain information about the origin, recipient and purpose of your stored personal data, to have your data corrected and/or to demand deletion or limited processing of your data. If you have consented to the processing of your personal data, you can revoke this consent at any time with effect for the future. Finally, you have the right to appeal to the responsible supervisory authority.
If you have any questions about your rights, you can contact us at any time using the contact information listed here.


1. Revocation and objection
Many data processing operations are only permitted with your consent. You can revoke consent already given at any time, with future effect. However, this does not affect the legality of processing your data until the date of revocation.

 

If data processing is carried out on the basis of Art. 6 para. 1(e) or (f) of the GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data privacy statement. If you file an objection, we will no longer process your personal data unless we can prove compelling and legitimate reasons that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims (objection according to Art. 21 paragraph 1 GDPR). If your personal data is processed for the purpose of direct advertising, you have the right at any time to object to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is in connection with such direct advertising. After receiving an objection, your personal data will no longer be used for direct marketing purposes (objection according to Art. 21 paragraph 2 GDPR).


2. Complaints
In the event of infringements of the GDPR, those involved have the right to appeal to a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place where the suspected infringement was committed. The right of appeal is without prejudice to other administrative or judicial remedies.


3. Access, deletion, rectification
You have the right to have data, which we process automatically on the basis of your consent or in fulfillment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only take place if it is technically feasible.
Within the limits of the applicable legal provisions, you have the right at any time to obtain free information about personal data stored regarding your person, its origin and recipients and the purpose of the data processing and, if applicable, a right to rectify or delete this data.


4. Limited processing
In the following cases, you have the right to request limited processing of your personal data.

  • If you dispute the correctness of your personal data stored by us, we normally need time to review this. For the duration of the review process, you have the right to request limited processing of your personal data.
  • If your personal data was/is being processed unlawfully, you can request limited processing of your data instead of having the data deleted.
  • When we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request limited processing of your personal data instead of having the data deleted.
  • If you file an objection in accordance with Art. 21 paragraph 1 GDPR, your interests must be balanced againts our interests. As long as it is not yet clear whose interests prevail, you have the right to request limited processing of your personal data.
  • When the processing of your personal data is limited, this data – apart from its storage – may only be processed with your consent, or in order to assert, exercise or defend legal claims, or to protect the rights of another natural person or legal entity, or for reasons of substantial public interest of the European Union or a member state.

III. Cookies

1. Use of cookies
Our website uses so-called “cookies.” Cookies are small text files that are stored in the web browser or by the browser on your end device when you visit our website. Cookies can be stored on your end device for only the duration of your visit (“session cookies”), for a fixed time period or permanently (“permanent cookies”). Session cookies are automatically deleted after your visit ends; permanent cookies are stored on your end device until you delete them or until your web browser performs automatic deletion. More detailed information on the storage duration of the respective cookies in use can be found in the cookie settings.
Cookies have several different functions. Many cookies are technically necessary since certain website functions would not work without them. Other cookies are used to evaluate user behavior or display advertisements. Cookies that are required to perform the electronic communication process (required cookies) or to provide specific functions you want to use (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring the web audience) are stored on the basis of Art. 6 para. 1(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing such cookies in order to provide a service that is optimized and free of technical errors. If consent to the storage of cookies was requested, the cookies in question will be stored on the basis of this consent (Art. 6 Para. 1(a) GDPR); consent may be revoked at any time with future effect.
You can also configure your browser so it informs you about the use of cookies and allows cookies only on a case-by-case basis. You can also exclude the acceptance of cookies for certain cases or on a general basis and activate automatic deletion of the cookies when you close the browser. Deactivating cookies may restrict the functionality of this website.
BRAND Cookies: BRAND uses cookies and active components (e.g. JavaScript) to follow the preferences of visitors and to optimize web page design accordingly.
Third-party cookies: Some BRAND websites contain content and services from other providers (e.g. YouTube, Facebook, Xing), which in turn may use cookies and active components. BRAND has no influence on the processing of personal data by these providers. Further information about this type of processing and the handling of your data can be found in this data protection notice, as well as on the websites of the respective service providers.


2. Web analytics by Matomo (formerly PIWIK)
We use the web analytics service Matomo from the company InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, which enables site-wide user recognition to analyze user behavior. This service allows us to find out when specific pages were viewed, in which regions they were viewed and what actions the user has performed (e.g. clicks or purchases).
The following usage data is processed: Two bytes of the IP address of your end device, the web page viewed and the website from which you were directed (referrer URL), sub-pages viewed on our website, location data (based on the anonymized IP address), user times, duration and frequency of visits and browser/device data.
The collected information for use (including your abbreviated IP address) is transmitted to our server and stored. Your IP address will be anonymized, so that the data cannot be assigned to an identifiable person, and the individual user remains anonymous. The collected data for use will not be passed on to third parties.
This analysis tool is used on the basis of Art. 6 para. 1(f) GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior, in order to optimize its web content and its advertising. If a corresponding consent has been requested (e.g. consent to store cookies), processing takes place on the basis of Art. 6 para. 1(a) GDPR; consent can be revoked at any time.
The data will be deleted as soon as it is no longer needed for our recording purposes. More detailed information on storage duration can be found here.


3. Google Analytics web analytics service
In addition, with your consent, we also use Google Analytics, a web analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics also uses cookies that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, we only use Google Analytics if IP anonymization is activated, i.e. your IP address will be previously abbreviated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and abbreviated there. On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with other services relating to website and internet use. The IP address transmitted by your browser within the context of Google Analytics is not merged with other Google data.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this, you might not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.


This analysis tool is used on the basis of Art. 6 para. 1(f) GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior, in order to optimize its web content and its advertising. If a corresponding consent has been requested (e.g. consent to store cookies), processing takes place on the basis of Art. 6 para. 1(a) GDPR; consent can be revoked at any time.
The data will be deleted as soon as it is no longer needed for our recording purposes. More detailed information on storage duration can be found here.


More detailed information on Google’s terms of use and privacy policy can be found at https://marketingplatform.google.com/about/analytics/terms/us/or at https://policies.google.com/?hl=en&gl=en.

 

Google Analytics 4.0
We also use Google Analytics Version 4.0 from Google Ireland Ltd. – see above. Google processes personal user data unless you prevent Google from doing so in your Google account settings. In this case, Google creates user profiles that are based on various data, including data from Google Signals, which collects and can analyze tracking data across multiple devices. For instance, Google can use this information to analyze whether users have visited our website for the first time and how this occurred (e.g., via an advertisement) or whether further interactions have taken place after visiting the website (e.g., installation of an app or purchases). Google provides us with only statistical, anonymous information, so that we can optimize our website and our services.
More detailed information on Google’s privacy policy can be found here: https://policies.google.com/privacy?hl=en&gl=en


4. Google Ads/Google Ads Remarketing
Google AdWords is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The service collects information on user behavior in order to measure the success of advertising campaigns and to fine tune advertising campaigns and personalized advertising. This information is collected through the use of cookies, which also process IP addresses. Cookies are used to uniquely identify a web browser on a specific end device and not to identify a person. In the course of using the Google Ads services, data can also be transmitted to servers in the USA.

 

This analysis tool is used on the basis of Art. 6 para. 1(a) GDPR; consent can be revoked at any time. More detailed information on storage duration can be found here.

 

More information on data protection at Google can be found here: https://policies.google.com/?hl=en&gl=en


5. Use of Google reCAPTCHA
We use the Google reCaptcha service to determine whether a particular entry in our contact or newsletter form is being made by a person or a computer. This service is provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. Google uses various information to determine whether you are a human being or a computer: IP address of the end device used, the website you visit with us and on which the captcha is embedded, the date and duration of your visit, the identification data of the type of browser and operating system used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks in which you have to identify images. The data collected during the analysis is forwarded to Google in the USA.

 

The data is stored and analyzed on the basis of Art. 6 para. 1(f) GDPR. The website operator has a legitimate interest in protecting its web content against improper automated spying and spam. If a corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1(a) GDPR; consent can be revoked at any time. More detailed information on storage duration can be found here.

 

More information on Google reCAPTCHA can be found in Google’s privacy policy and terms of use:

https://policies.google.com/privacy?hl=en

https://policies.google.com/terms?hl=en.

 

6.    Cookiebot
We use the Cookiebot service to ask whether you wish to give your consent to non-technically required cookies used on our website and to document this according to the applicable data protection rules and laws. This service is provided by the company Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. Your browser transmits personal data in the form of your IP address to cookiebot.com. Your IP address is anonymized there and not stored. Cybot A/S then stores in your browser a cookie in which the consent or objection you have given is stored.
The cookie is stored on the basis of Art. 6 para. 1(c) GDPR. Due to the ECJ judgment of 1 October 2019, file no. C-673/17,  the website operator is obliged to obtain consent for non-technically required cookies before they are used. More detailed information on storage duration can be found here.
More information on data protection at Cybot can be found here: https://www.cookiebot.com/en/privacy-policy/


7. Google Tag Manager
This website uses the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager provides a technical platform to run and bundle other web services and web tracking programs using so-called "tags". In this context, Google Tag Manager stores cookies on your computer and analyzes your surfing behavior (so-called "tracking") if web tracking tools are executed by Google Tag Manager. This data sent by individual tags integrated in Google Tag Manager is combined, stored and processed by Google Tag Manager under a uniform user interface. All embedded tags are listed separately in this privacy statement. For more information about the privacy practices of the tools included with Google Tag Manager, please see the appropriate section of this privacy notice. When using our website with activated integration of Google Tag Manager tags, data such as your IP address and your user activities are transferred to servers of Google Ireland Limited and processed and stored outside the European Union, e.g. in the USA.


On our behalf, Google will use this information to evaluate your visit to the website, to compile reports on website activity and to provide us with other services relating to website and internet use. The IP address transmitted by your browser within the context of Google Tag Manager is not merged with other Google Ireland Limited data.
The data is stored and analyzed on the basis of Art. 6 para. 1(a) GDPR (consent), either within the scope of registration with Google (opening a Google account and acceptance of the data protection information implemented there) or, if you have not registered with Google, by explicit consent when opening our website. Your consent can be revoked at any time. More detailed information on storage duration can be found here.


8. Embedded YouTube videos
On some of our websites, we embed Youtube videos, which you can access with prior consent (legal basis is Art. 6, 1 lit. a GDPR). The operator of the corresponding plugins is: Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: YouTube).


We use YouTube in privacy-enhanced mode. According to YouTube, this mode ensures that YouTube does not store any information on users that visit this website before they watch the video. Transferring data to YouTube partners, however, is not necessarily excluded by privacy-enhanced mode. For example, regardless of whether you watch the video or not, YouTube establishes a connection to the Google DoubleClick network.

 

A connection to YouTube servers is established when you visit a page with the YouTube plugin. YouTube will be informed which pages you visit. If you are logged into your YouTube account, YouTube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand.
When a YouTube video is started, the provider uses cookies that collect information about user behavior. This information is used, among other things, to collect video statistics, improve usability and prevent fraud attempts. In the course of using YouTube services, data can also be transmitted to servers in the USA.

 

YouTube is used in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1(f) GDPR. If a corresponding consent has been requested, processing takes place on the basis of Art. 6 para. 1(a) GDPR; consent can be revoked at any time.


Further information on data protection at YouTube can be found in the provider's data privacy statement at: https://policies.google.com/privacy?hl=de&gl=en


9. Social Media
We offer you the possibility of using so-called "social media buttons" on our web pages. To protect your data, we rely on the "Shariff" implementation solution. This means that these buttons are only included on the website as a graphic containing a link to the corresponding website of the button provider. By clicking on the graphic, you will be forwarded to the services of the respective provider. Only then will your data be sent to the respective providers. If you are logged into a social network, this provider can assign the visit to your account. If you don't want this, we recommend you log out of your account beforehand. If you are not a member of a social network, there is the possibility that the provider may still discover and store your IP address. If you do not want this to happen, you should not click the buttons. If you do not click on the graphic, there is no exchange between you and the providers of the social media buttons.

 

Activating the plugin constitutes a consent within the meaning of Art. 6 para. 1(a) GDPR. You can revoke this consent at any time with future effect.

Information about the collection and use of your data in the social networks can be found in the respective terms of use of the respective providers. More information about the Shariff solution can be found here: http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

 

We have integrated the social media buttons of the following companies on our websites; additional information on the data protection measures applicable on external social media platforms can be found on their websites:

 

a) Facebook Inc. (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) http://www.facebook.com/policy.php;

b) Twitter Inc. (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRLAND) https://twitter.com/privacy

c) XING AG (Gänsemarkt 43 – 20354 Hamburg – Germany) privacy.xing.com/de/datenschutzerklaerung

d) LinkedIn Corporation (LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2 Ireland) https://www.linkedin.com/legal/privacy-policy

e) Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) – data privacy statement/ Opt-Out: https://help.instagram.com/519522125107875#

 

We have no influence on whether, to what extent, for how long and for what purpose the external providers collect personal data. However, it can be assumed that at least the IP address and device-related information is recorded and used.


10. Using the live chat feature
This website uses Userlike, a live chat software from Userlike UG (limited liability), Probsteigasse 44- 46, D-50670 Cologne, Germany ("Userlike"). Userlike uses "cookies", text files which are stored on your computer and which enable a personal conversation in the form of a real-time chat on the website with you. The collected data will not be used to personally identify the visitor of this website and will not be merged with personal data about the bearer of the pseudonym. Please address your rights (for information, correction, deletion and export) under the GDPR to the operator of this website.
For further information, please refer to Userlike's data privacy statement at https://www.userlike.com/en/terms#privacy-policy

 

11. Mouseflow

On our site we use the service of Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, Phone: +49 32221090227, E-Mail: hi@mouseflow.com.

Mouseflow is a tool used to analyze, understand, and improve user experience on websites. We offer session replay/recordings, heatmaps, funnels, forms, and feedback campaigns. The visits are only recorded with an anonymized IP address. 

When you visit a webpage that has Mouseflow, the following information may be collected:

  • Clicks, Mouse Movements/Hovers, Scrolling
  • Browser
  • Device (Desktop/Tablet/Phone)
  • Language
  • Operating System
  • Screen Resolution
  • Duration (Time on Site)
  • Navigation (URLs)
  • Page Content (HTML)
  • ISP (Not for EU and California, USA visitors)
  • Approx. ISP Location (City, State/Region, Country)
  • Keystrokes (only for non-EU/EEA Data Subjects in non-EU/EEA accounts and never for any password, digit, or excluded fields)
  • Referrer URL
  • Visitor Type (First Time/Returning)
  • Custom Tags or Variables
  • Replies in Feedback Tool

The data is collected and deleted after two months.

The legal basis for the processing of personal data is Art. 6 Para. 1 lit. a GDPR (consent), which you can give us when you visit the website.

You can also deactivate cookies in your browser. Concerning Mouseflow you can go to https://mouseflow.com/opt-out/ and deactivate the cookie there.

IV. Newsletter

You can subscribe to our newsletter with information on products and services on our website. The newsletter comes out about twice a year. The newsletter will only be sent after you have entered your e-mail address and confirmed that you are the owner of the e-mail address and agree to receive the newsletter (so-called "double opt-in procedure"). The data is only collected and used for the purpose of sending you the desired newsletter. It is deleted as soon as you have revoked your consent to receive the newsletter. For the processing of your data – e.g. the sending of the newsletter – contractually bound external service providers may also be used. The data will not be passed on to unauthorized third parties.
Your data is processed exclusively on the basis of your consent (Art. 6 para. 1(a)) GDPR. You can revoke your consent to the storage of your data, the e-mail address and its use for sending the newsletter at any time, e.g. via the link in the newsletter. The legality of data processing that has already been carried out remains unaffected.

After you have been removed from the newsletter distribution list, your e-mail address may be stored in a blacklist by us or the newsletter service provider, in order to prevent future mailings. The data from the blacklist is used solely for this purpose and is not combined with other data. This is intended to protect both your interests and ours in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1(f) GDPR). Storage in the blacklist is not subject to a time limit. You can object to this storage if your interests outweigh our legitimate interests.

 

CleverReach
We use CleverReach for sending out our newsletters. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. With this service, we can organize and analyze our newsletter mailing process. The data submitted in connection with the newsletter, such as your e-mail address, is stored on CleverReach’s servers. The servers are located in Germany and Ireland.
Mailing our newsletters with CleverReach allows us to analyze the behavior of newsletter recipients. We can analyze, among other things, how many recipients have opened the newsletter message and how frequently links were clicked on in the newsletter. With the aid of so-called ‘Conversion Tracking,” we can see whether a previously defined action was performed after clicking a link in the newsletter. Further details about data analysis by CleverReach can be found at: https://www.cleverreach.com/en/features/reporting-tracking/.
Data is processed on the basis of your consent (Art. 6 para. 1(a) GDPR). . You can revoke your consent at any time. If you do not want your behavior analyzed by CleverReach, you must unsubscribe from the newsletter. Details about the privacy policy of CleverReach can be found at: https://www.cleverreach.com/en/privacy-policy/

V. Contact form

You can contact us via our contact form. We process the personal details you provide here (surname, first name), your contact details and all other data you provide us with on your own initiative in accordance with Art. 6 Para. 1 lit. b GDPR. Your data will be stored for as long as necessary for processing and deleted in accordance with data protection regulations as soon as the purpose for processing ceases to apply and no further legal obligations to retain data conflict with this.

VI. Online shopping

In the following, we will describe how your personal data is processed in our online shop in connection with a customer relationship existing between you and us.
For the registration as a customer and the processing of your order (disposition, dispatch, payment) we need your personal data, address data, company name and contact data.


Payment processing
We process your payment data for the processing of payments within the scope of orders in the online shop. Your order data is required for the processing of your order. This data is processed in accordance with Art. 6 Par. 1 lit. b GDPR (fulfillment of contract, pre-contractual measure).


Notes on data processing by third parties in the processing of payments:
Payments by credit card are processed by BS PAYONE GmbH, Lyoner Straße 9, D-60528 Frankfurt am Main, Germany. The following personal data is processed by BS PAYONE GmbH:

  • First and last name
  • Contact details such as address
  • Purchase price
  • Ordering Information
  • Financial data such as account information, credit card details

This processing takes place for the purposes of payment processing. BS PAYONE GmbH is certified according to the Payment Card Industry Data Security Standard (PCI DSS) and is approved and supervised by the Federal Financial Supervisory Authority, Graurheindorfer Straße 108 in D-53117 Bonn, Germany, as an e-money institution. Tax-relevant data is subject to a retention period of 10 years (counting from the beginning of the year following the year of the respective data processing). Provided that other statutory retention periods do not conflict with this, the data will be deleted in accordance with data protection regulations at the end of the retention period.

 

We use your contact and address data for the transmission of advertising for our own offers that are in line with your interests. We process this data in accordance with Art. 6 Para. 1 lit. f. GDPR, to maintain customer relations and to market our services.


This data is subject to a retention period of 10 years; unless other legal retention periods prevent this, the data will be deleted after the retention period has expired in accordance with data protection regulations.

VII. Safety

BRAND takes all necessary technical and organizational security measures to protect your personal data against manipulation, loss, destruction or access by unauthorized persons or against unauthorized disclosure. The security measures in use are continuously improved in accordance with technological developments.
Data transmission – SSL encryption: To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.
Should you wish to contact BRAND by e-mail, we point out that the confidentiality of the transmitted information is not guaranteed. The content of e-mails can be viewed by third parties. We therefore recommend that you send us confidential information by post only.

VIII. Data deletion

Personal data will be deleted when you revoke your consent to its storage, when having this personal data is no longer required to fulfill the purpose for which it was stored, or if its storage is inadmissible for other legal reasons. This does not affect data for business transactions that is needed for billing and accounting purposes or is subject to legal retention periods.


We adhere to the principles of avoiding the creation of superfluous data and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for in the various storage periods provided for by law. After expiry of these periods, the corresponding data will be routinely blocked or deleted in accordance with statutory provisions.

IX. Data protection information for applicants

a) Responsibility
The office responsible for all data arising in connection with the application process is BRAND INTERNATIONAL GMBH (BRAND INTERNATIONAL), postal address: Otto-Schott-Str. 25, D-97877 Wertheim, Germany. BRAND INTERNATIONAL carries out all tasks for BRAND GMBH + CO KG, VACUUBRAND GMBH + CO KG and VITLAB GmbH which concern the services of a personnel department (e.g. personnel recruitment, personnel development and personnel administration).
You can contact the data protection officer of the group of companies by sending an e-mail to privacy@brand.de, or by sending a letter to our postal address, adding "the data protection officer" or by calling us on +49- 9342- 808 0.


b) Purpose and legal basis of the processing
The processing of your data serves the purpose of processing your application and is carried out on the basis of Art. 88 para. 1 GDPR in conjunction with § 26 of the Federal Data Protection Act (BDSG), according to which personal data may be processed for the purposes of the employment relationship, among others, if this is necessary for the decision on the establishment of an employment relationship. Your data will only be forwarded to the departments responsible for the specific application procedure. Your application data will only be forwarded to other companies in the group of companies with your express prior consent.


c) Retention period
Your personal data will initially be stored for the duration of the application process and for a further 6 months beyond that, after which it will be deleted.
If we feel your application might be interesting for future job vacancies, we will keep your application data on file for a period of 24 months after you have expressly agreed to such storage and use.

X. Other

1. Changes to our data privacy regulations
We reserve the right to adapt this data privacy statement occasionally, to ensure that it always complies with current legal requirements, or so as to implement changes to our services in the data privacy statement, e.g. when introducing new services. The new data privacy statement will then apply for your next visit.
This data privacy statement is currently valid and has been in effect from September 2020.


2. Questions to the data protection officer

Regarding the processing of your personal data, for information, suggestions and complaints, please send us an e-mail. Alternatively, you can also contact our data protection officer directly.

 

The contact details for our data protection officer are as follows:
Ronald Baranowski
SIX DATENSCHUTZ GmbH
Kasseler Str. 30
D-61118 Bad Vilbel, Germany
Tel. +49-6101-982 94 22
E-Mail: rb[at]six-datenschutz.de
E-mail: privacy[at]brand.de

 

Alternatively, you can write to our postal address, adding “the data protection officer” to the addressee:
BRAND GMBH + CO. KG
Otto-Schott- Strasse 25
97877 Wertheim


Finally, you can also call us on: +49-9342-808 0

 

Questions will be answered within 4 weeks.