Not your region? Change it here:

Your region:
erzkontor.com
CREMER Erzkontor Logo

Raw materials for your needs

Privacy Policy

CREMER ERZKONTOR GmbH & Co. KG

Thank you very much for visiting our website. Complying with the regulations of data protection law is very important to our company. The purpose of this data privacy declaration is to inform you, as a user of the website, regarding the type, scope and purpose of processing that is carried out using your personal data, as well as to explain your rights as a data subject in the sense of Art. 4 no. 1 of the General Data Protection Regulation. The following data privacy declaration already takes into consideration the changes according to the General Data Protection Regulation (GDPR) enacted as of 5/25/2018. This declaration also fulfills the applicable requirements of the Telecommunication and Telemedia Data Protection Act.

1. Controller

This website and available services are provided by

CREMER ERZKONTOR GmbH & Co. KG
Beckergrube 38-52
23552 Lübeck

PO Box 1633
23505 Lübeck

Tel: +49 451 929 62 0
Fax: +49 451 929 62 199
Email: dataprotection@erzkontor.com
Website: www.erzkontor.com

Managing Directors: Nils Fleig, Roberto Wurst

2. General information

We have developed this website so as to collect as little data from you as possible. In general, it is possible to visit our website without providing any personal data. Only if you decide to take advantage of certain services (such as by using the contact form) will it be necessary to process your personal data. When doing so, we always process your personal data only in accordance with a lawful justification, or in accordance with consent granted by you. We comply with the regulations of the General Data Protection Regulation (GDPR), enacted on 5/25/2018, and with applicable national legislation such as the German Federal Data Protection Act, the Telemedia Act, or other specific laws on data protection.

3. Definition

The terms used in this data privacy declaration have the following meanings, in accordance with the GDPR.

"Personal data" is all information that refers to an identified or identifiable natural person (referred to in the following as a "data subject"); a natural person is considered identifiable if they can be identified either directly or indirectly, in particular by assignment to an identifier such as a name, ID number, location data, online identification or by association with one or more specific features that are an expression of the mental, physiological, genetic, intellectual, economic, cultural or social identity of this natural person;

"Processing" describes any procedure or any series of procedures carried out with the assistance of automated processes associated with personal data, such as collecting, recording, organizing, ordering, storing, adjusting or changing, reading out, querying, using, disclosing through transmission, dissemination or other form of delivery, comparison or linking, restricting, deleting, or destroying such data;

"Restriction of processing" describes marking stored personal data with the goal of restricting the future processing of such data;

"Pseudonymization" describes the processing of personal data in such a way that the personal data can no longer be associated with a specific data subject without combining it with additional information, if this additional information is stored separately and is subject to technical and organizational measures to ensure that the personal data cannot be associated with an identified or identifiable natural person;

"Controller" describes the natural person or legal entity, authority, institution or other entity that makes decisions regarding the purposes and means of processing personal data either alone or jointly with others; if the purposes and means of this processing are specified under EU law or the laws of member nations, then the controller or the specific criteria under which the controller is named can be provided under EU law or the laws of member nations;

"Contract processor" describes a natural person or legal entity, authority, institution or other entity that processes personal data on behalf of the controller;

"Recipient" describes a natural person or legal entity, authority, institution or other entity to whom the personal data is disclosed, regardless of whether this is a third party or not. Agencies that may receive personal data in the framework of a specific investigation mandate under EU law or the laws of member nations are not considered recipients; processing of this data by the agencies indicated is carried out in accordance with applicable data protection regulations, depending on the purpose of processing;

"Third party" describes a natural person or legal entity, authority, institution or other entity besides the data subject, controller, contract processor and persons authorized under the direct responsibility of the controller or contract processor to process the personal data;

"Consent" of the data subject describes any voluntary expression of intent granted for the specific case in an unmistakable and informed manner in the form of a declaration or other clearly confirmatory action, by which the data subject indicates that they are in agreement with the processing of their personal data; 

We process personal data necessary to legitimate, carry out or execute our range of services on the legal basis of Art. 6 para. 1 lit. b GDPR. If we make use of external service providers in the framework of contract processing, the processing is carried out on the legal basis of Art. 28 GDPR.
We collect, process and use personal data exclusively for the following purposes:

Purpose of data processing
to make contact and engage in associated correspondence

**Legal basis for data processing ("why is the data processing necessary")
in the framework of pre-contractual measures according to Art. 6 para. 1 lit. b GDPR

Purpose of data processing
to process your inquiry and provide any further advising requested by you

**Legal basis for data processing ("why is the data processing necessary")
in the framework of pre-contractual measures according to Art. 6 para. 1 lit. b GDPR or our legitimate interest with respect to other inquiries according to Art. 6 para. 1 lit. f GDPR

Purpose of data processing
to regulate pre-contractual matters in the framework of preparing an offer

**Legal basis for data processing ("why is the data processing necessary")
in the framework of pre-contractual measures according to Art. 6 para. 1 lit. b GDPR

Purpose of data processing
to process your application to a job vacancy advertised by us

**Legal basis for data processing ("why is the data processing necessary")
in the framework of initiating an employment relationship in accordance with Sec. 26 para. 1 in conjunction with para. 2 BDSG

Purpose of data processing
to ensure that our website is presented to you in the most effective and interesting manner possible (such as through anonymized analysis)

**Legal basis for data processing ("why is the data processing necessary")
based on our legitimate interests

Purpose of data processing
for the technical implementation of our services

**Legal basis for data processing ("why is the data processing necessary")
based on our legitimate interests

5. Collected and processed personal data

We collect and process your personal data only if you provide it to us voluntarily with your knowledge of said processing. This is the case if you contact us and request information on our services and products. In general, this contact is carried out via email. If you contact us via email, you transmit personal data to us voluntarily and make it available for processing. We will only process your data in the framework of the purposes indicated above. If a contract or business relationship does not come into being, we will delete your data once the purpose for which it was collected no longer applies.

The personal data and content you provide are retained exclusively by us and our affiliated companies. We will only store and process your data for the purposes indicated in clause 5. Any usage going beyond the indicated purpose requires your express consent. The same is true of the transmission and transfer of your data to third parties.

6. General log files and web hosting

The web server temporarily saves the connection data for the requesting computer (IP address), the pages of our website that you visit, the date and duration of your visit, the identification data for the browser used and the operating system type, as well as the website from which you visit us and the fact that access was successful in log files. Technical administration of the websites and anonymous collection of statistical data allow us to analyze access to CREMER ERZKONTOR's website and to evaluate this data with the goal of improving data protection and data security within our company, in order to ultimately ensure an optimal level of protection for the personal data we process.

Data in the server log files is stored separately from all of the personal data you provide. Unless different retention obligations apply by law, we delete your IP address seven days after you leave our website.

Our website is hosted by an external service provider. The personal data collected on this website is stored on the hoster's servers. Our hosting service provider will only process your data insofar as this is necessary for it to provide its services, and will follow our instructions in relation to this data. We have concluded a contract data processing agreement with the hosting service provider in accordance with Art. 28 para. 3 clause 1 GDPR. We use the provider teuto.net Netzdienste GmbH, Niedernstr. 26, 33602 Bielefeld as our hosting service provider.

7. Contact form

You can contact us via email or using our contact form (offer form for business customers). In this case, we will save the personal data you provide in order to process your inquiry and contact you for the purpose of handling your concerns. If we request information via our contact form, we have marked the mandatory fields (asterisk) required when contacting us. We use the voluntary information for further details about your inquiry and to better handle your concerns. You provide the requested data to us on a purely voluntary basis.

Depending on the type of inquiry, the legal basis for this processing is Art. 6 para. 1 lit. b GDPR for inquiries that you yourself submit in the framework of pre-contractual measures, or Art. 6 para. 1 clause 1 lit. f GDPR, if your inquiry is of some other type. The legitimate interest follows from the purposes indicated under clause 3 a.). If personal data is requested which we do not need to fulfill a contract or safeguard legitimate interests, then it shall be transmitted to us only based on your consent according to Art. 6 para. 1 lit. a GDPR.

8. Integration of third party services and content

Our website uses content, services and offers from other providers. Transmission of your IP address is required so that this data can be accessed and displayed in the user's browser. Therefore, the providers (hereinafter referred to as "third party providers) receive the IP address of the corresponding user.
Although we attempt to use only third party providers who only need the IP address in order to deliver content, we have no influence over whether they may save the IP address. In this case, the information is used for statistical purposes, among other purposes. If we become aware that your IP address is being saved, we will inform you of this.

a. Use of Matomo

Type and scope of processing:

We use the open source software tool Matomo (formerly PIWIK) on our website. The software saves a cookie in your browser (for more information on cookies, see above). When individual pages of our website are accessed, the following data is saved:

  • -

    Two bytes of the IP address for the user's accessing system (anonymized IP address)

  • -

    The accessed website

  • -

    The website from which the user accesses the accessed website (referrer)

  • -

    The sub-pages accessed from the accessed website

  • -

    The dwell time on the website

  • -

    The frequency with which the website is accessed

  • -

    The software runs exclusively on our website servers. Your personal data is only saved there. The data is not transmitted to third parties.

Purpose and legal basis:

We process your data with the help of the analytic software Matomo for the purpose of evaluating the use of individual components and content of our website, based on your consent according to Art. 6 para. 1 lit. a GDPR and Sec. 25 para. 1 TTDSG. You grant your consent through your settings for using cookies (cookie banner / consent manager), which you can use to declare revocation at any time with future effect according to Art. 7 para. 3 GDPR. There is no legal or contractual obligation to provide your data. If you do not grant your consent, it is possible to visit our website without restrictions; however, all functions may not be available to you without restrictions.

Storage term:

The specific storage germ for the saved cookies is 13 months.

b. Salesviewer

This website uses SalesViewer® technology from SalesViewer® GmbH based on the website operator's legitimate interests (Section 6 paragraph 1 lit.f GDPR) to collect and save data on marketing, market research and optimisation purposes.

To do this, a javascript based code, which serves to capture company-related data and according to website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.

The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

c. Webtrax Thomasnet.com

We use the tracking tool Webtrax from Thomas Publishing LLC, 5 Penn Plaza New York, USA for our online presence at thomasnet.com. Webtrax uses technologies such as cookies and similar tracking tools that make it possible to collect, store and evaluate information about the behavior of website visitors. This involves collecting data about usage behavior on the Thomasnet website up to our profile in the network. This includes, in particular, information about the pages visited, the length of stay, click behavior and technical information such as the IP address, the browser used and the operating system.

Thomasnet uses an insights tool to compile this information about user behavior. We use this data to improve our online presence and to make it more attractive for visitors and potential visitors. We do not process the user's IP address for this purpose. The user data is made available to us anonymously.

The processing of data through the use of Webtrax is based on Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest lies in analyzing the use of our website in order to improve our offer and user-friendliness. In cases where consent to the use of tracking cookies is required, the processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR (consent), which you give as part of our consent management. You have the option to object to the use of cookies by Webtrax at any time by making the appropriate settings in your browser or by rejecting the use of cookies via our Consent Manager.

The data transfer to the USA is based on standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE.

Further information on data processing by Webtrax as well as on storage, deletion and the rights of data subjects at Thomasnet can be found in Thomasnet's privacy policy at https://www.thomasnet.com/privacy.html.

9. Cookies

Cookies are small text files that we send to the browser on your device and that are stored there in the course of your visit to our website. As an alternative to using cookies, information can also be stored in the local storage of your browser. There are some functions of our website that we are not able to offer without using cookies or local storage (technically necessary cookies). Other cookies, in contrast, allow us to carry out different analyses, for example allowing us to recognize the browser you are using the next time you visit our website and transmit a variety of information to us (non necessary cookies). We can use cookies to make our website more user-friendly and effective for you, for instance by tracking your use of our website and determining your preferred settings (such as your country and language settings). If third parties process information using cookies, they collect this information directly through your browser. Cookies do not harm your device. They cannot execute programs, and do not contain viruses.

We will inform you about the services for which we use cookies in the individual processing procedures. For full information on the cookies we use, see the cookie settings or the Consent Manager for this website.

Change cookie settings

10.  Data security

Unfortunately, transmitting information over the internet is never 100% secure, so we are not able to guarantee the security of data transmitted to our website over the internet.
However, we do secure our website against loss, destruction, access, change or distribution of your data by unauthorized persons via technical and organizational measures. In particular, we transmit your personal data in an encrypted format. We use the SSL/TLS coding system (Secure Sockets Layer/ Transport Layer Security) to do so. Our security measures are continuously improved according to new technological developments.

11.  Rights of data subjects

If you are considered a data subject in the sense of Art. 4 no. 1 GDPR, you have the following rights with respect to the processing of your personal data under the GDPR.

Right to confirmation and information
Under the requirements of Art. 15 GDPR, you have the right to request confirmation of whether your personal data is being processed and to receive information free of charge at any time from the controller responsible for the processing regarding the personal data saved on you, as well as to receive a copy of this information.

Right to rectification

Under the requirements of Art. 16 GDPR, you have the right to request prompt rectification of your incorrect personal data. In addition, you have the right to request that incomplete personal data be completed -- including with a supplementary declaration -- in consideration of the purposes of processing.

Right to deletion

Under the requirements of Art. 17 GDPR, you have the right to request that your personal data is deleted promptly if one of the grounds under Art. 17 GDPR applies, and if the processing is not necessary.

Right to restrict processing
Under the requirements of Art. 18 GDPR, you have the right to request the restriction of processing if one of the stipulations in Art. 18 GDPR applies.

Right to data portability

Under the requirements of Art. 20 GDPR, you have the right to receive the personal data that you have provided to us in a structured, commonly-used and machine-readable format. You also have the right to transmit this data to another controller without our interference, if the further requirements of Art. 20 GDPR apply.

Right to revoke consent

You have the right to revoke consent you have granted us to process personal data at anytime with future effect. Please direct the revocation to the contact information provided above.

Right to object

Under the requirements of Art. 21 GDPR, you have the right to object to the processing of your personal data. If the requirements for an effective objection are fulfilled, then we are no longer entitled to process your data.

Right to submit complaints to a supervisory authority
Regardless of any other legal remedies under administrative or other law, you have the right to submit a complaint to a supervisory authority, in particular in your member state of residence, your workplace or the location of the alleged violation, if you believe that processing of your personal data violates the specifications of the GDPR.

12.  Transmission of your personal data

Your personal data is transmitted as described below.

The website is hosted by an external service provider in Germany. By doing so, we ensure that data is processed only in Germany. This is required for the operation of the website and in order to initiate, carry out, and process the existing usage contract, and is possible even without your consent.

In addition, data is transmitted if we are entitled or obligated to disclose the data under statutory regulations and/or an official or court order. This may, in particular, include providing information for the purpose of criminal prosecution, to avoid danger, or to enforce intellectual property rights.

If your data is transmitted to a service provider in the required scope, they will only have access to your personal data as necessary to fulfill their duties. These service providers are obligated to treat your personal data in accordance with applicable data protection laws, in particular the GDPR.

In general, we will not transmit your data to third parties without your consent except in the circumstances described above. In particular, we will not provide any personal data to entities in a third country or an international organization.

13.  Storage term for personal data

With respect to the storage term, we delete personal data once it is no longer necessary to store the data in order to fulfill the original purpose, and once no further statutory retention periods apply. Statutory retention periods ultimately serve as the criteria for determining the final storage term for personal data. After the end of this term, corresponding data is routinely deleted. If there are retention periods, then processing is restricted in the form of blocking the data.

When you access websites that our website refers to, you may be asked for information such as your name, address, email address, browser characteristics, etc. once again. This data privacy declaration does not regulate the collection, transmission or handling of personal data by third parties.

Third party service providers may have their own, differing provisions governing the collection, processing, and use of personal data. Therefore, before entering personal data on third party websites, we advise you to learn about their practices for handling personal data.

15.  Amendments to the Data privacy declaration

We are always improving our website, in order to improve our services for you. We will keep this data privacy declaration up to date and adjust it accordingly if and insofar as this is necessary.

Of course, we will inform you promptly regarding any amendments to this data privacy declaration. We will do so, for instance, via an email to the email address you provide to us. If we require further consent from you for our use of your data, we will of course obtain this consent from you before relevant amendments go into effect.
You can always access the current version of our data privacy provisions online at  https://products.erzkontor.com/de/privacypolicy/.

16.  Data Protection Officer

We have appointed a Data Protection Officer.

Philipp Herold
www.mein-datenschutzbeauftragter.de 
Hafenstr. 1 a
23568 Lübeck

Tel.: +49 451 -- 16 08 52 -21 (if necessary. -13)
Email: dataprotection@erzkontor.com

© 2024 CREMER ERZKONTOR