Have any questions?
+44 1234 567 890
Table of contents
I General information on data protection
II Data protection declaration website
III Information for applicants
IV Information for Business Partners
I General information on data protection
1.1 Information on the responsible office:
Plantaflor Humus Verkaufs-GmbH
We attach particular importance to the protection of your personal data. Your personal data will be processed in accordance with the data protection regulations, in particular the European Data Protection Regulation (EU DS-GVO) and the Federal Data Protection Act (BDSG n. F.).
The following information provides an overview of the type, scope and purpose of the collection, processing and transmission of personal data as well as the security measures used to protect this data.
Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person, such as your name, address, telephone number, date of birth and e-mail and IP address.
1.2 Legal basis for the processing of personal data
- Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) lit. a EU DS-GVO serves as the legal basis. You may revoke your consent for future processing at any time in accordance with Art. 7 (3) of the EU Data Protection Regulation.
- When processing personal data that is required for the fulfilment of a contract or for the implementation of pre-contractual measures, Art. 6 (1) (b) EU GDPR serves as the legal basis.
- If the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 para. 1 lit. c EU DS-GVO serves as the legal basis.
- If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject are not overridden, Art. 6 (1) f EU DS-GVO serves as the legal basis for the processing. In this case, you have a right to object in accordance with Art. 21 EU DS-GVO.
1.3 Data deletion and storage period
Personal data is deleted as soon as the purpose for storing it no longer applies. Data may also be stored if this is required by statutory retention obligations to which our company is subject.
1.4 Your rights
Upon written request, we will inform you in accordance with Art. 15 EU DS-GVO and our legal obligation under Art. 12 EU DS-GVO whether and which of your personal data is being processed or stored by us. Furthermore, you have the right to correct inaccurate data in accordance with Art. 16 EU GDPR, data portability in accordance with Art. 20 EU GDPR, blocking and deletion of your personal data in accordance with Art. 17 EU GDPR - provided that there are no legal retention obligations to the contrary - as well as the right to restrict processing in accordance with Art. 18 EU GDPR. In addition, you have the right to contact the competent supervisory authority pursuant to Art. 77 EU Data Protection Regulation.
IN ADDITION, YOU HAVE THE RIGHT TO OBJECT PURSUANT TO ART. 21 EU DS-GVO IF THE PROCESSING RELATES TO LEGITIMATE INTERESTS PURSUANT TO ART. 6 ABS. 1 LIT. F EU DS-GVO.
If you have given us your consent to process your data, you naturally have the option of revoking this at any time for the future in accordance with Art. 7 (3) EU GDPR.
If you have any questions regarding the processing of your personal data, you can contact our data protection officer, who is also available to you in the event of requests for information, suggestions or complaints.
Data protection officer of
Plantaflor Humus Sales-GmbH
In order to ensure that our data protection declaration always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection declaration has to be adapted due to new or revised services, for example new services.
II Data protection declaration website
2.1 Provision of the website
Use of hosting service providers
Our website is hosted on servers located in the EU by a hosting service provider on the basis of commissioned processing in accordance with Art. 28 EU DS-GVO. As part of its services, the hosting service provider may have access to personal data of our users, in particular to technical data that is generated as part of the technical communication between you and our website (e.g. server log files). He is not allowed to use these for his own purposes. The use of a hosting service provider is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f EU DS-GVO in the provision of infrastructure and platform services, computing capacity, e-mail dispatch and security services.
Server log files
When you visit our website or use its services, the device with which you access the page automatically transmits log data (connection data) to our server. The corresponding information consists of:
- Type and version of the browser you are using,
- type and version of the operating system you are using,
- Referrer URL of the page from which you accessed our website,
- Date and time you accessed our website,
- name of the sub-pages you accessed,
- IP address of your computer system,
- the amount of data transferred in each case.
The data collected is used exclusively for statistical evaluations for the purpose of the operation, security and optimisation of the offer. For security reasons, however, we reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use on the basis of concrete indications. The data will not be stored longer than necessary for this purpose. This collection is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f EU DS-GVO.
Cookies are data records that are automatically created by your browser and stored on your end device when you visit our website. Cookies do not harm your computer and do not contain viruses. Most of the cookies we use are deleted again at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognise your computer the next time you visit us (so-called permanent or cross-session cookies). Thanks to these files, it is possible, for example, for you to receive information on the site that is specifically tailored to your interests.
Security of your data
We use technical and organisational security measures to adequately protect the data you provide against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. We therefore use SSL encryption for the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties. Our security measures are further developed according to the state of the art.
2.2 Contacting us
If you contact us (e.g. via contact form, e-mail, telephone, social media), your personal data will be stored and processed by us for the purpose of processing the enquiry and any associated follow-up enquiries in accordance with Art. 6 (1) lit. b EU DS-GVO (in the context of pre-contractual measures) or in accordance with Art. 6 (1) lit. f EU DS-GVO (general enquiries). We do not pass on this data without your respective consent.
The data you provide will remain with us until you request us to delete it, object to its storage or the purpose for storing the data ceases to apply (i.e. after we have completed processing your enquiry), provided this does not conflict with any statutory retention obligations.
2.3 Analysis tools
The analysis measures listed below and used by us are carried out on the basis of Art. 6 para. 1 lit. a EU DS-GVO (consent). With the use of these analysis measures, we want to ensure a demand-oriented design and the continuous optimisation of our website. By means of the analysis tools, we record the use of our website pseudonymously and evaluate it for the purpose of optimising our offer.
You can revoke your consent at any time with effect for the future.
Google Analytics 4
This website uses functions of the web analysis service Google Analytics 4. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland. Google Analytics uses so-called "cookies". These are data records that are stored on your computer and enable an analysis of your use of the website. User and event data is automatically deleted after 14 months at the latest.
At the time of collection, IP addresses are used to determine location information (country, city, latitude and longitude of the city). In Analytics, all IP addresses collected from users in the EU are subsequently deleted before they are recorded via EU domains and servers.
https://support.google.com/analytics/answer/6004245?hl=de and https://support.google.com/analytics/answer/12017362?hl=de
2.4 Third-party content and services
Based on our legitimate interest pursuant to Art. 6 para. 1 lit. f EU DS-GVO, contents, services and performances of other providers that complement our offer are integrated within our online offer. By using the services listed below, we want to ensure that the design and ongoing optimisation of our website are in line with requirements. If we request your consent for the use of these services, the legal basis is Art. 6 para. 1 lit. a EU DS-GVO.
Links to third-party websites
2.5 Social media
We maintain publicly accessible online presences in social networks for communication with the customers and interested parties active there as well as for the presentation of our services.
The processing of users' personal data is based on our legitimate interests in effectively informing users and communicating with users pursuant to Art. 6 para. 1 lit. f. EU DS-GVO. If the users are asked by the respective providers of the platforms for consent to data processing or if the user voluntarily sends information to our online presences, the legal basis of the processing is Art. 6 (1) lit. a EU DS-GVO in conjunction with Art. 7 EU DS-GVO. If this information contains contract-relevant content, the legal basis is Article 6 (1) (b) of the EU Data Protection Regulation.
For a detailed description of the respective processing and the opt-out options, please refer to the information of the providers linked below.
In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, then you can contact us.
When you interact with our social media page on Facebook (comment, like posts or send us a message), your data is stored by us. The social network is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hence: Meta).
The operation of a company profile on this channel is a joint responsibility under data protection law in accordance with Art. 26 EU DS-GVO Meta and our company. Accordingly, we have entered into an agreement with Meta which sets out the respective obligations under the EU GDPR: https://www.facebook.com/legal/terms/page_controller_addendum .
Meta provides the profile operators with statistics and insights into the types of actions of our profile visitors ("page insights"). We have no influence on the fact that this data is collected by Meta. According to Meta, this data is only provided to us anonymously, so that the user cannot be identified from the information.
Personal data is deleted as soon as the purpose for storing it no longer applies. They may also be stored if this is required by statutory retention obligations to which our company is subject.
Our online services are generally aimed at persons of legal age. Personal information of persons who have not yet reached the age of 16 may only be made available to us if the express consent of the parent or guardian has been obtained (Art. 8 EU Data Protection Regulation). Processing without the consent of the parent or guardian is not permitted. We therefore reserve the right to delete all data relating to minors if we do not have the consent of a parent or guardian.
III. Information for applicants
3.1 Purpose and legal basis for collection and processing
We process your data for the purpose of processing your application in accordance with Art. 88 EU DS-GVO in conjunction with § 26 BDSG-neu. If special categories of personal data within the meaning of Art. 9 (1) EU Data Protection Regulation are voluntarily provided during the application process, they will also be processed in accordance with Art. 9 (2) b EU Data Protection Regulation.
3.2 Recipients of your data
The recipients of your data are the departments involved in the human resources process (including human resources, managers and department heads) of the responsible department. Your data will be treated as strictly confidential and will not be passed on to third parties without your respective consent. There are no plans to transfer your data to third countries or international organisations.
3.3 Storage of your data
Your application data will be deleted 180 days after the position has been filled. If you are also interested in future advertised positions, we require your written consent to store your application documents for a longer period of time. You can revoke this consent for the future at any time in accordance with Art. 7 Para. 3 EU DS-GVO. To do so, please send an e-mail with the relevant information to the contact address given above.
IV Information for business partners
4.1 Purpose and legal basis for collection and processing
The primary purpose of data processing is the establishment, implementation and termination of the contractual relationship. The primary legal basis for this is Art. 6 para. 1 lit. b EU DS-GVO. Without this type of use of your data, the implementation of the business relationship existing between you and us is not possible.
We also process your data on the basis of Art. 6 para. 1 lit. f EU DS-GVO to protect our legitimate interests or those of third parties (e.g. public authorities). This may be necessary, for example, to maintain IT security and IT operations or for the purposes of corporate management, internal communication and other administrative purposes. You can object to this processing by giving specific reasons in accordance with Art. 21 EU GDPR.
In addition, we process your data to fulfil legal obligations such as regulatory requirements, commercial and tax retention obligations or documentation obligations. The legal basis for this is Art. 6 para. 1 lit. c EU DS-GVO in conjunction with the nationally applicable laws.
In individual cases, we may also process your data on the basis of your separate consent granted to us in accordance with Art. 6 (1) (a) and (7) of the EU Data Protection Regulation (e.g. as part of the registration for our newsletter or publication of photos and videos). You are always free to decide whether you wish to declare your consent. Once you have given your consent, you can revoke it at any time with effect for the future. To do so, use the link provided in the respective action or send corresponding requests to the contact address given above.
If we process your personal data for a purpose not mentioned above, we will inform you in advance.
4.2 Recipients of your data
Within our company, only those persons receive your personal data who need them to fulfil our contractual and legal obligations. In addition, we sometimes use different service providers to fulfil these obligations, so that it may be necessary to transfer your personal data to further recipients outside the company, insofar as this is necessary to fulfil our contractual and legal obligations. These third parties can be, for example, authorities, financial institutions, suppliers, etc.
In order to process your data technically, we sometimes use external service providers. We may transfer and process your data outside the country in which you have your residence/company headquarters or in one of the countries in which we operate. These may also be located outside the European Economic Area. If we transfer personal data to service providers or companies outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection or if other appropriate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place. You can also request detailed information using the contact information above.
4.3 Storage of your data
We only save your personal data for as long as it is required for the above-mentioned purposes. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This regularly results from legal obligations to provide proof and to keep records, which are regulated, among other things, in the German Commercial Code (Handelsgesetzbuch) and the German Fiscal Code (Abgabenordnung). The storage periods are then up to ten years. In addition, personal data may be stored for the time during which claims can be asserted against us (statutory limitation period of three or up to thirty years).