Data protection
Our approach to the topic of data protection
Data protection law is part of our personal rights. Especially in our constantly evolving and interconnected world, the importance of these rights must not be underestimated. We attach great importance to data protection law in all its forms and requirements, which is why we take the protection of your data very seriously and always endeavor to provide an appropriate level of protection on our website www.oecopac.de.
You are free to use our website without providing your personal data. However, it is possible that if you use one of our services, e.g. you wish to contact us via our website, it will be necessary to collect and process your data. If this is the case and there is no legal basis for this processing, we will always obtain your consent for the respective process.
As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Since, despite all technical precautions, absolute protection of data transmission cannot be fully guaranteed, you are free to transmit your personal data by other means, for example by telephone.
Data protection details
Our privacy policy should be easy to read and understand both for the public and for you as a customer and business partner. To ensure this, we would like to explain some of the terms we use that you will come across in this privacy policy. Terms that require a more detailed explanation in terms of definition and use have been given their own paragraph (e.g. cookies).
- Personal data
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Person concerned
Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing. In case of doubt, you are therefore a data subject.
- Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term “processing” covers any handling of data, be it collection, analysis, storage, transmission or deletion.
- Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate, analyze or predict certain personal aspects relating to a natural person.
We do not use profiling on our website to protect your personal data.
- Pseudonymization
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
- Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
- Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- Receiver
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
- Third
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
- Consent
Consent is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
- Tracking (German: “Verfolgung”)
In the field of online marketing, tracking refers to the logging of a website visitor’s user behavior. With the help of tracking, it is possible to track which websites a visitor has used to reach your website, how long the visitor has been on the website, which pages have been accessed and what IP address the visitor has. In order to obtain this data, cookies are used and analyzed with tools such as Google Analytics. From this, the success of marketing campaigns can be determined and measures for their optimization and adaptation can be derived. With these measures, the website can be made more user-friendly and better tailored to customers.
- Reach measurement
The main purpose of reach measurement is to statistically determine the intensity of use, the number of visitors or users of a website and their surfing behavior – on the basis of a uniform standard procedure. Website operators can use various tools to see exactly how many people are reached with a post. It is also possible to determine exactly how often a person clicks on an advertisement, for example, and from which websites, advertisements or articles people access your website.
The data required for this purpose is collected and processed in accordance with the GDPR and German data protection law. Technical and organizational measures ensure that individual users cannot be identified at any time. Data that may have a reference to a specific, identifiable person is anonymized as soon as possible.
- Personal data
Who we are
The controller of this website within the meaning of the General Data Protection Regulation is
OecoPac Grunert Verpackungen GmbH
Industriestrasse 20 01640 Coswig (Saxony)
Phone: +49 (0) 3523 – 530 490 E-mail: post@oecopac.de
OecoPac Verpackungen GmbH is represented by the managing directors Jochen Grunert, Kai Grunert and Dipl.-Ing. Nils Martin.
What data and information we collect
Our website collects a range of general data and information each time you access the website. This general data and information is stored in the server log files. The following can be recorded
(1) browser types and versions used,
(2) the operating system used by the accessing system,
(3) the website from which an accessing system reaches our website (so-called referrer),
(4) the sub-websites that are accessed via an accessing system on our website,
(5) the date and time of access to the website,
(6) an Internet Protocol address (IP address),
(7) the Internet service provider of the accessing system and
(8) other similar data and information used for security purposes in the event of attacks on our information technology systems.
When using this general data and information, our company does not draw any conclusions about you. Rather, this information is required in order to display the content of our website correctly and also to optimize the content and advertising for the content.
Furthermore, we require the above-mentioned information for the permanent functionality of our IT infrastructure and website technology. Last but not least, we may need the information to provide law enforcement authorities with the necessary data in the event of criminal prosecution.
This anonymously collected data and information is therefore evaluated by us for statistical purposes, but also to optimize data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all your personal data.
Our website processes data for the following purposes, for example
- Provision of our online offer with the associated user-friendliness
- Office and organizational procedures
- the performance of contractual services and services
- Managing and responding to inquiries
- Processing of payment transactions
- Generate feedback
- Direct marketing
- Reach measurement
- Tracking
- Security measures
The groups of persons concerned, the types of data processed, the specific purpose and the legal bases are explicitly described to you again in the course of this data protection declaration for the respective processing operation.
What rights do you have?
As part of the General Data Protection Regulation, the European legislator has given you a number of options for asserting your rights – including against us. In order to comply with our duty to provide information in this regard, those rights are set out below:
- Right to confirmation
You have the right to request confirmation from us as to whether your personal data is being processed.
- Right to information
You have the right to receive free information from us at any time about your stored personal data (e.g. the purpose of processing or the categories of data that are processed) and a copy of this information.
- Right to rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasure (right to be forgotten)
You have the right to demand that we delete your personal data immediately. We are also obliged to delete personal data immediately if there is a reason that does not justify the processing of the data
- Right to restriction of processing
You have the right to demand that we restrict the processing of your data,
- Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us to whom the personal data has been provided.
- Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 I lit. e or lit. f GDPR takes place, to file an objection.
We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
- Right to information and complaint to a supervisory authority
You have the right to contact a supervisory authority at any time with questions about data protection.
If you believe that the processing of your personal data violates data protection law, you still have the right to lodge a complaint with a competent supervisory authority.
However, to prevent this from happening in the first place, we would be grateful if we could find a solution together in the event of any disagreements.
- Right to withdraw consent under data protection law
You have the right to withdraw your consent to the processing of personal data at any time.
If you wish to withdraw your consent, you can contact the following office at any time:
OecoPac Grunert Verpackungen GmbH
Contact person: Kai Grunert
Industriestrasse 20 01640 Coswig (Saxony)
Phone: +49 (0) 3523 – 530 490 E-mail: post@oecopac.de
- Right to confirmation
Provision of the online offer and web hosting
In order to provide our website securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services as well as security services and technical maintenance services.
The data processed on our website may include information that is generated in the course of use and communication. This regularly includes the IP address, which is necessary to display the content of our online offering, and all entries made within our online offering or from websites.
E-mail dispatch and hosting: We use web hosting services, which include the dispatch, receipt and storage of e-mails. For this purpose, the addresses of the recipients and senders as well as other information relating to the sending of e-mails (e.g. the providers involved) and the content of the respective e-mails are processed.
Please note that e-mails on the Internet are generally not sent in encrypted form. In most cases, emails are encrypted in transit, but not on the servers from which they are sent and received (unless an end-to-end encryption method is used). We can therefore accept no responsibility for the transmission path of e-mails between the sender and receipt on our server.
Collection of access data and log files: We collect data on every access to the server (so-called server log files). The server log files may include the address and name of the websites and files accessed, date and time of access, data volumes transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider. In short, server log files record all processes that happen on a website.
The server log files are used, among other things, for security purposes by detecting and defending against attacks or to ensure the utilization of the server and its stability.
- Processed data types: Content data (e.g. text input, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
- Data subjects: Users (e.g. website visitors, users of online services).
- Legal basis: Legitimate interests (Art. 6 I lit. f. GDPR).
Deletion and blocking of personal data
We process and store your personal data only for the period of time necessary to achieve the purpose of storage or if this has been provided for by the European legislator or another legislator in laws or regulations to which we are subject. The criterion for the duration of the storage of personal data is therefore the respective statutory retention period.
If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or deleted in accordance with the statutory provisions, provided that it is no longer required for the fulfillment or initiation of the contract.
Protection of minors
Consent to the processing of personal data can only be given by a person of legal age. For information society services, the consent of a child is permitted from the age of sixteen in accordance with Art. 8 GDPR.
Our handling of cookies
Our website is operated using cookies, among other things. Cookies are text files that are stored on your computer system via your Internet browser.
Numerous websites and servers use cookies. Simply put, cookies are used to give the website a “memory”. For many website operators, they are an essential means of offering you, the website visitor, a smooth and technically flawless experience.
Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish your individual browser from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of cookies, our website can provide you with more user-friendly services that would not be possible without the setting of cookies. A distinction is made between the following cookie types and functions:
Cookies that differ according to their storage duration
- Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after you leave an online service and close the browser.
- Permanent cookies: Permanent cookies remain stored even after the browser is closed. These are used, for example, to save your login status or to display frequently viewed or popular content.
Cookies that differ according to their origin
- First-party cookies: First-party cookies are set by us.
- Third-party cookies (also: third-party cookies): Third-party cookies are mainly placed by advertisers (so-called third parties) to process user information.
Cookies that differ according to their purpose
- Necessary (required) cookies: Cookies may be required for the operation of a website (e.g. to store logins or other user input or for security reasons).
- Statistical, marketing and personalization cookies: Cookies may be used in the context of reach measurement (web analysis) if your interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. If we use such cookies or other “tracking” technologies, we will inform you separately in our privacy policy or by obtaining your consent directly when you open our website (cookie banner).
Storage period: If we do not specify the storage period for permanent cookies, please expect a storage period of up to 2 years.
You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. In addition, cookies that have already been set can be deleted at any time via your Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions, e.g. the display of map material, may be fully usable by the websites you visit.
Which cookies do we use? We use cookies on our website to save the language settings and to save a session ID. Details on this can be found in the specific description of the cookies in the Consent Manager.
Cookie Consent Manager: We use the consent technology of “Borlabs Cookie” to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document them in accordance with data protection regulations.
The provider of this technology is Borlabs GmbH, Hamburger Straße 11, 22083 Hamburg.
When you visit our website, a Borlabs cookie is stored in your browser in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.
The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected.
Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
Website: https://de.borlabs.io/borlabs-cookie/
Legal basis for the use of the Borlabs cookie: Art. 6 I lit. c GDPR.
What you can expect on our website
We offer a wide variety of content on our website to provide you as a user with an interesting surfing experience so that you receive a lasting and, above all, positive impression of us and our company. We use various programs, tools and lots of other content for this. In the following, we would like to explain to you what this involves in detail.
Contact via the website
Due to legal regulations, our website contains information that enables quick electronic contact to our company and direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address).
If you contact us by e-mail or via our contact form, the personal data you provide will be stored automatically. Such personal data transmitted to us by you on a voluntary basis will be stored for the purpose of processing or contacting you. This personal data will not be passed on to third parties.
Specifically, we process the following data: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos).
Data processing is carried out on the basis of Art. 6 I lit. b GDPR for the fulfillment of our contractual services or pre-contractual inquiries as well as Art. 6 I lit. f. GDPR within the scope of our legitimate interests in order to be able to contact you.
We look forward to every application
You have the opportunity to apply for vacancies in our company via our website.
We process the applicant data only for the purpose and in the context of the application process. The processing of applicant data is carried out to fulfill our (pre-)contractual obligations in the context of the application process within the meaning of Art. 6 I 1 lit. b, f GDPR, Section 26 BDSG if the data processing (e.g. in the context of legal proceedings) becomes necessary for us.
Applicant data generally includes your personal details, postal and contact addresses and the documents relating to your application, such as cover letter, CV and references. Applicants can also voluntarily provide us with additional information.
By submitting your application to us, you consent to the processing of your data for the purposes of the application process in the manner and to the extent set out in this privacy policy.
Insofar as special categories of personal data within the meaning of Art. 9 I GDPR are voluntarily communicated as part of the application process, their processing is also carried out in accordance with Art. 9 II lit. b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 I GDPR are requested or provided by applicants as part of the application process, their processing is also carried out in accordance with Art. 9 II lit. a GDPR (e.g. health data if this is necessary for the exercise of the profession).
Subject to a justified revocation by the applicant, the data will be deleted after the purpose has been fulfilled or after twelve months after the vacancy has been filled in order to be able to answer any follow-up questions regarding the application.
We use services from Google
We use Google Fonts
This site uses so-called fonts for the uniform display of fonts. The provider of Google Fonts is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When you call up the page, your browser loads the required fonts into your browser cache in order to display texts and fonts correctly. We have integrated the fonts locally on our server.
Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/
We use Google reCAPTCHA
We use reCAPTCHA from Google on this page to prevent and avoid abusive access and spam. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
By using reCAPTCHA, the IP address and any other data required by the provider for the proper operation of the service is transmitted to the provider. Your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the untruncated IP address transmitted to a server in the USA and the IP shortened on the server there.
If you have a Google account and are logged in to Google at the same time, Google can assign this information to your member account. You can prevent this by logging out of your member account before visiting our website.
The legal basis for the use of Google reCAPTCHA is Art. 6 I lit. a GDPR.
We use Google DoubleClick
We use DoubleClick, a Google service, on this website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
DoubleClick gives us the opportunity to show you interest-based advertisements in the Google advertising network. In this way, our advertising can, for example are displayed in search results or in advertising banners on other websites.
In order to display such interest-based advertising, Google must recognize a user and analyze and assign the last websites visited as well as the click and usage behavior. DoubleClick uses cookies or other technologies to recognize users (e.g. so-called device fingerprint). This information is compiled into a pseudonymized user profile and used to display individualized advertising.
DoubleClick is used on the basis of your consent (Art. 6 I lit. a GDPR), which you can revoke at any time.
You can find further information on objection options and the advertising content displayed at https://policies.google.com/technologies/ads and https://adssettings.google.com/authenticated as well as in the provider’s privacy policy at https://www.google.com/policies/privacy/
We use Font Awesome
We also use so-called Awesome Fonts from Fonticons, Inc, 307 S Main St Ste 202 Bentonville, AR, 72712-9214, USA for the uniform display of fonts.
When you call up the page, your browser loads the required fonts into your browser cache in order to display texts and fonts correctly. We have integrated the fonts locally on our server.
Further information about Awesome Fonts can be found at https://fontawesome.com/start and in the Fonticons Inc. privacy policy: https://fontawesome.com/privacy.
We use a Content Delivery Network (CDN)
By using a Content Delivery Network (CDN), we are able to quickly and reliably display the content of our website and thus also large amounts of data, regardless of the device, via regionally distributed, interconnected servers.
We use jquery
We use jquery so that we can deliver all the content of our website to you quickly and easily. The provider is the jQuery Foundation, which provides the technology via the Content Delivery Network (CDN) of StackPath LCC, 2012 McKinney Ave. Suite 1100, Dallas, TX 75201, USA.
jQuery uses JavaScript libraries to display the content of our website quickly. After your IP address has been recorded, a connection to a CDN server is established and the necessary files are loaded, unless the data is already stored in your device’s browser from a previous visit to our website.
According to the provider, the data collected is also used to improve the provider’s own security systems and for the purpose of further developing the services in anonymized form. It is not possible to identify you personally.
Your personal data is processed on the basis of your consent in accordance with Art. 6 I lit. a GDPR and within the scope of our legitimate interests pursuant to Art. 6 I. lit f. GDPR to optimize our website.
Details on how the provider handles the data obtained can be found at https://www.stackpath.com/legal/privacy-statement/?tid=331708939401 and https://prismic-io.s3.amazonaws.com/openjsf/ba00b254-685f-4e54-b1ca-17984b0f3e55_OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf
We use BootstrapCDN
We use BootstrapCDN from jsdelivr.com so that we can deliver all the content on our website to you quickly and easily. The provider is ProspectOne, Królewska 65A/1, 30-0981 Kraków, Poland.
BootstrapCDN uses JavaScript libraries to display the content of our website quickly. After your IP address has been recorded, a connection to a CDN server is established and the necessary files are loaded, unless the data is already stored in your device’s browser from a previous visit to our website.
Your personal data is processed on the basis of your consent in accordance with Art. 6 I lit. a GDPR and within the scope of our legitimate interests pursuant to Art. 6 I. lit f. GDPR to optimize our website.
Details on how the provider handles the data obtained can be found at https://www.jsdelivr.com/terms/privacy-policy
Legal permission for data processing
The following standards may serve as the legal basis for the above-mentioned processing operations:
- 6 I lit. a GDPR, where we obtain your consent for a specific processing purpose.
- If the processing of personal data is necessary, for example, for the performance of a contract between you and us, this processing is based on Art. 6 I lit. b GDPR is justified.
- The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services.
- If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR.
- It may be necessary to process personal data in order to protect your vital interests or the interests of another natural person, Art. 6 I lit. d GDPR.
- Ultimately, processing operations could be based on Art. 6 I lit. f DS-GVO are based. Processing operations are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that your interests, fundamental rights and freedoms do not prevail. Our legitimate interest within the meaning of Article 6 I lit. f GDPR is in particular the performance of our business activities for the benefit of the well-being of all our employees and our shareholders.
Obligation to provide the personal data
We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). In addition, it may be necessary for you to provide us with personal data for the conclusion of a contract, which must subsequently be processed by us. For example, you are obliged to provide us with personal data if our company concludes a contract with you. Failure to provide the personal data would mean that the contract could not be concluded.
Before providing your personal data, you should contact one of our employees. Our employee will inform you on a case-by-case basis whether the provision of your personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be.
Your contact person in our company
If you have any questions about data protection and the handling of your data on our website and in our company, you are welcome to contact us at any time:
OecoPac Grunert Verpackungen GmbH
Contact person: Kai Grunert
Industriestrasse 20 01640 Coswig (Saxony)
Phone: +49 (0) 3523 – 530 490 E-mail: post@oecopac.de
This privacy policy was created by Bastanier & Schmelzer Rechtsanwälte PartmbB.