The Data Controller within the meaning of the GDPR is:
Name: Brückner Group SE
Address: Königsberger Str. 5-7, 83313 Siegsdorf, Germany
Tel: +49 8662 63-0
E-Mail: brueckner.group@brueckner.com
Website: www.brueckner.com
Name and address of the Data Protection Officer
The Data Protection Officer for the Data Controller is:
Franz Obermayer
complimant AG
Edt 4
84558 Kirchweidach
datenschutz@complimant.de
Collection and storage of personal data as well as how and why it is used
1. On the website – Public area
a) When visiting the website
When you visit our website, your device’s browser automatically sends information to our server, where it is temporarily stored in what’s referred to as a log file. The following information is collected without you having to do anything and stored until it is automatically deleted:
IP address of the device making the request,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
Browser used and, if applicable, the operating system of your computer and the name of your access provider.
This data is processed by us for the following reasons:
To ensure the website connects smoothly,
To make using our website convenient,
To analyze system security and stability, and
For other administrative purposes.
The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest is based on the purposes for data collection outlined above. We never use the collected data to draw conclusions about you as an individual.
b) Subscribe to our newsletter
If you have subscribed to our newsletter, we will use your email address to send you our newsletter on a regular basis. You only need to provide an email address to receive the newsletter. You can unsubscribe at any time, using a link at the end of each newsletter, for example. Or, you can also send us your unsubscribe request at any time using the contact details above, by email, fax or post.
The legal basis for data processing is Article 6(1)(1)(a) GDPR.
c) Using our contact form
You have the option of contacting us using a form on the website. For this purpose, it is necessary to provide a valid email address so that we know who sent the request and so that we can respond to it. You can add extra information if you want.
The personal data collected and processed for the contact form will be deleted once the inquiry you have made has been handled. The legal basis for data processing is Article 6(1)(1)(a) GDPR.
d) Disclosure of data
Your personal data will not be transferred to third parties. We only disclose your personal data to third parties if:
You have given your express consent to this in accordance with Article 6(1)(a) GDPR.
Disclosure is necessary under Article 6(1)(f) GDPR for asserting, exercising, or defending legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
If disclosure is necessary to comply with a legal obligation under Article 6(1)(c) GDPR, and
This is legally permitted and necessary under Article 6(1)(b) GDPR for the performance of a contractual relationship with you.
Further exceptions regarding cookies and analytics tools are listed below for the relevant tools.
e) Use of Service Providers
Processors are used to maintain our website, which means that data is also transferred to them. This applies in particular to our hosting provider “Hetzner” for the website and the provider of the data asset management tool “Kontainer.” Contracts in accordance with the requirements of Art. 28 GDPR are in place for the processors used.
f) Cookie Settings
g) Analysis tools, conversion tracking, social media plug-ins
Various tools are used on our website, and in some cases, your data in the form of IP addresses is processed. You can give, reject, or withdraw your consent at any time via the Consent Manager. Further information about the tools and cookies used, especially regarding their respective storage durations, can also be found in our Consent Manager.
1. Matomo
Matomo, 7 Waterloo Quay, PO Box 625, 6140 Wellington, New Zealand, is a web analytics software platform used for tracking on the website. It provides detailed reports on website functionality and user behavior. Matomo is used in a privacy-friendly version on the website, meaning no cookies are set.
2. Plausible
Plausible, Plausible Insights OÜ Västriku tn 2, 50403, Tartu, Estonia, is also a web analytics software platform used for tracking on the website. Plausible enhances tracking with cookies and enables a detailed and personalized user experience by tracking behavior across multiple visits and allowing targeted advertising based on individual preferences.
Cookies are set, and IP addresses are collected and stored.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
3. Algolia
Algolia, 3790 El Camino Real, Unit #518, Palo Alto, CA 94306, USA, is an AI-powered search engine that supports users with intelligent search functionality.
IP addresses are collected by Brückner for this purpose. A direct search via Algolia only occurs upon explicit user request, which may result in data being transferred to Algolia, Inc. in the USA.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
More information: https://www.algolia.com/policies/privacy
4. Friendly Captcha
We use forms on some pages. To secure these forms, we use the tool Friendly Captcha, Am Anger 3-5, 82237 Wörthsee, Germany. The captcha ensures that forms are not filled with spam by bots, for example, preventing a bot from submitting the form thousands of times.
5. IP-Stack
IP-Stack, 4001 W. Parmer Lane, Suite 125, Austin, TX 78727, USA, provides APIs for geolocating website visitors based on their IP address, enabling relevant offers/services based on individual location.
We use IP-Stack in a way that shortens IP addresses, making it impossible to trace them back to a specific person.
6. OpenStreetMap
OpenStreetMap enables user-friendly display of interactive maps and location-based information.
The IP address of the accessing computer is collected and stored.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
2. On the website – Login area
Registered users have the option of logging into a separate area on our website.
In this area, we do not track users with analytics tools, cookies, or device fingerprints. Only necessary cookies are used.
The following data is processed in the login area:
Username
Password (hashed)
Metadata recorded from logged activities
The retention periods stipulated in the German Commercial Code (HGB) or the German Fiscal Code (AO) are, for example, up to 10 years. The regular limitation period according to the German Civil Code (BGB) is 3 years. The retention period for log data is 7 days, after which it is automatically deleted.
3. Applicant data
We collect and process applicant data that you provide to us in connection with job advertisements or unsolicited applications. This generally includes standard information such as first and last name, address, qualification data (cover letter, resume, previous employment, professional qualifications), as well as (employment) references and certificates (performance data, assessment data, etc.). In addition, information on disability status, origin, or application photos may be processed if you voluntarily provide us with this information. We use the data as part of the application process and delete it in the event of rejection 6 months after the end of the application process. If your application for a position is of interest at a later date, we will contact you and obtain your consent. Your data will only be passed on to service providers within the scope of the order processors. Contracts in accordance with the requirements of Art. 28 GDPR are in place for the order processors used. The legal basis for data processing is § 26 (1) BDSG (Federal Data Protection Act) or Art. 6 (1) (a) GDPR, § 26 (2) BDSG.
4. Data Processing by Business Partners
When you contact us, request a quote, or enter into a contract, we collect your business contact details as well as your first name and surname. During an on-site meeting, a rapid COVID-19 test may be carried out (due to pandemic-related precautions). Video or photo recordings may also be made if a video conference takes place. We use the following tools for this purpose:
WebEx
MS Teams
GoToMeeting
Visavid
The retention period of your data depends on the status of our business relationship. Retention periods stipulated in the German Commercial Code (HGB) or the German Fiscal Code (AO) are, for example, up to 10 years. The regular limitation period according to the German Civil Code (BGB) is 3 years. The legal basis for data collection depends on the status of our business relationship Art. 6(1)(1)(a) GDPR, Art. 6(1)(1)(b) GDPR, Art. 6(1)(1)(1)(c) GDPR and Art. 6(1)(1)(f) GDPR.