Obligation to provide information pursuant to Article 13 GDPR

The protection of your personal data is very important to us. Therefore, we process your personal data (in short "data") exclusively on the basis of the legal provisions. This privacy policy is to provide you with comprehensive information about the processing of your data in our company and the data protection claims and rights to which you are entitled as defined in Art. 13 of the European Data Protection Regulation (EU GDPR).

1. Who is responsible for data processing and whom can you contact?

The responsible party is
Inotech Kunststofftechnik GmbH
Boschstraße 3
92507 Nabburg

Tel: 09433-2400-0
E-Mail: info@inotech.de

The company's data protection officer is
Richard Söldner
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

E-Mail: rs@projekt29.de
Tel.: 0941-2986930

2. Which data is processed and from which sources does it come from?

We process the data that we have received from you in the context of contract initiation or processing, on the basis of consent or in the context of your application to us or in the context of your employment with us.


The scope of such personal data includes:
For customers: your master/contact data such as first name and surname, address, contact data (email address, telephone number, fax), bank details.

For applicants and employees: e.g., first name and surname, address, contact data (e.g., email address, telephone number, fax), birth date, data from CVs and employment reference letters, bank details, religious denomination, photos.

For business partners: e.g., name of your legal representative, company, commercial register number, VAT ID number, company number, address, contact data of contact person (email address, telephone number, fax), bank details.

For visitors to our company, this includes name and signature.

For journalists, this includes first name and surname, email address, fax number.

For participants in prize competitions this includes first name and surname, e-mail address.

We also process the following additional personal data:

Information concerning the type and content of contract data, order data, sales and receipt data, customer and supplier history and consulting documents

Advertising and sales data

Information from your electronic communications with us (e.g., IP address, login data)

Other data that we have received from you in the course of our business relationship (e.g., in customer meetings)

Data that we generate ourselves from master/contact data and other data, e.g., through analyses of customer requirements and customer potential.

The documentation of your declaration of consent for the receipt of newsletters, for example.

Photo shoots during events.

Server log files:

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transfers to us. The following data is stored:

Date and time of the request

Name of the requested file

Page from which the file was requested

Access status (file transferred, file not found, etc.)

Type of web browser or operating system used

Complete IP address of the requesting computer

Amount of data transferred

This data is not merged with other data sources. The data will be processed pursuant to Article 6(1)(f) GDPR on the basis of our legitimate interests in the improvement of the stability and functionality of our website.

For reasons of technical security, in particular protection against attempted attacks on our web server, we store this data for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. The data is processed anonymously for statistical purposes; it is not compared with other data or passed on to third parties either in whole or in part.

3. For what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act 2018, as amended:

To comply with (pre-)contractual obligations (Art. 6(1)(b) GDPR):

Your data is processed for processing contracts online or in one of our branch offices, for processing contracts of your employees in our company. The data is processed in particular when initiating business and performing contracts concluded with you.

To comply with legal obligations (Art. 6(1)(c) GDPR):

Processing of your data is necessary for the purpose of complying with various legal obligations, e.g., from the German Commercial Code or the German Fiscal Code.

To protect legitimate interests (Art 6(1)(f) GDPR):

With the aim of balancing interests, data may be processed beyond the actual scope required for the performance of the contract in order to protect either our own legitimate interests or those of third parties. Data processing to protect legitimate interests may include the following cases, for example:

Advertising or marketing (see No. 4),

Measures for business management and the further development of services and products;

Maintaining a group-wide customer database to improve customer service;

In the context of legal proceedings

Sending non-sales-related information and press releases.

With your consent (Art 6(1)(a) GDPR):

If you have consented to processing of your data, e.g., for receiving our newsletters, publishing of photos, prize competitions, etc.

4. Processing of personal data for advertising purposes

You can object to such use of your personal data for advertising purposes at any time, either in whole or in part, without incurring any costs other than the transfer costs in accordance with the basic rates. Under the legal provisions of Section 7(3) UWG (Unfair Competition Act) we are entitled to use the email address that you provided, when concluding the contract, for direct advertising for similar goods or services we offer. You will receive these product recommendations from us regardless of whether or not you have subscribed to a newsletter. If you do not wish to receive such recommendations from us by email, you may object to the use of your address for this purpose at any time without incurring any costs other than the transfer costs in accordance with the basic rates. A message in text form is sufficient for this. Of course, every email always includes an unsubscribe link.

5. Am I obliged to provide data?

The processing of your data is necessary for the conclusion or performance of your contract entered into with us. If you do not provide us with this data, we will, as a rule, have to refuse to conclude the contract or will no longer be able to perform an existing contract and consequently will have to terminate it. However, you are not obliged to consent to data processing with regard to data that is not relevant for the performance of the contract or that is not required by law.

6. Who receives my data?

Even if we use a service provider for order processing, we remain the party responsible for protecting your data. All processors are contractually obliged to handle your data confidentially and process it only as part of providing that service. The processors we commission will receive your data if they require the data to perform their respective service. Processors may include IT service providers we need for the operation and security of our IT systems as well as advertising and address publishers for our own advertising campaigns. Your data will be processed in our customer database. The customer database supports the enhancement of the quality of existing customer data (removal of duplicates, moved/deceased indicators, address correction) and enables the integration of data from public sources. This data is made available to the group companies if it is necessary for contract processing. Customer data is stored separately for each company, with our parent company acting as a service provider for the individual participating subsidiaries. If there is a legal obligation and in the context of legal proceedings, authorities, and courts as well as external auditors may also receive your data. In addition, insurance companies, banks, credit agencies and service providers may also receive your data for the purpose of contract initiation or performance of the contract.

7. How long will my data be stored?

We process your data until the business relationship ends or until the expiry of the applicable statutory retention periods (e.g., pursuant to the Commercial Code, the Fiscal Code, or the Working Hours Act) and until the termination of any litigations in which the data is required as evidence.

8. Is personal data transferred to a third country?

As a rule, we do not transfer any data to a third country. Data is only transferred in particular cases on the basis of an adequacy decision by the European Commission, standard contractual clauses, appropriate guarantees, or your express consent.

9. Security

We have implemented technical and administrative protection measures to protect your personal data against loss, destruction, manipulation, and unauthorized access. All our employees and service providers working for us are obligated to comply with the applicable data protection regulations. Whenever we collect and process personal data, it is encrypted before it is transferred. This means that your data cannot be misused by third parties. Our protection measures are subject to a continuous improvement process and our privacy policy is constantly revised. Please make sure that you have the latest version.

10. Contact form

If you send us requests via the contact form, the information you provide in the request form and the contact data you entered will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not share this data without your consent. The processing of this data is based on Art. 6(1)(b) GDPR, provided that your request is necessary for the performance of a contract or for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6 (1)(a) GDPR) if this has been requested. The data you enter in the contact form will remain with us until you request us to erase it, withdraw your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.

11. Applications

We collect various personal data during the application process. Personal data is all information from which conclusions can be drawn about your personal or material circumstances or which make you identifiable. For the automated processing of your application, the following data is collected and processed:

First name, surname, address, e-mail, date of birth, title, telephone number, country of residence and nationality

Additional questions depending on the respective job advertisement (e.g., driver's license)

CV, in particular information on professional experience and education or training

Skills and knowledge for the job advertised

Application photo

Qualifications, awards and language skills

Letter of motivation

Files and documents you send or upload as part of your application

When transferring your application data, you, as the applicant, give your consent to the processing of the personal data for the purpose set out in this privacy policy.
For processing your application, no information that may not be processed under the General Equal Treatment Act (race, ethnic origin, gender, disability, religious denomination and belief, or age, among others) is necessary. We ask you not to include any information that is irrelevant to the processing of your application due to the Equal Treatment Act (including illnesses, pregnancy, membership in a trade union and sexual life). Please do not transfer any content that could, for example, violate copyrights or the press law of third parties.

12. Cookies

When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an Internet server to your browser and stored on the hard drive. Only the Internet protocol address is stored - no personal data. This information, which is stored in the cookies, allows us to automatically recognize you the next time you visit our website, thus making it easier for you to use it. Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognized when you visit us again, you can also refuse the use of cookies by changing the settings in your browser to "refuse cookies". Please consult the manual of your browser for the respective procedure. If you refuse the use of cookies, this may, however, result in restrictions on the use of some parts of our website.

13. Services of third parties

Google Web Fonts
For a visually improved presentation of various information on our website we use Google Web Fonts (http://www.google.com/webfonts/). When the page is called up, the web fonts are transferred to the browser's cache so that they can be used for display. If the browser does not support Google Web Fonts or prevents access, the text is displayed in a standard font. When the page is called up, no cookies are stored in the website visitor’s browser. The data that is transferred when viewing a page is sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. Google does not combine this data with data that Google may collect or use in connection with the simultaneous use of authenticated Google services such as Gmail.

You can adjust your browser settings to prevent fonts from being loaded from the Google servers (e.g., by installing add-ons such as NoScript or Ghostery for Firefox). If your browser does not support Google Fonts or if you forbid access to the Google servers, the text will be displayed in the system’s standard font. Information about the privacy policy for Google Webfonts is available at https://developers.google.com/fonts/faq#Privacy

Information about Google's privacy policy and terms of use is available at http://www.google.com/intl/de-DE/privacy/

Google Maps
This website uses Google Maps to display maps and to create route maps. Google Maps is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. By using Google Maps on this website, you consent to all such data being collected, processed, and used automatically by Google, its representatives or third parties.

Click here to view the terms of use for Google Maps.

Click here to view the privacy policy of Google Maps.

14. What data protection rights do I have?

You have a right to information, rectification, erasure, or restriction of the processing of your stored data, a right to object to processing as well as the right to data portability and the right to lodge a complaint in accordance with the requirements of data protection law.

Right to information
You can request information from us as to whether and to what extent we process your data.

Right to rectification
You may, at any time, request us to correct or complete any of your processed data that is incomplete or inaccurate.

Right to erasure
You may request us to erase your data if we process it unlawfully or if the processing interferes disproportionately with your legitimate protective interests. Please note that there may be reasons that prevent immediate erasure, e.g., in the case of retention obligations regulated by law.

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there is no legal obligation to retain them.

Right to restriction of processing:
You may request us to restrict the processing of your data in the following cases:

You dispute the accuracy of the data for a period enabling us to verify the accuracy of the personal data.

the processing of the data is unlawful, but you oppose the erasure and request restriction of the use of data instead,

we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or

you have lodged an objection to the processing of the data.

Right to data portability:
You may request us to provide you with the data you have submitted to us in a structured, commonly used and machine-readable format and that you may transfer this data to another responsible party without hindrance from us, provided that

we process such data on the basis of a revocable consent given by you, or for the performance of a contract between us, and

such processing is carried out by means of automated procedures.

If technically feasible, you may request us to transfer your data directly to another responsible party.

Right to object
If we process your data for legitimate interest, you may object to this data processing at any time; this would also apply to profiling based on these provisions. In this case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise, or defence of legal claims. You can object to the processing of your data for the purpose of direct marketing purposes at any time without giving reasons.

Right to lodge a complaint
If you are of the opinion that we violate German or European data protection law when processing your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the competent supervisory authority responsible, i.e., the respective state office for data protection supervision. If you wish to exercise any of the above rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.