data protection declaration

Data Protection Declaration

Data protection at a glance

Thank you for your interest in our website. The protection of your personal data when you visit our site is of particular importance to the management of STARVERT Services GmbH & Co. KG. In the information below, we provide an overview of how we process your personal data and your rights in terms of data protection. Personal data entails all data that can be related to you personally, e.g. name, address, email addresses, user behaviour.

If the party concerned wishes to utilise the unique services of our firm via our website, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the party concerned. Processing always takes place in accordance with the EU General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to STARVERT Services GmbH & Co. KG.

As the party responsible for processing, STARVERT Services GmbH & Co. KG has implemented technical and organisational measures to ensure the most complete protection possible — against loss, destruction, access, modification or dissemination of your data by unauthorised persons, as regards personal data processed via this website. This also includes the use of SSL or TLS encryption for security reasons and for the protected transmission of confidential content, such as orders or inquiries sent to us as the site operator. An encrypted connection can be recognised by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser address bar. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Nevertheless, absolute protection cannot be guaranteed, due to fundamental security gaps in Internet-based data transmission.

The party responsible in accordance with Art. 4 (7) GDPR and the applicable country-specific data protection regulations is:

STARVERT Services GmbH & Co. KG
Konrad-Zuse-Ring 30 | 68163 Mannheim
+49 (0) 621 / 17293480 | info@starvert-services.com

Please send general questions about data protection at STARVERT Services GmbH & Co. KG to Datenschutz(at)starvert-services.com.

You can reach our data protection officer by post at the above address – labelled for the attention of Data Protection Officer – or by email at: Datenschutzbeauftragter(at)starvert-services.com

In exceptional cases, the receipt of emails may be impaired due to technical or operational reasons. Please ensure that time-critical messages are also sent by post or fax. Please bear in mind that communication by email is fundamentally insecure, as there is the possibility of third parties’ access and manipulation. Confidential data should never be sent unencrypted by email.

Firstly, your data is collected when you communicate it to us. This would, for example, be data that you enter in a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. noting the internet browser, operating system or the time of a page view). This data is collected automatically as soon as you enter this website.

Part of the data is collected to ensure that we are able to provide an error-free website. Other data can be used to analyse user behaviour.

Unless otherwise stipulated in the detailed descriptions of services, those departments within our firm that require your data to fulfil our contractual and legal obligations or to implement our legitimate interests will have access to it. We will only provide information about you to a third party if this is permitted or required by legal or official obligations; where the transfer is necessary for processing and thus for the fulfilment of a contract or, at your request, where it is necessary to carry out pre-contractual measures and we have your consent or we are authorised to provide information.

Where we use service providers for individual functions within our services, we ensure that they have been carefully selected and commissioned, are bound by our instructions and are regularly checked. Your personal data may be processed on the basis of order processing contracts in accordance with Art. 28 GDPR, and we ensure that the processing of personal data is in accordance with the provisions of GDPR. In this case, the categories of recipients are our service providers for website hosting.

If you have consented to data processing, we will process your personal data on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, if special data categories according to Art. 9 GDPR are processed. In the event of express consent to the transfer of personal data to third-party countries, data processing is also based on Art. 49 (1) (a) GDPR. . If you have consented to the storage of cookies or access to information on your end device (e.g. via device fingerprinting), data processing is also based on Section 25 (1) TTDSG. Consent can be revoked at any time. If your data is required to fulfil a contract or to carry out pre-contractual measures, we process your data on the basis of Art. 6 (1) (b) GDPR. Furthermore, where your data is required to fulfil a legal obligation, we process it on the basis of Art. 6 (1) (c) GDPR. Data processing can also take place on the basis of our legitimate interests, in accordance with Art. 6 (1) (f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this data protection declaration.

Unless a specific storage period is specified in this data protection information, your personal data will be stored until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing it (e.g. tax or commercial law retention periods); in the latter case, the data will be deleted once these reasons cease to exist.

Your rights

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and the recipients thereof, and the purpose of data processing, as well as, if necessary, a right to correction or deletion of such data at any time. You may contact us at any time if you have further questions on the subject of personal data.

You have the right to request the restriction of processing of your personal data. You may contact us at any time regarding such restriction. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of personal data stored by us, we may need time to check this. For the duration of the checking period, you have the right to stipulate that the processing of your personal data be restricted. If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to demand that the processing of your personal data be restricted instead of being deleted.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to demand that the processing of your personal data be restricted instead of being deleted.
  • If you have lodged an objection in accordance with Art. 21 (1) GDPR, an assessment must be made of both your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, this data may only be processed — storage is exempt here — with your consent, or for the assertion, exercise or defence of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

You have the right to have data that we process automatically following your consent, or in fulfilment of a contract, provided to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another party, this will only be done to the extent that it is technically feasible.

WHERE DATA PROCESSING IS BASED ON ART. 6 (1) (E) or (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION INFORMATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR WHERE THE PROCESSING IS FOR THE PURPOSE, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING — TO THE EXTENT THIS IS RELATED TO DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSES OF DIRECT MARKETING (OBJECTION ACCORDING TO ART. 21 (2) GDPR).

Many data processing operations are only possible with your express consent. You can revoke any consent given, at any time. The legality of the data processing that took place prior to revocation remains unaffected by the revocation.

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Data collection on our website

This website is hosted by an external service provider (host). Personal data collected on this website is stored on the host’s servers. This can involve, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and other data generated via a website.

The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of the secure, fast and efficient provision of our online offering by a professional provider, according to Art. 6 (1) (f) GDPR). Where corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 (1) (1) (a) GDPR and Art. 25 (1) TTDSG, insofar as consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Our host will only process your data to the extent that this is necessary to fulfil its performance obligations and will follow our instructions in relation to this data. In order to ensure data processing is compliant with protection measures, we have concluded an order processing contract with our host.

“Cookies” refer to small files that are stored on users’ devices. Different information can be stored by means of cookies. The information can include, for example, the language settings on a website or the point at which a video was viewed.

Our website currently does not use cookies.

If you contact us by email, telephone or fax, your enquiry, including all resulting personal data (name, enquiry), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

This data is processed on the basis of Art. 6 (1) (b) GDPR if your request is related to the fulfilment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interests in the effective processing of the enquiries addressed to us (Art. 6 (1) (f) GDPR).

The data you sent to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions — in particular statutory retention periods — remain unaffected.

We offer you the opportunity to apply to work with us (e.g. by email, by post or via the online application form). In the following we will inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data takes place in accordance with the applicable data protection law and all other statutory provisions, and that your data will be treated with the utmost confidentiality.

If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, etc.) insofar as this is necessary to make a decision on the establishment of an employment relationship. The legal basis for this is Art. 26 German Federal Data Protection Act [BDSG] under German law (initiation of an employment relationship), Art. 6 (1) (b) GDPR (general contract initiation) and — if you have given your consent — Art. 6 (1) (a) GDPR. Consent can be revoked at any time, effective going forward. Within our company, your personal data will only be passed on to those people who are involved in processing your application.

If the application is successful, the data you submit will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6 (1) (b) GDPR for the purpose of instigating the employment relationship.

If we are unable to make you a job offer, or if you reject a job offer or withdraw your application, we reserve the right to store the data you have provided, on the basis of our legitimate interests (Art. 6 (1) (f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents will be destroyed. Storage serves in particular as evidence in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), it will only be deleted if the purpose for further storage no longer applies.

A longer duration of storage is also possible if you have given your consent (Art. 6 (1) (a) GDPR) or if statutory storage obligations prevent the deletion of the relevant information. Consent can be revoked at any time, effective going forward.

Plug-ins und Tools

This site uses MyFonts. These are fonts that are loaded into your browser when you visit our website in order to ensure a uniform typeface when displaying the website. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA. In order to check compliance with the licence terms and the number of monthly page views, MyFonts transmits your IP address along with the URL of our website and our contract data to its servers in the USA. According to Monotype, your IP address will be anonymised immediately after transmission so that no personal reference can be made (anonymisation).

For details, see Monotype’s data protection declaration at https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-trackingvon-webschriften

Our social media presence

We maintain publicly accessible profiles on social networks. Details of the social networks we use can be found below. Our social media presence serves our public relations efforts, i.e. offering our customers information about offers, products, competitions, news and, of course, interaction with our visitors on the various platforms as regards all of these topics, including answering corresponding queries. An informational visit to our social media platform is generally possible without the active provision or collection of personal data.

In addition, the social media platforms offer the possibility of a wide variety of content such as videos, pictures, public messages and the opportunity to leave comments (posts) on our company profiles. In the case of illegal or inappropriate posts and content on our website (this includes, among other things, law-infringing or illegal posts, hate comments, suggestive comments (explicitly sexual content) or attachments such as images or videos, as well as violations of copyrights, personal rights, criminal laws), we are jointly responsible with the operator of the platform for their deletion. In the case of direct communication addressed to us (private messages, letters or emails), the operator has no influence.

Social media platforms are usually able to analyse your user behaviour comprehensively when you visit the relevant websites or a website with integrated social media content (e.g. ‘like’ buttons or advertising banners). Visiting our social media profiles may trigger numerous data protection-related processing operations. These include, for example:

  • The entire infrastructure of social media platforms is the responsibility of the respective operator. This party maintains its own data protection regulations and a corresponding user relationship with you, should you act as a registered user.
  • If you are logged into your social media account and visit our social media profile, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, however, your personal data can also be recorded if you are not logged in or do not have an account with the respective social media platform. In this case, this data collection takes place, for example, via cookies that are stored on your end device or due to the collection of various data and information in so-called log files or server log files, such as your IP address, which can be required for technical reasons.
  • With the help of the data collected in this way, the operators of the social media platforms can create user profiles, within which your preferences and interests are stored. In this way, interest-targeted advertising can be displayed to you both inside and outside of the respective social media platform. If you have an account with the respective social network, interest-targeted advertising can be displayed on all devices that you are currently, or have been, logged into.

Please note that we cannot trace all processing procedures on the social media platforms. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media platforms. Details can be found in the terms of use and data protection regulations of the respective social media platforms.

Wherever we have the opportunity, we ensure that our social media offerings are as data protection-friendly as possible.

Our social media presence serves our public relations work and is intended to ensure the widest possible footprint on the Internet. In addition, there exists a legitimate interest in answering enquiries from our users and visitors, and maintaining and promoting customer satisfaction in this way. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).

If you visit one of our social media profiles (e.g. on Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can exercise your rights (as regards information, correction, deletion, restriction of processing, data transferability and complaints) both against us as well as the operator of the respective social media platform (e.g. vs. Facebook).

Please note that despite joint responsibility with social media platform operators, we do not have full influence over data processing operations of the social media platforms. Our options are largely based on the corporate policy of the respective provider.

Data collected directly by us via a social media profile will be deleted from our systems as soon as the purpose for storing it no longer applies, you request that we delete it, revoke your consent to storage or in the event that the purpose for storing the data no longer applies. Mandatory legal provisions — especially retention periods — remain unaffected.

We have no influence over the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. via the info in their data protection declaration, see below). Cookies that you have saved remain on your end device until you delete them.

Public posts that you have published on one of our social media profiles remain in effect indefinitely. You of course have the option to delete the post yourself, as far as this is possible. As already set out above, we reserve the right to independently delete illegal or inappropriate posts and content on our website. We have no influence over the deletion of your data or content by the social media platform operator. In addition, the data protection regulations of the respective platform operators apply.

We reserve the right to adapt this data protection information so that it always corresponds to the current legal requirements, or to implement changes to our services in the data protection information, for example, when introducing new services. The new data protection information will then apply to any new visit to the website.

Valid as at: 07.08.2023