Privacy policy
Woco attaches particular importance to the appropriate handling of your data. It is therefore particularly important to us to maintain a privacy policy that is suitable for you. This is the only way we can ensure the security of your privacy and the confidentiality and integrity of your data. Our group-specific data protection declarations show which personal data is collected, processed and used.
You can adjust your cookie settings here.
1. Who is responsible for data protection?
Woco Industrietechnik GmbH is responsible for data processing.
Phone: +49 6056 78-0,
E-Mail: info@de.wocogroup.com
2. How can you contact our data protection officer?
You can reach our data protection officer by e-mail at: datenschutz@de.wocogroup.com.
3. What data do we process and where does it come from?
We process personal data that we receive from you in connection with an application. In particular, the following data is processed: master data (e.g. name, address and contact details, curriculum vitae), correspondence data (e.g. correspondence with you) and other applicant data[1] (certificates, proof of further training, etc.).
4. What do we process your data for (purpose of processing) and on what legal basis?
In order to protect your personal data provided to us as part of the application process, we comply with the legal provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
All data that you provide to us as part of your application will be processed solely for the purpose of carrying out the application and selection process and will be used solely to assess your professional suitability and to contact you. These include, among others: Your title, first name, last name, address, contact details, CV and data on your education and qualifications (Art. 6 para. 1 lit. b) GDPR; § 26 BDSG). In the context of employment, you only have to provide the personal data that is necessary for the establishment, implementation and termination of the employment.
If you provide us with "special categories of personal data" in accordance with Art. 9 GDPR in the documents you submit as part of the application process (e.g. a photo that reveals ethnic origin, etc.), the processing also refers to this data.
However, we would like to judge all applicants only on the basis of their qualifications and therefore ask you to refrain from providing such information in your application as much as possible. All necessary technical and organizational security measures are taken to protect your data from loss and misuse.
If and to the extent that you have given us your consent to the processing of personal data, the respective consent is the legal basis for the processing mentioned there (Art. 6 para. 1 lit. a) GDPR). You can revoke consent at any time with effect for the future. We will obtain separate consent from you to include your applicant data in our applicant pool.
5. Who do we share the data with?
Your application documents will only be passed on to those departments of us that need them to evaluate the application and for hiring them (Human Resources Department and the respective department to which the application relates). In addition, external bodies will only receive your data without exception if they have been contractually bound by us to fulfil their obligations as processors (Art. 28 GDPR) and guarantee that they process your data in accordance with our instructions.
6. Do we transfer data to third countries?
Your data will only be processed within the European Union and states within the European Economic Area (EEA). Otherwise, you will always be informed separately in advance, including the right to object to such data transfer separately at any time.
7. How long do we store your data?
We only store your personal data for as long as is necessary for the provision of the associated contractual services. In addition to the duration of the actual application process, this also includes data processing in the context of the initiation and processing of the employment relationship. In addition, we are subject to various retention and documentation obligations, which result from the General Equal Treatment Act (AGG) and the Code of Civil Procedure (ZPO), among others.
8. Is there an obligation to provide data?
As part of the application, you only have to provide the personal data that is necessary for the start, implementation and completion of the application process.
9. To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use automated decision-making in accordance with Art. 22 GDPR to justify and execute the application. If we use these procedures in individual cases, we will inform you separately.
10. To what extent do we use your data for profiling?
We do not process your data for so-called "profiling" in accordance with Art. 4 No. 4 GDPR.
11. What data protection rights do you have?
Under the respective legal requirements, you have the right to request confirmation at any time as to whether we are processing personal data and the right to information (Art. 15 GDPR, § 34 BDSG) about this personal data. In addition, you have the right to rectification (Art. 16 GDPR), deletion (Art. 17 GDPR, § 35 BDSG) and restriction of data processing (Art. 18 GDPR), as well as the right to object to the processing of personal data (Art. 21 GDPR) at any time, or to revoke your consent to data processing at any time or to demand data transfer (Art. 20 GDPR). In addition, you have the right to complain to a supervisory authority in the event of data protection violations (Art. 77 GDPR, § 19 BDSG).
With this data protection notice, we inform you about the processing of your personal data by us and about the rights to which you are entitled. The legal basis can be found in the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
1. Who is responsible for data protection?
Woco Industrietechnik GmbH is responsible for data processing.
Phone: +49 6056 78-0,
E-Mail: info@de.wocogroup.com
2. How can you contact our data protection officer?
You can reach our data protection officer by e-mail at: datenschutz@de.wocogroup.com.
3. What data do we process and where does it come from?
a) Personal Identification and Family Information:
Employee's name and contact information (home address, telephone and fax numbers, and email address), as well as emergency contact information, gender, photograph (with your consent), credit card and bank account details, marital status, date of birth, nationality and residence information, social security or national insurance number or other local equivalent, national ID number, passport number, driver's license number, number of the work permit, tax identification numbers, severe disability and
b) Personal information relating to the employment relationship:
including job/position title, names, titles and department of supervisors, managers' direct supervisors, workplace contact information (e.g., building location and address, telephone and fax numbers, and email address), company ID number, job description code, job action code, region, time zone, employee identification number, IP address, username(s), password(s), access control data, video data, Division, subdivision, department, employment contract, employment biography (including references from previous employers), employees posted abroad, working hours, vacation entitlements, payroll and compensation related data (bonus information, pay scales, and any wage/salary-related changes), pension program participation information, absence information, travel and expense-related information, Company credit card information, information on fees and deductions for payroll purposes (e.g., loans, alimony), information on benefits (housing, vehicle, transportation, meals, family, or other), qualifications and work experience, training, talent management information, performance-related information, and information regarding career goals, date of employment, length of service, date of departure (where applicable), reports from executive search firms, or Temporary employment agencies (where applicable), degree of severe disability, health data and any additional information contained in conflicts of interest confirmations.
4. What do we process your data for (purpose of processing) and on what legal basis?
a) Based on your consent to data processing (Art. 6 para. 1 lit. a) GDPR)
If and to the extent that you have given your consent to the processing of personal data, the respective consent is the legal basis for the processing specified therein. You can revoke consent at any time with effect for the future.
b) For contractual purposes and purposes of the employment relationship (Art. 6 para. 1 lit. b) GDPR)
Your data will be processed for the purpose of initiating or executing our contracts with you. In addition, data processing is carried out for the purposes of the employment relationship if this is necessary for the decision on the establishment of an employment relationship or, after the establishment of the employment relationship, for its implementation or termination. The specific purposes of data processing depend in detail on the respective employment contracts. For the purposes of the employment relationship, the processing is also partly carried out based on collective agreements (in particular collective agreements and works agreements).
c) In the context of the balancing of interests (Art. 6 para. 1 lit. f) GDPR)
Your data may also be used based on a balancing of interests to protect the legitimate interests of us or third parties. This is done, for example, for the purpose of ensuring IT security and IT operations, asserting legal claims and defending in legal disputes, preventing and solving crimes, as well as risk management and fraud prevention.
d) Due to legal requirements (Art. 6 para. 1 lit. c) GDPR)
We are subject to various legal obligations that entail data processing. These include, for example, tax laws, as well as statutory accounting, the fulfilment of inquiries and requirements from national or foreign supervisory or law enforcement authorities as well as the fulfilment of control and reporting obligations under tax law, as well as the Working Hours Act (ArbZG) or the Minimum Wage Act.
The following are individual purposes that may be relevant to your role:
• Managing current employee relationships (including organizing workflows and training staff)
• Compensation and perks (such as compensation and bonus analysis and administration)
• Financial transactions (including payroll processing, administration of wages, expenses, taxes, required notices to government agencies, transfer of corporate credit cards, and reimbursement of travel and expenses)
• Recruitment (including grading)
• Maintenance of employee directories and organizational charts
• Employee performance (including complaints/reports of misconduct, resolving conflicts of interest, conducting performance reviews, promoting career or leadership development, organizing the "whistleblower" program, customer relations/satisfaction)
• Security of Woco's assets and personnel (verification of video surveillance systems), verification of online behavior, employee's workplace, verification of email traffic (during an investigation), verification of the use of electronic asset tools)
• Workforce Scheduling
• Employee Engagement
• Brand promotion, maintenance and promotion of products/services (including marketing activities and social media activities)
• Investigation of cases of non-compliance with laws and company policies as well as dealing with disciplinary measures (controlling, monitoring and enforcing compliance with Woco company policies and processes and with legal and regulatory requirements)
• IT management (including provision of IT support and services)
• Employee health and safety
• Severe disability
• Fraud and Loss Prevention and Detection
• Mergers, acquisitions and/or restructurings (including the completion of any actual or proposed purchases of all or part of Woco's business or, in the event of a merger, acquisition or public offer, providing the necessary information to the purchaser of shares or assets of Woco or any of its direct or indirect subsidiaries), and concluding any other purpose, which are directly related to the above.
5. Who do we share the data with?
Within the company, we will only pass on your data to those departments that need it to fulfil contractual and legal obligations or to perform their respective tasks (e.g. Human Resources). In addition, external bodies will only receive your data without exception if they have been contractually bound by us to fulfil their obligations as processors (Art. 28 GDPR) and guarantee that they process your data in accordance with our instructions. In addition, we only pass on data to persons or bodies for which you have given us your consent to transfer data, or if we are legally obliged to pass it on.
As part of normal business operations, employee data may be disclosed to third-party HR and payroll related functions (e.g., banks, insurance companies, and other employee service providers), as well as governance, risk, compliance, and security management. Woco may also disclose employee data to third-party service providers, for example in connection with information technology support (e.g., software maintenance and data hosting, remote management of IT infrastructure and applications, application development and maintenance, and global service desk operations) and HR support (e.g., benefits and consulting for human capital management, performance and talent management, career planning, employee training, payroll solutions, and Expense reporting and credit card management), marketing support and social media support, and in connection with corporate finance, accounting, reporting and payroll payment services entrusted to those service providers. In addition, employee data for the booking of work-related travel arrangements may be disclosed to a third-party travel agency, which in turn may transfer employee data to Woco.
Woco may also disclose employee information to government and regulatory authorities (e.g., tax authorities), social services (e.g., social services), providers of other services (e.g., health insurance companies), outside consultants (e.g., lawyers, auditors, auditors), courts, and government agencies to the extent required or permitted by applicable legal obligations.
Woco and its affiliates may transfer employee data to the other Woco companies with a branch in Germany, whereby the employee data is protected with appropriate additional safeguards.
6. Do we transfer data to third countries?
Your data will only be processed within the European Union and states within the European Economic Area (EEA). Otherwise, you will always be informed separately by us in advance, including the right to object to such data transfer separately at any time.
Some of the third-party service providers may be located in territories outside the EU that do not provide a level of protection for personal data equivalent to that provided by your home country. Woco
- exercise reasonable due diligence in the selection of such external service providers, and
- requests appropriate contractual measures so that the third-party service providers maintain adequate technical and organizational security measures in compliance with applicable legal requirements in order to protect the employee data and to process the employee data only as mandated by Woco and for no other purpose.
In order to provide adequate protection for transfers outside the EU, Woco uses transfer mechanisms recognised by your home country, which may involve the fulfilment of appropriate contractual clauses based on and in accordance with EU model clauses. In the area of third-party providers, which are subject to national laws that allow increased access by authorities and are not equivalent to your home country, so-called "additional safeguards" are agreed. These additional guarantees may include, but are not limited to:
- Technical measures such as encryption or anonymization
- Contractual measures such as amendments to the EU model clauses.
7. How long do we store your data?
We will only store your personal data for as long as is necessary for the performance of the associated employment relationship. In addition, we are subject to various retention and documentation obligations, which include, among other things, tax regulations (e.g. the German Commercial Code (HGB)); Tax Code (AO)) as well as from labour law provisions. The retention or documentation periods specified there are five to ten years. Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), can usually be three years, but in certain cases up to 30 years. The records of working hours in accordance with § 16 of the Working Hours Act (ArbZG) are kept for 2 years.
8. Is there an obligation to provide personal data?
In the context of the employment relationship, you only have to provide the personal data that is necessary for the commencement, implementation and termination of the employment relationship.
9. To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use automated decision-making in accordance with Art. 22 GDPR to establish and carry out the business relationship. If we use these procedures in individual cases, we will inform you separately.
10. To what extent do we use your data for profiling?
We do not process your data automatically with the aim of evaluating certain personal aspects (so-called "profiling" in accordance with Art. 4 No. 4 GDPR).
11. What data protection rights do you have?
Under the respective legal requirements, you have the right to request confirmation at any time as to whether we are processing personal data and the right to information (Art. 15 GDPR, § 34 BDSG) about this personal data. In addition, you have the right to rectification (Art. 16 GDPR), deletion (Art. 17 GDPR, § 35 BDSG) and restriction of data processing (Art. 18 GDPR), as well as the right to object to the processing of personal data (Art. 21 GDPR) at any time, or to revoke your consent to data processing at any time or to demand data transfer (Art. 20 GDPR). In addition, you have the right to complain to a supervisory authority in the event of data protection violations (Art. 77 GDPR, § 19 BDSG).
With this data protection notice, we inform you about the processing of your personal data by us and the rights to which you are entitled. The legal basis can be found in the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
1. Who is responsible for data protection?
Woco Industrietechnik GmbH is responsible for data processing
Phone: +49 6056 78-0, E-Mail: info@de.wocogroup.com
2. How can you contact our data protection officer?
You can reach our data protection officer at datenschutz@de.wocogroup.com.
3. What data do we process and where does it come from?
We process personal data that we receive from you in connection with an application. In particular, the following data is processed: Master data (e.g. name, address and contact details, CV), correspondence data (e.g. correspondence with you) and other applicant data (certificates, training certificates, etc.).
4. What do we process your data for (purpose of processing) and on what legal basis?
a) On the basis of your consent to data processing (Art. 6 para. 1 lit. a GDPR)
If and insofar as you have given your consent to the processing of personal data, the respective consent is the legal basis for the processing specified therein. This applies, for example, to the receipt of electronic customer information. You can revoke your consent at any time with effect for the future.
b) For the fulfillment of contractual obligations (Art. 6 para. 1 lit. b GDPR)
Your data will be processed to initiate or execute our contracts with you or our contractual partners,
i.e. for the provision of our services, for example. The specific purposes of data processing depend in detail on the respective service and product descriptions and the associated contract documents.
c) Due to legal requirements (Art. 6 para. 1 lit. c GDPR)
We are subject to various legal obligations that entail data processing. These include, for example, tax laws and statutory accounting, the fulfillment of inquiries and requirements of national or foreign supervisory or law enforcement authorities as well as the fulfillment of tax control and reporting obligations.
d) In the context of the balancing of interests (Art. 6 para. 1 lit. f GDPR)
Your data may also be used on the basis of a balancing of interests to protect the legitimate interests of us or third parties. This is done, for example, for the purpose of further developing our services or systems and products, ensuring IT security and IT operations, advertising, market and opinion research, the assertion of legal claims and defense in legal disputes, the prevention and investigation of criminal offenses as well as risk management and fraud prevention.
5. Who do we pass the data on to?
Your data will only be passed on by us within the company to those of our departments that need it to fulfill their contractual and legal obligations or to fulfill their respective tasks (e.g. customer service, IT, sales and marketing). In addition, external bodies will only receive your data without exception if they have been contractually obliged by us to fulfill their obligations as processors (Art. 28 GDPR) and guarantee that they will process your data in accordance with our instructions. In addition, we only pass on data to persons who work on behalf of our contractual partners or to bodies or persons for whom you have given us your consent to transfer data.
6. Do we transmit data to third countries?
When using Microsoft 365, personal data is transferred to third countries. Further details on data protection and data security at Microsoft can be found at:
https://privacy.microsoft.com/de-de/privacystatement
Otherwise, your data will only be processed within the European Union and countries within the European Economic Area (EEA). Otherwise, you will always be informed separately in advance, including the right to object to such data transfer separately at any time.
7. How long do we store your data?
We only store your personal data for as long as is necessary for the provision of the associated contractual services. In addition to the duration of the actual business relationship, this also includes data processing in the context of the initiation and execution of contracts. In addition, we are subject to various retention and documentation obligations arising from the German Commercial Code (HGB) and tax regulations (German Fiscal Code - AO), among others. The retention and documentation periods specified there are five to ten years. Finally, the storage period is also determined by the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to 30 years.
8. Is there an obligation to provide data?
As part of our business relationship, you must only provide the personal data that is required for the establishment, execution and termination of a business relationship or that our contractual partners or we are legally obliged to collect. Otherwise, it will not be possible to conclude or execute the contract.
9. To what extent is there automated decision-making in individual cases?
In principle, we do not use automated decision-making in accordance with Art. 22 GDPR to establish and conduct the business relationship. Should we use these procedures in individual cases, we will inform you of this separately.
10. To what extent do we use your data for profiling?
We process your data partly automatically with the aim of evaluating certain personal aspects (so-called "profiling" in accordance with Art. 4 No. 4 GDPR). Profiling is used, for example, to determine the potential interest of our contractual partners in our products and your services. This evaluation is carried out, for example, on the basis of statistical procedures using current and past customer data. We use the results to address you in a more needs-based and targeted manner.
11. What data protection rights do you have?
Under the respective legal requirements, you have the right to request confirmation at any time as to whether we process personal data and the right to information (Art. 15 GDPR, Section 34 BDSG) about this personal data. You also have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR, Section 35 BDSG) and restriction of data processing (Art. 18 GDPR), as well as the right to object to the processing (Art. 21 GDPR) of personal data at any time, or to withdraw your consent to data processing at any time or to request data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a supervisory authority in the event of data protection violations (Art. 77 GDPR, Section 19 BDSG).
12. Separate reference to your right to object
1. Right to object on a case-by-case basis
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (data processing on the basis of a balancing of interests). This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR, which may be carried out, for example, for customer advice and customer support and for sales purposes. If you object, your personal data will no longer be processed unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
2. Right to object to the processing of data for direct marketing purposes
We may also process your data for direct marketing purposes within the scope of the statutory provisions. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising, without incurring any costs other than the transmission costs according to the basic rates. This also applies to profiling insofar as it is associated with such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection can be made in any form. The contact details can be found in section 1 of this privacy policy.
With this data protection notice, we inform you about the processing of your personal data by us and the rights to which you are entitled. The legal basis can be found in the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
1. Who is responsible for data protection?
Responsible for data processing is Woco Industrietechnik GmbH
Phone: +49 6056 78-0, E-Mail: info@de.wocogroup.com
2. How can you contact our data protection officer?
You can reach our data protection officer at datenschutz@de.wocogroup.com.
3. What data do we process and where does it come from?
We process personal data that we receive from you in connection with the initiation of a business relationship (e.g. inquiry, quotation) or from the business relationship. In particular, the following data is processed: Master data (e.g. name, address and contact details of the legal representatives, bank details and tax number of the contractual partner; contact details of the individual contact persons ), correspondence data (e.g. correspondence with you, customer support) as well as advertising and sales data, contract data (type and content), order data, sales and receipt data, supplier history and consulting documents.
4. What do we process your data for (purpose of processing) and on what legal basis?
a) For the fulfillment of contractual obligations (Art. 6 para. 1 lit. b GDPR)
The personal data is processed for the initiation and execution of the respective supplier contracts. The specific purposes of data processing are determined in detail by the respective service descriptions and the associated contract documents.
b) Due to legal requirements (Art. 6 para. 1 lit. c GDPR)
We are subject to various legal obligations that entail data processing. These include, for example, tax laws and statutory accounting, the fulfillment of inquiries and requirements of national or foreign supervisory or law enforcement authorities as well as the fulfillment of tax control and reporting obligations.
c) In the context of the balancing of interests (Art. 6 para. 1 lit. f GDPR)
The personal data may also be used on the basis of a balancing of interests to protect the legitimate interests of us or third parties. This is done, for example, for the purpose of ensuring IT security and IT operations, advertising, market and opinion research, the assertion of legal claims and defense in legal disputes, the prevention and investigation of criminal offenses as well as risk management and fraud prevention.
5. Who do we pass the data on to?
Your data will only be passed on by us within the company to those of our departments that need it to fulfill their contractual and legal obligations or to perform their respective tasks (e.g. financial accounting, purchasing, IT). In addition, external bodies will only receive your data without exception if they have been contractually obliged by us to fulfill their obligations as processors (Art. 28 GDPR) and guarantee that they will process your data in accordance with our instructions. In addition, we only pass on data to persons who work on behalf of our contractual partners or to bodies or persons for whom you have given us your consent to transfer data.
6. Do we transmit data to third countries?
Your data will only be processed within the European Union and countries within the European Economic Area (EEA). Otherwise, you will always be informed separately by us in advance, including the right to object to such data transfer separately at any time.
7. How long do we store your data?
We only store your personal data for as long as is necessary for the provision of the associated contractual services. In addition to the duration of the actual business relationship, this also includes data processing in the context of the initiation and execution of contracts. In addition, we are subject to various retention and documentation obligations arising from the German Commercial Code (HGB) and tax regulations (German Fiscal Code - AO), among others. The retention and documentation periods specified there are five to ten years. Finally, the storage period is also determined by the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to 30 years.
8. Is there an obligation to provide data?
As part of our business relationship, you must only provide the personal data that is necessary for the establishment, execution and termination of a business relationship or that our contractual partners or we are legally obliged to collect. Otherwise, it will not be possible to conclude or execute the contract.
9. To what extent is there automated decision-making in individual cases?
In principle, we do not use automated decision-making in accordance with Art. 22 GDPR to establish and conduct the business relationship. Should we use these procedures in individual cases, we will inform you of this separately.
10. To what extent do we use your data for profiling?
We do not process your data for so-called "profiling" in accordance with Art. 4 No. 4 GDPR.
11. What data protection rights do you have?
Under the respective legal requirements, you have the right to request confirmation at any time as to whether we process personal data and the right to information (Art. 15 GDPR, Section 34 BDSG) about this personal data. You also have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR, Section 35 BDSG) and restriction of data processing (Art. 18 GDPR), as well as the right to object to the processing (Art. 21 GDPR) of personal data at any time, or to withdraw your consent to data processing at any time or to request data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a supervisory authority in the event of data protection violations (Art. 77 GDPR, Section 19 BDSG).
Kronach
Name and contact details of the person responsible and, if applicable, their representative:
Woco Kronacher Kunststoffwerk GmbH, Industriestraße 7, 96317 Kronach
Phone: +49 9261 505-299, E-Mail: kronacher@de.wocogroup.com
Contact details of the data protection officer:
You can contact our data protection officer (Claudia Albrecht, PRW Consulting GmbH) at the following e-mail address:
Purposes and legal basis of data processing:
Video surveillance is carried out within the scope of domiciliary rights to safeguard Woco's legitimate interest in preventing and preserving evidence of criminal offenses. Surveillance is not used to monitor performance and behavior or to compare and measure the performance of employees.
Legal basis: Art. 6 para. 1 lit. f) GDPR.
Legitimate interests that are being pursued:
The camera surveillance system serves exclusively a) to prevent or detect access by unauthorized persons, to prevent industrial espionage, theft, etc., b) to record damage to property, c) to prevent or detect theft on the company premises and to prevent or detect criminal offences, d) to comply with legal, regulatory or customer requirements and e) to detect violations that would justify extraordinary termination of employees without notice.
Storage duration or criteria for determining the duration:
The retention periods for the video streams vary and are defined per camera and recording purpose. Recordings from video surveillance are generally deleted after 14 days. If facts justify the assumption that actions can be identified that can be prosecuted as a criminal offence or used to assert claims under civil law, they are stored for a longer period of time, as there are specific reasons for this.
Recipients or categories of recipients of the data (if data transfer takes place):
The persons responsible for video surveillance have access to the recordings as part of their work. Data from recordings is only transferred to third parties (e.g. law enforcement authorities) if this is necessary to investigate criminal offenses.
Information on the rights of data subjects
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.
The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her and, where applicable, the completion of incomplete personal data (Art. 16 GDPR).
The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the grounds listed in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued (right to erasure).
The data subject has the right to obtain from the controller restriction of processing where one of the conditions listed in Art. 18 GDPR applies, e.g. if the data subject has objected to processing, for the duration of the controller's review.
The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. The controller will then no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims (Art. 21 GDPR).
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Art. 77 GDPR). The data subject may exercise this right before a supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement.
Bad Soden-Salmünster
Name and contact details of the person responsible and, if applicable, their representative:
Woco Industrietechnik GmbH, Hanauer Landstraße 16, 63628 Bad Soden-Salmünster
Phone: +49 6056 78-0
E-Mail: info@de.wocogroup.com
Contact details of the data protection officer:
You can contact our data protection officer (Claudia Albrecht, PRW Consulting GmbH) at the following e-mail address:
Purposes and legal basis of data processing:
Video surveillance is carried out within the scope of domiciliary rights to safeguard Woco's legitimate interest in preventing and preserving evidence of criminal offenses. Surveillance is not used to monitor performance and behavior or to compare and measure the performance of employees.
Legal basis: Art. 6 para. 1 lit. f) GDPR.
Legitimate interests that are being pursued:
The camera surveillance system serves exclusively a) to prevent or detect access by unauthorized persons, to prevent industrial espionage, theft, etc., b) to record damage to property, c) to prevent or detect theft on the company premises and to prevent or detect criminal offences, d) to comply with legal, regulatory or customer requirements and e) to detect violations that would justify extraordinary termination of employees without notice.
Storage duration or criteria for determining the duration:
The retention periods for the video streams vary and are defined per camera and recording purpose. Recordings from video surveillance are generally deleted after 7 days. If facts justify the assumption that actions can be identified that can be prosecuted as a criminal offense or used to assert civil law claims, they are stored for a longer period of time, as this is based on a specific occasion.
Recipients or categories of recipients of the data (if data transfer takes place):
The persons responsible for video surveillance are given access to the recordings as part of their work. Data from recordings is only transferred to third parties (e.g. law enforcement authorities) if this is necessary to investigate criminal offenses.
Information on the rights of data subjects
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.
The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her and, where applicable, the completion of incomplete personal data (Art. 16 GDPR).
The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the grounds listed in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued (right to erasure).
The data subject has the right to obtain from the controller restriction of processing where one of the conditions listed in Art. 18 GDPR applies, e.g. if the data subject has objected to processing, for the duration of the controller's review.
The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. The controller will then no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims (Art. 21 GDPR).
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Art. 77 GDPR). The data subject may exercise this right before a supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement.
This data protection notice informs you about the processing of your personal data by us and the rights to which you are entitled.
1.Who is responsible for data protection?
The following Woco Group companies are responsible for data processing:
Woco GmbH & Co. KG, Woco Franz Josef Wolf Holding GmbH, Woco Industrietechnik GmbH, Woco IPS GmbH, Effbe GmbH, Woco Kronacher Kunststoffwerk GmbH, Woco Eisenacher Kunststofftechnik GmbH.
Phone: +49 6056 78-0, E-Mail: info@de.wocogroup.com
2. How can you contact our data protection officer?
You can reach our data protection officer by e-mail at: datenschutz@de.wocogroup.com
3. What data do we process and where does it come from?
The WOCO AR app enables you to obtain detailed information on individual components and products of the Woco Group via QR codes. In order for the WOCO AR app to provide this service, you need authorization to access the following functions on your mobile device:
- Camera (no recording or storage of image data takes place at any time);
- Internet;
- Location (location data, e.g. for geolocalization, is not processed either by the Woco Group or by our external service provider).
Your contact details are not accessed. The app can be used without registration (e.g. via an e-mail address).
In exceptional cases, people may also be in the camera's field of vision. However, such image data is not processed or used; no recordings are made (see above).
4. What do we process your data for (purpose of processing) and on what legal basis?
This process serves to inform and train the trainees and interns of the Woco Group and other interested parties.
The legal basis for data processing is Art. 6 para. 1 lit. a) GDPR (consent to the release of authorizations) and Art. 6 para. 1 lit. f) GDPR (legitimate interest). The legitimate interest is to ensure the technical functionality of the app.
5. Who do we pass the data on to?
Personal data is only passed on within the company to those departments that need it to fulfill contractual and legal obligations or to perform their respective tasks. In addition, external bodies only receive personal data if we have obligated them to fulfill their data protection obligations. The app is managed and maintained by our service provider, romeis Information Engineering GmbH. The WOCO AR app is hosted via Google Cloud.
6. Do we transmit data to third countries?
We do not transfer personal data to recipients in so-called third countries, i.e. countries outside the European Economic Area (EEA) or to international organizations, as part of this process.
7. How long do we store your data?
We only store your personal data for as long as is necessary to provide the associated services (use of the app). Image data is not recorded or stored at any time.
8. Is there an obligation to provide data?
You only need to provide the personal data required to use the services.
9. To what extent is there automated decision-making in individual cases?
We do not use automated decision-making in accordance with Art. 22 GDPR as part of this process.
10.To what extent do we use your data for profiling?
We do not process your data automatically with the aim of evaluating certain personal aspects (so-called "profiling" in accordance with Art. 4 No. 4 GDPR).
11. Which data protection rights do you have?
Under the respective legal requirements, you have the right to request confirmation at any time as to whether we process personal data and the right to information (Art. 15 GDPR, Section 34 BDSG) about this personal data. You also have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR, Section 35 BDSG) and restriction of data processing (Art. 18 GDPR), as well as the right to object to the processing (Art. 21 GDPR) of personal data at any time, or to withdraw your consent to data processing at any time or to request data portability (Art. 20 GDPR). You also have the right to lodge a complaint with a supervisory authority in the event of data protection violations (Art. 77 GDPR, Section 19 BDSG).