We welcome your interest in our website www.zeppelin.com/de-en/powersystems (“Website”) and would like to make your visit as enjoyable as possible. The operator of this Website and the controller for the processing of your personal data through this Website is Zeppelin Power Systems GmbH & Co. KG, Ruhrstraße 158, 22761 Hamburg, Germany, Phone: +49 40 8531510, Email: zps.hamburg(at)zeppelin(dot)com
Alongside easy, efficient operability, we consider the protection of your personal data to be a top priority. The protection of your privacy is a key concern for us when processing personal data and we take this into account in all our business processes.
Therefore our processing of personal data collected during a visit to our Website always takes place in line with the respective provisions governing data protection.
This data protection statement will tell you which of your personal data are collected and retained when you visit our Website or use our services offered through the Website. You will also receive information on how and on what legal basis your data are used, what rights you have with regard to the use of your data, and which contact methods are available to you.
1. Processing of personal data and purposes of the processing
1.1 What are personal data?
Personal data means all information relating to an identified or identifiable natural person, Article 4(1) GDPR. This includes information such as your name, address, phone number, and date of birth. Data which cannot be traced to you, such as statistical or anonymous data, are not personal data.
1.2 Which data do we collect?
With the exception of the IP address, personal data are only processed if you have notified us of these data voluntarily, e.g. during registration, an application, for sending information, for inquiries via the Website contact form, or to initiate or execute a contractual agreement. The following specific personal data are collected:
1.2.1 When visiting our Website
You can visit our Website without disclosing information regarding your identity. When you open our Website, your browser information will however be automatically sent to our Website servers, and temporarily stored in a log file. Your identity is not disclosed by this information.
The following information is recorded without your consent, and is retained until it is automatically erased after six months:
The IP address of the requesting computer,
the date and time of the visit,
the name and URL of the accessed file,
the browser that you have used and if applicable, your computer’s operating system,
websites from which the user’s system has reached our Website (referrer),
websites which are opened through our Website from the user’s system.
These data are collected and processed to enable use of our Website (connecting). These data are retained exclusively for technical reasons, and at no point are they attributed to a specific person. The legal basis for the processing of your personal data to this extent is point (b) of Article 6(1) GDPR. The collection of these data serves to ensure system security and stability, as well as technical administration of the network infrastructure. The legal basis to this extent is point (f) of Article 6(1) GDPR. Our legitimate interest in data processing lies in ensuring that our Website functions properly, and that communication through the Website is properly handled. In relation to the foregoing, we cannot attribute this information to you personally.
1.2.2 When using the contact form
If you have any questions, we provide the option of contacting us via a form provided on the Website. The following information is required to allow us to answer your questions:
First name and surname,
valid email address,
valid phone number (optional, for if you require a callback).
The purpose of collecting the data provided in the contact form is to identify the requester, and to be able to reply to the request properly and via the requested communication channel. The legal basis for data processing is point (b) of Article 6(1) GDPR.
Insofar as we process your data for the purposes of accepting and handling your requests, you shall be contractually obliged to provide us with these data. Without these data, we are unable to accept and handle your requests.
1.2.3 When registering for our newsletter
If you wish, you can consent to receiving our newsletter while visiting our website. For our email newsletter registration, we use the double opt-in process, i.e. you will first receive a generic email to confirm your registration. The legal basis for the processing of these data is point (a) of Article 6(1) GDPR. Without your data, we are unable to send you our newsletter.
To send the newsletter, we use only your email address and your name (provided that you have given us these), to send the newsletter and other information on a regular basis (e.g. offers).
At the end of every newsletter, there is a link that you can use at any time to unsubscribe from our mailing list. You can also unsubscribe by sending an email request to firstname.lastname@example.org. This withdraws your consent to receive our newsletter. You can exercise this right of withdrawal at any time with immediate effect, without affecting the legality of any past processing which took place on the basis of the consent.
1.2.4 When using the Facebook contact form (lead form)
If you are interested in our job advertisements you may choose to provide us with your contact details for the purposes of initiating contact and applying for the vacant position via the Facebook social network (“lead form”). Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
Should you choose to do this, the following details are required in order for us to be able to contact you:
First name and surname and
a valid email address,
The purpose for which we collect the data you enter in the contact form is to identify the requester and contact them via the preferred channel, to publicize our job advertisements and to fill the vacant positions. The legal basis for data processing is point (b) of Article 6(1) GDPR. Insofar as we process your data for the purposes of accepting your requests and contacting you, you shall be contractually obliged to provide us with this data. Without this data, we are unable to contact you.
2. Cookies and social plugins
Cookies are used to make your visit to our Website easier and more enjoyable. This is why we use session cookies to detect that you have already visited individual pages on our Website, or that you have already signed into your customer account. They are automatically deleted after you leave our Website.
We also use temporary cookies to enhance user-friendliness. These are stored on your terminal for a specific period. If you visit our site again to use our services, the system automatically detects that you have visited us previously, as well as your input and settings so that you do not need to enter them again.
The legal basis is point (f) of Article 6(1) GDPR. Our legitimate interest in using these cookies lies, as described, in optimizing Website settings for the terminal you are using, and in adapting the user interface.
Most browsers automatically accept cookies. You can configure your browser in such a way that no cookies are stored on your computer, or so that a prompt appears before a new cookie is created. Completely disabling cookies may, however, lead to some of the functions of our Website being lost.
2.2 Use of Google Analytics for Web analysis
In order to tailor our Website to your needs and for continuous optimization of the site, we use Google Analytics, a web analysis service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (https://www.google.de/contact/impressum.html). Pseudonymized user profiles are created and cookies used in this context. The information generated by the cookie through your use of the Website, e.g.
operating system used,
referrer URL (previously visited site),
hostname of the accessing computer (IP address),
time of server request,
is transferred to a Google server in the USA and stored there. The information is used to analyze use of the Website, to compile reports on website activity, and to provide further services relating to website use and internet use for market research purposes and the customization of this Website to meet your needs. This information may also be sent to third parties, insofar as this is a statutory requirement or if third parties are contracted to process these data. Your IP address is never combined with other Google data. IP addresses are rendered anonymous to prevent attribution (IP masking).
You can prevent the installation of cookies by setting your browser software accordingly; please note, however, that in this case you may not be able to use the functions of this Website to their full extent.
Furthermore, you can prevent the acquisition of data generated by the cookie and relating to your use of the Website (including your IP address), as well as the processing of these data by Google, by downloading and installing a browser add-on from https://tools.google.com/dlpage/gaoptout?hl=en.
As an alternative to the browser add-on, in particular for browsers on mobile terminals, you can also prevent recording by Google Analytics by clicking on the link at the end of this document. This sets an opt-out cookie which prevents any future recording of your data when visiting this Website. The opt-out cookie only applies on this browser and to our Website, and is stored on your device. If you delete cookies in this browser, you must reset the opt-out cookie.
More information on data protection in relation to Google Analytics can be found in the Google Analytics guide
Google Analytics is used on the basis of our legitimate interest in tailoring the Website to your needs, statistical analysis, and the efficient advertising of our Website. The legal basis is point (f) of Article 6(1) GDPR.
2.3 Google retargeting/remarketing
As an alternative, particularly for browsers on mobile devices, you can also prevent the use of Google retargeting/remarketing by clicking the link at the end of this document. This sets an opt-out cookie which prevents any future recording of your data when visiting this website. The opt-out cookie only applies on this browser and to our website, and is stored on your device. If you delete cookies in this browser, you must reset the opt-out cookie.
The use of the remarketing or “similar target groups” function takes place on the basis of our legitimate interest in the statistical evaluation of our website and personalized advertising. The legal basis is point (f) of Article 6(1) GDPR.
2.4 Use of Google AdWords conversion tracking
We use the “Google AdWords” online advertising program on our website and also use Conversion Tracking in connection with this program. Google Conversion Tracking is an analytical service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (https://www.google.de/contact/impressum.html). If you click on an advertisement that has been activated by Google, a conversion tracking cookie is stored on your computer. These cookies are only valid for a limited period. They do not contain any personal data and therefore cannot be used to identify an individual. If you visit specific pages of our website and the cookie has not yet expired, we and Google will be able to see that you have clicked on the advertisement and been redirected to this page. Every AdWords customer receives a different cookie. This means that it is not possible to track cookies via the websites of AdWords customers.
The information collected using the conversion cookie is used to produce conversion statistics. This enables us to find out the total number of users who have clicked on one of our advertisements and been redirected to a webpage containing a conversion tracking tag. However, we do not receive any information that could be used to identify a user personally. Processing takes place on the basis of our legitimate interest in providing targeted advertising and analyzing the effectiveness and efficiency of this advertising, pursuant to point f of Article 6(1) GDPR.
You have the right to object to this processing of your personal data on the basis of point f of Article 6(1) GDPR on grounds relating to your particular situation at any time.
You may also prevent the saving of cookies by selecting the appropriate technical settings in your browser software. However, please note that if you do this you may not be able to make full use of all functions of this website. Once you have made these changes you will not be included in the conversion tracking statistics.
As an alternative, you can also prevent the use of Google conversion tracking by clicking the link at the end of this document. This sets an opt-out cookie which prevents any future recording of your data when visiting this website. The opt-out cookie only applies on this browser and to our website, and is stored on your device. If you delete cookies in this browser, you must reset the opt-out cookie.
2.5 Social Web
You may find social plugins from the following social networks in several places on our website. These can be identified by the logo of the respective network:
a. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). You can find an overview of Facebook plugins and their appearance here: https://developers.facebook.com/docs/plugins
b. Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). You can find an overview of Twitter buttons and their appearance here: https://twitter.com/about/resources/buttons
Our website does not use any plugins from these social networks. Our buttons for sharing content through social networks are implemented using “Shariff” software, and data are only sent to the respective social network provider when you click the buttons. If you want to know about Shariff, please click here: http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html.
Various data will only be sent to the respective social network if you click on one of these buttons. These include:
Date and time of visit to the website
URL of website visited
URL of website from which the user visits the website
Operating system used
IP address of the user
If you are also logged into the respective social network while visiting our website, the provider may attribute the visit to your social network account. If you use the plugin functions (e.g. clicking on the “Like” button, posting a comment) this information is also directly sent from your browser to the relevant social network, and is stored there as required. The purpose and extent of data collection, further processing, and use of data by the networks can be found in the data policies of Facebook, Twitter and Instagram:
Facebook data policy: https://www.facebook.com/policy.php
2.6 Facebook Pixel
The data collected about you will be anonymous to us, i.e. they will not allow us to draw any conclusions about the identity of the user. However, Facebook can associate these data with your Facebook account. We have no control over the extent and further use of data collected by Facebook through the use of Facebook Pixel. To the best of our knowledge, Facebook will be informed that you have accessed the relevant section of our website or that you have clicked on one of our advertisements. If you have a Facebook account and are logged into it, Facebook will be able to associate the visit with your user account. Even if you are not logged into Facebook, it is possible that Facebook Pixel may detect and store your IP address and possibly other identifiers.
Use of the “Facebook Pixel” function is based on our legitimate interest in a statistical evaluation of our website and personalized advertising. The legal basis is point (f) of Article 6(1) GDPR.
You may object to the collection of data by Facebook Pixel described above and the use of your data to display Facebook ads. You can set an opt-out cookie in your browser by clicking the link at the end of this document. This will completely prevent data from being transmitted to Facebook. Please note that this cookie will be removed if you delete your cookies.
You can adjust the settings that control the type of ads you are shown on Facebook, on the following Facebook page: https://www.facebook.com/settings?tab=ads. Please note that this cookie will be removed if you delete your cookies.
You can also deactivate cookies used to measure reach and for advertising purposes via one of the following websites:
Please note that this cookie will also be removed if you delete your cookies. You can find further information about data protection on Facebook on the following webpage: https://www.facebook.com/about/privacy. You can find information on Facebook Pixel on the following Facebook page: https://www.facebook.com/business/help/651294705016616
2.7 Showing videos (YouTube)
In several places on our Website, we have embedded videos which are provided by a third party. This concerns videos from the “YouTube” platform. YouTube is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The video content is visualized exclusively through the provider’s use of “enhanced data protection mode”. As a result, only by clicking on a video can a cookie be stored on your computer to collect data for YouTube, and this data may be collected and processed further. We have no influence over this data collection and processing.
If you have a YouTube account and are signed in to it when you open YouTube on our Website, information can be attributed to your YouTube account in relation to the visit to our Website and clicking on videos. If you wish to prevent this, you must sign out of your YouTube account before using our Website and watching the videos.
If you do not wish to transfer data to YouTube, do not click on the videos embedded on our Website.
2.8 Universal Event Tracking (UET)
On our website, we use the Universal Event Tracking (UET) service from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.
If you reach our website via an advert from Microsoft Advertising, Microsoft will set a cookie on your computer (period of storage: 13 months), which enables us to collect and analyze data relating to your use of our website in conjunction with a UET tag integrated on our website. Among other aspects, these data include your average length of visit to our website, information as to which areas of our website you have accessed and what actions you have performed, and which Microsoft Advertising advert brought you to our website. It is not possible for us to draw direct conclusions relating to you as an individual in this process.
The data captured using the cookie are transferred to a Microsoft server in the USA, and saved there for a maximum of 180 days. Your data will not be disclosed to third parties in this process.
If you would not like your data to be processed as explained above, you can object to the processing of your data using the following link: http://choice.microsoft.com/de-DE/opt-out.
Data capture requires the setting of a cookie; you may also deactivate the setting of this cookie in your browser settings.
Further information on the Universal Event Tracking service is available at: https://help.bingads.microsoft.com/#apex/3/de/53056/2 and on data protection at Microsoft at https://privacy.microsoft.com/de-de/privacystatement.
Microsoft has EU-U.S. Privacy Shield certification (which can be viewed using this link); this guarantees that an appropriate level of data protection is maintained in the processing of your data in the USA.
The Universal Event Tracking service is used on the basis of our legitimate interest in tailoring the website to your needs, statistical analysis, and the efficient advertising of our website. The legal basis is point (f) of Article 6(1) GDPR.
2.9 Google Optimize
The “Google Optimize” web analytics and optimization service is used on our Website (hereinafter referred to as “Google Optimize”). The service is made available by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
We use the Google Optimize service to enhance the presentation, content, and functionality of our website by displaying new functions and content to a percentage of our users, and statistically analyzing their changing usage. Google Optimize is a sub-service from Google Analytics.
You can prevent the storage of cookies by applying the corresponding setting in your browser. In addition, you can prevent the acquisition of data generated by the cookie and relating to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Google Optimize is used on the basis of our legitimate
interest in the purposes stated above. The legal basis is point (f) of Article 6(1) GDPR.
2.10 LinkedIn Analytics and LinkedIn Ads
On our Website, we use conversion tracking technology as well as the Retargeting function [SL1] offered by LinkedIn Ireland Unlimited Company (“LinkedIn”).
LinkedIn Ads stores and processes information relating to your usage behavior on our website. To achieve this, LinkedIn Ads uses tools including cookies, which are small text files that are stored locally in the cache of your web browser on your end device, and enable the analysis of your use of our website.
We use LinkedIn Ads for marketing and optimization purposes, in particular to enable us to analyze the use of our Website and improve individual functions and offerings as well as to enhance user experience on an ongoing basis. We can use statistical analysis of user behavior to improve our offerings and make them more interesting to you, the user. This also includes a legitimate interest in the processing of the above data by the third-party provider. The legal basis is point (f) of Article 6(1)(1) GDPR.
You can prevent the storage of cookies by applying the corresponding setting on your browser.
You can object to the analysis of your usage behavior by LinkedIn, and object to interest-based recommendations being displayed, using the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
In addition, LinkedIn has committed to and certified itself in accordance with the Privacy Shield agreement concluded between the European Union and the USA. As a result, LinkedIn is required to comply with the standards and specifications of European data protection law. Further information can be found in the entry linked in the following: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active
2.11 Google reCAPTCHA
We integrate into our Website a function for recognizing bots, e.g. when users enter data into online forms (“reCAPTCHA”); this function is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The aim of this is that Google reCAPTCHA will be used to prevent the improper input of data into our Website (e.g. in a contact form) by automated programs rather than humans. To this end, reCAPTCHA analyses the behavior of website visitors and sends the information required for analysis (including the relevant IP address, mouse movements, and length of stay) to Google.
Data is processed on the basis of point (f) of Article 6(1) GDPR. Our legitimate interest lies in the fact that we wish to protect our Website against improper spying and spam.
2.12 Google Tag Manager
This website uses Google Tag Manager, a solution offered by Google Inc. (Gordon House, Barrow St, Dublin 4, Ireland). Google Tag Manager allows various codes and services to be managed and more easily integrated into the website. Google Tag Manager is a cookie-free domain that does not collect any personal data itself but rather triggers other tags that may collect data under certain circumstances. Google Tag Manager does not access these data. Insofar as a deactivation has been implemented by the user on a domain or cookie level, this applies to all tracking cookies that are implemented with Google Tag Manager.
The legal basis for the aforementioned processing of personal data is Article 6 (1) lit. a) GDPR.
3. Processing of personal data in an online job application
We offer an easy way to apply for jobs through an online application process, which is provided centrally by Zeppelin GmbH & Co. KG for all Zeppelin companies (see contact options indicated there).
Your personal data is processed and used exclusively within the application process and for the purposes of recruitment by the Zeppelin company to which you have applied. The legal basis for this is Section 26 Paragraph 1 new Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG).
Insofar as we supply your application data during the application process to department managers or HR department employees of other companies in the Zeppelin Group, we will ask for your consent in advance. The legal basis for this is your consent pursuant to point (a) of Article 6(1) GDPR, which you may withdraw at any time with immediate effect.
We generally prefer applications to be submitted using the online form. This is quick, easy, and saves paper. In exceptional cases we will, however, accept applications by e-mail or post. Following receipt, these are immediately entered manually into the e-Recruiting System by HR department employees of the Zeppelin Group; therefore, the data protection information for online applications is also relevant to these types of applications.
If you have not found a suitable position at Zeppelin, we offer the “Job Alert” function. You can enter your search parameters and e-mail address here and we will notify you by e-mail as soon as we advertise one or more suitable positions. When registering for Job Alert, you will be asked to give your consent to the retention of the data that you have entered, and to allow use of these data for the purpose of sending information by email. The legal basis is point (a) of Article 6(1) GDPR. You may withdraw your consent at any time with immediate effect.
Insofar as we process your data for the purposes of accepting and handling your requests as described above, you shall be contractually obliged to provide us with these data. Without your data, we are unable to process your application.
4. Data security
All data sent by you personally, including your payment details, are transferred using the generally accepted and secure SSL (Secure Socket Layer) standard. SSL is a reliable and proven standard which is used e.g. in online banking.
A secure SSL connection can be identified by the “s” suffixed to the http (i.e. https://...) in the address bar of your browser or by the lock icon in the lower pane of your browser.
We also take suitable technical and organizational security measures to protect your retained personal data against destruction, loss, alteration or unauthorized disclosure or access. Our security measures are continuously improved in line with technological development.
5. Validity and amendment of this data protection policy
The current data protection statement can be accessed, saved and printed at any time on our Website at https://www.zeppelin.com/en/data-privacy.html. This data protection statement is currently valid, and can be amended by us at any time and updated on this Website. We therefore recommend that you visit our Website from time to time to keep abreast of any updates to our data protection statement.
6. Rights of data subjects
As a data subject in the sense of the GDPR, you are entitled to the following rights. To assert these rights, please contact us on:
Zeppelin Power Systems GmbH & Co. KG
6.1 Right of access
Pursuant to Article 15 GDPR, you have the right to obtain confirmation as to whether we process personal data concerning you. If this is the case, you can also request that we provide the further information listed in points (a) to (h) of Article 15(1) and Article 15(2) GDPR.
6.2 Right to rectification
Pursuant to Article 16 GDPR, you have the right to rectification and/or completion, provided that the processed personal data which concerns you are incorrect or incomplete.
6.3 Right to restriction of processing
Under the provisions set out in Article 18 GDPR, as the data subject you have the right to demand restriction of processing of personal data. This right shall apply in particular if the accuracy of your personal data is disputed between you and us, for a period enabling the controller to verify the accuracy thereof, and in the case that you have an existing right to erasure and you request the restriction of their use instead of erasure; furthermore in the case that the data are no longer required for our pursued purpose, but that they are required by you for the establishment, exercise or defense of legal claims, and if a successful objection to processing is still disputed between you and us.
6.4 Right to erasure
Under the provisions set out in Article 17 GDPR, as the data subject you have the right to demand the erasure of personal data without undue delay. These provisions in particular provide for the right of erasure if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, and in cases of unlawful processing, the presence of an objection, or for compliance with a legal obligation which requires processing by Union or member state law to which we are subject.
6.5 Right to data portability
Pursuant to Article 20 GDPR, you have the right to receive personal data concerning you and which you have provided to us, in a structured, commonly used and machine-readable format. Within the limits of Article 20(1) GDPR, you also have the right to transfer those data to another controller nominated by you.
6.6 Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you pursuant to point (e) or (f) of Article 6(1) GDPR, in accordance with Article 21 GDPR. We will cease processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing assists in the establishment, exercise or defense of legal claims.
6.7 Withdrawal of consent
You also have the right at any time to withdraw the provided declaration of consent with regard to data protection with immediate effect. The withdrawal of consent does not affect the legality of any processing based on the consent which took place up to the withdrawal thereof.
7. Automated individual decision-making or profiling measures
We do not use automated processing methods for decision-making – including profiling.
8. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement, if you are of the opinion that the processing of personal data relating to you infringes the applicable data protection law. The competent supervisory authority in our case is
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, Klosterwall 6 (Block C), 20095 Hamburg, Deutschland.
You can use the following email address for email communication with the supervisory authority: mailbox(at)datenschutz.hamburg(dot)de
9. Storage period for personal data/erasure of personal data
In general, we erase or render anonymous your personal data as soon as they are no longer necessary in relation to the purposes for which we have collected or otherwise processed them in accordance with the foregoing clauses, unless continued storage of your personal data is required to fulfill a legal obligation.
Specifically, we retain different categories of data for the periods listed below (we will retain your data for a longer period if we are obliged to do in light of statutory retention periods).
The personal data we collect to create a customer account are retained for the duration of the customer account. You may demand the erasure of your customer account and the personal data saved therein at any time. You can either do this yourself in the Settings menu of your customer account, or send us an email to email@example.com with an appropriate request for erasure. After erasing your customer account, your data are blocked for further use and then automatically erased, unless you have consented to their continued storage.
We retain the personal data collected by us for proper performance of the contract for a period of three years from complete performance of the mutual contractual obligations. These data are then automatically erased at the end of the year.
If you have registered for our newsletters, we shall retain the personal data we have collected in order to send the newsletter until you unsubscribe from our newsletter.
The personal data we have collected for use of the contact form are automatically erased within six months following completion of your request, unless you have consented to their continued storage.
If you have applied to us through our online application process, we shall retain your data pursuant to the provisions governing data protection in the respective country in which the party responsible for data processing is located. If you have applied for a position at a company within the Zeppelin Group which has its registered office in Germany or Austria, your data will be erased no later than six months following the conclusion of the application process. Your data will only be retained beyond this period if you are appointed following the end of the application process, and your employee data is transferred from the e-Recruiting System into the relevant HR administration system, or if you have explicitly consented to a longer storage period.
10. Change of purpose
Your personal data will only be used for purposes other than those described insofar as this is permitted by law, or if you have consented to a change of data processing purpose. In the case that data are processed for purposes other than those for which the data were originally collected, we shall inform you of this different purpose prior to the processing, and shall provide you with all information relevant thereto.
11. Disclosure of data to third parties/recipients of data
The personal data that we collect and retain shall never be used by us for sale, trade or loan, and we shall not disclose your personal data to third parties unless we are have a statutory obligation to do so. Data may be disclosed e.g. to assert a claim, in the exercise or defense of legal claims, to investigate unlawful use of our Website or products, or for prosecution of a claim (insofar as there are reasonable grounds to suspect unlawful or unfair conduct). Data may also be disclosed for the enforcement of Terms and Conditions of Use or other agreements. We are also obliged to grant access to certain public bodies on request. These include law enforcement authorities, authorities which prosecute administrative offenses, and tax authorities. These data are disclosed on the basis of our legitimate interest in combating misuse, the prosecution of offenses, and the securing, assertion and enforcement of claims. The legal basis is point (f) of Article 6(1) GDPR.
Your data shall also be disclosed if you have consented to that. The legal basis to this extent is point (a) of Article 6(1) GDPR.
We rely on contractually bound third-party companies and external service providers (“processors”) to supply our range of products and services. In such cases, personal data are disclosed to these processors to enable further processing thereof. These processors are carefully selected and regularly checked to ensure that your privacy remains protected. The processors may only use the data for the specified purposes, and are also contractually obliged to handle your data in compliance with this data protection statement and the German data protection laws.
Specifically, we may use the following processors:
- Service providers for sending our email newsletter, some of whom are also based in the USA.
- Service providers for evaluation and analysis of Website usage, some of whom are similarly based in the USA.
- Service providers and advertisers who provide us with support for personalization of our marketing campaigns, our Website, and our services, and some of whom are based in the USA.
- US-based providers of social plugins listed in this data protection statement.
Data is disclosed to processors on the basis of Article 28(1) GDPR, alternatively on the basis of our legitimate interest in the economic and technical benefits provided by the use of specialized processors, and based on the fact that your rights and interests in protecting your personal data are not overridden, point (f) of Article 6(1) GDPR. If necessary, we shall obtain your consent to disclose your personal data to processors, in which case point (a) of Article 6(1) GDPR forms the legal basis.
Some of the listed recipients shall also process your data in countries outside the European Economic Area (“EEA”).
In order to ensure that your personality rights are also protected within the scope of these data transfers, we use the standard data protection clauses adopted by the Commission pursuant to point (c) of Article 46(2) GDPR in drafting contracts with recipients in third countries.
Contact method/data protection officer
You can contact us through our data protection officer as follows with regard to access to your personal data, to have inaccurate data corrected, blocked or erased, or if you have further questions regarding the use of your personal data.
Data Protection Officer
Phone: +49 228 90248070
Fax: +49 228 90248071
Please note that access can only granted if you give us, in full: your first name and surname, your current and, if necessary, previous address, your date of birth, and your email address. This information is used exclusively for alignment purposes, which in turn ensures that no unauthorized third party can obtain your personal data. Any product, operation, and/or contract numbers which we have sent to you are also useful and helpful, but not necessary, in enabling us to identify the relevant data quicker.
Click the following button if you do not want data to be recorded by Google Analytics. In this case, the opt-out cookie described in the data protection statement is set: