LSV
Data Protection

Data Protection Notice of LSV Lech-Stahl Veredelung GmbH

We take data protection seriously

The contract language is German. The translation into English is provide for information purposes only. Protecting your privacy in the course of processing personal data is important to us. When you visit our website, our web servers generally store the IP address of your internet service provider, the website from which you visit us, the pages you visit on our website and the date and duration of your visit. For technical reasons, this information is essential for delivering the website and for secure server operation. There is no personalised evaluation of these data.

If you submit data to us using a contact form, these data are stored on our servers in the course of data saving. We use your data exclusively to process your request. Your data are kept strictly confidential. There is no dissemination to third parties.

Responsible:
LSV Lech-Stahl Veredelung GmbH
Justus-von-Liebig-Str. 41
86899 Landsberg am Lech, Germany
Telefon: +49 (0) 81 91/ 3205 - 0
landsberg@lech-stahlveredelung.de

Personal data

Personal data are data relating to you personally. They include your name, address and e-mail address. You are not required to disclose any personal data to visit our website. In certain cases, we need your name and address as well as other information to provide you with a service of your choosing.

This applies correspondingly when we supply information materials at your request and when we respond to your enquiries. We shall always notify you in such cases. We only store the data you provide to us automatically or voluntarily.

When you use one of our services, we generally collect only the data that are essential to provide our service to you. We may ask you for additional information, but this is strictly voluntary. Whenever we process personal data, this is done to provide our services to you or to pursue our commercial objectives.

Automatically stored data

Server log files

The website provider automatically collects and stores information, automatically transmitted to us by your browser, in what are called server log files. This includes:

The date and time of the request
Name of the requested file
The page from which the file was requested
The access status (file transmitted, file not found etc.)
The browser and operating system used
The complete IP address of the requesting computer
The transmitted data volume

The data are not combined with other data sources. Processing is in accordance with point (f) of Art. 6(1) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

We store these data briefly for technical security reasons, notably to defend against attempts to attack our web servers. It is not possible for us to identify individual persons based on these data. After no more than seven days, the data are anonymised by shortening the IP address at the domain level so that assignment to individual users is no longer possible. The data in the anonymised form are processed for statistical purposes. There is no comparison with other data pools nor dissemination to third parties, even in excerpts. The number of page impressions is included in our server statistics published every two years as part of our activity report.

Cookies

When you visit our website, we store information on your computer in the form of cookies. Cookies are small files that are transferred from an Internet server to your browser and stored on its hard drive.

Specifically, this website uses the open source web analytics service Matomo. Matomo uses technologies that enable the recognition of the user across pages for the analysis of user behaviour (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage.

With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This enables us to find out, among other things, when which page views were made and from which region they come. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).

The use of this analysis tool is based on Art. 6 para. 1 lit. German DSGVO. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both its website and its advertising.

We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.

If you do not agree to the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie will be stored in your browser, which prevents Matomo from storing usage data. If you delete your cookies, this will have the effect that the Matomo opt-out cookie will also be deleted. The opt-out must be reactivated when you visit this website again.

You can object to data processing at any time by using privacy settings (at the end of each page).

Online job applications

Your application data submitted to us are collected and processed by us electronically for the purpose of the application procedure. This includes the following personal data in particular: first and last name, address, contact information (e-mail address, phone number, fax), date of birth, data from your CV, references, and images. If your application leads to the conclusion of an employment contract, your transmitted data may be stored by us in your personnel file for the purpose of general organisation and administrative processes in compliance with the applicable legal regulations.

In case your job application is not accepted, the data submitted by you are automatically erased two months after you are notified of the rejection or six months after the position is filled. This does not apply when longer storage is required by law (for example, the burden of proof under the General Equal Treatment Act (AGG)) or if you have expressly consented to extended storage in our database of prospective employees.

Online presence on FACEBOOK, INSTAGRAM, LINKEDIN, XING

Insofar as you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO, when you visit our online presences on the social media mentioned above, your data will be automatically collected and stored for market research and advertising purposes, from which usage profiles will be created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator, as well as a contact option and your rights and setting options in this regard to protect your privacy, please refer to the data protection notices of the providers linked below. Should you still require assistance in this regard, you can contact us.

Facebook: https://www.facebook.com/policy.php

Instagram: https://instagram.com/about/legal/privacy/

LinkedIn: https://www.linkedin.com/legal/privacy-policy

XING: https://www.xing.com/app/share?op=data_protection

Security

We have taken technical and administrative safety precautions to protect your personal data against loss, destruction, manipulation, and unauthorised access. All of our employees and our service providers are obliged to comply with the applicable data protection laws.

Whenever we collect and process personal data they are encrypted prior to transmission. That means your data cannot be misused by third parties. Our safety precautions are subject to a continuous improvement process and our data protection notices are always being revised. Please ensure that you have the most recent version.

Rights of the data subject

You have a right at any time to information, correction, erasure or the restriction of processing of stored data concerning you, the right to object to processing, the right to data portability, and the right to complain according to the requirements of data protection law.

Right to information:
You can request information from us regarding whether and to what extent we process your data.
Right to rectification:
If data concerning you and processed by us are incomplete or inaccurate you can request their rectification and/or completion from us at any time.
Right to erasure:
You can request the erasure of your data from us insofar as they have been unlawfully processed by us, or their processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that stand in the way of immediate erasure, for example, in case of statutory retention obligations.
Regardless of whether you make use of your right to erasure, your data are promptly erased entirely as soon as no legal or statutory retention obligations speak against this.
Right to the restriction of processing:
You can request the restriction of processing of your data from us in the following cases:

You dispute the accuracy of the data, for a period enabling us to verify the accuracy of the data.
The processing is unlawful but you opposes erasure of the data and request the restriction of their use instead.
We no longer need the data for the intended purposes, but they are still required by you for the establishment, exercise or defence of legal claims.
You have objected to the processing of the data.

Right to data portability:
You have the right to request from us that we provide your data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where

we process these data based on consent provided by and revocable by you or for the fulfilment of a contract between us, and
the processing is carried out by automated means.

You can request that we transmit your data directly to another controller, where technically feasible.
Right to object:
When we process your data based on our legitimate interests, you may object to this data processing at any time; this also includes profiling based on these provisions. In this case, we no longer process your data unless we can provide evidence of compelling legitimate reasons that prevail over your interests, rights, and freedoms, or processing is for the purpose of asserting, exercising, or defending legal rights. You can object to the processing of your data for direct marketing purposes at any time without giving reasons.
Right to complain:
If you are of the opinion that we are violating German or European data protection laws in the processing of your data please contact us to resolve the matter. Naturally, you also have the right to contact the applicable supervisory authority for you, the respective State Office for Data Protection Supervision.
If you want to assert one of the aforementioned rights against us, please contact our Data Protection Officer. We may request additional information to confirm your identity in case of doubt.

Changes to this data protection notice

We reserve the right to amend our data protection notices when this is needed due to new technologies. Please ensure that you have the most recent version. When fundamental changes are made to this data protection notice, we disclose this on our website.

All interested parties and users of our website may contact us regarding data protection matters:

Mr Robert Heindl

Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

Tel.: 0941 2986930
Fax: 0941 29869316
E-Mail: anfragen@projekt29.de
Internet: www.projekt29.de

Data protection information for applicants (m/f/d)

Personal data is collected from you in the employment relationship. Due to the new regulations in the General Data Protection Regulation (GDPR), we are therefore obliged to inform you in accordance with Art. 13 ff. GDPR to inform you of the following:

Your employer is responsible for the collection and processing of your data:
LSV Lech-Stahl Veredelung GmbH
Justus-von-Liebig Straße 41
86899 Landsberg am Lech
Phone: 08191/32050
Fax: 08191/33070
Email: info@lech-stahlveredelung.de

The contact details of our data protection officer are
Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengassen 14
93047 Regensburg
Phone: 0941/2986930
Email: anfragen@projekt29.de

Your data will be collected and processed as part of the recruitment process and for the purposes of the employment relationship.

The required data includes in particular your master data (especially first and last name, name affixes, date of birth, place of birth, marital status, work permit/residence title if applicable, personnel number, photo, nationality), your contact data (especially private address, mobile and landline number, e-mail address), other data from the employment relationship, such as time recording data, holiday periods, periods of incapacity for work and other absences, skill data, information on children/children's allowances, social data (e.g. health insurance, social security/pension insurance number, bank details, wage and salary data, tax data (such as tax identification number, tax data, special health data, special types of personal data (e.g. health insurance, social security/pension insurance number), bank details, wage and salary data, tax data (such as tax identification number, tax data), special types of personal data (such as tax identification number, tax data). health insurance, social security/pension insurance number), bank details, wage and salary data, tax data (such as tax identification number, tax data), special health data, special types of personal data (e.g. profession learnt, telephone number and name of emergency contacts, religious affiliation, health data, data on company pension schemes, data on capital-forming benefits), clothing size/shoe size for work clothes and log data generated when using the IT systems.

Your personal data is mainly collected directly from you. However, due to legal regulations, some of your data will also be collected from other sources, such as the tax office to obtain tax-relevant information on specific occasions, the health insurance company to obtain information about periods of incapacity for work or, if necessary, from other third parties, such as a job centre or from publicly accessible sources (e.g. professional networks).

Within our company, your personal data will only be received by those persons who need it to fulfil our contractual and legal obligations, such as the HR department, the accounting department, the specialist department, the works council or the representative body for severely disabled employees.

Within our group of companies, your data will be transferred to certain companies if they perform data processing tasks centrally for the affiliated companies in the group (e.g. payroll accounting, disposal of files).

If we use service providers to fulfil our contractual and legal obligations, they will also receive the necessary data. These are the following service providers:

Outside the company, we transfer your data to other recipients if this is necessary to fulfil our contractual and legal obligations. These are, in particular, the social insurance institutions, health insurance, pension insurance, professional pension schemes, the employment agency, the employers' liability insurance association, the tax authorities, accident and liability insurers, courts, banks, competent bodies in order to guarantee claims from the company pension scheme or capital-forming benefits, third-party debtors in the event of wage and salary garnishment or insolvency administrators in the event of personal insolvency.

Your data will not be transferred to a third country.

We process your personal data in compliance with all applicable laws, such as the GDPR, the Federal Data Protection Act (BDSG), the Works Constitution Act, the Working Hours Act, etc..

The primary purpose of data processing is to establish, implement and terminate the employment relationship. The relevant legal basis for this is Art. 6 para. 1 b) GDPR in conjunction with Section 26 para. 1 BDSG. § Section 26 para. 1 BDSG. In addition, collective agreements (group, general and works agreements as well as collective bargaining agreements) pursuant to Art. 6 para. 1 b) in conjunction with Art. 88 para. 1 GDPR may be used. Art. 88 para. 1 GDPR in conjunction with. § Section 26 (4) BDSG and, if applicable, your separate consents pursuant to Art. 6 (1) a), 7 GDPR in conjunction with Section 26 (2) BDSG. § Section 26 (2) BDSG (e.g. in the case of video recordings) as a data protection authorisation provision.

We also process your data in order to fulfil our legal obligations as an employer, particularly in the area of tax and social security law. This is done on the basis of Art. 6 para. 1 c) GDPR in conjunction with. § SECTION 26 BDSG.

If necessary, we also process your data on the basis of Art. 6 para. 1 f) GDPR in order to protect our legitimate interests or those of third parties (e.g. authorities). This applies in particular to the investigation of criminal offences (legal basis § 26 para. 1 sentence 2 BDSG) or within the Group for the purposes of Group management, internal communication and other administrative purposes.

Insofar as special categories of personal data are processed in accordance with Art. 9 (1) GDPR, this serves the exercise of rights or the fulfilment of legal obligations under labour law, social security law and social protection law (e.g. disclosure of health data to the health insurance company, recording of severe disability due to additional leave and determination of the severely disabled levy) within the scope of the employment relationship. This is done on the basis of Art. 9 Para. 2 b) GDPR in conjunction with. § Section 26 para. 3 BDSG. In addition, the processing of health data for the assessment of your ability to work in accordance with Art. 9 Para. 2 h) in conjunction with Section 22 Para. 1 b) BDSG. § 22 para. 1 b) BDSG may be necessary.

In addition, the processing of special categories of personal data may be based on consent in accordance with Art. 9 para. 2 a) GDPR in conjunction with Section 26 para. 2 BDSG. § Section 26 (2) BDSG (e.g. company health management).

Data processing for statistical purposes is carried out as part of analyses that we have to carry out due to legal obligations (e.g. German Earnings Statistics Act).

Your job-related performance data is used to calculate bonuses or special payments, for example.

If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance.

If your job application is rejected, the data you have submitted will be deleted six months after notification of the rejection. This does not apply if longer storage is necessary due to legal requirements (e.g. the burden of proof under the General Equal Treatment Act) or if you have expressly consented to longer storage in our database of interested parties.

The storage period of the data collected is limited to the employment relationship. We will delete your personal data as soon as it is no longer required for the above-mentioned purposes. After termination of the employment relationship, the data will be stored and then deleted in accordance with the statutory or official retention periods, which result from the German Commercial Code and the German Fiscal Code, among others. The storage periods thereafter are up to ten years. In addition, personal data may be stored for the statutory limitation period of three or up to 30 years if claims can be asserted against us.

You have the right to obtain information from your employer about the personal data stored about you. Under certain conditions, you can request the correction or deletion of your data. You may also have the right to restrict the processing of your data and the right to receive the data you have provided in a structured, commonly used and machine-readable format.

Right to object:
You also have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data to protect legitimate interests, you can object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims.

You have the right to lodge a complaint regarding the handling of your personal data with the above-mentioned data protection officer or the data protection supervisory authority. The supervisory authority responsible for you is

Bavarian State Office for Data Protection Supervision
Promenade 27
91522 Ansbach
Phone: 0981 53 1300
Fax: 0981 53 98 1300
Email: poststelle@lda.bayern.de.

The provision of personal data is necessary for the establishment, execution and termination of the employment relationship and constitutes a secondary contractual obligation of the employee. If we do not receive the required data, it will not be possible to fulfil the employment relationship with you.

Data protection information for customers (m/f/d)

Information obligations pursuant to Art. 13 GDPR
The protection of your personal data is of particular concern to us. We therefore process your personal data ("data" for short) exclusively on the basis of the statutory provisions. With this data protection declaration, we would like to inform you comprehensively about the processing of your data in our company and the data protection claims and rights to which you are entitled in accordance with Art. 13 of the European General Data Protection Regulation (EU GDPR).

1 Who is responsible for data processing and who can you contact?
The controller is
LSV Lech-Stahl Veredelung GmbH
Justus-von-Liebig Straße 41
86899 Landsberg am Lech
Phone: 08191/32050
Fax: 08191/33070
Email: info@lech-stahlveredelung.de

The company data protection officer is
Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-mail: anfragen@projekt29.de Phone: 0941-2986930

2 What data is processed and from which sources does this data originate?
We process the data that we have received from you as part of the contract initiation or processing, on the basis of consent or as part of your application to us or as part of your employment with us.
The personal data includes
Your master/contact data, for customers this includes, for example, the name of their legal representatives, company, commercial register number, VAT ID number, company number, address, contact person contact data (e-mail address, telephone number, fax), bank details.
In addition, we also process the following other personal data:
- Information on the type and content of contract data, order data, sales and receipt data, customer and supplier history and consultation documents,
- advertising and sales data,
- information from your electronic communication with us (e.g. IP address, log-in data),
- other data that we have received from you in the course of our business relationship (e.g. in discussions with customers),
- data that we generate ourselves from master / contact data and other data, e.g. by means of customer demand and customer potential analyses,
- the documentation of your declaration of consent for the receipt of e.g. newsletters.
- Photographs in the context of events.

3. for what purposes and on what legal basis is the data processed?
We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 as amended:
- for the fulfilment of (pre-)contractual obligations (Art 6 para. 1lit.b GDPR):
The processing of your data is carried out for contract processing online or in one of our branches, for contract processing of your staff in our company. The data is processed in particular when initiating business and when executing contracts with you.
- for the fulfilment of legal obligations (Art. 6 para. 1 lit. c GDPR):
Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g. from the German Commercial Code or the German Fiscal Code.
- to safeguard legitimate interests (Art. 6 para. 1 lit.f GDPR):
On the basis of a balancing of interests, data processing may take place beyond the actual fulfilment of the contract to protect our legitimate interests or those of third parties. Data processing to safeguard legitimate interests takes place, for example, in the following cases
- Advertising or marketing (see no. 4),
- Measures for business management and further development of services and products;

- Maintaining a group-wide customer database to improve customer service
- in the context of legal prosecution
- Sending of non-sales-promoting information and press releases.
- within the scope of your consent (Art. 6 para. 1 lit. a GDPR):
If you have given us your consent to process your data, e.g. to send you our newsletter, publish photos, competitions, etc.

4. processing of personal data for advertising purposes
You can object to the use of your personal data for advertising purposes at any time, either as a whole or for individual measures, without incurring any costs other than the transmission costs according to the basic tariffs.
Subject to the legal requirements of Section 7 (3) UWG, we are authorised to use the e-mail address you provided when concluding the contract for direct advertising for our own similar goods or services. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter.
If you do not wish to receive such recommendations from us by e-mail, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form is sufficient for this. Of course, an unsubscribe link is always included in every e-mail.

5 Who receives my data?
If we use a service provider in the sense of order processing, we nevertheless remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only in the context of providing the service. The processors commissioned by us will receive your data if they require the data to fulfil their respective service. These are, for example, IT service providers that we require for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.
Your data is processed in our customer database. The customer database supports the enhancement of the data quality of the existing customer data (duplicate cleansing, moved/deceased indicator, address correction) and enables the enrichment with data from public sources.
This data is made available to the Group companies if necessary for contract processing. Customer data is stored separately for each company, with our parent company acting as a service provider for the individual participating companies.

In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.
In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of contract initiation and fulfilment.

6 How long will my data be stored?
We process your data until the end of the business relationship or until the expiry of the applicable statutory retention periods (e.g. from the German Commercial Code, the German Fiscal Code or the Working Hours Act); in addition, until the end of any legal disputes in which the data is required as evidence.

7. will personal data be transferred to a third country?
In principle, we do not transfer any data to a third country. In individual cases, data will only be transferred on the basis of an adequacy decision by the European Commission, standard contractual clauses, suitable guarantees or your express consent.

8 What data protection rights do I have?
You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.
Right to information:
You can request information from us as to whether and to what extent we process your data.
Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
Right to erasure:
You can request that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of statutory retention obligations.
Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there are no legal or statutory retention obligations to the contrary.

You can demand that we restrict the processing of your data if
- you contest the accuracy of the data, for a period enabling us to verify the accuracy of the data
- the processing of the data is unlawful, but you refuse to have it erased and instead request that the use of the data be restricted
- we no longer need the data for the intended purpose, but you still need this data for the assertion or defence of legal claims, or
- you have objected to the processing of the data.
Right to data portability:
You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transmit this data to another controller without hindrance from us, provided that
- we process this data on the basis of your revocable consent or for the fulfilment of a contract between us, and
- this processing is carried out by automated means.
If technically feasible, you can request that we transfer your data directly to another controller.
Right to object:

If we process your data on the basis of a legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct advertising at any time without giving reasons.
Right to lodge a complaint:
If you believe that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any issues. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert one of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

9. am I obliged to provide data?
The processing of your data is necessary for the conclusion or fulfilment of the contract you have entered into with us. If you do not provide us with this data, we will generally have to refuse to conclude the contract or will no longer be able to fulfil an existing contract and will therefore have to terminate it. However, you are not obliged to give your consent to data processing with regard to data that is not relevant or legally required for the fulfilment of the contract.

Data protection information for business partners (m/f/d)

Information obligations according to Art. 13 GDPR

The protection of your personal data is of particular concern to us. We therefore process your personal data ("data" for short) exclusively on the basis of the statutory provisions. With this data protection declaration, we would like to inform you comprehensively about the processing of your data in our company and the data protection claims and rights to which you are entitled in accordance with Art. 13 of the European General Data Protection Regulation (EU GDPR).

1 Who is responsible for data processing and who can you contact?

The controller is

LSV Lech-Stahl Veredelung GmbH
Justus-von-Liebig Straße 41
86899 Landsberg am Lech
Phone: 08191/32050
Fax: 08191/33070
Email: info@lech-stahlveredelung.de

The company data protection officer is
Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-mail: anfragen@projekt29.de
Phone: 0941-2986930

2 What data is processed and from which sources does this data originate?

We process the data that we have received from you as part of the contract initiation or processing, on the basis of consent or as part of your application to us or as part of your employment with us.

Personal data includes the following:

In the case of business partners, this includes, for example, the name of their legal representative, company, commercial register number, VAT number, company number, address, contact person contact details (e-mail address, telephone number, fax), bank details.

In addition, we also process the following other personal data:

Information on the type and content of contract data, order data, sales and receipt data, customer and supplier history as well as consulting documents,
advertising and sales data,
information from your electronic traffic with us (e.g. IP address, log-in data),
other data that we have received from you as part of our business relationship (e.g. in customer meetings),
data that we generate ourselves from master / contact data as well as other data, such as by means of customer demand and customer potential analyses,
the documentation of your declaration of consent for the receipt of e.g. newsletters.
Photographs in the context of events.

3. for what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 as amended:

for the fulfilment of (pre-)contractual obligations (Art 6 para. 1lit.b GDPR):
he processing of your data is carried out for contract processing online or in one of our branches, for contract processing of your staff in our company. The data is processed in particular when initiating business and when executing contracts with you.
for the fulfilment of legal obligations (Art. 6 para. 1 lit.c GDPR):
Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g. from the German Commercial Code or the German Fiscal Code.
for the protection of legitimate interests (Art 6 para. 1 lit.f GDPR):

On the basis of a balancing of interests, data processing may take place beyond the actual fulfilment of the contract to protect the legitimate interests of us or third parties. Data processing to safeguard legitimate interests takes place, for example, in the following cases

Advertising or marketing (see no. 4),
Measures for business management and further development of services and products;
Maintaining a group-wide customer database to improve customer service
in the context of legal prosecution
Sending of non-sales-promoting information and press releases.
within the scope of your consent (Art. 6 para. 1 lit. a GDPR):
If you have given us consent to process your data, e.g. to send you our newsletter, publish photos, competitions, etc.

4. processing of personal data for advertising purposes

You can object to the use of your personal data for advertising purposes at any time, either as a whole or for individual measures, without incurring any costs other than the transmission costs according to the basic rates.

Subject to the legal requirements of Section 7 (3) UWG, we are authorised to use the e-mail address you provided when concluding the contract for direct advertising for our own similar goods or services. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter.

If you do not wish to receive such recommendations from us by e-mail, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form is sufficient for this. Of course, an unsubscribe link is always included in every e-mail.

5 Who receives my data?

If we use a service provider in the sense of order processing, we nevertheless remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only within the scope of providing the service. The processors commissioned by us will receive your data if they require the data to fulfil their respective service. These are, for example, IT service providers that we require for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.

Your data is processed in our customer database. The customer database supports the enhancement of the data quality of the existing customer data (duplicate cleansing, moved/deceased indicator, address correction) and enables the enrichment with data from public sources.

This data is made available to the Group companies if necessary for contract processing. Customer data is stored separately for each company, with our parent company acting as a service provider for the individual participating companies.

In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.

In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of contract initiation and fulfilment.

6 How long will my data be stored?

We process your data until the end of the business relationship or until the expiry of the applicable statutory retention periods (e.g. from the German Commercial Code, the German Fiscal Code or the Working Hours Act); in addition, until the end of any legal disputes in which the data is required as evidence.

7. will personal data be transferred to a third country?

In principle, we do not transfer any data to a third country. In individual cases, data will only be transferred on the basis of an adequacy decision by the European Commission, standard contractual clauses, suitable guarantees or your express consent.

8 What data protection rights do I have?

You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing and a right to data portability and to lodge a complaint at any time in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

You can demand that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate erasure, e.g. in the case of statutory retention obligations.

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there are no legal or statutory retention obligations to the contrary.

Right to restriction of processing:

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there are no legal or statutory retention obligations to the contrary.

Right to restriction of processing:

You can demand that we restrict the processing of your data if

you contest the accuracy of the data, for a period enabling us to verify the accuracy of the data.
the processing of the data is unlawful, but you oppose the erasure of the data and request the restriction of their use instead,
we no longer need the data for the intended purpose, but you still need them for the establishment, exercise or defence of legal claims, or
you have objected to the processing of the data.

Right to data portability:

we process this data on the basis of your revocable consent or for the fulfilment of a contract between us, and
this processing is carried out using automated procedures.

If technically feasible, you can request that we transfer your data directly to another controller.

Right to object:

If we process your data on the basis of legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defence of legal claims. You can object to the processing of your data for the purpose of direct advertising at any time without giving reasons.

Right to lodge a complaint:

If you are of the opinion that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions you may have. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert one of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

9. am I obliged to provide data?

The processing of your data is necessary for the conclusion or fulfilment of the contract you have entered into with us. If you do not provide us with this data, we will generally have to refuse to conclude the contract or will no longer be able to fulfil an existing contract and will therefore have to terminate it. However, you are not obliged to give your consent to data processing with regard to data that is not relevant or legally required for the fulfilment of the contract.

Data protection information for visitors (m/f/d)

Information obligations according to Art. 13 GDPR

1 Who is responsible for data processing and who can you contact?

The controller is
LSV Lech-Stahl Veredelung GmbH
Justus-von-Liebig Straße 41
86899 Landsberg am Lech
Phone: 08191/32050
Fax: 08191/33070
Email: info@lech-stahlveredelung.de

The company data protection officer is
Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-mail: anfragen@projekt29.de
Phone: 0941-2986930

2 What data is processed and from which sources does this data originate?

Personal data includes the following:

For visitors to our company, this includes name and signature.

Information about the type and content of contract data, order data, sales and receipt data, customer and supplier history as well as consulting documents,
advertising and sales data,
information from your electronic traffic with us (e.g. IP address, log-in data),
other data that we have received from you as part of our business relationship (e.g. in customer meetings),
data that we generate ourselves from master / contact data and other data, such as by means of customer demand and customer potential analyses,
the documentation of your declaration of consent for the receipt of e.g. newsletters.
Photographs in the context of events.

3. for what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 as amended:

for the fulfilment of (pre-)contractual obligations (Art. 6 para. 1lit.b GDPR):
The processing of your data is carried out for contract processing online or in one of our branches, for contract processing of your staff in our company. The data is processed in particular when initiating business and when executing contracts with you.
Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g. from the German Commercial Code or the German Fiscal Code.
for the protection of legitimate interests (Art 6 para. 1 lit.f GDPR):
On the basis of a balancing of interests, data processing may take place beyond the actual fulfilment of the contract to protect our legitimate interests or those of third parties. Data processing to safeguard legitimate interests takes place, for example, in the following cases
Advertising or marketing (see no. 4),
Measures for business management and further development of services and products;

If you have given us consent to process your data, e.g. to send you our newsletter, publish photos, competitions, etc.

4. processing of personal data for advertising purposes

5 Who receives my data?

If we use a service provider in the sense of order processing, we nevertheless remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and to process it only in the context of providing the service. The processors commissioned by us will receive your data if they require the data to fulfil their respective service. These are, for example, IT service providers that we require for the operation and security of our IT system as well as advertising and address publishers for our own advertising campaigns.

In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.

In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of contract initiation and fulfilment.

6 How long will my data be stored?

7. will personal data be transferred to a third country?

8 What data protection rights do I have?

You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there are no legal or statutory retention obligations to the contrary.

Right to restriction of processing:

You can demand that we restrict the processing of your data if

- you contest the accuracy of the data, for a period enabling us to verify the accuracy of the data

- the processing of the data is unlawful, but you oppose the erasure of the data and request the restriction of its use instead

- we no longer need the data for the intended purpose, but you still need this data for the assertion or defence of legal claims, or

- you have objected to the processing of the data.

Right to data portability:

You can request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you can transmit this data to another controller without hindrance from us, provided that

- we process this data on the basis of your revocable consent or for the fulfilment of a contract between us, and

- this processing is carried out by automated means.

If technically feasible, you can request that we transfer your data directly to another controller.

Right to object:

Right to lodge a complaint:

If you are of the opinion that we are violating German or European data protection law when processing your data, please contact us so that we can clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.

If you wish to assert one of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

9. am I obliged to provide data?

Data protection information for journalists (m/f/d)

Information obligations according to Art. 13 GDPR

1 Who is responsible for data processing and who can you contact?

The controller is
LSV Lech-Stahl Veredelung GmbH
Justus-von-Liebig Straße 41
86899 Landsberg am Lech
Phone: 08191/32050
Fax: 08191/33070
Email: info@lech-stahlveredelung.de

The company data protection officer is
Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-mail: anfragen@projekt29.de
Phone: 0941-2986930

2. which data is processed and from which sources does this data originate?

We process the data that we have received from you in the context of contract initiation or processing, on the basis of consent or in the context of your application to us or in the context of your employment with us.

Personal data includes the following:

For journalists, this includes first name and surname, e-mail address, fax number.

In addition, we also process the following other personal data:

3. for what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 as amended:

for the fulfilment of (pre-)contractual obligations (Art. 6 para. 1lit.b GDPR):
The processing of your data is carried out for contract processing online or in one of our branches, for contract processing of your staff in our company. The data is processed in particular when initiating business and when executing contracts with you.
for the fulfilment of legal obligations (Art. 6 para. 1 lit.c GDPR):
Processing of your data is necessary for the purpose of fulfilling various legal obligations, e.g. from the German Commercial Code or the German Fiscal Code.
for the protection of legitimate interests (Art 6 para. 1 lit.f GDPR):
On the basis of a balancing of interests, data processing may take place beyond the actual fulfilment of the contract to protect our legitimate interests or those of third parties. Data processing to safeguard legitimate interests takes place, for example, in the following cases
Advertising or marketing (see no. 4),
Measures for business management and further development of services and products;

Maintaining a group-wide customer database to improve customer service
in the context of legal prosecution
Sending of non-sales-promoting information and press releases.
within the scope of your consent (Art. 6 para. 1 lit. a GDPR):
If you have given us consent to process your data, e.g. to send you our newsletter, publish photos, competitions, etc.

4. processing of personal data for advertising purposes

5 Who receives my data?

In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data.

In addition, insurance companies, banks, credit agencies and service providers may be recipients of your data for the purpose of contract initiation and fulfilment.

6 How long will my data be stored?

7. will personal data be transferred to a third country?

8 What data protection rights do I have?

Right to information:

You can request information from us as to whether and to what extent we process your data.

Right to rectification:

If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.

Right to erasure:

Irrespective of the exercise of your right to erasure, we will erase your data immediately and completely, provided that there is no legal or statutory retention obligation to the contrary.

Right to restriction of processing:

You can demand that we restrict the processing of your data if

Right to data portability:

You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format and that you may transmit this data to another controller without hindrance from us, provided that
we process this data on the basis of your revocable consent or for the fulfilment of a contract between us, and
this processing is carried out using automated procedures.

If technically feasible, you can request that we transfer your data directly to another controller.

Right to object:

Right to lodge a complaint:

If you wish to assert one of these rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.

9. am I obliged to provide data?

sales@lech-stahlveredelung.de