Privacy policy GDPR

  1. Name and address of the data controllerThe data controller as defined by the General Data Protection Regulation (GDPR) and other national data protection legislation of the EU member states as well as other statutory data protection regulations is:

    Balver Zinn Josef Jost GmbH & Co.KG
    Blintroper Weg 11
    58802 Balve
    Germany
    Phone: (0 23 75) 915 - 0
    E-Mail:
  2. Data Protection OfficerThe data controller’s data protection officer can be reached at .
  3. General information on data processing
    1. Scope of the processing of personal dataIn principle, we collect and use the personal data of our users only insofar as this is required to provide a functioning website as well as our content and services. The collection and use of the personal data of users takes place regularly only with the consent of the user. An exception to this applies in such cases where the obtaining of such consent is not possible for practical reasons and the processing of data is permitted by statutory regulations.
    2. Legal basis for the processing of personal dataIf we ask a data subject for consent to use his or her personal data for processing operations, point (a) of Article 6(1) EU General Data Protection Regulation (GDPR) serves as the legal basis. When it is required that we process personal data to perform a contract to which the data subject is a party, point (b) of Article 6(1) GDPR serves as the legal basis. This also applies to processing operations that are required to carry out pre-contractual measures. If we are required to process personal data to fulfil a legal obligation to which our company is subject, point (c) of Article 6(1) GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, point (d) of Article 6(1) GDPR serves as the legal basis. If processing is required to safeguard a legitimate interest of our company or a third-party and the interests, constitutional rights and fundamental freedoms of the data subject do not outweigh the first-named interest, point (f) of Article 6(1) GDPR serves as the legal basis for the processing.
    3. Erasure of data and duration of storageThe personal data of the data subject is erased or blocked as soon there is no longer a purpose for storage. Storage can take place beyond this if it is provided for by Union law directives, laws or other regulations by European or national legislators to which the controller is subject. Data is also blocked or erased if a retention period prescribed by the standards mentioned expires, unless there exists a requirement for further storage of the data for the conclusion of a contract or the performance of a contract.
    4. Protection of transfer by means of SSL/TLS encryptionThis website uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content. The encrypted connection is guaranteed by the hypertext transfer protocol HTTPS (“https://”). In this instance, data which is transmitted to us by a user cannot be read by third parties.
  4. Provision of website and generation of log files
    1. Description and scope of the data processing
      1. Description and scope of the data processingOur website is located on servers of 1&1 Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hoster). Every time our website is accessed, the hoster's system automatically captures data and information on the computer system of the accessing computer. The following data is collected:

        (1) Information about the browser type and the version used,
        (2) The user’s operating system,
        (3) The user’s IP address,
        (4) Date and time of access.

        The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
      2. Legal basis for the data processingThe legal basis for the temporary storage of data and the log files is point (f) of Article 6(1) GDPR.
      3. Purpose of the data processingThe temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. The user’s IP address must be stored for the duration of the session. The storage in log files is carried out to ensure the functioning of the website. In addition, the data serves to optimise the website and to ensure the security of our IT systems. An analysis of the data for marketing purposes does not take place in this context. These purposes include our legitimate interest in the data processing pursuant to point (f) Article 6(1) GDPR.
      4. Duration of storageThe data is deleted as soon as it is no longer required to achieve the purpose of its collection. This happens when the particular session has ended, in the event of data being captured for the provision of the website. When data is stored in log files, it is deleted after nine weeks at the latest. It is possible for data to be stored beyond this point. In this instance, the IP addresses of users are erased or anonymized, so that an association with the accessing client is no longer possible.
      5. Objection and removal optionThe capture of data to provide the website and the storage of data in files is an absolute requirement needed for the operation of the website. Consequently, there is no opt-out option for the user.
  5. Use of cookies
  6. Contact form and email contact
    1. Description and scope of the data processingA contact form is available on our website, which can be used for making contact with us electronically. If a user takes this option, the data entered in the input mask is transmitted to us and stored. This data is:

      - Name
      - Company
      - Telephone number
      - Email address
      - Message

      At the time of sending the message, the following data is also stored:

      (1) The user’s IP address
      (2) Date and time
      (3) Information about the browser type and version used
      (4) The user’s operating system

      To process data as part of this sending procedure, your consent is obtained, if required, and you are referred to this data protection statement. The transfer of data is encrypted by means of the SSL or TLS protocol.

      Alternatively, you can contact us using the email address provided. In this instance, the user’s personal data transmitted with the email is stored. Data is not passed on to third parties in this context. Data is used exclusively for the processing of the conversation.
    2. Legal basis for the data processingThe legal basis for the processing of data is the presence of consent by the user pursuant to point (a) of Article 6(1) GDPR. The legal basis for the processing of the data transmitted in the course of sending an email is point (f) of Article 6(1) GDPR. If the purpose of your contact by email is to terminate a contract, the additional legal basis for the processing is pursuant to point (b) of Article 6(1) GDPR.
    3. Purpose of the data processingThe processing of personal data that we obtain from the input mask serves only to enable us to process your contact with us. If you contact us by email, there is also the required legitimate interest in the processing of data. The other personal data processed during the sending procedure serves to prevent misuse of the contact form and to ensure the security of our IT systems.
    4. Duration of storageThe data is deleted as soon as it is no longer required to achieve the purpose of its collection. This is the case for personal data from the input mask of the contact form and the personal data that was sent with the email, if the conversation concerned is finished with the user. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified. The additional personal data collected during the sending procedure is deleted after a period of 14 days.
    5. Objection and removal optionThe user has the option at any time of withdrawing consent to the processing of personal data that concerns him or her. If the user contacts us by email, he or she can object to the storage of his or her personal data at any time. In such an event, the conversation cannot be continued.

      Please send an email to this effect to our Data Protection Officer ().

      All personal data that is stored in the course of your making contact with us is, in this instance, deleted.
  7. Plugins and tools
    1. YouTube video integration
      1. Scope of the processing of personal dataOur website uses the internet video portal YouTube of the provider YouTube LLC, 901 Cherry Avenue, San Bruno, California 94066, US, represented by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, US for integrating videos.

        Usually, if a website is accessed with embedded videos, your IP address is sent to YouTube and cookies are installed on your computer. However, we have integrated our YouTube videos with privacy-enhanced mode (in this instance, YouTube still makes contact with the double-click service by Google, whereby, according to Google's data protection statement, no personal data are analysed). Through this, no information about the visitor is stored by YouTube, unless you watch the video. If you click on the video, your IP address is transmitted to YouTube and YouTube learns that you have seen the video.

        If you are logged into YouTube, this information is associated with your user account (you can prevent this by logging out of YouTube before you download the video).
      2. Legal basis for processing personal dataWe use YouTube in the interest of presenting our technologies and products on our website in an attractive and self-explanatory way, so that we can inform people who are interested in our company comprehensively and in the best way possible. This represents a legitimate interest within the meaning of point (f) of Article 6(1) GDPR.
      3. Purpose of the data processing, duration of storage, objection and removal optionIf you watch the video, we gain no knowledge of any data that may be captured and processed by YouTube, and therefore have no influence over it. You can obtain more detailed information from YouTube’s data protection statement at http://www.google.de/intl/de/policies/privacy/. In addition, we refer you to our general description in this data protection statement for dealing with cookies generally and deactivating them.
    2. Open Street Map This site uses the open source mapping tool "OpenStreetMap" (OSM) via an API. The provider is the OpenStreetMap Foundation. To use the functions of OpenStreetMap, it is necessary to store your IP address. This information is usually transferred to a server of OpenStreetMap and stored there. The provider of this site has no influence on this data transmission. The use of OpenStreetMap is in the interest of an appealing presentation of our online offers and an easy location of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. More information on the handling of user data can be found on the OpenStreetMap data protection page and here wiki.openstreetmap.org/wiki/Legal_FAQ
    3. Usage of SalesViewer®-Technologie On this website data is collected and saved for the purposes of marketing, market research and optimisation with the SalesViewer®-Technologie from SalesViewer® GmbH on the basis of the website operator having a justified interest (Art. 6 Para 1 f GDPR [DSGVO]).

      A Javascript-based code will be used for this, to collect company-related data and how it is used. The data collected with this technology will be encrypted via a non-reversible one-way function (so-called hashing). The data will be anonymised straight away and it will not be used to identify in person the visitor of this website.

      The data saved by Salesviewer will be deleted as soon as it is no longer required for its intended purpose and there are no statutory safekeeping obligations preventing deletion.

      An objection to data being collected and saved may be made at any time with future effect by clicking on this link www.salesviewer.com/opt-out in order to prevent it from being logged in future by SalesViewer® within this website. In doing so an opt-out cookie for this website will be deposited on your device. If you wish to delete your cookies in this browser you will have to click on this link again.
  8. Data capture in the application process
    1. Scope of the processing of personal dataAn email address is provided on our website, which can be used for sending your application documents electronically. The data transmitted by email, is stored by us as the recipient and, if required, forwarded to the data controller within the company.
    2. Legal basis for processing personal dataThe legal basis for the processing of application data is the presence of consent by the user pursuant to point (a) of Article 6(1) GDPR.
    3. Purpose of the data processingThe data controller collects and processes personal data from applicants for the purposes of conducting the application process. The processing is carried out through electronic channels, if the applicant, as envisaged, transmits his or her application documents via the relevant application form or by email to the controller. If you send your application by email, there is also the required legitimate interest in the processing of data.
    4. Duration of storageIf the controller concludes an employment contract with an applicant, the data transmitted for the purpose of conducting the employment relationship is stored in compliance with statutory regulations. If the controller has not concluded an employment contract with the applicant, the application documents are automatically erased three months after the rejection decision has been made known, provided that no other legitimate interests conflict with an erasure.
    5. Objection and removal optionWith regard to the application documents sent to us, the rights of the data subject described below apply.
  9. Rights of the data subjectIf personal data that concerns you is processed, you are a data subject within the meaning of the GDPR and you have the following rights with regard to the data controller:
    1. Right of accessYou can request confirmation from the data controller about whether personal data that concerns you is processed by us. If such processing takes place, you can request the following information from the data controller:

      (1) the purposes for which the personal data is processed;
      (2) the categories of personal data that is processed;
      (3) the recipients or categories of recipient to whom the personal data has been or will be disclosed;
      (4) the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
      (5) the existence of a right to request from the data controller rectification or erasure of personal data, a right to the restriction of processing of personal data concerning the data subject or to object to such processing;
      (6) the existence of a right to complain to a supervisory authority;
      (7) all available information about the origin of the data where the personal data is not collected from the data subject;
      (8) the existence of automated decision-making, including profiling, pursuant to Article 22 (1) and (4) GDPR and – at least in these instances – meaningful information about the logic involved as well as the consequences and effects aspired to by processing of this kind.

      You have the right to information about whether personal data was transmitted to a third country or to an international organisation. In this connection, you have the right to be informed of suitable guarantees in connection with the transfer pursuant to Article 46 GDPR.
    2. Right to rectificationYou have a right to rectification and/or completion by the controller, provided the processed personal data that concerns you is inaccurate or incomplete. The data controller must carry out the rectification without undue delay.
    3. Right to restrict processingSubject to the following prerequisites, you can request the restriction of processing of the personal data that concerns you:

      (1) if you can test the accuracy of the personal data that concerns you for a period that enables the controller to check the accuracy of the personal data;
      (2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
      (3) the controller no longer needs the personal data for the purposes of processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; or
      (4) if you have objected to processing pursuant to Article 21(1) GDPR pending verification of whether the legitimate grounds of the data controller override those of the data subject.

      If the processing of the personal data that concerns you is restricted, this data may – apart from its storage – be processed only with your consent or for the establishment, exercise or defence of legal claims or for the protection of rights of another natural person or legal entity or on grounds of public interest of the Union or a member state. If the restriction of the processing is carried out in accordance with the above-mentioned prerequisites, you are notified by the data controller before the restriction takes place.
    4. Right to erasure
      1. Erasure obligationYou can request that the data controller erases personal data that concerns you without undue delay, and the data controller is obliged to erase this data without undue delay, provided one of the following reasons applies:

        (1) The personal data that concerns you is no longer necessary for the purposes for which it was collected or otherwise processed.
        (2) You withdraw consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), GDPR and where there is no other legal basis for the processing.
        (3) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR.
        (4) The personal data has been unlawfully processed.
        (5) The personal data has to be erased for compliance with a legal obligation in Union or member state law to which the controller is subject.
        (6) The personal data has been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
      2. Information given to third partiesIf the controller has made the personal data public and is obliged pursuant to Article 17(1) GDPR to erase the personal data, we, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
      3. ExceptionsThe right to erasure does not exist, provided the processing is required

        (1) for exercising the right of freedom of expression and information;
        (2) for compliance with a legal obligation, which requires the processing in accordance with the law of the Union or member states to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
        (3) for reasons of public interest in the area of public health pursuant to point (h) of Article 9(2) and Article 9(3) GDPR;
        (4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, provided that the right mentioned under section a) probably makes the realisation of the goals of this processing impossible or seriously impairs it, or
        (5) for the establishment, exercise or defence of legal claims.
    5. Right to notificationIf you have asserted your right to obtain rectification, erasure or restriction of your personal data from the data controller, the controller is obliged to notify all the recipients to whom the personal data affected was disclosed of this rectification or erasure of the data or the restriction of the processing, unless this proves impossible or involves disproportionate effort. You have the right to request that the controller notifies you of these recipients.
    6. Right to data portabilityYou have the right to receive the personal data that concerns you, which you have provided to us, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, provided

      (1) the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) Article 9(2) GDPR or on a contract pursuant to point (b) Article 6(1) GDPR and
      (2) the processing is carried out by means of automated processes.

      In exercising this right, you have the further right to have the personal data transmitted directly from one controller to another, where technically feasible. The rights and freedoms of others must not be adversely affected by this. The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
    7. Right to object7. You have the right for reasons resulting from your special situation to object to the processing of personal data that concerns you, pursuant to point (e) or (f) of Article 6(1) GDPR; this also applies to profiling based on these provisions. The data controller shall no longer process the personal data that concerns you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerned for the purpose of this sort of advertising; this also applies to profiling, provided it is connected to such direct advertising. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. You have the option, in connection with the use of services of the information society – notwithstanding Directive 2002/58/EU – to exercise your right to object by means of automated processes in which technical specifications are used.
    8. Right to withdraw consent regarding data protection lawYou have the right to withdraw your consent regarding data protection law at any time. The withdrawal of consent does not affect the legality of the processing carried out on the basis of the consent up until the point of withdrawal;
    9. Automated individual decision-making, including profilingYou have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply, if the decision

      (1) is necessary for entering into, or performance of, a contract between the you and the data controller;
      (2) is authorised by Union or member state law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests or
      (3) is based on your explicit consent.

      However, decisions may not be based on special categories of personal data referred to in Article 9(1) GDPR, provided point (a) or (g) of Article 9(2) do not apply and suitable measures to safeguard your rights and freedoms and legitimate interests are in place. In the cases referred to in points (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the data controller, to express his or her point of view and to contest the decision.
    10. Right to lodge a complaint with a supervisory authorityIf you consider that the processing of personal data relating to you infringes the GDPR, you have, without prejudice to any other administrative or judicial remedy, the right to lodge a complaint with a supervisory authority, in particular in the member’s state of your habitual residence, place of work or place of the alleged infringement. The supervisory authority where the complaint was lodged, informs the complainant of the status and results of the complaint including the possibility of judicial remedy pursuant to Article 78 GDPR.
  10. Date of/changes to the data protection statementUsers are requested to keep themselves informed regularly about the contents of the data protection statement.
    1. Changes to the data protection statementWe reserve the right to change this data protection statement to adapt to changed legal positions or changes to the services and the data processing. However, this only applies in respect of statements on data processing. Provided user consents are required or components of the data protection statement contain regulations of the contractual relationship with users, changes are made only with the agreement of users.
    2. Date of the data protection statementThis data protection statement is currently valid as of 06/07/2018.