(i) to the use of the website www.hansa-heemann.de (hereinafter ‘website’);
(ii) and to the processing of data as part of a business relationship between HANSA-HEEMANN AG and an entrepreneur within the meaning of Section 14 of the German Civil Code (Bundesgesetzbuch, BGB).
We place great importance on data protection. Your personal data is collected and processed in compliance with applicable regulations under data protection law, with particular reference to the EU General Data Protection Regulation (‘GDPR’). We collect and process your personal data to be able to provide you with the above-mentioned website. This policy describes how your data is collected and used for what purposes, and what options you have with respect to your personal data.
The party responsible for collecting, processing and using personal data within the meaning of the GDPR is
HANSA-HEEMANN AG, represented by Mr. German Reichert, Mr. Thomas Reise and Mr. Volker Büttel, Halstenbeker Weg 98, 25462 Rellingen, Germany (hereinafter: ‘us’ or ‘we’)
Telephone: +49 (0) 4101 5050
Fax: +49 (0)4101 505 212
The operating data protection officer can be contacted at the above-mentioned address, FAO Mr. Jan Schoch, or at .
a) When visiting the website
When you visit our website, information is automatically sent to our website’s server via the web browser used on your end device. This information is temporarily stored in a ‘log file’. The following information is collected without any action on your part and stored until it is automatically deleted:
This data is collected to:
The legal basis for this data processing is sentence 1 of point (f) of Article 6(1) of the GDPR. Our legitimate interests in processing are based on the above-mentioned purposes for data processing. We never use the data collected to draw conclusions about you personally.
b) When using our contact form or contacting us by e-mail or phone
You can contact us via our contact form, which is available on the website. When using our contact form, the data fields ‘name’, ‘e-mail’ and ‘message’ are mandatory and must be completed. You can also provide more information on a voluntary basis in the data fields shown as not mandatory, or in the body of your message. When contacting us by e-mail or by phone, we store the data you share with us.
Your data is collected, used and stored for the purposes of contacting you and to process your request.
Data processing for the purposes of you contacting us takes place on the basis of sentence 1 of point (f) of Article 6(1) of the GDPR. Our legitimate interests are based on the purposes for collecting data outlined in the previous paragraph.
We erase data collected as part of you getting in touch as soon as storage is no longer required, or we restrict processing if there are legal retention obligations. In particular, storage is no longer required if your request has been clarified and responded to, or if it has been otherwise taken care of, and we cannot derive any rights from continuing to storing the data.
c) When using our application portal
When submitting an online application, the following listed personal application data is marked as being a mandatory field for online applications, and is collected and processed:
We also collect and process data provided by you on a voluntary basis in the online application form.
Personal data provided by you as part of a specific application process is exclusively used for the purposes of carrying out the application process and is treated confidentially.Responsible HANSA-HEEMANN AG employees who are involved in the HR selection process receive access to your data. Your applicant data is not used or shared beyond this extent. You data is sent encrypted using the latest technology and we store it using our software-based application management.
The legal basis for data processing is your consent, provided on a voluntary basis, in accordance with point (a) of Article 6(1) of the GDPR for processing your personal data for the above-mentioned purposes. If you are not of legal age, you must submit your parent or legal guardian’s written consent to the processing of your data as an application document.
If the application process does not lead to any further activities, and does not result in employment, we will erase your data after a period of six months.
If you want to withdraw consent to the collection, processing and use of your personal data, given as part of the application process, please send us an e-mail to: .
If we are unable to offer you any vacancies at present but your profile suggests that your application might be interesting for other positions, we store your application data in our applicant pool for a maximum of 12 months so that we are able to contact you again at a later point in time.
If we decide to include your data in our applicant pool, we will inform you of this in a separate e-mail. You can object to storage at any time by sending an e-mail to our HR department. We will inform you of the e-mail address when notifying you of your inclusion in the applicant pool. Your personal data will be automatically erased from the applicant pool after a maximum period of 12 months.
Your personal data is not shared with third parties for purposes other than those listed below.
We only share your personal data with third parties if:
Information is stored in the cookie that results from the specific end device used. However, this does not mean that we directly receive knowledge of your identity.
We also use temporary cookies to optimise user-friendliness. These are saved on your end device for a set period of time. If you visit our site again to use our services, it is automatically recognised that you have visited us before, and your input and settings are also recognised so that you don’t have to renter these.
Data processed by cookies is required for the specified purposes to safeguard our legitimate interests, as well as those of third parties, pursuant to sentence 1 of point (f) of Article 6(1) of the GDPR.
Most browsers automatically accept cookies. However, you can change your browser settings so that no cookies are saved on your computer or so that a notice appears before cookies are saved. However, if you fully disable cookies, it may mean that you cannot use all of the features on our website.
a) Tracking tools
We use the following list of tracking tools to guarantee the needs-based design and the ongoing optimisation of our website. We also use tracking tools to statistically record the use of our website and to evaluate this to optimise our website for you. These interests are legitimate interests within the meaning of sentence 1 of point (f) of Article 6(1) of the GDPR.
The respective data processing purposes are given in each tracking tool section.
(i) Google Analytics
We use Google Analytics, a web analysis service from Google LLC.(https://www.google.de/intl/de_de/about/) for the purposes of needs-based design and the ongoing optimisation of our site (1600 Amphitheatre Parkway Mountain View, CA 94043. USA; hereinafter ‘Google’). Pseudonymised user profiles are created and cookies are used for to do so (see under point 4). Information collected by cookies about your use of this website, such as
are sent to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports about website activities and to provide other services to us that relate to website and internet use for the purposes of market research and the needs-based design of this website. This information is also sent to third parties if this is legally permissible or if third parties process this data by order of Google. Your IP address is never merged with other Google data. The IP address is anonymised so that no links can be made (‘IP masking’).
You can prevent cookies from being saved by changing your browser settings; please note that in this case, you may not be able to use all of this website’s functions properly.
You can also prevent the data generated by the cookie relating to your use of the website (including your IP address) from being captured and processed by Google by downloading and installing a browser add-on(https://tools.google.com/dlpage/gaoptout?hl=de).
Instead of a browser add-on, with particular reference to browsers on mobile devices, you can also prevent collection by Google Analytics by clicking on this link. This will place an opt-out cookie on your machine that will prevent your data from being collected when you visit this website in future. The opt-out cookie only works for this browser for our website, and is saved on your device. If you delete the cookies saved by this browser, you will have to install the opt-out cookie again.
You can find more information about data protection and Google Analytics in Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).
We do not use any social plug-ins from the social networks Facebook, Twitter or Instagram on our website.
You have the right:
If your personal data is processed on the basis of legitimate interests pursuant to sentence 1 of point (f) of Article 6(1) of the GDPR, you have the right to object against your personal data being processed pursuant to Article 21 of the GDPR, provided that there are reasons that relate to your particular situation or provided that the objection is against direct marketing. If the latter applies, you have the general right to object, which is processed by us without having received details concerning a particular situation.
If you would like to assert your right of withdrawal or your right to object, you can simply send an e-mail to
As part of your website visit, we use the commonly-used SSL process (Secure Socket Layer) together with the respective highest level of encryption supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether individual pages of our website are being transmitted in an encrypted way if a key or padlock symbol is shown in your browser’s lower status bar.
We also take appropriate technical and organisational security measures to protect your data from any accidental or intentional manipulation, partial or total loss, destruction or unauthorised access by third parties. Our security measures are continually improved in line with technological developments.
No automated decision-making, including profiling, takes place based on the personal data collected.