Download Data Protection Information

Data protection information for employees, temporary workers, Bachelor and Master students, interns, applicants

Welcome to SCHOTTEL!

Thank you for your interest in our online presence. The protection of your personal data and the protection of your privacy are very important to us. At this point, we would therefore like to inform you about the processing of your personal data when visiting our website.  Of course, we comply with the legal provisions of the European Data Protection Regulation (DS-GVO), the Federal Data Protection Act (BDSG), the Telecommunications Digital Services Data Protection Act (TDDDG) and other data protection regulations.

Please note the explanations/definitions of terms at the end of the text

This privacy policy applies to the domains and

You can visit our website anonymously at any time. We respect the freedom of the individual to decide when and for what purpose he or she wishes to provide certain personal information. We do not use any technologies to identify you or create personal profiles!

We collect personal data only to a limited extent and where necessary for the following:

  • Provision of our services
  • Contract performance (including initiation, conclusion, fulfilment and termination of a contract)
  • Processing and answering enquiries (contact form)
  • Safeguarding our operations
  • Improving our website
  • Preventing, detecting and investigating potentially prohibited or illegal activities and asserting our General Terms and Conditions.

To ensure that you are fully familiar with the processing of personal data on our websites, we have compiled this clear and comprehensive information for you. We would like to assure you that we will make every necessary technical and organisational effort to protect your data.

1. Controller

Responsible for the processing of personal data is:

Mainzer Str. 99
56322 Spay/Rhein

Phone: +49 2628 61-0
E-mail: info(at)

Other information: see Imprint

2. Data Protection Officer

As Data Protection Officer we have appointed:

Verimax GmbH,
Warndtstr. 115,
66127 Saarbrücken, Germany

Michael Grein
Fax +49 89 800 657 829

E-mail: dsb-schottel(at)

Reporting office in the event or suspicion of data protection incidents:
E-mail: datenschutz(at)

3. Types of data and data subjects

When you access our websites, we automatically process data of a general nature. This data, which may be stored (where applicable) in “server log files”, includes:

  • your browser type* (type/version)
  • operating system of accessing computer*
  • domain name of your internet provider (IP address)
  • time of website access
  • referrer URL* (site previously visited)
  • cookies if applicable/in some cases (also see section 4 below.)
  • and other similar general data (e.g. size of your browser window).

*If necessary, you can disable this data by making the appropriate settings in your system.

This data is used in accordance with Article 6 (1)(b) GDPR to provide you with the websites and to display them correctly; it is accessed each time you use the internet.

Furthermore, the data is temporarily stored in accordance with Article 6 (1)(f) GDPR for the purpose of fraud prevention and the investigation of attacks on our website if our system detects such attacks. If there is no such suspicious case, the respective IP address of the page accesses is only stored permanently in anonymized form.

The remaining (non-personal) data may be processed further for statistical purposes.

As a visitor to our website, you are a data subject as defined by the General Data Protection Regulation.

4. Cookies

“Cookies” are small information packages that are stored on your computer by a domain (in this instance: and can only be processed again by this domain. Our cookies cannot contain or spread malicious code or start programs.

Our aim is to determine if you are able to find your way around our websites easily by identifying the accesses that belong to a session. By using cookies, we can also determine when your browser last visited our site. This allows us to establish if it is a repeat visit (repeat visitors typically have a different and usually very specific interest in certain content). We also want to assess if you find the content of our web pages sufficiently interesting and if and where we could improve our efforts in this respect.

We do not wish to, will not and cannot identify you personally and would therefore be grateful if you would allow us to track repeat visits by cookie.

We do not tolerate cookies from third-party domains and use our own cookies extremely sparingly. We never store any personal data in them and use them only for the following purposes:

Cookie-Name Purpose Storage period Note
_pk_testcookie.#.#### To test if the browser allows cookies few seconds *
_pk_id.#.#### To recognize a repeat visit 13 months *
_pk_ses.#.#### To identify which page requests belong to the same session 30 minutes *
omCookieConsent Saves consent when redirecting to content from external sources. 1 year  


* If your browser is configured to tell our server that you do not want tracking ('Do-not-track'), these cookies will not be generated.

The information generated by the cookies about your use of this website is never passed onto third parties. You can decide at any time if and which cookies are allowed or not allowed on your computer. You can also delete individual or all cookies on your computer at any time. To do this, use the settings in your web browser.

In order to change the previous settings you made for this website when you first accessed it, please click here.


5. Collection and storage of usage data (statistics)

In order to optimize our websites and adapt them to changing habits and technical requirements, we use statistical tools. In doing so, we measure, for example, which elements are visited by users, whether the information they are looking for is easy to find, and so on. This information only becomes interpretable and meaningful at all when a larger group of users is considered. For this purpose, the collected data is aggregated, i.e. combined into larger units.

SCHOTTEL does not profile visitors or use retargeting technologies and does not measure “customer journeys” by means of other sites. Therefore we are neither interested in the behaviour of an individual nor in the person behind it.

This enables us to adapt the design of web pages or optimize content if, for example, we find that a relevant proportion of visitors are using new technologies or finding existing information difficult or impossible to find.

For the statistics we use Matomo. This is software that is installed on our own server and also only processes data that has been stored on our server. Matomo uses cookies to recognize which page views belong to a session and whether you are a first-time or repeat visitor. Your IP address is anonymized immediately and before it is stored, so that you as a user always remain completely anonymous to us.

We take structural measures (separation of databases and responsibilities) to ensure that statistical data cannot contain or be linked to personal data at any time.

If your browser is configured to instruct our server that you do not wish to be tracked (“do not track”), Matomo will not record your visit to our site (we never store personal data anyway).

6. Specific use of data

We observe the principle of data use for specific purposes and process your personal data only for those purposes for which you have provided the data. Your personal data will not be passed onto third parties without your express consent, unless this is necessary for the provision of the service or the execution of the contract. Furthermore, the transfer of data to state institutions and authorities entitled to receive information is only carried out within the scope of the legal obligation to provide information or if we are obliged to provide information by court order.

We also take our in-house data protection very seriously. We have obligated our employees and the service companies we commission to maintain secrecy and to comply with the provisions of data protection law.

7. Third country

There is no deliberate transfer of personal data to third countries or to international organizations, nor is there any plan to do so. However, when a website is accessed, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible that a request on the way from you to us or a reply on the way back may be routed via a server in a non-secure third country. This cannot be prevented either. However, since we encrypt the data traffic between your browser and our server (see section 8 below), there is no particular risk in this respect.

8. Data minimization, data economy and data security

In general, it is not necessary for you to provide personal data to use our website. However, in order for us to actually provide our services, we may need your personal data. This applies both to the sending of any information or ordered goods and to replies to individual requests.
If you commission us to provide a service or to send you goods, we shall only process your personal data in accordance with Article 6(1)(b) GDPR to the extent necessary to provide the service or implement the contract. For this purpose, it may be necessary to pass on your personal data to companies that we use to provide the service or implement the contract, such as transport companies or other service providers. If we wish to process your personal data for certain actions or services with your consent (in accordance with Article 6(1)(a) GDPR), we will ask you for your express consent at the appropriate point on our website.

Your personal data will be encrypted (bug-proof) on all pages with input fields by means of TLS/HTTPS for transmission over the internet (identifiable by the lock symbol in the URL line of the browser). We use technical and organizational measures to secure our website and other systems against loss, destruction, access, modification or distribution of your data by unauthorized persons.

9. Contact form and getting in touch

You can contact us in a number of ways. One of these ways is to use one of our contact forms. To process your respective request, the minimum information we require is your first and last name and an e-mail address. You can also voluntarily provide additional information that will help us to respond to your request more effectively or pre-empt any queries. Your data will be transmitted encrypted.

You may, of course, also send us an e-mail to any of the addresses published on the website. In this case, the personal data transmitted by e-mail will be stored.

If your request relates to a service offered by us, we will process your data on the basis of Article 6(1)(b) GDPR. All other requests will only be processed on the basis of your consent (Article 6(1)(a) GDPR).

Third country

During e-mail correspondence, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible that an e-mail on the way from us to you and vice versa may be routed via a server in a non-secure third country. Opt for the postal service if you want to send information confidentially, or encrypt the information/files separately (e.g. In an encrypted ZIP file) and send the key via another channel (e.g. SMS).

10. Storage period

Your processed personal data will only be stored for as long as it is necessary to fulfil the intended purpose. Once this purpose has been fulfilled, the data will be deleted, unless mandatory retention periods prevent this. In this case, the data will be limited in its processing so that it can only be used for the purpose that requires its retention (e.g. tax audit). Once these retention periods have expired, this data will also be deleted.

11. Profiling and automated decision-making

If we have access to the relevant information, a customer or prospective customer profile may be created in order to provide you with the best possible advice.

For this purpose, we use the following information in particular:

  • Your contact data from registrations, requests and orders

SCHOTTEL does not use automated decision-making including profiling* with your personal data. However, we use so-called spam or junk filters in electronic communication to protect our systems. This involves the use of sender, time, content, character set and origin, among other things, to automatically sort out unwanted e-mails. If you feel that your e-mails have not arrived or are being rejected, please contact us via another communication channel (telephone, fax or letter).

* Merging individual data to gain insights into key aspects of personality.

12. OpenStreetMap via Leaflet

On this website, we offer maps that use freely accessible sources (open source). The necessary software is on our own server. It retrieves map data that is stored on an external server. When setting up the software, we carefully checked that the data is retrieved from a server located within the EU (in Germany). However, we cannot guarantee this, even though we check this regularly.

The map data is only retrieved when you actively click on the preview image indicating you would like to use the map service. When retrieving data from an external server, your IP address is always transmitted to this server as otherwise the map data could not be sent to your device. In the process, the external server also learns that you have visited our site. Since the open source used by us is neither financed by advertising nor located outside the EU (e.g. as is the case with Google Maps), we believe that there is no risk of data misuse.

Find more information about OpenStreetMap at:

13. Videos per Vimeo

For better performance, we use the provider Vimeo for the presentation of our videos so that they can be accessed from all parts of the world without any time lag. Vimeo is operated by, Inc. with head office in New York (USA). 
Note: The following information would be necessary to a similar extent if we used YouTube instead of Vimeo.

On some of our web pages we use software (plugins) from the provider Vimeo. If you call up the pages of our website that use such a plugin, no connection to the Vimeo servers is initially established – only a preview image is displayed. It is only by actively clicking actively the "Play Video" button in this preview image (consent), Vimeo reloads video data from the nearest server of a service provider (Akamai). This consent applies for all Vimeo videos embedded on our website. In the process, data is transferred to the Vimeo server thereby revealing which of our websites you have visited. The consent is only valid for the current browser session, i.e. if you want to revoke the consent, please close your browser.

If you are logged in as a Vimeo member at the time, Vimeo may assign this information to your personal user account. This information may also be assigned to your user account when you use the plugin, such as by clicking the start, stop, fast forward or rewind buttons of a video. You can prevent this assignment by logging out of your Vimeo user account and deleting the relevant Vimeo cookies before activating the video. Regardless of this type of assignment to your Vimeo user account, your personal data will nevertheless be transferred to Vimeo – and therefore to a third country – even if you have no Vimeo user account. 

A transfer to third countries is only permitted under the conditions of Chapter V of the GDPR., Inc. was certified in accordance with the EU-US Privacy Shield. The successor agreement EU-US Data Privacy Framework entered into force on 10/07/2023, but, Inc. is currently not certified. Therefore, we base the transfer of personal data (here: your IP address, your Vimeo usage behavior) to basically reliable recipients on your consent pursuant to Article 49 (1) a) of the GDPR, which you expressly grant by clicking the "Play video" button in view of the aforementioned risks and dangers.

Further information (in English) regarding data processing and data protection by Vimeo can be found at

14. Rights of data subjects

Subject to certain conditions or limitations as applicable, you have the following rights:

Right to information:

As a matter of principle, you have the right to request free information regarding:

  • data processed by us;
  • the purposes of processing;
  • the categories of personal data processed and, where appropriate, the (categories of) recipients to whom the personal data has been or will be disclosed (including, where applicable, appropriate safeguards if the personal data is transferred outside the EU);
  • if possible, the intended duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
  • and, if applicable, the origin of the data.

You have the right to rectification, deletion, restriction of processing, a right to data transferability, a right to object and a right to revoke consent at any time. This does not affect the legality of the processing of data up to the time of a revocation/objection. For the declaration of a revocation/objection, you will not be charged in addition to costs incurred by the basic rates. If costs are incurred in exercising the other rights, we shall inform you in advance. You may assert your rights against us via a designated channel (e.g. unsubscribe link) or any other communication channel (see “Controller” above or in the Imprint).

15. Queries regarding data protection and right of complaint

If you have any other queries about data processing on our website or about our processes, please contact the above-mentioned Controller or our Data Protection Officer. You can also contact this person confidentially at dsb-schottel(at) if you think you have a reason for complaint or if you notice a breach of data protection. Thank you very much for your support.
Furthermore, you have a right to appeal to a supervisory authority. The supervisory authority responsible for the Controller is the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate, postbox 30 40, 55020 Mainz, Germany; e-mail: Poststelle(at); online:

16. Applications


Applying is really straightforward.

We have made our application process as streamlined as possible to ensure that it progresses swiftly for both sides. Please send your documents digitally (ideally as a single PDF file) to personal(at)

Please also note the information under “Third country” in section 9 above. As an alternative, you are also more than welcome to use the postal service.

We will conduct interviews with people on the short list together with the specialist and HR department and, depending on the position, also with the head of department.
For trainees, there is an entrance test and for dual study students an assessment centre; in some cases, we also recommend a pre-study placement.

You can find out about vacancies on our career page and apply online. If you would like to apply for a position, we will need you to provide us with all the information and documents required as part of the application process. This is subject to Section 26 Federal Data Protection Act (BDSG).

Furthermore, you can provide additional information voluntarily (Section 26 BDSG (2)), which will enable us to assess your application more easily.

Further information on the application process can be found in the Careers Portal under FAQ.


Your data will be forwarded to our company employees entrusted with the respective matter. Depending on the subject matter, your data will also be transmitted to:

  • affiliated companies of the SCHOTTEL Group, where applicable, external service providers and partners who provide data processing services on our behalf or otherwise process personal data for the purposes described in this notice or stated at the time of collection of the personal data;
  • any competent supervisory body, court, law enforcement agencies, governmental authorities or third parties if we believe that processing is necessary
    (i) to comply with applicable laws or regulations;
    (ii) exercise, establish or defend our legal rights or
    (iii) to protect your vital interests or those of third parties.

Appropriate data protection agreements have been concluded with the relevant external service providers, e.g. pursuant to Article 281 GDPR.

Data is not transferred to third countries as a matter of principle. Our servers are located within the EU or the EEA. If necessary, SCHOTTEL Group companies, external service providers and partners may be granted access to your personal data, even if they operate outside the EU/EEA.

In such cases, we ensure compliance with the provisions of Chapter V GDPR, in particular that personal data shall only be transferred to third countries if they offer an adequate level of protection in accordance with the European Commission (Article 45 GDPR) or if appropriate guarantees exist in accordance with Article 46 GDPR.

17. Social media platforms

We use several social media channels as another way of getting in touch with you. In this case, personal data may also be processed outside the EEA, but we have no control over this. We have listed the (technical) operators of the relevant platforms at the end of this section. Addresses and other contact details can also be found there, e.g. for requests for information.

Your data and your usage behaviour will be comprehensively analysed by these operators. Cookies or comparable technologies or the storage of used IP addresses may be used for this purpose. The data may subsequently be used for advertising purposes and market research. This means that you may receive advertising tailored to your user profile within these platforms or on other sites that are able to use the cookies, etc., set by these platforms.

As a registered user of these sites, this information may also be used independently of the respective device. Some of the data uses are only permitted with your consent (Article 6(1)(a) GDPR) or may be justified by a legitimate interest in efficient advertising via a platform used worldwide (Article 6(1)(f) GDPR). Since the operators of the platforms determine the technologies used, we have no way of obtaining any necessary permissions from you or of weighing them against the interests of the parties concerned. Further details on this and on your user/data subject rights with the operators can be found in the privacy policies of their respective websites.

The social media channels we use are only intended to provide a convenient way of communicating with those users who are already members of these networks. It is not necessary and we do not recommend that you become a member of these networks in order to contact us. We also communicate information or special offers on other channels, in particular on our website.

For our presence on LinkedIn or Twitter, we have concluded contracts with the European subsidiaries of the respective US groups. The contents of the contracts are specified by LinkedIn or Twitter. Although it is not necessary for technical or organizational reasons to process personal data obtained in Europe outside Europe, the companies reserve the right to transfer the data to the USA. We have no influence over this.

Since July 2023, the transfer of personal data is permitted on the basis of the EU-US Data Privacy Framework. Both LinkedIn and Twitter are not certified accordingly at the time this privacy policy was created. Alternatively, a transfer is only possible with your express consent in view of the risks and dangers. Since we neither know nor determine the reason for, nor the scope of, the data transferred to the USA, we are also unable to obtain effective consent from you. We therefore ask you to only visit our social media sites or follow the links to them if you yourself have an account with these services.


Our contractual partner is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a company of the LinkedIn Corporation, USA, which belongs to the Microsoft Corporation, USA.

LinkedIn Corporation was certified under the EU-US Privacy Shield, but at the time of this Privacy Policy is inactive with respect to the EU-US Data Privacy Framework in effect since July 2023. LinkedIn provides information about its privacy policy at: There you will also find further contact options, e.g. for any requests for information or complaints. Please note that currently a transfer of personal data to the USA on the basis of the EU-US Privacy Shield is no longer permitted. According to its own information (, the data centers for storing member information are currently located in the USA. SCHOTTEL does not arrange for a transfer there, nor are we responsible for it. If you do not wish such a transfer, please do not use our LinkedIn presence.

We use no technologies offered by LinkedIn for measuring and controlling advertising (“LinkedIn Insights”).


For the short message service offered on “Twitter”, we use the technical platform and services of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The data controller for individuals living in the EU/EFTA or the United Kingdom is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.

We would like to advise you that you are solely responsible for using Twitter and its featured functions. In particular, this applies to the use of the interactive functions (e.g. sharing, rating).

Information about which data is processed by Twitter and for what purposes can be found in Twitter’s Privacy Policy:

Twitter had committed to the principles of the EU-US Privacy Shield, but the certificate was withdrawn. As of the date of this Privacy Policy, Twitter's status with respect to the EU-US Data Privacy Framework in effect since July 2023 is inactive.

We have no control over the type and scope of the data processed by Twitter, how this data is processed and used, or how it is passed on to third parties. We also have no effective means of monitoring these activities.

By using Twitter, your personal data will be processed by X Corp./Twitter and, regardless of your place of residence, will be transferred to, stored and used in the United States, Ireland and any other country where Twitter Inc. does business.

Twitter processes the data you voluntarily enter, such as your name and user name, e-mail address, telephone number or the contacts in your address book if you upload or synchronize it.

Twitter also evaluates the content you share to determine what topics you are interested in, stores and processes confidential messages that you send directly to other users; it can also determine your location using GPS data, wireless network information or your IP address to send you advertising or other content.

For analysis purposes, Twitter may use analytical tools such as Twitter Analytics or Google Analytics. We have no control over the use of such tools by Twitter, nor have we been informed of any such potential use of these. If tools of this type from Twitter are used for our SCHOTTEL account, we have not commissioned, approved or otherwise supported this in any way. The data obtained from the analysis is likewise not made available to us. Only certain non-personal information about tweet activity is available to us via our account, such as the number of profile or link clicks via a particular tweet. Furthermore, we have no way of preventing or turning off the use of such tools on our Twitter account.

After all, Twitter also receives information when you view content, for example, even if you have not created an account. This “log data” may include your IP address, browser type, operating system, information about the website and pages you previously visited, your location, your mobile operator, the device you use (including device ID and application ID), the search terms you have used and cookie information.

Options to restrict the processing of your data are available in the general settings of your Twitter account and under the section “Privacy and Security”. Furthermore, you can restrict Twitter access to contact and calendar data, photos, location data, etc., on mobile devices (smartphones, tablet computers) in the device settings. However, this depends on the operating system used.

Other information on these topics is available on the Twitter help pages:

You can find information on how to view your own data on Twitter at: 

You can find information about the inferences drawn by Twitter about you here:

Information on the available personalization and data protection settings can be found here (with further references):

You can also request information using the Twitter Privacy Form or archive requests:

Data we process

We also process your data.

a) Purpose and legal basis

Data is processed for the purposes of our public relations work in accordance with Article 6(1)(f) GDPR.

b) Recipients

The initial recipient of the data is Twitter, which is responsible for any data that may be passed onto third parties for its own purposes. In addition, the recipient of publications is the public, i.e. potentially everyone.

c) Categories of personal data

We do not collect any data ourselves via our Twitter account and have not integrated any tweets or Twitter analysis/tracking tools into our website.

However, the data you enter on Twitter, in particular your user name and the content published under your account, will be processed by us to the extent that we may retweet or reply to your tweets or write tweets that refer to your account. The data that you freely publish and distribute on Twitter is thus included by us in our online presence on Twitter and made available to our followers.

d) Third country transfer

Following the entry into force of the EU-US Data Privacy Framework, this is a suitable legal basis, provided that the company involved is certified accordingly. Another legal basis is your express consent to the transfer of your personal data. For this purpose, you must be sufficiently informed in advance about the risks of the transfer. SCHOTTEL does not arrange for such a transfer, nor are we responsible for it.

18. Terms of Use

Please observe our Terms of Use.

19. Change of the privacy policy

Our Privacy Policy may be amended at irregular intervals to comply with current legal requirements or to implement changes to our services, e.g. when new offers are added. The new Privacy Policy will then automatically apply next time you visit.


Regulation (EU) 2016/79 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data (General Data Protection Regulation).

European Free Trade Association: Iceland, Liechtenstein, Norway and Switzerland

EU-US Privacy Shield:
Terms/procedure agreed between the EU and the US that was the basis for an adequacy decision under Article 45 GDPR. This decision was declared invalid by the ECJ in July 2020 because third parties (US authorities) may (can) access your data without you being aware of it or having adequate legal protection against it. Therefore, a transfer of personal data to the USA on the basis of the EU-US Privacy Shield is no longer permitted.

EU-US Data Privacy Framework:
International data protection agreement agreed between the EU and the USA, which is the basis for the adequacy decision pursuant to Article 45 of the GDPR, effective since July 2023.

European Court of Justice

European Economic Area: EU, Iceland, Liechtenstein and Norway

Personal data:
any information relating to an identified or identifiable natural person [...]; (Article 4(1) of the GDPR).

the [...] legal person [...] which alone or jointly with others determines the purposes and means of the processing of personal data [...]; (Article 4.7. of the GDPR)

The terms used here, as far as they are determined in Article 4 GDPR, are used according to the definition there.

Status of data protection information: August 2023