Download Data Protection Information

Data protection information for customers, suppliers, partners

Welcome to SCHOTTEL!

Thank you for your interest in our website. The protection of your personal data and your privacy is very important to us. We would therefore like to take this opportunity to inform you about data protection in our company. As a matter of principle, we comply with the legal provisions of the European General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), the Telecommunications Telemedia Data Protection Act (TTDSG) and other data protection regulations.

This privacy policy applies to the domains schottel.de and marinet.io.

You can visit our website anonymously at any time. We respect the freedom of the individual to decide when and for what purpose he or she wishes to provide certain personal information. We do not use any technologies to identify you or create personal profiles!

We collect personal data only to a limited extent and where necessary for the following:

  • Provision of our services
  • Contract performance (including initiation, conclusion, fulfilment and termination of a contract)
  • Processing and answering enquiries (contact form)
  • Safeguarding our operations
  • Improving our website
  • Preventing, detecting and investigating potentially prohibited or illegal activities and asserting our General Terms and Conditions.

To ensure that you are fully familiar with the processing of personal data on our websites, we have compiled this clear and comprehensive information for you. We would like to assure you that we will make every necessary technical and organisational effort to protect your data.

1. Controller

Responsible for the processing of personal data and service provider is:

SCHOTTEL GmbH
Mainzer Str. 99
56322 Spay/Rhein
Germany

Phone: +49 2628 61-0
E-mail: info(at)schottel.de

Other information: see Imprint


2. Data Protection Officer

As Data Protection Officer we have appointed:

Verimax GmbH,
Warndtstr. 115,
66127 Saarbrücken, Germany

Michael Grein
Fax +49 89 800 657 829

E-mail: dsb-schottel(at)verimax.de

Reporting office in the event or suspicion of data protection incidents:
E-mail: datenschutz(at)schottel.de


3. Types of data and data subjects

When you access our websites, we automatically process data of a general nature. This data, which may be stored (where applicable) in “server log files”, includes:

  • your browser type* (type/version)
  • your operating system*
  • domain name of your internet provider (IP address)
  • time of website access
  • referrer URL* (site previously visited)
  • cookies if applicable/in some cases (also see section 4 below.)
  • and other similar general data (e.g. size of your browser window).

*If necessary, you can disable this data by making the appropriate settings in your system.

This data is used in accordance with Article 6 (1)(b) GDPR to provide you with the websites and to display them correctly; it is accessed each time you use the internet.

Furthermore, the data is temporarily stored in accordance with Article 6 (1)(f) GDPR for the purpose of fraud prevention and the investigation of attacks on our website. If there is no such cause for suspicion, the respective IP address of the accessed sites will be deleted after seven (7) days. It is not possible to assign this data to a natural person after this time.

The remaining (non-personal) data may be processed further for statistical purposes.

As a visitor to our website, you are a data subject as defined by the General Data Protection Regulation.


4. Cookies

“Cookies” are small text files that are stored on your computer by a domain (in this instance: schottel.de) and can only be processed again by this domain. Our cookies cannot contain or spread malicious code or start programs.

Our aim is to determine if you are able to find your way around our websites easily by identifying the accesses that belong to a session. By using cookies, we can also determine when your browser last visited our site. This allows us to establish if it is a repeat visit (repeat visitors typically have a different and usually very specific interest in certain content). We also want to assess if you find the content of our web pages sufficiently interesting and if and where we could improve our efforts in this respect.

We do not wish to, will not and cannot identify you personally and would therefore be grateful if you would allow us to track repeat visits by cookie.

We do not tolerate cookies from third-party domains and use our own cookies extremely sparingly. We never store any personal data in them and use them only for the following purposes:

Cookie-Name Purpose Storage period
_pk_testcookie.#.#### To test if the browser allows cookies few seconds
_pk_id.#.#### To recognize a repeat visit 13 months
_pk_ses.#.#### To identify which page requests belong to the same session 30 minutes
omCookieConsent Saves consent when redirecting to content from external sources. 1 year

The information generated by the cookies about your use of this website is never passed onto third parties. You can decide at any time if and which cookies are allowed or not allowed on your computer. You can also delete individual or all cookies on your computer at any time. To do this, use the settings in your web browser.


 

In order to change the previous settings you made for this website when you first accessed it, please click here.

 

5. Collection and storage of usage data (web analysis)

In order to optimize our websites and adapt them to the changing habits and technical requirements of our users, we use tools for web analysis. In this process, for example, we determine which elements are visited by the users and if the information they are looking for is easy to find. This information can only be interpreted and is only useful when a sizeable group of users is considered. For this purpose, the collected data is aggregated, i.e. combined into larger units.

SCHOTTEL does not profile visitors or use retargeting technologies and does not measure “customer journeys” by means of other sites. Therefore we are neither interested in the behaviour of an individual nor in the person behind it.

This enables us to adapt the design of web pages or optimize content if, for example, we find that a relevant proportion of visitors are using new technologies or finding existing information difficult or impossible to find.

For web analysis we use Matomo. This is software that is installed on our own server and only processes data that has been saved on our server. Matomo uses three technically necessary cookies (see “Cookies” section) to detect a) whether your browser allows cookies (the cookie is deleted immediately), b) which page views belong to a session, and c) whether you are a first-time or repeat visitor. Your IP address will be anonymized immediately and even before it is saved so that you as a user always remain completely anonymous to us.

By means of structural measures (separation of databases and responsibilities), we ensure that statistical data which we process for web analysis purposes at no time includes personal data or can be linked to such data.

If your browser is configured to instruct our server that you do not wish to be tracked (“do not track”), Matomo will not record your visit to our site (we never store personal data anyway).


6. Specific use of data

We observe the principle of data use for specific purposes and process your personal data only for those purposes for which you have provided the data. Your personal data will not be passed onto third parties without your express consent, unless this is necessary for the provision of the service or the execution of the contract. Furthermore, the transfer of data to state institutions and authorities entitled to receive information is only carried out within the scope of the legal obligation to provide information or if we are obliged to provide information by court order.

We also take our in-house data protection very seriously. We have obligated our employees and the service companies we commission to maintain secrecy and to comply with the provisions of data protection law.


7. Third country

There is no deliberate transfer of personal data to third countries or to international organizations, nor is there any plan to do so. However, when a website is accessed, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible that a request on the way from you to us or a reply on the way back may be routed via a server in a non-secure third country. This cannot be prevented either. However, since we encrypt the data traffic between your browser and our server (see section 8 below), there is no particular risk in this respect.


8. Data minimization, data economy and data security

In general, it is not necessary for you to provide personal data to use our website. However, in order for us to actually provide our services, we may need your personal data. This applies both to the sending of any information or ordered goods and to replies to individual requests.
If you commission us to provide a service or to send you goods, we shall only process your personal data in accordance with Article 6(1)(b) GDPR to the extent necessary to provide the service or implement the contract. For this purpose, it may be necessary to pass on your personal data to companies that we use to provide the service or implement the contract, such as transport companies or other service providers. If we wish to process your personal data for certain actions or services with your consent (in accordance with Article 6(1)(a) GDPR), we will ask you for your express consent at the appropriate point on our website.

Your personal data will be encrypted (bug-proof) on all pages with input fields by means of SSL/HTTPS for transmission over the internet (identifiable by the lock symbol in the URL line of the browser). We use technical and organizational measures to secure our website and other systems against loss, destruction, access, modification or distribution of your data by unauthorized persons.


9. Contact form and getting in touch

You can contact us in a number of ways. One of these ways is to use one of our contact forms. To process your respective request, the minimum information we require is your first and last name and an e-mail address. You can also voluntarily provide additional information that will help us to respond to your request more effectively or pre-empt any queries. Your data will be transmitted encrypted.

You may, of course, also send us an e-mail to any of the addresses published on the website. In this case, the personal data transmitted by e-mail will be stored.

If your request relates to a service offered by us, we will process your data on the basis of Article 6(1)(b) GDPR. All other requests will only be processed on the basis of your consent (Article 6(1)(a) GDPR).

Third country

During e-mail correspondence, it cannot be guaranteed that the data will remain within the EU/EEA. Due to the way the internet works, it may be technically possible that an e-mail on the way from us to you and vice versa may be routed via a server in a non-secure third country. Opt for the postal service if you want to send information confidentially, or encrypt the information/files separately (e.g. In an encrypted ZIP file) and send the key via another channel (e.g. SMS).


10. Storage period

Your processed personal data will only be stored for as long as it is necessary to fulfil the intended purpose. Once this purpose has been fulfilled, the data will be deleted, unless mandatory retention periods prevent this. In this case, the data will be limited in its processing so that it can only be used for the purpose that requires its retention (e.g. tax audit). Once these retention periods have expired, this data will also be deleted.


11. Profiling and automated decision-making

If we have access to the relevant information, a customer or prospective customer profile may be created in order to provide you with the best possible advice.

For this purpose, we use the following information in particular:

  • Your contact data from registrations, requests and orders

Automated decision-making is not undertaken at any time.


12. OpenStreetMap via Leaflet

On this website, we offer maps that use freely accessible sources (open source). The necessary software is on our own server. It retrieves map data that is stored on an external server. When setting up the software, we carefully checked that the data is retrieved from a server located within the EU (in Germany). However, we cannot guarantee this, even though we check this regularly.

The map data is only retrieved when you actively click on the preview image indicating you would like to use the map service. When retrieving data from an external server, your IP address is always transmitted to this server as otherwise the map data could not be sent to your device. In the process, the external server also learns that you have visited our site. Since the open source used by us is neither financed by advertising nor located outside the EU (e.g. as is the case with Google Maps), we believe that there is no risk of data misuse.

Find more information about OpenStreetMap at: https//www.openstreetmap.de


13. Videos per Vimeo

For better performance, we use the provider Vimeo for the presentation of our videos so that they can be accessed from all parts of the world without any time lag. Vimeo is operated by Vimeo, Inc. with head office in New York (USA). 
Note: The following information would be necessary to a similar extent if we used YouTube instead of Vimeo.

On some of our web pages we use software (plugins) from the provider Vimeo. If you call up the pages of our website that use such a plugin, no connection to the Vimeo servers is initially established – only a preview image is displayed. It is only by actively clicking actively the "Play Video" button in this preview image (consent), Vimeo reloads video data from the nearest server of a service provider (Akamai). This consent applies for all Vimeo videos embedded on our website. In the process, data is transferred to the Vimeo server thereby revealing which of our websites you have visited. The consent is only valid for the current browser session, i.e. if you want to revoke the consent, please close your browser.

If you are logged in as a Vimeo member at the time, Vimeo may assign this information to your personal user account. This information may also be assigned to your user account when you use the plugin, such as by clicking the start, stop, fast forward or rewind buttons of a video. You can prevent this assignment by logging out of your Vimeo user account and deleting the relevant Vimeo cookies before activating the video. Regardless of this type of assignment to your Vimeo user account, your personal data will nevertheless be transferred to Vimeo – and therefore to a third country – even if you have no Vimeo user account. 

A transfer to third countries is only permitted under the conditions of Chapter V DS-GVO. Although Vimeo, Inc. was certified in accordance with the EU-US Privacy Shield, the European Court of Justice has declared this agreement invalid because third parties (US authorities) may (can) access your data without you being aware of it or having adequate legal protection against it. Until a successor agreement is in place, we base the transfer of personal data (in this case: your IP address, your Vimeo usage behavior) to basically reliable recipients on your consent pursuant to Article 49 (1) a) DS-GVO, which you expressly grant in view of the aforementioned risks and dangers by clicking the "Play Video" button.

Further information (in English) regarding data processing and data protection by Vimeo can be found at https://vimeo.com/privacy


14. Rights of data subjects

Subject to certain conditions or limitations as applicable, you have the following rights:

Right to information:

As a matter of principle, you have the right to request free information regarding:

  • data processed by us;
  • the purposes of processing;
  • the categories of personal data processed and, where appropriate, the (categories of) recipients to whom the personal data has been or will be disclosed (including, where applicable, appropriate safeguards if the personal data is transferred outside the EU);
  • if possible, the intended duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
  • xand, if applicable, the origin of the data.

You have the right to rectification, deletion, restriction of processing, a right to data transferability, a right to object and a right to revoke consent at any time. This does not affect the legality of the processing of data up to the time of a revocation/objection. For the declaration of a revocation/objection, you will not be charged in addition to costs incurred by the basic rates. If costs are incurred in exercising the other rights, we shall inform you in advance. You may assert your rights against us via a designated channel (e.g. unsubscribe link) or any other communication channel (see “Controller” above or in the Imprint).


15. Queries regarding data protection and right of complaint

If you have any other queries about data processing on our website or about our processes, please contact the above-mentioned Controller or our Data Protection Officer. You can also contact this person confidentially at dsb-schottel(at)verimax.de if you think you have a reason for complaint or if you notice a breach of data protection. Thank you very much for your support.
Furthermore, you have a right to appeal to a supervisory authority. The supervisory authority responsible for the Controller is the Rhineland-Palatinate State Office for Data Protection and Freedom of Information, postbox 30 40, 55020 Mainz, Germany; e-mail: Poststelle(at)datenschutz.rlp.de; online: www.datenschutz.rlp.de


16. Applications

GETTING YOU ON BOARD AS FAST AS POSSIBLE

Applying is really straightforward.

We have made our application process as streamlined as possible to ensure that it progresses swiftly for both sides. Please send your documents digitally (ideally as a single PDF file) to personal(at)schottel.de.

Please also note the information under “Third country” in section 9 above. As an alternative, you are also more than welcome to use the postal service.

We will conduct interviews with people on the short list together with the specialist and HR department and, depending on the position, also with the head of department.
For trainees, there is an entrance test and for dual study students an assessment centre; in some cases, we also recommend a pre-study placement.

You can find out about vacancies on our career page and apply online. If you would like to apply for a position, we will need you to provide us with all the information and documents required as part of the application process. This is subject to Section 26 Federal Data Protection Act (BDSG).

Furthermore, you can provide additional information voluntarily (Section 26 BDSG (2)), which will enable us to assess your application more easily.

Further information on the application process can be found in the Careers Portal under FAQ.

Recipients

Your data will be forwarded to our company employees entrusted with the respective matter. Depending on the subject matter, your data will also be transmitted to:

  • affiliated companies of the SCHOTTEL Group, where applicable, external service providers and partners who provide data processing services on our behalf or otherwise process personal data for the purposes described in this notice or stated at the time of collection of the personal data;
  • any competent supervisory body, court, law enforcement agencies, governmental authorities or third parties if we believe that processing is necessary
    • (i) to comply with applicable laws or regulations;
    • (ii) exercise, establish or defend our legal rights or
    • (iii) to protect your vital interests or those of third parties.

Appropriate data protection agreements have been concluded with the relevant external service providers, e.g. pursuant to Article 281 GDPR.

Data is not transferred to third countries as a matter of principle. Our servers are located within the EU or the EEA. If necessary, SCHOTTEL Group companies, external service providers and partners may be granted access to your personal data, even if they operate outside the EU/EEA.

In such cases, we ensure compliance with the provisions of Chapter V GDPR, in particular that personal data shall only be transferred to third countries if they offer an adequate level of protection in accordance with the European Commission (Article 45 GDPR) or if appropriate guarantees exist in accordance with Article 46 GDPR.


 


17. Social media platforms

We use several social media channels as another way of getting in touch with you. In this case, personal data may also be processed outside the European Economic Area (EEA), but we have no control over this. We have listed the (technical) operators of the relevant platforms at the end of this section. Addresses and other contact details can also be found there, e.g. for requests for information.

Your data and your usage behaviour will be comprehensively analysed by these operators. Cookies or comparable technologies or the storage of used IP addresses may be used for this purpose. The data may subsequently be used for advertising purposes and market research. This means that you may receive advertising tailored to your user profile within these platforms or on other sites that are able to use the cookies, etc., set by these platforms.

As a registered user of these sites, this information may also be used independently of the respective device. Some of the data uses are only permitted with your consent (Article 6(1)(a) GDPR) or may be justified by a legitimate interest in efficient advertising via a platform used worldwide (Article 6(1)(f) GDPR). Since the operators of the platforms determine the technologies used, we have no way of obtaining any necessary permissions from you or of weighing them against the interests of the parties concerned. Further details on this and on your user/data subject rights with the operators can be found in the privacy policies of their respective websites.

The social media channels we use are only intended to provide a convenient way of communicating with those users who are already members of these networks. It is not necessary and we do not recommend that you become a member of these networks in order to contact us. We also communicate information or special offers on other channels, in particular on our website.

For our presence on LinkedIn or Twitter, we have concluded contracts with the European subsidiaries of the respective US groups. The contents of the contracts are specified by LinkedIn or Twitter. Although it is not necessary for technical or organizational reasons to process personal data obtained in Europe outside Europe, the companies reserve the right to transfer the data to the USA. We have no influence over this.

Since July 2020, the transfer of personal data on the basis of the EU-US Privacy Shield is no longer permitted, as the European Court of Justice has declared the procedure invalid. A transfer is only possible with your explicit consent in view of the risks and dangers involved. As we do not know or cannot determine the reason or the extent of the data transferred to the USA, we are not able to obtain any kind of effective consent from you. We therefore ask you only to visit us on social media sites or follow the links to them if you yourself have an account with these services.

LinkedIn:

Our contractual partner is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a company of the LinkedIn Corporation, USA, which belongs to the Microsoft Corporation, USA.

Although LinkedIn Corporation was certified under the EU-US Privacy Shield, an agreement in the field of data protection law between the European Union and the USA, the European Court of Justice has declared this agreement invalid because third parties (US authorities) may (can) access your data without you being aware of it or having adequate legal protection against it.
LinkedIn provides information about its privacy policy at:  www.linkedin.com/legal/privacy-policy. There you will also find further contact options, e.g. for any requests for information or complaints.
Please note that currently a transfer of personal data to the USA on the basis of the EU-US Privacy Shield is no longer permitted. According to its own information (https://www.linkedin.com/help/linkedin/answer/62533), the data centers for storing member information are currently located in the USA. SCHOTTEL does not arrange for a transfer there, nor are we responsible for it. If you do not wish such a transfer, please do not use our LinkedIn presence.

We use no technologies offered by LinkedIn for measuring and controlling advertising (“LinkedIn Insights”).

Twitter:

For the short message service offered on “Twitter”, we use the technical platform and services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, is responsible for the data processing of persons living outside the United States.

We would like to advise you that you are solely responsible for using Twitter and its featured functions. In particular, this applies to the use of the interactive functions (e.g. sharing, rating).

Information about which data is processed by Twitter and for what purposes can be found in Twitter’s Privacy Policy: twitter.com/de/privacy

Twitter Inc. has committed itself to the principles of the EU-US Privacy Shield. Find more details at: www.privacyshield.gov/participant. However, please take note of the information at the end of the section on the EU-US Privacy Shield.

We have no control over the type and scope of the data processed by Twitter, how this data is processed and used, or how it is passed on to third parties. We also have no effective means of monitoring these activities.

By using Twitter, your personal data will be processed by Twitter Inc. and, regardless of your place of residence, will be transferred to, stored and used in the United States, Ireland and any other country where Twitter Inc. does business.

Twitter processes the data you voluntarily enter, such as your name and user name, e-mail address, telephone number or the contacts in your address book if you upload or synchronize it.

Twitter also evaluates the content you share to determine what topics you are interested in, stores and processes confidential messages that you send directly to other users; it can also determine your location using GPS data, wireless network information or your IP address to send you advertising or other content.

For analysis purposes, Twitter Inc. may use analytical tools such as Twitter Analytics or Google Analytics. We have no control over the use of such tools by Twitter Inc., nor have we been informed of any such potential use of these. If tools of this type from Twitter Inc. are used for our SCHOTTEL account, we have not commissioned, approved or otherwise supported this in any way. The data obtained from the analysis is likewise not made available to us. Only certain non-personal information about tweet activity is available to us via our account, such as the number of profile or link clicks via a particular tweet. Furthermore, we have no way of preventing or turning off the use of such tools on our Twitter account.

After all, Twitter also receives information when you view content, for example, even if you have not created an account. This “log data” may include your IP address, browser type, operating system, information about the website and pages you previously visited, your location, your mobile operator, the device you use (including device ID and application ID), the search terms you have used and cookie information.

Options to restrict the processing of your data are available in the general settings of your Twitter account and under the section “Privacy and Security”. Furthermore, you can restrict Twitter access to contact and calendar data, photos, location data, etc., on mobile devices (smartphones, tablet computers) in the device settings. However, this depends on the operating system used.

Other information on these topics is available on the Twitter support pages:

You can find information on how to view your own data on Twitter at: support.twitter.com/articles/20172711

You can find information about the inferences drawn by Twitter about you here:

Information on the available personalization and data protection settings can be found here (with further references):

You can also request information using the Twitter Privacy Form or archive requests:

Data we process

We also process your data.

a) Purpose and legal basis

Data is processed for the purposes of our public relations work in accordance with Article 6(1)(f) GDPR.

b) Recipients

The initial recipient of the data is Twitter, which is responsible for any data that may be passed onto third parties for its own purposes. In addition, the recipient of publications is the public, i.e. potentially everyone.

c) Categories of personal data

We do not collect any data ourselves via our Twitter account and have not integrated any tweets or Twitter analysis/tracking tools into our website.

However, the data you enter on Twitter, in particular your user name and the content published under your account, will be processed by us to the extent that we may retweet or reply to your tweets or write tweets that refer to your account. The data that you freely publish and distribute on Twitter is thus included by us in our online presence on Twitter and made available to our followers.

d) Third country transfer

An adequacy decision was adopted by the EU Commission on the level of data protection in the USA under the conditions of the “EU-US Privacy Shield”. This decision was annulled by the European Court of Justice in July 2020, which is why transfers of personal data to the USA on the basis of the EU-US Privacy Shield are not permitted at present.
A different legal basis or your explicit consent to the transfer is now required. This means that you must first be adequately informed about the risks of the transfer. SCHOTTEL will never arrange such a transfer and it is not responsible for it.


18. Terms of Use

Please observe our Terms of Use.


19. Changes to data protection regulations

Our Privacy Policy may be amended at irregular intervals to comply with current legal requirements or to implement changes to our services, e.g. when new offers are added. The new Privacy Policy will then automatically apply next time you visit.