Table of contents
I. General information on data protection
II. privacy policy website
III. Information for applicants
IV. Information for business partners
I. General information on data protection
REFERENCE TO THE RESPONSIBLE BODY:
EMS Maritime Offshore GmbH
Dithmarscher Straße 13
26723 Emden
We attach particular importance to the protection of your personal data. Your personal data is processed in accordance with data protection regulations, in particular the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
The following information provides an overview of the type, scope and purpose of the collection, processing and transmission of personal data as well as the security measures used to protect this data.
Personal data is individual information about the personal or factual circumstances of an identified or identifiable natural person, such as your name, address, telephone number, date of birth, email address and IP address.
LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis. You can revoke your consent to this processing at any time for the future in accordance with Art. 7 para. 3 GDPR.
When processing personal data that is required to fulfill a contract or to carry out pre-contractual measures, Art. 6 para. 1 lit. b GDPR serves as the legal basis.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis for processing is Article 6(1)(f) GDPR. In this case, you have a right to object in accordance with Art. 21 GDPR.
DATA ERASURE AND STORAGE DURATION
Personal data will be deleted as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by statutory retention obligations to which our company is subject (e.g. retention periods of up to 10 years under accounting and tax law in accordance with the German Fiscal Code (AO) and German Commercial Code (HGB)).
YOUR RIGHTS
Upon written request, we will inform you in accordance with Art. 15 GDPR in accordance with our legal obligation under Art. 12 GDPR whether and which of your personal data is processed or stored by us. Furthermore, you have the right to rectification of inaccurate data in accordance with Art. 16 GDPR, data portability in accordance with Art. 20 GDPR, blocking and erasure of your personal data in accordance with Art. 16 GDPR and the right to object to processing in accordance with Art. 20 GDPR.
2.1 Provision of the website
Use of hosting service providers
Our website is hosted on servers of a hosting service provider located in the EU on the basis of order processing in accordance with Art. 28 GDPR. As part of its services, the hosting service provider may have access to personal data of our users, in particular to technical data that is generated as part of the technical communication between you and our website (e.g. server log files). They may not use this data for their own purposes. The use of a hosting service provider is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR in the provision of infrastructure and platform services, computing capacity, e-mail dispatch and security services.
Server log files
When you visit our website or use its services, the device you use to access the site automatically transmits log data (connection data) to our server. The corresponding information consists of
Type and version of the browser you are using,
Type and version of the operating system you are using,
Referrer URL of the page from which you accessed our website,
Date and time of access to our website,
Name of the subpages you accessed,
IP address of your computer system,
Amount of data transferred in each case.
The data collected is used exclusively for statistical evaluations for the purpose of operation, security and optimization of the website. For security reasons, however, we reserve the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence. The data will not be stored for longer than necessary for this purpose. This collection is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR.
Cookies
We use so-called cookies in some areas of the website in order to recognize visitor preferences and to be able to design the website in an optimal and attractive way. This facilitates navigation and a high degree of user-friendliness of the website. The processing by cookies for the technical provision of the website constitutes a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR / § 25 para. 2 TDDDG. In addition, the legal basis is Art. 6 para. 1 lit. a GDPR or Section 25 para. 1 TDDDG if we require your consent for the use of cookies (e.g. for marketing or analysis purposes).
Cookies are technologies that your browser automatically creates and that are stored on your end device when you visit our website. Cookies do not harm your computer and do not contain viruses. Most of the cookies we use are deleted again at the end of the browser session (so-called session cookies). Other cookies remain on your computer and enable us to recognize your computer on your next visit (so-called persistent or cross-session cookies). Thanks to these files, it is possible, for example, to display information on the site that is specifically tailored to your interests.
You can set your browser so that it informs you about the placement of cookies. This makes the use of cookies transparent for you. If you completely exclude the use of cookies, you may not be able to use individual functions of this website.
Cookiebot - cookie consent management
We use the Cookiebot consent management service as a cookie consent management platform. The provider is Cookiebot, Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cybot). The tool is a software for controlling cookies. The purpose of data processing is to comply with legal obligations and to store consent. The legal basis is Art. 6 para. 1 lit. c GDPR. You can find more information on the processing of your data by Cookiebot at: www.cookiebot.com/de/privacy-policy/.
Security of your data
We use technical and organizational security measures to adequately protect the data you provide against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. We therefore use SSL encryption for the transmission of confidential content, such as inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties. Our security measures are developed in line with the state of the art.
2.2 Making contact
If you contact us (e.g. via contact form, e-mail, telephone, social media), your personal data will be stored and processed by us for the purpose of processing the inquiry and any associated follow-up questions in accordance with Art. 6 para. 1 lit. b GDPR (in the context of pre-contractual/contractual measures) or in accordance with Art. 6 para. 1 lit. f GDPR (general inquiries). We will not pass on this data without your consent.
The data you provide will remain with us until you ask us to delete it, object to its storage or the purpose for which it was stored no longer applies (i.e. after your inquiry has been processed), provided that this does not conflict with any statutory retention obligations.
2.3 Third-party content and services
On the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, content, services and services from other providers that complement our offer are integrated within our online offer. By using the services listed below, we want to ensure that our website is designed to meet your needs and is continuously optimized. If we request your consent for the use of these services, the legal basis is Art. 6 para. 1 lit. a GDPR.
Google Tag Manager
Google Tag Manager is used on our website. Google Tag Manager (GTM) is a solution from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland that allows us to manage website tags via an interface. GTM itself (which implements the tags) is a tool that does not create user profiles, does not store cookies with user profiles and does not carry out any independent analyses. Its function is limited to the integration and management of tools and services that we use on our website. Nevertheless, when using the Google Tag Manager, the IP address of website visitors is transmitted to Google, which is necessary for technical reasons in order to implement the services we use. The use of GTM is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in a fast and uncomplicated integration and administration of various tools on our website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR. The tags/services used are named separately in this privacy policy and can be edited individually by you in the privacy settings, for example by deactivating cookies for these elements. You can find more information at: www.google.com/policies/privacy/.
Image material of AG EMS
In some places on our website, content from our parent company, AKTIEN-GESELLSCHAFT “EMS”, Zum Borkumanleger 6, 26723 Emden-Außenhafen (AG EMS), is integrated. When you visit subpages on which this content is integrated, your browser makes contact with the servers of AG EMS, whereby your current IP address and other technical information about your browser are transmitted. A contract has been concluded with the provider in accordance with Art. 28 GDPR, which stipulates, among other things, that the provider processes your data exclusively for the provision of the above-mentioned information via our website, to secure its service and not for other purposes.
Links to third-party websites
On the basis of our legitimate interest, it may happen that links to other providers that supplement our offer are integrated within this online offer. When accessing websites linked to from this website, you may again be asked for information such as your name, IP address, browser properties, etc. This privacy policy does not regulate the collection, disclosure or handling of personal data by third parties. In this context, please note the special data protection declarations of the individual third-party providers and service providers whose links we include on our website.
2.4 Social media
We maintain publicly accessible online presences in social networks to communicate with the customers and interested parties active there and to present our services.
We would like to point out that user data may be processed outside the European Union. Furthermore, user data is generally processed for market research and advertising purposes. To the best of our knowledge, the providers also use cookies that store your usage behavior (also across different end devices). This allows targeted advertising to be displayed on the provider's own platform and on third-party sites.
The processing of users' personal data is based on our legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. If the users are asked by the respective providers of the platforms for consent to data processing or if the user voluntarily sends information to our online presences, the legal basis for processing is Art. 6 para. 1 lit. a GDPR in conjunction with Art. 7 GDPR. If this information contains contractually relevant content, Art. 6 para. 1 lit. b GDPR serves as the legal basis.
For a detailed description of the respective processing and the opt-out options, we refer to the following linked information from the providers.
In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
Facebook and Instagram (Meta)
If you interact with our social media pages on Facebook and Instagram (comment, like posts or send us a message), your data will be stored by us. These social networks are operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: Meta).
When operating a company profile on these channels, Meta and our company are joint controllers under data protection law in accordance with Art. 26 GDPR. Accordingly, we have concluded an agreement with Meta in which the respective obligations under the GDPR are regulated: www.facebook.com/legal/terms/page_controller_addendum.
Meta provides the profile operators with statistics and insights into the types of actions of our profile visitors (“Page Insights”). We have no influence on the collection of this data by Meta. According to Meta, this data is only provided to us in anonymized form so that the user cannot be identified from the information.
Personal data is deleted as soon as the purpose of storage no longer applies. Data may also be stored if this is required by statutory retention obligations to which our company is subject.
Please note that when you use and access our Facebook and Instagram pages, your personal data will also be processed by the provider Meta. Meta is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland and the parent company based in the USA. Meta processes your data in addition to the above-mentioned processing for analysis and advertising purposes. To the best of our knowledge, Meta also uses cookies that store your usage behavior (also across different end devices). This enables Meta to display targeted advertising on its own platform and on third-party sites. Further information can be found in Facebook's privacy policy: www.facebook.com/about/privacy/, Instagram help.instagram.com/519522125107875. Facebook and Instagram also offer the option of objecting to certain data processing; information and opt-out options in this regard can be found at: www.facebook.com/settings and www.instagram.com/accounts/privacy_and_security/. Please note that, in accordance with Meta's privacy policy, user data is also processed in the USA or other third countries. Meta only transfers user data to countries for which there is an adequacy decision by the European Commission pursuant to Art. 45 GDPR or on the basis of suitable guarantees pursuant to Art. 46 GDPR.
With regard to data processing via our Facebook and Instagram pages, you also have the option of asserting your data subject rights against Meta. Further information on this can be found in Meta's privacy policy: www.facebook.com/about/privacy/.
2.5 Minors
Our online services are generally aimed at persons of legal age. Personal information of persons who have not yet reached the age of 16 may only be made available to us if the express consent of the parent or guardian has been obtained (Art. 8 GDPR). Processing without the consent of the parent or legal guardian is not permitted. We therefore reserve the right to delete all data relating to minors if we do not have the consent of a parent or legal guardian.
3.1 Purpose and legal basis for collection and processing
Your data will be processed by us for the purpose of processing your application in accordance with Art. 88 GDPR in conjunction with Section 26 BDSG. If special categories of personal data within the meaning of Art. 9 para. 1 GDPR are voluntarily communicated as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. b GDPR.
3.2 Recipients of your data
The recipients of your data are the departments involved in the HR process (including HR, managers and heads of department) of the controller. Your data will be treated as strictly confidential and will not be passed on to third parties without your consent. Your data will not be transferred to third countries or international organizations.
3.3 Storage of your data
Your application data will be deleted 180 days after the position has been filled. If you are also interested in future vacancies, we require your written consent to store your application documents for a longer period. You can revoke this consent at any time for the future in accordance with Art. 7 para. 3 GDPR. To do so, please send an e-mail with a corresponding note to the contact address given above.
4.1 Purpose and legal basis for collection and processing
First and foremost, data processing serves to establish, implement and terminate the contractual relationship. The primary legal basis for this is Art. 6 Para. 1 lit. b GDPR. Without this type of use of your data, the implementation of the business relationship between you and us is not possible.
We also process your data on the basis of Art. 6 Para. 1 lit. f GDPR to protect our legitimate interests or those of third parties (e.g. authorities). This may be necessary, for example, to maintain IT security and IT operations or for the purposes of corporate management, internal communication and other administrative purposes. You can object to this processing by stating special reasons in accordance with Art. 21 GDPR.
We also process your data to fulfill legal obligations such as regulatory requirements, commercial and tax retention obligations or documentation obligations. The legal basis for this is Art. 6 (1) (c) GDPR in conjunction with the nationally applicable laws.
In individual cases, we may also process your data on the basis of your separate consent given to us in accordance with Art. 6 (1) (a), 7 GDPR (e.g. when registering for our newsletter or publishing photo and video recordings). You are always free to decide whether you want to declare your consent. You can revoke your consent at any time with effect for the future. To do so, use the link provided in the respective campaign or send corresponding inquiries to the contact address provided above.
If we process your personal data for a purpose not mentioned above, we will inform you in advance.
4.2 Recipients of your data
Within our company, only those people who need your personal data to fulfill our contractual and legal obligations will receive it. In addition, we sometimes use different service providers to fulfill these obligations, so that it may be necessary to transmit your personal data to other recipients outside the company, insofar as this is necessary to fulfill our contractual and legal obligations. These third parties can be, for example, authorities, financial institutions, suppliers, etc.
In order to process your data technically, we sometimes use external service providers. We may transfer and process your data outside the country in which you are resident / company headquarters or in one of the countries in which we operate. These may also be located outside the European Economic Area. If we transmit personal data to service providers or companies outside the European Economic Area (EEA), the transmission will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place. You can also request detailed information using the contact information above.
4.3 Storage of your data
We only store your personal data for as long as it is required for the purposes stated above. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This is usually due to legal proof and retention obligations, which are regulated, among other things, in the Commercial Code and the Tax Code. The storage periods are then up to ten years. In addition, personal data may be stored for the period in which claims can be asserted against us (statutory limitation period of three or up to thirty years).