Harro Höfliger thanks you for your visit to our website and the interest you have shown in our company and products. The protection of your personal data is very important for us. Harro Höfliger Verpackungsmaschinen GmbH (hereafter referred to as “Harro Höfliger GmbH”, “we”, or “us”) values the safety of users’ data, as well as compliance with legal provisions related to data protection.
Harro Höfliger GmbH websites may contain links to the websites of other providers not covered by this Privacy Statement. The data that operators of these sites may collect is beyond our knowledge and ability to influence. You can obtain information from the privacy notice of the respective site.
In the following document, we will inform you in detail about how we handle your data.
The Privacy Statement is based on the terminology used in the General Data Protection Regulation (GDPR).
– “Personal data” are all information that relate to an identified or identifiable individual (hereafter referred to as a “data subject”) (Article 4(1) GDPR). Your personal data include information such as your basic information (first and last name, address and date of birth), your contact information (telephone number, email address), billing data (bank account information), and much more.
– “Processing” is any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
– The “data subject” is any identified or identifiable individual whose personal data are processed by the controller.
– The “controller” is the individual or legal entity, public authority, agency or other body that, either alone or jointly with others, decides on the purposes and means of the processing of personal data. If the objectives and means of this processing are prescribed by European Union or Member State law, the controller or the specific criteria for their nomination may be provided for under Union or Member State law.
– The “processor” is an individual or legal entity, public authority, agency or other body that processes personal data on behalf of the controller.
– The “recipient” is an individual or legal entity, public authority, agency or other body, to which the personal data are disclosed, whether it is a third party or not. However, public authorities that may receive personal data in the context of a particular inquiry in accordance with Union or Member State law are not regarded as recipients.
– A “third party” is an individual or legal entity, public authority, agency or body other than the data subject, controller, processor or persons who, under the direct authority of the controller or processor, are authorized to process personal data.
– “Consent” is any informed and unambiguous indication of the data subject’s wishes given voluntarily by the data subject for the specific case in the form of a statement or by a clear affirmative action, by which the data subject signifies that he or she agrees to the processing of personal data relating to him or her.
Collection and processing of personal data
In principle, it is possible to use our website without providing any personal data. To the extent that you wish to make use of certain services offered by our company via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and no legal basis exists for such processing, we generally obtain consent from the data subject.
Anonymous data collection (server log files)
You can visit our site without actively giving information about your person. However, we do store access data every time the website is accessed (server log files), which include the name of your Internet service provider, the operating system used, the website from which you visit us and the duration of your visit or the name of the file requested. For security reasons (e.g. recognizing attacks on our websites), we also store the IP address of the computer used for a period of 60 days. These data are assessed exclusively for the improvement of our service and do not permit any inferences about your person. These data are not combined with other data sources. The legal basis for data processing is Article 6(1) GDPR. We process and use the data for the following purposes: 1. Providing the Harro Höfliger GmbH website, 2. Improving our website and 3. Preventing and detecting errors/malfunctions, as well as misuse of the website. This kind of data processing is undertaken either in fulfillment of the agreement regarding the use of the Harro Höfliger GmbH website, or because we are pursuing a legitimate interest in the functionality and error-free operation of the Harro Höfliger GmbH website, as well as customizing this website to user requirements.
Use of cookie tracking
You can configure your browser so that you are informed about the setting of cookies and decide on an individual basis whether to accept them, or bar the acceptance of cookies for certain cases or in general. Furthermore, cookies can be erased afterwards in order to remove data that websites have stored on your computer. You can easily find instructions on how to do this online. Deactivating cookies can lead to some limitations in the functionality of the Harro Höfliger GmbH websites.
Use of Google Analytics
This website uses features of the Google Analytics web analytics service. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses “cookies”, which are text files that are saved on your computer and enable the analysis of your use of the website. The information generated by the cookies about your use of this website (including your IP address) is transmitted to Google’s server in the USA and saved there. Google will use this information to evaluate your use of the website, compile reports about website activity for website operators and provide additional services associated with website usage and Internet usage. Google may also transfer this information to third parties, provided this is required by law or if third parties process this data on behalf of Google.
Preventing the storage of cookies
You can prevent cookies from being stored by selecting the corresponding setting in your browser software. However, we advise against this because then you may not be able to fully utilize all of the functions of this website. By using this website, you agree to Google processing the data collected about you in the manner and for the purposes set out above.
Objecting to data collection
If you do not want Google to receive data from your browser when you visit the pages, you’ll find the link to the opt-out solution for Google Analytics here: http://tools.google.com/dlpage/gaoptout?hl=en.
We’ve used the Google Analytics data retention controls to determine how long data is stored at the user and event levels before they are automatically deleted from the Analytics servers. For this we have chosen the following storage period: 14 months.
Please note that on this website Google Analytics has been extended by the code “gat.anonymizeIp” in order to ensure the anonymized collection of IP addresses (so-called IP-Masking). As a result, your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States.
Demographics with Google Analytics
This website uses the “Demographics” feature of Google Analytics. This allows the preparation of reports that contain statements on the age, sex and interests of visitors to the page. These data come from interest-based advertisements from Google as well as visitor data from third-party providers. These data cannot be assigned to any person in particular. You can deactivate this feature at any time using the display settings in your Google account, or forbid the collection of your data by Google Analytics on a general basis, as shown in the “Objecting to data collection” section.
Use of etracker
Our website uses the etracker analysis service. The provider is etracker GmbH, Erste Brunnenstrasse 1, 20459 Hamburg, Germany. Web analysis is the collection, compilation and evaluation of data about the behavior of website users. Among other things, a web analysis service collects data on the websites from which a data subject has come to the website (referrers), which subpages are accessed, or how often and for how long a subpage is viewed. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of web advertising.
A usage profile can be created from the data using a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are locally stored in your browser’s cache. Cookies allow your browser to be recognized. The data collected using etracker technology are not used to identify visitors to our website personally, and are not combined with personal data about the bearer of the pseudonym without separate permission from the data subject.
You can object to the collection and storage of data at any time, which will take effect for the future. To object to the future collection and storage of your visitor data, you can obtain an opt-out cookie from etracker using the following link. This ensures that no visitor data will be collected and stored from your browser by etracker in the future. www.etracker.de/privacy. This sets a cookie from etracker with the name “cntcookie”. Please do not delete this cookie as long as you wish to maintain your objection. You can find further information in the etracker privacy provisions: https://www.etracker.com/en/data-privacy/
Order data processing
We have a contract with Google for the order processing of data, and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Our offers on social media platforms (Social Media Links)
On various social media platforms, we make offers (for example fan pages) available online that provide information about Harro Höfliger Verpackungsmaschinen GmbH and give us the opportunity to get in touch with you. We point out that we have no influence on the processing of your personal data on these platforms and only the respective operator of the platform has full knowledge of the content of the transmitted data and their use.
As a rule, cookies are stored in your browser when you visit the respective platform.
You may be affected by this data collection even if you are not registered on the respective platform. It is beyond our knowledge whether the data reaches outside the European Economic Area.
The processing of personal data on the platforms by us is based on Art. 6 para. 1 lit. f DSGVO. Our legitimate interest lies in being able to portray Harro Höfliger Verpackungsmaschinen GmbH in a variety of ways to the outside world and to use the possibility of communication with our customers as effectively as possible.
In addition, consent to data processing pursuant to Art. 6 para. 1 lit. a DSGVO legal basis if you have given them to the platform operator.
You will receive detailed information about the data processing of the platform operators regarding the respective objection possibilities, the rights of access as well as specific information about the respective platforms via the following data protection instructions of the respective operators:
Use of Facebook
Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland
Privacy Statement: www.facebook.com/about/privacy/
The features of the Facebook service are integrated into our website. If you visit our website, the link creates a direct connection between your browser and the Facebook server. Facebook then receives the information that you have visited our website using your IP address. If you click on the Facebook “Like Button” while logged in to your Facebook account, the content of our website may be linked to your Facebook profile. Facebook can thus associate your visit to our website with your user account. Please note that, as the provider of the website, we do not receive any knowledge of the content of the transferred data or the use of this data by Facebook.
Specific information on Facebook fan pages: When visiting our Facebook fan page, Facebook processes your personal data (Facebook Insights). These data are transmitted to us by Facebook in the context of Facebook Insights anonymized. This anonymous data is statistical information about our fan page subscribers.
In addition, we receive from Facebook profile data from you, if you interact with us or our site, for example, like or comment on posts or write us via Facebook or follow our page.
If you do not want Facebook to be able to associate your visit to our website with your Facebook user account, please log out of your Facebook user account.
Facebook Pixel, Custom Audiences and Facebook Conversion
As part of our online offerings, we use the Facebook pixel based on our legitimate interest in analysis, optimization and the economic operation of our online offerings. The Facebook pixel belongs to the Facebook social network, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park CA 94025, USA, or, if you are a resident of the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (hereafter “Facebook”).
Facebook is certified under the Privacy Shield Agreement, which guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
By using the Facebook pixel, it is possible for Facebook to identify visitors to our online offerings as a target group for displaying advertisements (“Facebook Ads”). Accordingly, we use the Facebook pixel to display the Facebook ads we place only to Facebook users who have shown interest in our online offerings or certain features (e.g. interest in certain subjects or products as determined by the websites visited), which we submit to Facebook (“custom audiences”). Thanks to the Facebook pixel, we would also like to ensure that our Facebook ads match users’ potential interests, and are not annoying. We use the Facebook pixel to further understand the effectiveness of Facebook advertisements for statistical and market development purposes, as we see whether users were transferred to our website after clicking on a Facebook ad (“conversion”).
The processing of data by Facebook is carried out in accordance with Facebook’s Data Use Policy. Accordingly, general information on the displaying of Facebook ads is available from Facebook’s Data Use Policy: www.facebook.com/policy.php. You can find special information and details on the Facebook pixel and its functioning in Facebook’s help section: www.facebook.com/business/help/651294705016616.
You can object to the collection of your data by the Facebook pixel and its use to display Facebook ads. To configure the kinds of advertisements that are shown to you on Facebook, you can access the Facebook site set up and follow the instructions on configuring user-specific advertisements: www.facebook.com/settings. The settings are platform-neutral, meaning that they will be adopted by all devices, including desktop computers and mobile devices.
Use of LinkedIn
Provider: LinkedIn Corporation., 2029 Stierlin Court, Mountain View, CA 94043, USA.
Privacy Statement: www.linkedin.com/legal/privacy-policy
Our website uses features of the LinkedIn network. Every time one of our pages containing LinkedIn features are accessed, a connection is established to the LinkedIn servers. LinkedIn is thereby informed that you have visited our website using your IP address. If you click the LinkedIn “Recommend” button while logged in to your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. Please note that, as the provider of the website, we do not receive any knowledge of the content of the transferred data or the use of this data by LinkedIn.
LinkedIn Specific Information: When you visit our LinkedIn Corporate Site, LinkedIn processes your personal information. This information is transmitted to us through LinkedIn as part of LinkedIn Analytics. These anonymized data are statistical data of our followers.
In addition, LinkedIn will tell us your profile name when you interact with us or our site, for example, like or comment on amounts, or follow our pages.
Use of YouTube
Operator: YouTube LLC, 901 Cherry Ave., San Bruno CA 94066, USA.
Privacy Statement: policies.google.com/privacy
Our website uses features of the Google-operated site, YouTube. When you use one of our sites with YouTube features, a connection is established to the YouTube servers. This tells YouTube which of our pages you visited.
If you are logged into your YouTube account, you allow YouTube to assign your browsing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Specific Information about Youtube Accounts or Channels: When you visit our Youtube site, Youtube processes your personal information. These data are transmitted to us through Youtube as part of the Youtube STUDIO use anonymized. This anonymized data is statistical information about our channel subscribers.
In addition, we’ll let Youtube know your Google+ profile username when interacting with us or our site, like liking or commenting on videos or subscribing to our channel.
Contact form / Queries
On our site, you can to send us queries using a contact form. In this form, your information from the contact form (the content of your query) is stored by us, along with the contact information you provide on the form (name, company, telephone, email and state) for the purpose of processing your query and for follow-up questions. We do not disclose these data without your consent. The legal basis for the collection and processing of data is Article 6(1) GDPR.
The information you enter in the contact form is retained by us until you ask us to erase it, revoke your consent to its storage or if the purpose of the data storage is no longer applicable (e.g. after the processing of your query has been completed). Mandatory legal provisions – in particular, retention periods – are not affected.
When you send us queries or information by email, your information (email address, content of your email, subject and date of your email) are stored by us, including the contact data given (first name, last name; where appropriate, telephone number and address) for the purpose of processing the query and for follow-up questions. We do not disclose these data without your consent. The legal basis for the collection and processing of data is Article 6(1) GDPR.
The user is advised that emails can be read or changed without authorization and without being noticed during transfer. Harro Höfliger GmbH uses software that filters undesirable email messages (spam filter). Email messages can be rejected by a spam filter if they are falsely identified as spam due to certain characteristics.
The information you enter is retained by us until you ask us to erase it, revoke your consent to its storage or if the purpose of the data storage is no longer applicable (e.g. after the processing of your query has been completed). Mandatory legal provisions – in particular, retention periods – are not affected.
Subscription to our “Up to Date”
On our website, you can subscribe to our company’s “Up to Date”. We use the “Up to Date” to inform our clients and business partners about our company’s offerings on a regular basis. To do this, we require a valid email address from you, as well as information that allows us to check that you are the owner of the email address entered and have agreed to receive the “Up to Date”. Other information is not collected, or is only collected on a voluntary basis. For legal reasons, a confirmation email is sent to the email address entered for a data subject the first time it is entered, as part of a double opt-in procedure. We use these data exclusively to send the “Up to Date” and do not disclose them to third parties. The legal basis for the collection and processing of data is Article 6(1) GDPR.
During the “Up to Date” registration, we also store the IP address provided by the Internet service provider (ISP) of the computer used by the data subject at the time of registration, as well as the date and time of registration. Collecting these data is necessary as part of our safeguards to trace the (possible) misuse of a data subject’s email address at a later point.
You can revoke your consent to the storage of the data and email address, as well as the use of this information to send the “Up to Date”, at any time, for example, by clicking the “unsubscribe” link in every “Up to Date”. Alternatively, you are welcome to send your unsubscribe request by email at any time to firstname.lastname@example.org. The legality of the data-processing operations is unaffected by the revocation.
We store the data you have deposited with us for the purposes of subscribing to the “Up to Date” until your removal, and erase them after you have unsubscribed from the “Up to Date”.
Our customer magazine is published under the following link: https://www.harro-magazine.com. The website uses Matomo, a cookie-based open-source web analytics software platform, to analyze the usage behavior of visitors to our website. The information collected by the cookie (browser type and browser version, operating system, your country of origin, date and time of server request, number of visits, your time spent on the website, as well as any external links that you have activated) is saved to our server. This information is used for the purpose of optimizing our website, in which we have a legitimate interest within the meaning of Art. 6 (1) (f) of the General Data Protection Regulation (GDPR).
This data is not passed on to any third party. It is standard practice to shorten or anonymize the IP address before saving. By anonymizing the IP address, it is impossible to identify the user. You may object to the anonymized data collection by Matomo by deselecting the checkbox. However, we wish to point out that in this case you would then only have restricted use of the website as not all functions will be available in full.
Your visit to this website is currently being analyzed by Matomo. For Opt-Out please follow this link:
Deleting your cookies will also delete the Matomo Opt-Out cookie. The opt out must be reactivated when returning to our website.
Supplier Collaboration Portal
The Supplier Collaboration Portal is a tool we use to manage our business relationships with suppliers. The Supplier Collaboration Portal manages any collaboration with potential or existing suppliers, for example information provided by the supplier, order processing, transport management, etc.
Having a legitimate interest in the efficiency of our business operations and the secure running of our supplier portal, we process the personal data provided by business contacts or by contacts of potential and existing suppliers. Personal data is processed for the execution of pre-contractual measures and for the execution of contracts with potential and existing suppliers.
The following types of personal data are processed when visiting or using the supplier portal:
- Access and rights management (e.g. user ID, user authorizations, login history)
- Contact data (e.g. name, email, company)
- Organization data (e.g. supplier’s managing director, contact person for logistics)
- Communication data (e.g. email for new request, email for offer status)
- Document data (e.g. contact for supplier on invoice document)
- Meta/transaction data (e.g. offer confirmed on/by, order processed on/by)
- Meta/communication data (device information, IP addresses).
Further data protection information with regard to the processing of personal data from contact partners of potential and existing suppliers, such as the length of time for which the data is saved, can be found here: https://www.hoefliger.com/datenschutz-information
Career area / Online application
On our website, you can use the career area and/or send applications by email. The personal data (basic information, contact information, attachments such as cover letters, resumes, references, etc.) from candidates are collected and processed for the purposes of carrying out the application procedure. The processing can also be performed electronically. This occurs, in particular, when a candidate sends the pertinent application documents, for instance, by email or via a web form on the site to the controller. If the controller concludes an employment contract with a candidate, the data transmitted for the purpose of entering into the employment relationship are stored in accordance with legal provisions. If the controller does not conclude an employment contract with the candidate, the application documents are automatically erased six months after notification of the decision to reject, as long as no other legitimate interests on the part of the controller prevent this. In such a case, other legitimate interests, would include the burden of proof in a process under the General Act on Equal Treatment (AGG). The legal basis for the collection and processing of data is Article 6(1) GDPR.
For the uniform presentation of fonts, this site uses web fonts that have been prepared by Fonts.com. When accessing a site, your browser loads the necessary web fonts in a cache in order to display the text and fonts correctly.
The browser you use must establish a connection to the Fonts.com servers for this purpose. This informs the provider that your IP address was used to access our website. Web fonts are used in the interest of displaying our online offerings in a consistent and attractive manner. This represents a legitimate interest within the meaning of Article 6(1)(f) GDPR.
If your browser does not support web fonts, a standard font will be used from your computer.
Duration of retention
In principle, we store your data for as long as it is necessary for the delivery of our online offerings and the related services, or as long as provided by the European regulatory authorities or another legislative authority in laws or provisions to which the controller is subject. In all other cases, we erase personal data after their purpose has been fulfilled, with the exception of such data as we must continue to store to meet legal obligations (for example, we are obliged by retention periods under tax and commercial law to retain documents such as contracts and invoices for a certain period).
Disclosure to third parties
We disclose your data to certain third parties that provide external services for us (processors) for the purpose of being able to provide applications and services. These include newsletter services, IT providers, etc. Disclosure to other third parties may occur in order to fulfill our obligations (authorities, banks, social insurance agencies, etc.). Third parties process the data according to our instructions; furthermore, they are prohibited from using these data for their own commercial purposes that do not correspond to the agreed-upon purposes.
We must disclose personal data when we are obliged to do so in ongoing court proceedings, on the basis of a decree, or by law (Article 6(1)(f) GDPR).
We only disclose your personal data to third parties if
• you have communicated your explicit consent to this under Article 6(1)(a) GDPR,
• the disclosure is necessary under Article 6(1)(f) GDPR on assertion, exercise or defense of legal rights and there is no reason to believe that you have an overriding interest worthy of protection in the non-disclosure of your data,
• a legal obligation to disclose exists under Article 6(1)(c) GDPR, and
• this is permitted by law and required for the processing of contractual relationships with you in accordance with Article 6(1)(b) GDPR.
If the processing of your data takes place outside of Europe, e.g. in India, Brazil, China, Switzerland, Singapore or in the USA, this transfer occurs in compliance with all current data protection laws, and especially with Article 44(f) GDPR.
Harro Höfliger GmbH employs technical and organizational security measures to protect your data administered by us against accidental or deliberate manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously being improved in accordance with technological development.
This site uses SSL (secure socket layer) encryption with the highest level of encryption supported by your browser for the purpose of the security and protection of transfers of confidential content such as queries you send to us as a website operator. You can tell if an individual page on our website is being transmitted using encryption if the browser's address line changes from “http://” to “https://”, and the lock symbol is shown in the address bar.
When SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Please note that the transfer of data over the Internet (e.g. by email) may be vulnerable to security breaches. It is not possible to completely protect data from being accessed by third parties.
Legal basis for processing
Article 6(1)(a) GDPR serves as a legal basis for our company's data processing operations, under which we obtain consent for a specific processing objective. If the processing of personal data is necessary for the fulfillment of a contract to which the data subject is a party, as may be the case for data processing operations that are necessary for the delivery of goods or the provision of a particular service or contribution, the processing is based on Article 6(1)(b) GDPR. The same applies to data processing operations that are necessary to carry out pre-contractual measures, for example in the event of queries regarding out products or services. If our company is subject to a legal obligation that necessitates the processing of personal data, such as the fulfillment of tax obligations, then processing is based on Article 6(1)(c) GDPR. In rare cases, the processing of personal data may be necessary in order to protect the vital interests of the data subject or another individual. This would be the case, for example, if a visitor to our business were to be injured and their name, age and health insurance data or other vital information has to be disclosed to a doctor, hospital or other third party. In that case, processing would be based on Article 6(1)(d) GDPR. Finally, data processing operations could be based on Article 6(1)(f) GDPR. Data processing operations that are not covered by any of the legal bases indicated above are supported by this legal basis if the processing is necessary to safeguard a legitimate interest of a company or a third party, as long as it does not override the interests and fundamental rights and freedoms of the data subject. If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is carrying out our business activities in the interest of the well-being of all of our employees and customers.
Legal or contractual provisions on the provision of personal data, necessity for the conclusion of the contract, obligation of the data subject to provide personal data, possible consequences of non-provision
You should be aware that the provision of personal data is sometimes legally required (e.g. tax provisions) or can come about as a result of contractual provisions (e.g. Information on the contractual partner). From time to time, it can be necessary for the conclusion of a contract for a data subject to make personal data available to us that subsequently have to be processed by us. The data subject may be obliged to provide us with personal data when our company concludes a contract with them. The consequence of not providing personal data is that the contract cannot be concluded with the data subject. Before the provision of personal data by the data subject, the data subject must contact one of our employees. Our employee will make the data subject aware, on a case-by-case basis, of whether the provision of personal data is legally or contractually required, or necessary for the conclusion of the contract, and whether there is an obligation to provide personal data, and what consequences the failure to provide personal data would have.
Notice for underage persons
This online offering is not aimed at children younger than 16. Persons who have not yet reached the age of 16 may not send any personal data to Harro Höfliger GmbH without the consent of their legal guardians.
Rights of the data subject
You have the right to information regarding the data stored by us, the duration of the data retention, the reason and legal basis for the storage and the origin and recipients of disclosures. Inaccurate data must be corrected, data that is unlawfully stored or no longer required must be erased. In addition, the data subject has the right of objection, a right to restriction of processing and the right to data portability.
This information will be prepared at your request. This information is free of charge.
You also have the right to file a complaint with a supervisory authority.
Revocation of consent to data processing
Certain data processing operations are only possible with your explicit consent. You can revoke consent at any point after granting it. An informal email notification to email@example.com suffices for this purpose. The legality of the data-processing carried out until the revocation is unaffected by the revocation.
Responsible authority and contact information of the external data protection officer
Harro Höfliger Verpackungsmaschinen GmbH
71573 Allmersbach im Tal
Tel.: +49 7191 501 0
Contact information of the external data protection officer:
Phone: 07542 / 94921 - 01 E-Mail: fischerkeller(at)ddsk.de