Welcome on our website and thank you for your interest in us and our products. We take the protection of your personal information very seriously and want you to feel safe when visiting our website. Therefore, we would like to inform you of the scope of the personal data we collect and for what purpose it is used. We take data protection very seriously and treat personal data confidentially and in accordance with the legal requirements. New technologies and the development of our website may require that we adapt this data protection policy. We therefore recommend that you read it again in regular intervals. The definitions for the terms used in this data protection policy are available in Article 4 of the General Data Protection Regulation (of the GDPR).
1. Technically necessary data / access data
Due to technical reasons, it is necessary for your internet browser to transmit some data (“server log files”) to our web server when you access our website. The following data is recorded during an active connection in order to facilitate the communication between your internet browser and our website, to ensure a smooth connection to the website, and to provide a comfortable and user-friendly browsing experience:
- domain requested
- IP address of the visitor
- request date and time
- request method
- page path
- status code
- referrer (where did the request originate)
- user agent with browser and operating system version
The data is used exclusively for troubleshooting purposes and, if necessary, for forensic analysis. The legal basis for the temporary storage of the data and log files is Article 6(1) point (f) of the GDPR.
That data is stored temporarily for technical security reasons, in particular to protect against cyberattacks on our web server. That data does not allow the identification of individuals. The IP address is shortened to the domain level at the latest seven days after it has been collected. This is done in order to anonymise the data and make it impossible to identify individual users. In addition, the anonymised data may be processed for statistical purposes. At no point is the data stored together with other personal data of the user, compared with other databases or passed on to third parties.
1.1 Reach measurement
Our website uses so-called “cookies” with different functions.
Cookies are small text files that are stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on the user’s device. Many cookies are necessary for technical purposes because some website features would not function otherwise (e.g. the shopping cart or language settings).
The storing of cookies that are necessary technically (permanent cookies) takes place based on Article 6(1) point (f) of the GDPR. The technically flawless and optimised provision of our services constitutes a legitimate interest. Cookies in this category are e.g. Usercentrics Consent Management Platform, TYPO3, reCAPTCHA.
Other cookies (session cookies) are only stored with your consent based on Article 6(1) point (a) of the GDPR. You can withdraw your consent for the future at any time. Cookies in this category are e.g. Google Maps, YouTube Video, Google Analytics.
The legal basis can be derived from Article 6(1) point (b) of the GDPR if the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering the contract.
If cookies are used for analytical purposes, we will inform you thereof separately within the framework of this data protection policy and ask for your consent.
You can also manage and make changes to different cookie settings in your browser (Google Chrome, Mozilla Firefox, Internet Explorer, Safari, etc.).
1.3 Cookie management
Advertising cookies used by many companies and functions can also be managed individually. To do this, use the corresponding user tools.
In addition, most browsers have a so-called “Do Not Track” function, which signals that you do not want to be tracked. If that function is enabled, the browser will send a signal to the websites you visit that you do not wish to be tracked for targeted advertising or similar purposes. Information and instructions on how to change those settings are provided by your browser provider.
Please note that some features of this website may not function properly if cookies are deactivated.
You can withdraw or change your cookie preferences at any time. To do so, open the cookie settings by clicking or tapping the integrated fingerprint icon on our website. It is located in the bottom left corner of the website.
2. Processing of personal data
Personal data refers to any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, etc.
If the opportunity for the input of personal or business data (e-mail addresses, names, addresses) is given, that information is provided voluntarily.
2.1 Handling of data from the contact form
We collect and process your data that you choose to provide via the contact form. In doing so we comply with the legal provisions concerning the erasure of data. The controller pursuant to the data protection legislation is Jowat.
When you contact us via the contact form, we ask for your location, name, and e-mail address. You may also provide further voluntary information if you choose so.
2.2 Handling of data from applications
By sending application materials, the applicant consents for the data transferred (e.g. first and last name, address, e-mail address, phone number, etc.) to be stored in accordance with the legal provisions.
In the event of a negative decision or if the application is rejected, the data transferred will be erased no later than 6 months after the application processes has ended. This shall not apply if erasing the data would be against legal provisions or if the data is necessary for establishing a claim.
If a contract is signed following the application, your data may be stored and used for the purpose of the standard organisational and administrative process, in compliance with the relevant legal provisions.
If we cannot offer you a vacancy at present and if, based on your profile, we think that your application could also be interesting for future job openings, we will store your personal application data for twelve months, provided that you expressly consent to such a storage and use.
You can object to the storage of your application data at any time. The data will be erased without undue delay after we have received your objection. You may send your objection to email@example.com. You also have the right to withdraw your application at any time.
We expressly point out that applications, especially CVs, certificates, and further data you provide, could contain extremely sensitive information (e.g. regarding mental and physical health). If you transmit such information together with your application, you expressly consent to that data being collected, processed, and used by Jowat for job filling purposes.
In addition, we point out that the data you send may be used to create statistics about the application process. Those statistics are created exclusively for our own purposes and are always anonymous, in no case personalised. Further information is available at: https://www.jowat.com/de-DE/datenschutz/bewerbung/
3. Information shared with third parties
Personal information will not be passed on to third parties without your consent. Personal information will only be collected and passed on to state institutions and authorities within the framework of the relevant legislation and as per court order. All of our employees and service providers are bound not to disclose any personal information as well as to compliance with the data protection policy.
3.1 External links
Jowat does not control or have any influence on the content and data protection policy of other websites linked to on our website. If you follow a link to another website, we recommend reading the data protection policies on those websites to determine whether and to what extent they collect, process or use personal data, or make it accessible to third parties.
3.2 Processing by external service providers on our behalf
In addition, we also use services from carefully chosen external providers with a written mandate from us. The service providers are bound to our instructions and are regularly monitored by us. Where applicable, we have concluded the necessary processing contracts in accordance with Article 28 of the GDPR.
The service providers are responsible for webhosting, the sending of e-mails as well as the maintenance and upkeep of our IT systems, etc. The service providers will not pass that information on to third parties.
4. Analysis and tracking
4.1 Use of Google Maps
This website uses Google Maps (API) provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland (“Google”). Google Maps is a web mapping service for the presentation of geographic data in a visual form. It enables us to show our location on a map and makes finding us easier.
When you access a page on which Google Maps are embedded, information about your use of our website (e.g. your IP address) will be transferred to and stored on Google’s servers. Information may also be transferred to the servers of Google LLC. In the USA.
This is independent of whether you are signed in with a user account provided by Google or whether a user account exists. When you are signed in on Google, the information will be linked directly to your account. If you do not want that information to be linked to your Google profile, you must sign out before activating the button.
The data stored by Google (incl. of users who are not signed in) is used for creating and analysing usage profiles. On the basis of legitimate interest, Google collects, stores and analyses the data to display personalised advertising, for market research and/or for tailoring of Google websites. You have the right to object to user profiles being created. To make use of this right, you must contact Google.
The Google Terms of Service are available at https://www.google.de/intl/en/policies/terms/regional.html
The additional Terms of Service for Google Maps are available at https://www.google.com/intl/en_US/help/terms_maps.html
4.2 Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”).
The analysis of your use of the website is made possible by storing so-called “cookies” on your computer, which then generate information about your usage behaviour and forward it to Google Inc. In general, your IP address is shortened before it is forwarded to Google Server. In exceptional cases, the complete IP address may also be forwarded. Google uses this information on our behalf to compile a report about the user behaviour on our pages. The IP address determined by Google Analytics is not coupled with other data from Google. You can prevent cookies from being stored on your computer by setting the appropriate preferences in your browser. Unfortunately, this may result in a limited use of our webpages.
You can prevent Google Analytics from collectiong data. To do so, open the cookie settings by clicking or tapping the integrated fingerprint icon on our website. It is located in the bottom left corner of the website. This will set an opt-out cookie, which prevents the collecting of your data when you visit this website.
Please observe that the code “anonymizeIp” has been added to Google Analytics on this website to facilitate the anonymization of the IP addresses collected (so-called IP masking).
This website also uses the reCAPTCHA function provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Irland (“Google”).
The primary purpose of this function is to determine whether information entered on our website comes from a physical person or is the result of automated machine processing (in order to identify bots, e.g. when filling in online forms).
The service includes the transmission of IP addresses as well as further data needed by Google for the reCAPTCHA service if necessary to Google, pursuant to Article 6(1) point (f) of the GDPR based on our legitimate interest in establishing individual liability on the internet and in preventing misuse and spam. Within the framework of the use of Google reCAPTCHA, personal data may also be transferred to the servers of Google LLC. in the USA.
4.4 YouTube Video
We use YouTube.com as a platform to upload and publish our own videos. YouTube is a service provided by a third party not associated with us - YouTube LLC (Google/YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland).
Our website contains links to YouTube. We are generally not responsible for the content on linked websites. If you follow a link to YouTube, please observe that YouTube store and use the data of their users (e.g. personal information, IP address) for commercial purposes in accordance with their own data use policy.
Data policy of the third party: https://policies.google.com/privacy?hl=en
4.5 LinkedIn Insight Tag
To deactivate the Insight Tag on our website (opt out), please open the cookie settings via our integrated fingerprint button. The button is located at the bottom left on our website. This will set an opt-out cookie, which will prevent the recording of your data when you visit this website in future.
5. Duration for which personal data is stored
The duration for which personal data is stored depends on the relevant legal retention periods (e.g. pursuant to commercial law and tax law). The data is erased routinely after the corresponding retention period has ended. If the data is necessary for the execution or initiation of a contract or if we have a legitimate interest in a further storing, the data will be erased when it is no longer necessary for that purpose or when you have used your right of revocation or objection.
6. Data transfer to third countries
As described above, we use the services of providers in so-called third countries (for instance the USA), i.e. countries which do not have data protection laws equivalent to those in force in the European Union. If this is the case and if the European Commission has not adopted an adequacy decision (Article 45 of the GDPR) for that country, we have taken the necessary measures to ensure an adequate level of data protection for any data transfer. This includes e.g. the standard contract provisions of the European Union or binding internal data protection rules.
In the cases where that is not possible, the transfer of data is based on exceptions in Article 49 of the GDPR, in particular on your express consent or the necessity of the transfer to fulfil a contract.
The decision on whether to transfer data to the USA by clicking a social media link or a US social media service as well as the related responsibility lie with the user. Jowat SE and its subsidiary cannot assume any liability for the transfer of data to the USA.
When a page is loaded, the initial view will only show a preview image of the link or video. That image is stored on our own servers. After the first click, the following message will be displayed:
“By accessing the content you consent to transferring your data to (YouTube LLC USA, etc…) and confirm that you have read the Data Protection Policy.”
Only after you have clicked on accept, will the page or YouTube video be started in the extended data protection mode. The data protection policies of the external page or provider apply in that case. The data processing takes only place with your consent, which you give by clicking the link of the social media provider (e.g. LinkedIn) or by expressly starting a YouTube video following the aforementioned two-click procedure.
If the data is transferred to a third country and there is no adequacy decision nor a suitable guarantee, it is possible and there is a risk that authorities in the corresponding third country (e.g. intelligence services) gain access to the transferred data to collect and analyse it and that the enforcement of your rights cannot be guaranteed.
You will also be informed of the lack of an adequate data protection level of such services, you will also be informed through the cookie banner.
7. Access to personal data
You can find out if and what personal information Jowat holds about you, upon request and free of charge. Please inform us of any incorrect data concerning your person, so that we can correct, lock, or delete it. If you have further questions relating to our data protection policy, please do not hesitate to contact us.
Data subjects have the right to obtain from the controller confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the personal data and the information outlined in Article 15 of the GDPR.
Data subjects have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning them, as well as to have incomplete personal data completed.
In addition, data subjects have the right to obtain from the controller the erasure of personal data concerning them without undue delay where one of the grounds outlined in Article 17 of the GDPR applies, e.g. if the data are no longer necessary for the purposes for which they were collected (right to be forgotten).
Data subjects have the right to obtain from the controller restriction of processing where one of the conditions outlined in Article 18 of the GDPR applies, e.g. where the data subject has objected to processing pending the verification by the controller.
Data subjects have the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims (Article 21 of the GDPR).
Data subjects have the right to receive personal data concerning them which they have provided to a controller in a structured, commonly used, and machine-readable format. Data subjects have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent or on a contract (Article 20 of the GDPR). This right shall not apply if the processing is necessary for the performance of a task carried out in the public interest, the rights and freedoms of another person are affected, and the transmission would not be technically feasible.
Data subjects have the right to withdraw consent at any time where processing is based on a consent (according to Article 6(1) point (a) or Article 9(2) point (a) of the GDPR).
If we process your data based on a legitimate interest, you have the right to object to the processing of your data due to reasons arising from your special situation. If the objection is against data processing for direct advertising purposes, you have a general right to object for which you do not need to give a reason.
To exercise your rights described above, please contact the person specified below. This also applies if you wish to receive a copy of a guarantee as evidence of an adequate level of data protection.
Data subjects have the right to be informed of the possible consequences of failure to provide the personal data.
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the of the GDPR (art. 77 of the GDPR). The data subject can lodge the complaint with a supervisory authority in the Member State of his or her habitual residence, place of work, or place of the alleged infringement. The competent authority in the federal state of North Rhine-Westphalia is the North Rhine-Westphalia Commissioner for Data Protection and Freedom of Information (LDI NRW), Kavalleriestr. 2-4 in 40213 Düsseldorf. In Sachsen-Anhalt, the competent authority is the Data Protection Commissioner of Sachsen-Anhalt, Leiterstr. 9 in 39104 Magdeburg.
Further information will be provided by Jowat if the purpose of personal data processing changes.
Phone: +49 (0) 5231 749-0
E-Mail: firstname.lastname@example.org (for general enquiries)
Contact person for data protection at Jowat SE, Detmold and Jowat Klebstoffe GmbH, Elsteraue:
- personal -
Senior Legal Consultant Data Privacy
Phone: 05221 87292-09
Fax: 05221 85496-99