Privacy policy of this safety platform

„Welcome to DSM Grenzach“

Last updated: 10 December 2022

Transparency is a matter of prime importance for DSM. In accordance with the relevant data protection legislation, we have drawn up this privacy policy to inform you of the personal data we or our contractors collect online through the safety platform at https://willkommenbeidsmgrenzach.de/ when:

  • you visit our website, or
  • you make use of the registration form

(hereafter collectively referred to as the “website”). This policy also covers the purposes for which we use this data and how we use it to optimise our services for you, and your rights as a Data Subject.

A. General information

1. Data Controller, Data Protection Officer

a) The Data Controller as defined in Article 4(7) of the EU General Data Protection Regulation (GDPR) is:

DSM Nutritional Products GmbH

Emil-Barell-Str. 3, 79639 Grenzach-Wyhlen, Germany

Tel. +49 7624 9090

Fax +49 7624 909-4100 Email: Datenschutzbeauftragter.DSM-Deutschland@dsm.com

hereafter referred to as “we” or “us”. Please refer to Legal Information for more information on the provider.

b) You can contact the Data Protection Officer by sending a letter to the above address marked “FAO Data Protection Officer”, or by sending an email to s.baum@bhk-datenschutz.de.

2. Types of data processed, categories of Data Subjects

2.1 Types of data processed

  • First name, last name, title, email address
  • Date, time of test, result
  • Usage data (e.g. webpages visited, interest in content, access times)
  • Communication data and history
  • Metadata/communication data (e.g. device details, IP addresses)
  • Data as listed in section B of this privacy policy

2.2 Categories of Data Subjects

  • Website visitors and users
  • Works visitors
  • Lorry drivers accessing works site
  • Tradespersons working on the works site
  • Other people with whom we communicate

(Data Subjects are hereafter referred to collectively as “users”.)

3. Purpose of processing

We use your personal data:

  • for the provision of the website and online offering, its features and content,
  • for Visitor registration, providing information and responding to queries on safety rules on the works site,
  • for responding to requests for contact and communicating with users,
  • and for safety precautions.

4. Provision of the website, logfiles

(1) If you only use the website to obtain information – i.e. you do not register and do not provide us with information in any other way – we only collect the personal data that your browser automatically sends to our server. If you want to browse our website, we collect the following data which is strictly necessary to display our website and to ensure its stability and security (the legal basis for this is as set out in Article 6(1)(f) of the GDPR):

  • IP address
  • Date and time of request
  • Difference between your time zone and Greenwich Mean Time (GMT)
  • Content of request (specific webpage)
  • Access status/HTTP status code
  • Amount of data transferred
  • Webpage originating the request
  • Browser
  • Operating system and interface
  • Language and version of browser software

(2) User IP addresses are deleted or anonymised after the end of website use. If anonymised, the IP addresses are altered in such a way that individual details relating to personal or factual circumstances can either no longer be assigned to a specific or identifiable natural person, or can only be assigned subject to a disproportionate amount of time, cost and effort.

5. Cookies (general information)

(1) In addition to the logfile data referred to above, cookies are saved on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and which provide certain information to the entity placing the cookie (us in this case). Cookies cannot cause programs to run or transmit viruses to your computer. They are used to make the website more user-friendly and effective overall.

(2) Use of cookies:

a) This website uses the following types of cookies, whose scope and functions are explained below:

  • Session cookies (see subsection b)
  • Permanent cookies (see subsection c)

b) Session cookies store a session ID, which allows different requests from your browser to be assigned to the shared session. Session cookies are deleted when you log out or close your browser. If you launch your browser again and return to the website, the website will not recognise you. You will need to log in again (if a login is required) or reset your templates and preferences if the website offers such functions. A new session cookie will then be generated that stores your information and remains active until you leave the page or close your browser.

c) Persistent cookies are automatically erased after a predefined period, which may vary depending on the cookie. You can delete these cookies at any time in your browser’s security settings.

(3) For what purposes do we use cookies?

We use cookies in order to personalise content and adverts, to provide social media functions and to analyse traffic on our website. We also provide information about your use of our website to our partners for social media, advertising and analysis. Our partners may combine this information with other data that you have provided them or which they have collected during your use of the services. By continuing to use our website, you give your consent to our cookies.

Basic information

UseDescriptionDuration of storage
Technically necessary cookiesTechnically necessary cookies enable the use of our website by providing basic functions such as page navigation and access to secure areas of the website. Visiting our website cannot function properly without these cookies.Session cookies – are deleted when the browser is closed.
Performance (e.g. user’s browser), display and preferencesWhen using our website, cookies are used (e.g. to recognise the browser) to improve performance (e.g. faster loading of content). When you visit our website, the country and language selection determined or selected by you is stored in cookies to save you having to select again on subsequent visits. In advance, we check whether your browser supports cookies and this information is stored in another cookie. Subsequently, you will be shown contact information localised according to country and language, which will also be stored. The legal basis for this is your Art. 6 para. 1 lit. f) DSGVO.Session cookies – are deleted when the browser is closed.

(4) Control of cookies

You can set your browser to inform you when cookies are placed and allow cookies only in individual cases, to accept cookies for certain cases, or to generally reject cookies, and you can enable automatic deletion of cookies when closing your browser. Disabling cookies may limit the functionality of this website.

6. Electronic visitor registration

(1) The registration form on our website provides an easy and straightforward way for you to electronically arrange your visit to our site. If a user takes up this option, the data entered on the input screen will be sent to us and stored. The relevant data, in particular personal details, address data, contact details and messages (free text field) can be directly seen on the relevant input screen. The following data is also stored when the form is submitted:

  • User’s IP address
  • Date and time of submission

(2) For information on data processing, users are directed to this privacy policy during the submission process. Alternatively, users can contact us using the email address provided. In this case, the user’s personal data transmitted with the email will be stored. This data will be used solely to process the user’s request.

(3) The legal basis for processing the data transmitted through the contact form or when an email is sent is as set out in Article 6(1)(f) of the GDPR. Advance electronic registration of your visit and support for registration formalities are in our and your legitimate interests. The form also serves to provide evidence, as required by law, that you have been properly instructed on the safety rules applicable on the works site. The legal basis for this is as set out in Article 6(1)(c) of the GDPR.

(4) We process personal data from the input screen solely to process visitor registration. If you make contact by email, the required legitimate interest in processing this data also applies. Other personal data processed during the submission process is used to prevent any misuse of the contact form and to ensure the security of our IT systems.

7. Forwarding to third parties

(1) Your data relating to visitor registration is forwarded to the external provider OneServe Brand- und Werkschutz Dienstleistungen GmbH (OneServe). OneServe is contracted by us to operate the security gate, visitor management and provide security on the works site. We have an agreement with OneServe on data processing in accordance with Article 28 of the GDPR.

(2) The data concerning you that we process in the course of hosting our website is processed on the basis of a processing contract.

(3) Where we use third-party providers, the scope of data transmission is as described in the processing contract.

8. Storage period

We process and store your personal data for as long as this is required to fulfil our contractual and legal obligations. We will erase your personal data as soon as it is no longer required for the purposes set out above. In some cases, personal data may be retained for the period in which claims can be brought against our companies (statutory limitation periods of three to thirty years). We also store your personal data where we are legally obliged to do so. Such legal obligations to furnish evidence and retain data are based on commercial, tax and social security law and are generally 6 or 10 years.

9. Automated decision-making, profiling

We do not use any fully automated decision-making systems, as set out in Article 22 of the GDPR, to establish and conduct business relationships.

B. Data processing by third-party providers

10. Google Maps

(1) This website uses Google Maps to display interactive maps and to provide directions. Google Maps is a map service provider of Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, USA. Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services within Europe.

(2) Using Google Maps means that information about use of this website, including your IP address and the (start) address entered in the route planner, may be transmitted to Google in the USA. When you access a page on our website that contains Google Maps, your browser will create a direct connection to Google’s servers. The content of the map is sent by Google directly to your browser, which embeds it in the website. We therefore have no control over the extent of data thus collected by Google. To the best of our current knowledge, this consists of at least the following data:

  • Date and time of visit to the relevant webpage
  • Internet address or URL of the webpage accessed
  • IP address, (start) address entered in the route planner

(3) We have no control over the further processing and use of the data by Google and cannot accept any responsibility for this.

(4) If you do not want Google to collect, process or use your data via our website, you can disable JavaScript in your browser settings. If you do this, however, you will not be able to use the map.

(5) Please refer to https://www.google.com/intl/de/policies/privacy/ for information on the purpose and scope of data collection and on further processing and use of data by Google, as well as your rights and configuration options for protecting your privacy.

(6) The legal basis for processing is the consent which you have given us (Article 6(1)(a) of the GDPR, Section 25 of the German Telecommunications-Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz, or TTDSG)).

11. Google reCAPTCHA

(1) We use Google reCAPTCHA (hereafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

(2) The purpose of reCAPTCHA is to verify whether data is being entered on the website (during electronic visitor registration) by a human or an automated program. To do this, reCAPTCHA analyses the behaviour of website visitors based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website or the enquiry webpage. reCAPTCHA analyses various pieces of information (e.g. IP address, time spent on the website, mouse movements made by the user). The data collected during this analysis is forwarded to Google. reCAPTCHA analyses run entirely in the background. Website visitors are not notified by Google that analysis is taking place.

(3) Processing is on the basis set out in Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG, insofar as consent covers the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) as defined in the TTDSG. Consent may be withdrawn voluntarily at any time. If you do not give consent, you may not be able to use certain functions. In this case, electronic visitor registration will not be possible.

(4) (4) Further information on Google reCAPTCHA is provided in Google’s Privacy Policy and Google’s Terms of Service, which are available at https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

12. Links to other websites

(1) Our website may contain links to websites that are operated by third parties and are not covered by this privacy policy. These external websites have their own privacy policies and may also use cookies or other tracking technologies. The relevant operator of such a website or designated officer responsible for such a website is the Data Controller for such a website.

(2) Links to external websites are verified by us before we insert the link. However, we have no control over whether operators of these websites comply with data protection legislation. We will remove links if we become aware of any infringements or legal violations..

C. Rights of the Data Subject

13. Your rights

If personal data concerning you is processed, you are a Data Subject as defined in the GDPR and you have the following rights with respect to us as the Data Controller.

a) Rights in accordance with Article 15 et seq. of the GDPR

(1) The Data Subject has the right to obtain information from the Data Controller as to whether or not personal data concerning the Data Subject is being processed; if this is the case, the Data Subject has a right of access to this personal data and the information listed in detail in Article 15 of the GDPR. Subject to certain legal requirements, you have the right to rectification in accordance with Article 16 of the GDPR, the right to restriction of processing in accordance with Article 18 of the GDPR and the right to erasure (“right to be forgotten”) in accordance with Article 17 of the GDPR. You also have the right to receive the data which you have provided to the Data Controller in a structured, commonly used and machine-readable format (right to data portability) in accordance with Article 20 of the GDPR, insofar as the processing is carried out by automated means and is based on consent in accordance with Article 6(1)(a) or 9(2)(a) of the GDPR or is based on a contract in accordance with Article 6(1)(b) of the GDPR.

b) Withdrawal of consent in accordance with Article 7(3) of the GDPR

If processing is based on consent, you can withdraw your consent to our processing of personal data at any time. Please note that such withdrawal has effect for the future only. It does not affect processing carried out before consent is withdrawn..

c) Right to lodge a complaint

You may lodge a complaint with us or a data protection supervisory authority (Article 77 of the GDPR). The competent supervisory authority in Baden-Württemberg is:

The State Officer for Data Protection and Freedom of Information, PO Box 10 29 32, 70025 Stuttgart. Tel: 0711/615541-0. Fax: 0711/615541-15. Email: poststelle@lfdi.bwl.de.

d) Right to object in accordance with Article 21 of the GDPR

In addition to rights set out above, you have a right to object as follows:

Right to object on specific grounds  

You have the right to object, on grounds relating to your particular situation and at any time, to processing of personal data concerning you which is based on Article 6(1)(e) of the GDPR (data processing in the public interest) or Article 6(1)(f) of the GDPR (data processing on the basis of overriding interests).

If you submit an objection, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or if processing is used to establish, exercise or defend legal claims.

D. Concluding provisions

14. Security

We have taken technical and organisational security measures in accordance with Articles 24 and 32 of the GDPR to protect your personal data against loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are required to comply with GDPR requirements and to treat personal data as confidential.

15. Changes to our privacy policy

We reserve the right to make changes to our security and data protection measures as required due to technical developments, expansion of our services or amendments to legislation. In such cases, we shall also amend our privacy policy as appropriate. Please therefore ensure that you are viewing the latest version of our privacy policy.

Scroll to Top