General – Information according to Art. 13 + 14 GDPR
Thank you for your interest in the website(s) of Brandt & Partner GmbH & Co. KG, hereinafter referred to as "BUP" for short. We take the issues of data protection and confidentiality very seriously and follow the applicable national and European data protection regulations. Therefore, with this declaration we would like to inform you about data protection measures and which data we process for which purpose.
Intended use of data processing
Wherever Brandt & Partner GmbH & Co. KG processes personal data, such processing is carried out for the purposes defined in this data privacy statement.
Contact data of the controller:
Brandt & Partner GmbH & Co. KG
Tel.: +49 / (0)6021 / 4986-95
Data Protection Officer
If you have further questions regarding the processing of your personal data, you can contact our data protection officer directly, who is also available in case of requests for information, applications, or complaints:
The data protection officer is provided by:
TÜV Technische Überwachung Hessen GmbH
Rights concerning the processing of personal data
Right of access
On request, you have the right to obtain information from us about the personal data concerning you and processed by us, to the extent defined in Art. 15 GDPR. You can send your request either by mail or email to the addresses given above.
Right to rectification
You have the right to require us to rectify any inaccurate personal data concerning you without undue delay (Art. 16 GDPR). For this purpose, please contact the address given above.
Right to deletion
Where the legal reasons defined in Art. 17 GDPR apply, you have the right to immediate deletion (“right to be forgotten”) of personal data concerning you. These legal reasons include: the personal data are no longer necessary for the purposes for which they were processed, or you withdraw your consent, and there are no other legal grounds for processing; the data subject objects to the processing (and there are no overriding legitimate grounds for processing––does not apply to objections to direct advertising). To assert your above right, please contact the contact address given above.
Right to restriction of processing
If the criteria defined in Art. 18 GDPR are fulfilled, you have the right to restriction of processing as established in the above article of the GDPR. According to this article, restriction of processing may be called for in particular if processing is unlawful and the data subject opposes deletion of the personal data and requests the restriction of their use instead, or if the data subject has objected to processing according to Art. 21 (1) GDPR as long as it is unclear whether our legitimate interest overrides the interest of the data subject. To assert your above right, please contact the contact address given above.
Right to data portability
You have the right to data portability as defined in Art. 20 GDPR. This means you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller, such as another service provider. Prerequisite is that processing is based on consent or a contract and is carried out using automated means. To assert your above right, please contact the contact address given above.
Right to object
You have the right to object at any time under Art. 21 GDPR to processing of personal data concerning you which is based on Art 6 (1) lit. e or f GDPR, on grounds relating to your particular situation. We will desist from processing your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights, and freedoms, or unless processing is for the establishment, exercise, or defence of legal claims. To assert your above right, please contact the contact address given above.
Right to file a complaint with a supervisory authority
If you think that processing of personal data concerning you and carried out by us is unlawful or impermissible, you have the right to file a complaint with the supervisory authority responsible for us. You can contact this authority at
Der Bayerische Landesbeauftragte für den Datenschutz
Postfach 22 12 19
Tel: 089 212672–0
BUP takes appropriate technical and organizational measures to protect any personal data you provide to TÜV Hessen from accidental or intentional manipulation, loss, destruction, or access by unauthorized parties. This also applies to any external services purchased. We verify the effectiveness of our data protection measures and continuously improve them in line with technological development. Any personal data entered are encrypted during transfer using a secure encryption process.
Intended data transfer to third countries
At present, data transfer to third countries is not planned. Otherwise, we will establish the required legal conditions. You will be informed of the respective recipients or categories of recipients of the personal data in line with the legal requirements.
Standard periods for deletion of data
Legislation has defined numerous data storage periods and obligations. At the end of these periods, the relevant data will be routinely deleted. Data that are not affected by the above storage periods and obligations are deleted or anonymized as soon as the purposes defined in this data privacy statement no longer apply. Unless this data privacy statement includes other deviating provisions for data storage, we will store any data we collect for as long as they are required for the above purposes for which they were collected.
Other data use and deletion
Any further processing or use of your personal data will generally only be carried out to the extent permitted based on a legal regulation or where you have consented to data processing or data use. In the case of further processing for other purposes than the ones for which the data were originally collected, we will inform you about these other services and provide you with all other significant information before further processing.
On our website you can apply online for advertised positions. To do this, you can send your application to the e-mail address provided or fill in the application form on our website. This form is provided by the online application service "Monster” (Monster Worldwide Deutschland GmbH, Ludwig-Erhard-Str. 14, 65760 Eschborn, Germany).
We store your applicant data for the duration of the examination of your application. If your application is not successful or if you withdraw your application, your application data will be deleted after a maximum of 6 months, unless you have expressly agreed to longer storage. In case of a successful application, the data you have provided us via the application system will be processed further with regard to your future employment in our company. The legal basis is Art. 6 (1) lit. a, b and f GDPR as well as § 26 BDSG.
If you do not provide us the required personal data, this will not have any negative consequences for you. However, incomplete, or incorrectly completed applications will not be considered. Unfortunately, the application cannot be submitted without providing your personal data and will therefore be deleted.
We would like to point out that sending via e-mail is an insecure data transmission. Access by unauthorized third parties cannot be excluded.
Specific information about the website
Visiting our website
Each time a user accesses the website, the user's Internet browser automatically transmits the following data to BUP's web server for technical reasons:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the accessed file
- Amount of data transferred
- Access status (file transferred, file not found, etc.)
- Recognition data of the browser and operating system used
- Name of the provider of the user's Internet access
- Website from which the access is made
This data is processed for the purpose of enabling the use of the website (connection establishment), system security and the technical administration of the network infrastructure. In addition, we process this data for abuse detection and tracking. In this respect, the legal basis is Art. 6 (1) lit. f DSGVO. A comparison with other data files or a transfer to third parties, even in extracts, does not take place. The legal basis of the processing is Art. 6 (1) lit. b DSGVO.
If you have a specific question to us, you can send us a request using the indicated e-mail address.
When you contact us, the data you provide (your name, your e-mail address, the concerning and the text of your request and any other voluntary details) will be stored by us. Any further information is voluntarily. The processing is carried out for the purpose of processing the requests based on Art. 6 (1) lit. b, f GDPR.
The data collected during your contact, will be deleted as soon as they are no longer required to process your request.
Transfer to third parties
Information may also be processed by other legal entities of the BUP Group. However, such processing is limited to the extent required for the purposes defined in this data privacy statement or to which the other legal entity acting as a service provider / processor has to follow the instructions given by the controller.
In this context, we sometimes use service providers (located in Germany) which process data on our behalf (e.g. in email marketing or software design and development, or to support processing of customer inquiries). In these cases, the information is transferred to third parties to enable further processing. External service providers are selected carefully and audited at regular intervals to ensure protection of your data privacy.
These service providers / processors are bound by instructions. Given this, they are subject to our requirements, which include processing of your data exclusively in line with our instructions and in compliance with the applicable Data Protection Act. They are contractually bound to treat your data with strict confidentiality and are not permitted to process data for other purposes than the ones agreed.
Data transfer to the data processor is affected based on Art. 28 (1) GDPR.
We will not sell your data to third parties or otherwise share them for commercial purposes.
Misuse detection and prosecution
Information for the detection and prosecution of misuse, in particular your IP address, will be kept available for a maximum of 7 days. The legal basis in this respect is Art. 6 (1) lit. f GDPR. Our legitimate interest in the retention of data for 7 days is to ensure the proper functioning of our website and the transactions conducted over it, and to be able to ward off cyber-attacks and the like. We may use anonymous usage information to design our website to meet your needs.
We use the following types of cookies:
- Basic/necessary cookies
These cookies are essential for you to browse the website and use its features, such as allocating anonymous session-IDs for query bundling to a webserver or error-free operation of logins and orders.
- Functionality cookies
These cookies allow websites to remember the user's site preferences and choices they make on the site. These cookies can remember your preferences to boost the user experience on a website or save your login-data for certain areas of our website.
- Performance cookies
These cookies collect information about how you use a website, like which pages you visited, and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. Their sole purpose is to improve website functions. This includes cookies from third-party analytics services as long as the cookies are for the exclusive use of the owner of the website visited.
Specific information about our online presence in social media
BUP maintains several online presences within social networks and platforms, such as Xing and LinkedIn, in order to be able to communicate with active users there and to inform them about our service portfolio. BUP uses the technical platforms and services offered by the operators. In social networks and on other external platforms the data protection regulations of the operators apply, even though we publish information and maintain presences there.
We would like to point out that you use the services of the social networks and platforms offered here as well as their functions under your own responsibility.
This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating etc.). The data collected about you in this context will be processed by the platform operators and, if necessary, transferred to countries outside the European Union. Which information the operators receive and how these are used, describe the respective data protection guidelines in general form. On the individual platforms you will also find information on how to contact the operators and on the setting for advertisements.
- Google: http://www.google.com/intl/de/policies/privacy
- Xing: https://www.xing.com/privacy
- LinkedIn: http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv
In which way the social network operators use the data from the visits of the respective pages for own purposes, to what extent activities on the pages are assigned to individual users, how long these data are stored and whether data from a visit of the respective page are passed on to third parties, is not conclusively and clearly named by the operators and is not known to us.
- Google Analytics & Google Conversion Trackings
- Adobe Marketing Cloud
- Facebook Pixel
Xing uses the remarketing tool „Facebook Pixel“, a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. This function is used to display interest-based adverts (“Facebook ads”) to visitors when they visit the website. For this purpose, Facebook's remarketing tag has been implemented on this website. The tag establishes a direct connection to the Facebook servers when you visit the website. This information is transmitted to the Facebook server that you have visited this website and Facebook assigns this information to your personal Facebook user account.https://www.facebook.com/business/help/742478679120153?helpref=search&sr=3&query=pixel
- Facebook Pixel
LinkedIn uses the remarketing tool „Facebook Pixel“, a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. This function is used to display interest-based adverts (“Facebook ads”) to visitors when they visit the website. For this purpose, Facebook's remarketing tag has been implemented on this website. The tag establishes a direct connection to the Facebook servers when you visit the website. This information is transmitted to the Facebook server that you have visited this website and Facebook assigns this information to your personal Facebook user account.https://www.facebook.com/business/help/742478679120153?helpref=search&sr=3&query=pixel
- Nielsen NetRatings
Nielsen NetRatings is provided by Nielsen GmbH, Lindwurmstraße 10, 80634 Munich and is an Internet tracking service for measuring and analyzing consumer behavior. You can object to the collection or evaluation of your data using this tool by downloading or setting and saving the opt-out cookie available under the following link: http://www.nielsen.com/us/en/privacy-statement/digital-measurement.htm
AppNexus is provided by von AppNexus Inc., 28 W 23rd Street, 4th floor, New York, NY - 10010, USA and is a tool for web analysis and interest-oriented advertisement. You can object the collection and evaluation of your data here: https://www.appnexus.com/en/company/platform-privacy-policy-de.
- Eloqua Tracking
Eloqua, a service of Oracle Cor, 500 Oracle Parkway, M/S 5op7, Redwood Shores, CA 94065, USA, places a persistent cookie on the respective login page, if no Eloqua cookie already exists on your device. If you have already used a website that uses Eloqua, you may already have an Eloqua cookie. The Eloqua cookie may be used to analyze your use of pages to improve them. Emails sent using Eloqua use the tracking technologies described above. If you want to completely eliminate the use of Eloqua tracking technologies for your device, you can do so on the Eloqua Opt-Out page.