Using the following information, we would like to give you a summary of the way your personal data are processed by us and your rights as a “data subject” arising from data protection laws. As a rule, you do not need to disclose any personal data to use our websites. However, if you would like to use special services provided by our company via our website, processing of personal data might be required. If processing of personal data is required and if no legal basis for such processing exists, we generally ask for your consent.
In our capacity as data controller, we implemented numerous technical and organisational measures to ensure that personal data processed via this website is protected as completely as possible. Nevertheless, web-based data transfer generally still presents vulnerabilities, which makes any guarantee of complete protection impossible. For this reason, you are free to transmit personal data to us using alternative means such as telephone or mail.
Eitzenberger Luftlagertechnik GmbH
Telefon: 08809 329-0
Telefax: 08809 329-29
Leiter der verantwortlichen Stelle: Dr. Hans Eitzenberger
3 Data protection officer
You can contact the data protection officer at:
You can contact our data protection officer directly at any time if you have any questions or suggestions regarding data protection.
Personal data means any information relating to an identified or identifiable natural person. A natural person is deemed identifiable if they can be identified directly or indirectly, especially using assignment to an identifier such as a name, an identifying number, location data, an online identifier or one or several special characteristics which express the physical, physiological, genetic, mental, commercial, cultural or social identity of the natural person concerned.
A data subject is any identified or identifiable natural person whose personal data are processed by the processing controller (our company).
Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
Restriction of processing means the marking of stored personal data with the aim of restricting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means processing personal data in such a way that the personal data cannot be assigned to a specific data subject any more without referring to additional information, provided such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether this is a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process the personal data.
Consent by the data subject means any freely given, specific, informed and unambiguous indication of their wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of the personal data relating to them.
5 Legal basis for processing
Our company uses article 6 (1) point a GDPR as the legal basis for processing operations with regard to which we have obtained your consent to process data for a specific purpose.
If processing personal data is required for contract performance regarding a contract to which you are a party, as is for example the case with processing operations necessary for the supply of goods or rendering of other services or return services, processing is based on article 6 (1) point b GDPR. The same applies to processing operations required to execute pre-contractual measures, as is the case with inquiries regarding our products or services.
If our company must comply with a legal obligation requiring the processing of personal data, for example to fulfil tax obligations, processing is based on article 6 (1) point c GDPR.
In rare cases, processing personal data could be required to protect vital interests of the data subject or another natural person. This would be the case if, for example, a visitor was injured on our premises and it thus became necessary to transmit their name, age, health insurance data or other vital information to a doctor, a hospital or another third party. In this case, processing would be based on article 6 (1) point d GDPR.
Lastly, processing operations could be based on article 6 (1) point f GDPR. This legal basis applies to processing operations which are not covered by any other of the aforementioned legal bases if processing is required to safeguard legitimate interests of our company or any third party, provided the interests, fundamental rights and freedoms of the data subject do not outweigh such interests. European legislators make special mention of such processing operations, which is the particular reason why we are allowed to carry them out. In this matter, the legislators were of the opinion that legitimate interests might be assumed to exist if you are a customer of our company (recital 47 sentence 2 GDPR).
6.1 SSL/TLS encryption
This site uses SSL/TLS encryption to guarantee secure data processing and make sure any confidential content, such as orders, login data or contact enquiries you sent to us, the website operator, is transmitted securely. You can recognise an encrypted connection by the lock symbol in the address bar of your browser and by the fact that “https://” is displayed in the address bar of your browser instead of “http://”.
If SSL/TLS encryption is activated, data you transmit to us cannot be read by any third party.
6.2 Data collection when visiting our website
If you use our website purely for information purposes, i.e. if you do not register or transmit information to us in any other way, we will only collect data your browser transfers to our server (by means of so-called “server logfiles”). Our website collects various general information and data whenever a page is accessed by you or an automated system. The general information and data are recorded are stored on the server logfiles. The following information can be collected
- browser type and browser version used,
- operating system used by the system accessing the site,
- the website a system accessing our website comes from (the so-called referrer),
- the sub-websites on our website accessed by the visiting system,
- the date and time you accessed our website,
- an internet protocol address (IP address),
- the internet service provider used by the system accessing our website.
When we use such general information and data, we do not draw any conclusions about you as an individual. Rather, this information is necessary to
- correctly display the content on our website,
- optimise the content on our website and corresponding advertisements,
- ensure the long-term functionality of our IT systems and the technologies our website uses and
- provide the information necessary for criminal prosecution to law enforcement authorities in case of a cyber-attack.
Thus, the information and data collected will be evaluated by us for statistical purposes on the one hand and, on the other hand, for the purpose of enhancing data security and data protection within our company to ultimately ensure an optimal security level for personal data processed by us. The data from the server logfiles will be stored separately from any personal data provided by a data subject.
Article 6 (1) sentence 1 point f GDPR constitutes the legal basis for data processing. Our legitimate interest can be derived from the above-mentioned purpose of data collection.
7.1 General Cookie Information
The cookie stores information, that results in context of the specific terminal used. However, this does not mean that we are immediately aware of your identity.
In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognize that you have already been with us and what inputs and settings you made, so you do not have to re-enter them.
The data processed by cookies are for the purposes mentioned in order to safeguard our legitimate interests as well as third parties according to Art. 6 (1) sentence 1 point f GDPR required.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or always a hint appears before a new cookie is created. However, disabling cookies completely may mean that you can not use all features of our website.
8. Content on our website
8.1 Contact / contact form
If you contact us (e.g. via contact form or email), we will collect personal data. The personal data collected when using a contact form are indicated on the respective contact form. Such data are stored and used exclusively for the purpose of replying to your request or for contact purposes and related technical administration. Your data are processed on the legal basis of our legitimate interest of replying to your request according to article 6 (1) point f GDPR. If you contact us with the intention of concluding a contract, article 6 (1) point b GDPR forms an additional legal basis for data processing. After we finished handling your request, your data will be erased; this is the case if under the circumstances it seems reasonably certain that the respective matter has been settled conclusively and provided the erasure of data is not prevented by any statutory retention obligations.
8.2 Application Management / Job Market
We collect and process personal data of applicants in purpose of the application process. The processing can be done electronically. This is particularly the case if an applicant submits relevant application documents to us electronically, for example by e-mail or via web form on our website. If we conclude a contract of employment with an applicant, the transmitted data will be stored for the purpose of the employment relationship in compliance with the legal requirements. If we do not conclude a contract of employment with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests on our part. Other legitimate interest in this sense, for example, a burden of proof in a procedure under the (German) General Equal Treatment Act (AGG).
In this respect, data processing takes place solely on the basis of our legitimate interest in accordance with article 6 (1) point f GDPR.
9 Your rights as a data subject
9.1 Right to confirmation
You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed.
9.2 Right of access article 15 GDPR
You have the right to obtain from us free of charge at any time access to information about the personal data stored concerning you as an individual; furthermore, you have the right to obtain a copy of such data at any time.
9.3 Right to rectification article 16 GDPR
You have the right to request the rectification of inaccurate personal data concerning you. Furthermore, the data subject has the right to have incomplete personal data completed, taking into account the purposes of processing.
9.4 Erasure article 17 GDPR
You have the right to request we erase personal data concerning you without undue delay if one of the reasons provided for by law applies and if processing is not necessary.
9.5 Restriction of processing article 18 GDPR
You have the right to request from us restriction of processing if one of the statutory requirements is met.
9.6 Data portability article 20 GDPR
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit those data to another controller without hindrance from us, to whom,the personal data have been provided, if processing is based on consent in accordance with article 6 (1) point a GDPR or article 9 (2) point a GDPR or on a contract in accordance with article 6 (1) point b GDPR and provided processing is carried out by automated means, if processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Furthermore, upon exercising your right to data portability in accordance with article 20 (1) GDPR, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible and if this action does not have any negative impact on the rights and freedoms of another person.
9.8 Withdrawing a data protection-relevant statement of consent
You have the right to withdraw your consent regarding the processing of personal data at any time with effect for the future.
9.9 Complaint to a supervisory authority
You have the right to lodge a complaint with a competent data protection supervisory authority regarding our processing of personal data.
10 Routine storage, erasure and blocking of personal data
We only process and store your personal data for the duration necessary to fulfil the storage purpose and if this is provided for by any of the statutory provisions our company is subject to.
If the storage purpose no longer exists or if a prescribed storage period has expired, the personal data will be routinely blocked or erased in accordance with legal provisions.
11 Storage periods for personal data
The respective statutory retention period is the criterion for determining how long personal data will be stored for. Once such a period has expired, the respective data will be routinely erased if they are no longer required for contract performance or contract initiation.