Data Privacy Statement
Meissen Keramik GmbH, represented by Managing Directors: Kamil Latos, Michal Sendybyl, Fabrikstr., 9/10, 01662 Meißen, tel: 03521/7220, fax: 03521/722 2990, email: firstname.lastname@example.org, in the development of its products and services, places great importance on ensuring that data of its customers is protected. In principle, we only collect and use personal data of our users if this is required in order to operate a functional website and to provide our contents and services. Personal data of our users is generally only collected and used with their express consent. An exception applies to such cases where prior consent is not possible and there are legal provisions regulating the processing of such data.
Name and address of party responsible for processing (“controller”)
The controller in terms of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions concerning data protection is:
Meissen Keramik GmbH
Telephone: +49 (0) 3521 722 0
Fax: +49 (0) 3521 722 2990
Name and address of the Data Protection Officer
The Data Protection Officer of the controller is:
Meissen Keramik GmbH
Telephone: +49 (0) 3521 722 3632
Furthermore, to optimise user-friendliness, we also use temporary cookies that are stored on your device for a specified period. If you visit our site again to make use of our services, the cookies enable the website to automatically recognise that you have previously visited our site and will recognise the entries and settings you have made and thus save you from having to enter them again.
Data processed via cookies is required for the purposes mentioned in order to safeguard our legitimate interests as well as those of third parties in accordance with Art. 6, para. 1 (1), letter f of the GDPR.
Most browsers accept cookies automatically. However, you can configure your browser to prevent the storage of cookies on your computer or to have a notification appear before a new cookie is placed. You can delete cookies that have been saved previously at any time. Disabling cookies completely, however, may mean that you cannot use all the features of our website.
Creation of log files
Each time our website www.meissen-keramik.de is accessed, we at Meissen Keramik GmbH, collect data and information through an automated system.
This data is temporarily stored in server log files. Here, the following data can be collected, without any action on your part, until it is automatically deleted:
- information about the browser type and the version used
- user’s operating system, browser used, name of access provider
- IP address of the accessing computer
- date and time of access
- name and URL of file accessed
- website from which our site was accessed (referrer URL)
We process the above data for the following purposes:
- to ensure smooth connection to the website,
- to ensure comfortable use of our website,
- to evaluate system security and stability as well as
- for other administrative purposes.
The legal basis for the temporary processing of data is Art. 6, para. 1 (1), letter f of the GDPR. Our legitimate interest is derived from data collection purposes listed above. We never use data collected to draw conclusions about you.
Ways to contact us
Our website contains a contact form that can be used for electronic communication. Alternatively, contact can be initiated using the email address provided. If you use one of these options available to get in touch with us, the personal data transmitted by you will be stored automatically. If a user communicates with us via the contact form, data entered in the input mask will be transmitted to us and stored. Such data includes: name, street, house number, postcode, telephone, email address and data from the input mask transmitted to us. At the time of sending the message, the following data is also automatically stored: IP address of the user and date/time of registration. When sending the message, your consent will be obtained and you will be referred to this Data Privacy Statement for the data processing procedure. Data is stored solely for the purpose of processing or making contact with you. The remaining personal data processed during the send operation is used to prevent misuse of the contact form and to ensure the security of our information technology systems. Data will not be passed on to third parties. Data processing for the purpose of contacting us is based on your voluntary consent in accordance with Art. 6, para. 1 (1), letter a of the GDPR. The legal basis for the processing of data transmitted when sending an email is Art. 6, para. 1, letter f of the GDPR. If the email contact is geared towards the conclusion of a contract, then the additional legal basis for processing shall be Art. 6, para. 1, letter b of the GDPR. Data shall be deleted as soon as it is no longer required for the purpose of its collection. This is the case for personal data entered in the input mask of the contact form and data sent by email if the respective correspondence with the user has concluded. Correspondence can be deemed to be concluded where the circumstances make it clear that the matter in question has been resolved. The personal data additionally collected during the send operation shall be deleted at the latest after a period of seven days. The user can revoke his/her consent to the processing of personal data at any time. The user can object to the storage of his/her personal data at any time by getting in touch with us by email. Correspondence can be discontinued in such cases. All personal data saved during this period of communication shall be deleted in this case.
Data protection for applications and in the application procedure
The controller collects and processes the personal data of job applicants for the purpose of carrying out the application process. The processing of data can also be carried out by electronic means. This is the case in particular if an applicant transmits corresponding application documents to the controller electronically, for example by email.
If the controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of managing the employment relationship, subject to observance of the statutory regulations.
Data that is stored includes first and last name, address, communication details (telephone number, email, etc.), place of birth, date of birth, nationality, civil status, qualifications, application documents (cover letter, CV, references, certificates, etc.) professional aspirations and preferences, salary expectations, willingness to relocate and travel, (time) availability, possession of a work permit and any other data communicated to us when submitting your application.
Provided that you have given us your consent to the processing of your personal data for one or more specific purpose, the legal basis for such processing shall be Art. 6, para. 1, letter a and Art. 7 of the GDPR. The legal basis for the processing of personal data for pre-contractual or contractual purposes is Art. 6, para. 1, letter b of the GDPR.
If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted six months after the decision not to hire has been communicated, unless there are other legitimate interests on the part of the controller preventing this. Other legitimate interests in this sense may include, for example, a burden of proof in proceedings in accordance with the General Act on Equal Treatment (AGG).
If the applicant declares his/her consent to the storage of his/her personal data in relation to a specific vacancy, this data will be deleted as soon as the applicant revokes his/her consent to such data storage issued to us previously. Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected. We can also delete data e.g. if we can rule out the successful placement of an applicant.
If the users’ data is not deleted because it is required for other / legally permissible purposes, its processing will be restricted. This means that data will be blocked and not processed for other purposes. This applies for example to users’ data that must be kept for commercial or fiscal reasons.
Newsletter / newsletter tracking
You can subscribe to a free newsletter on our website. Provided that you have given your express consent in accordance with Art. 6, para. 1 (1), letter a of the GDPR, we will use your email address and your name from the input mask that you transmitted to us to regularly send our newsletter to you. You just need to specify an email address in order to receive the newsletter.
You can unsubscribe at any time, for example, by clicking the link included with every newsletter. Alternatively, you can also send us an email at any time and submit your request to unsubscribe. The bottom of each newsletter contains a link to cancel your subscription to the newsletter. After you have unsubscribed, your email address and your name (if known) will be removed from our newsletter distribution list without delay and included in a block file to ensure revocation.
When registering for our newsletter, the IP address of the user plus the date and time of registration will be stored. This is to prevent the services or email address of the data to be subjected to misuse. If you purchase goods or services on our website and give your email address in the process, this can then be used by us to send you a newsletter. In such cases, only direct marketing from our own similar products or services will be sent via the newsletter. The legal basis for sending the newsletter resulting from the purchase of goods or services is Section 7, para. 3 of the Unfair Competition Act (UWG).
The email address of the user is collected in order to deliver the newsletter. We work with an external service provider in order to distribute our newsletter, namely Episerver GmbH, Wallstraße 16, 10179 Berlin, www.episerver.de. Your personal data is shared with Episerver GmbH in order to send the newsletter and is processed by this provider strictly according to our instructions.
Data protection provisions of Episerver GmbH can be viewed here: https:// www.episerver.de/legal/privacy-statement/
User behaviour is collected in pseudonymised form in the case of newsletter tracking. This includes the following pseudonymised data: recipients, recipients minus bounces, recipients in queue, recipients skipped, unique unsubscription rate, unique unsubscriptions, bounce rate, bounces (including hard and soft bounces), unique open rate, unique opens, open rate, opens, unique click rate, unique clicks, click rate, clicks, effective unique click rate, clicks to segment target groups.
In addition, our distribution partner can use this data to optimise or improve its own services – in pseudonymous form, i.e. without assignment to a user – e.g. for the technical optimisation of distribution, presentation of the newsletter or for statistical purposes in order to determine from which countries the recipients originate. However, Episerver GmbH does not use data from our newsletter recipients to contact them independently or forward their information to third parties.
Newsletter tracking is performed on the basis of your given consent.
The legal basis for newsletter tracking is Art. 6, para. 1, letter f of the GDPR. The legitimate interest in processing personal data is to provide direct marketing and to offer you individual contents so that communication becomes more relevant and interesting to you.
The privacy statement of Episerver GmbH is available at the following link: www.episerver.de/legal/privacy-statement.
Data is not passed on to third parties here either. This is the case unless there is a legal obligation to share such data. Data shall be deleted as soon as it is no longer required for the purpose of its collection. Accordingly, the email address of the user shall be stored for as long as his/her subscription to the newsletter is active. Generally speaking, personal data collected during the registration process shall be deleted after a period of seven days. The user in question can cancel his/her subscription to the newsletter at any time. A corresponding link with this option is included in every newsletter.
Forwarding data to third parties
Your personal data shall not be transferred to third parties for purposes other than those listed below.
We share your personal information with third parties only if:
- you have given express consent to this in accordance with Art. 6, para. 1 (1), letter a of the GDPR,
- the disclosure pursuant to Art. 6, para. 1 (1), letter f of the GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- there is a legal obligation to disclose data in accordance with Art. 6, para. 1 (1), letter c of the GDPR and
- this is legally permissible and required in accordance with Art. 6, para. 1 (1), letter b of the GDPR for the settlement of contractual relationships with you.
We use the personal data transmitted by you to process your application; associated therewith, your data shall also be transmitted to our subsidiaries. Such data may include the following:
first and last name, address, communication details (telephone number, email, etc.), place of birth, date of birth, nationality, civil status, qualifications, application documents (cover letter, CV, references, certificates, etc.) professional aspirations and preferences, salary expectations, willingness to relocate and travel, (time) availability, possession of a work permit and any other data communicated to us when submitting your application.
Once this data is passed on to a subsidiary, Meissen Keramik GmbH has no influence over its storage, use or deletion by third parties. Any data protection claims are therefore directed solely at the third party in this case. Application data may only be shared with external recipients or other third parties if the applicant has expressly given his/her consent to such disclosure in advance. Any other disclosure of personal data to third parties does not occur. We shall only transmit personal data to service providers or other third parties outside the European Economic Area (EEA) under certain prerequisites: The user has expressly given his/her consent to the forwarding of data to third countries or the EU Commission must confirm an adequate level of protection with respect to the relevant third country or there must be other appropriate data protection guarantees in place (e.g. binding in-house data protection provisions of the EU standard contractual clauses).
We use the widespread SSL (Secure Sockets Layer) technology on this website, in conjunction with the highest level of encryption supported by your browser. This is generally 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can identify whether a single page of our website is encrypted from the locked key or lock symbol displayed in the lower status bar of your browser.
We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
The tracking measures listed below and used by us are implemented on the legal basis provided by Art. 6, para. 1 (1), letter f of the GDPR. With the tracking measures used, we want to ensure that the website design meets the needs of visitors and that our website is continuously optimised. The tracking measures statistically record the use of our website, the evaluation of which helps optimise our services. These interests are to be regarded as justified within the meaning of the aforementioned provision.
To ensure that the website design meets the needs of visitors and for the continuous optimisation of our website, we use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/en/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymous user profiles are created and cookies are used. The information generated by the cookie about your use of this website such as
- browser type/version
- operating system you use
- referrer URL (site visited beforehand),
- host name of accessing computer (IP address),
- time of server request,
is transmitted to a Google server in the USA where it is saved. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and Internet usage for the purposes of market research and website design. This information may also be transferred to third parties if required by law or if third parties process the data by proxy. Google never associates your IP address with any other data. The IP addresses are stored anonymously, which means that they cannot be assigned (IP masking).
You can prevent cookies from being installed by adjusting the settings in your browser software accordingly; you should be aware, however, that by doing so you may not be able to make full use of all functions of this website.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (http://tools.google.com/dlpage/gaoptout?hl=en).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can prevent the collection of data by Google Analytics by clicking this link. An opt-out cookie will be set preventing the future collection of your data when you visit this website. The opt-out cookie only applies to this browser and to our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
For more information about data privacy related to Google Analytics, see Google Analytics Help (https://support.google.com/analytics/answer/6004245? hl=en). For more information on terms of service and data privacy, please visit http:// www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. Note that the code “anonymizeIp” has been added to Google Analytics on this website in order to ensure an anonymised collection of IP addresses (so-called IP masking).
The website of Meissen Keramik GmbH uses MyFonts Counter, a web analysis service provided by MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA. Page-view tracking is carried out, according to the licence terms, with the number of visits to the Meissen Keramik GmbH website enumerated for statistical purposes and transmitted to MyFonts. Here, usage profiles are created under pseudonyms, in this instance, MyFonts collects anonymised data. These usage profiles are used to analyse visitor behaviour and are evaluated for the purpose of improving our website and optimising its design for the benefit of our visitors.
Cookies are used for this. Cookies are small text files that are stored on the computer of the site visitor, allowing him/her to be recognised again the next time he/she visits our website.
The pseudonymised usage profiles shall not be linked to personal data relating to the bearer of the pseudonym without the express, separately given, consent of the data subject.
More information about data protection and the cookies used is available online at:
The legal basis for storing user profiles is Art. 6, para. 1, letter f of the GDPR. The legitimate interest is derived from the purpose of improving our website and optimising its design.
Legal bases for processing
Insofar as we obtain the consent of the data subject for the processing of personal data, the legal basis is provided by Art. 6, para. 1, letter a of the GDPR. When processing personal data necessary to fulfil a contract of which the data subject is a contracting party, the legal basis is provided by Art. 6, para. 1, letter b of the GDPR. This also applies to processing operations required to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, the legal basis is provided by Art. 6, para. 1, letter c of the GDPR.
In the event that the processing of personal data is required in the vital interest of the data subject or another natural person, the legal basis is provided by Art. 6, para. 1, letter d of the GDPR.
If processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, the legal basis is provided by Art. 6, para. 1, letter f of the GDPR. The legitimate interest of our company is in the performance of our business activities.
Deletion and blocking of personal data
The controller processes and saves personal data of the data subject only for the period necessary to achieve the purpose of its storage. Data may be stored beyond this period if this is granted by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Once the purpose of storage no longer applies or a storage period required by the mentioned provisions expires, the personal data shall be routinely blocked or deleted.
Rights of data subject
If your personal data is processed, you are the data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
Right to access
In accordance with Art. 15 of the GDPR, you can request confirmation from the controller as to whether your personal data is being processed by us.
If this is the case, you can request that the controller gives you access to the following information:
- the purpose for which the personal data is processed;
- the categories of personal data processed;
- the recipients or categories of recipient to whom your personal data has been or will be disclosed;
- the planned period for which your personal data will be stored or if this cannot be specified in concrete terms, the criteria used to determine that period;
- the existence of a right to request from the controller rectification or erasure of your personal data or the restriction of its processing or to object to such processing;
- the existence of a right to file a complaint with a supervisory authority;
- all information available about the source of the data if the personal data has not been collected from you as the data subject;
- the existence of automated decision-making, including profiling, referred to in Art. 22, para. 1 and 4 of the GDPR and at least in those cases, meaningful information about the logic involved as well as the significance and envisaged consequences of such processing for you as the data subject.
You have the right to request information as to whether your personal data is transmitted to a third country or an international organisation. In this context, you have the right to be informed of the appropriate safeguards relating to the transmission.
Right to rectification
You have the right to have data corrected and/or supplemented vis-à-vis the controller if the personal data processed concerning you is incorrect or incomplete. The controller must implement corrections without delay.
Right to restriction of processing
You can request that the processing of your personal data be restricted under the following prerequisites:
- the accuracy of the personal data is contested by you, that is for such a period of time that the controller can verify its correctness;
- the processing is deemed unlawful and you oppose the deletion of the personal data and request instead that its use be restricted;
- the controller no longer needs your personal data for the purposes of processing, but you require this data for the establishment, exercise or defence of legal claims or
- you have objected to the processing of personal data pursuant to Art. 21, para. 1 of the GDPR pending verification as to whether the legitimate grounds of the controller override yours.
Where processing has been restricted, such personal data shall – with the exception of storage – only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the processing of your personal data has been restricted in accordance with the above prerequisites, the controller will immediately notify you before the restriction is lifted.
Right to erasure
You have the right to request from the controller that your personal data be promptly deleted and the controller is obligated to do precisely that provided one of the following reasons applies:
- your personal data is no longer necessary for the purposes for which it was originally collected or otherwise processed,
- you revoke your consent on which processing is based in accordance with Art. 6, para. 1, letter a or Art. 9, para. 2, letter a of the GDPR and where there are no other legal grounds for the processing of such data,
- you file an objection to the processing of personal data in accordance with Art. 21, para. 1 of the GDPR and there are no overriding legitimate reasons for its processing or you file an objection to its processing in accordance with Art. 21, para. 2 of the GDPR,
- your personal data has been unlawfully processed,
- your personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject,
- your personal data has been collected in relation to the offer of information society services referred to in Art. 8, para. 1 of the GDPR.
Information to third parties
Where the controller has made your personal data public and is obligated pursuant to Art. 17, para. 1 of the GDPR to erase said personal data, they – taking account of available technology and the cost of implementation – shall take reasonable steps, including technical measures, to inform other parties responsible for processing such data that you as the data subject have requested the deletion of any links to or copies or duplicates of, the implicated personal data.
The right to erasure does not apply if processing is required in order to exercise the right to freedom of expression and information;
- to fulfil a legal obligation that requires the processing of data under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the field of public health in accordance with Art. 9, para. 2, letter h and i and Art. 9, para. 3 of the GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89, para. 1 of the GDPR insofar as the right referred to in para. 1 is likely to render impossible or seriously impair the achievement of the objectives of such processing.
- for the establishment, exercise or defence of legal claims.
Right to notification
If you have exercised your right to correct, erase or restrict the processing of your personal data vis-à-vis the controller, they shall be obligated to inform all recipients to whom the personal data have been disclosed of this correction or erasure of the data or restriction of its processing, unless this proves to be impossible or involves a disproportionate amount of effort. You have the right to be informed of these recipients by the controller.
Right to data portability
You have the right to receive the personal data relating to you, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance by the controller, who has been provided with the personal data, where:
- the processing is based on consent in accordance with Art. 6, para. 1, letter a of the GDPR or Art. 9, para. 2, letter a of the GDPR or based on a contract in accordance with Art. 6, para. 1, letter b of the GDPR and
- the processing is carried out by automated means.
In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, as far as this is technically feasible. This may not infringe upon the rights and freedoms of other persons.
The right to data portability is not applicable to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority given to the data controller.
Right to object
For reasons arising from your particular situation, you have the right to object at any time, under Art. 21 of the GDPR, to the processing of your personal data, which is carried out based on Art. 6, para. 1, letter e or f of the GDPR.
The controller will no longer process your personal data, unless they can prove that there are compelling legitimate grounds for its processing that outweigh your interests, rights and freedoms or the processing serves to establish, exercise or defend legal claims.
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of this data for such marketing; this also applies to profiling, insofar as it is related to such direct marketing. Where you object to the processing for the purposes of direct marketing, your personal data will no longer be processed for these purposes.
In relation to using information society services – notwithstanding Directive 2002/58/EC – you can exercise your right to object by automated means using technical specifications.
Right to revoke declaration of consent under the Data Protection Act
You have the right to revoke your declaration of consent under the Data Protection Act at any time. The withdrawal of your consent shall not affect the lawfulness of data processing based on consent before its withdrawal.
Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing – including profiling – which has a legal effect on you or which significantly impairs you in a similar manner.
This does not apply if the decision:
- is necessary for entering into or the performance of, a contract between you and the controller;
- is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests or
- is based on your express consent.
However, these decisions may not be based on special categories of personal data in accordance with Art. 9, para. 1 of the GDPR, unless Art. 9, para. 2, letter a or g applies and appropriate measures to safeguard the rights and freedoms and your legitimate interests are in place.
Regarding the cases referred to in a. and c., the controller has to take appropriate measures to safeguard the rights and freedoms and your legitimate interests, at least the right to obtain human intervention on the part of the controller, to state their own position and to contest the decision.
Right to file a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to file a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes upon the GDPR.
The supervisory authority with which the complaint has been filed is to inform the complainant on the progress and the outcome of the complaint including the possibility of judicial remedy in accordance with Art. 78 of GDPR.
Length of storage of personal data
Personal data shall be stored for the length of the respective statutory retention period. After this period expires, a routine deletion of the data shall be carried out unless there is a requirement to retain it in order to initiate or fulfil a contract.