Röchling SE & Co KG and the companies belonging to the Röchling Group (in terms of data protection law, these are all companies in which Röchling SE & Co KG has a direct or indirect interest of at least 50% and which process personal data for the fulfilment of contractual and statutory obligations as well as for legitimate interests (data transfer within the Group, recital 48 GDPR, Art. 6 para. 1 lit. f) GDPR)) process personal data, in particular that of employees, customers or their employees, contractors and suppliers or their employees as well as that of applicants who apply for employment at Röchling SE & Co. KG or at a company belonging to the Röchling Group, as responsible persons within the meaning of statutory data protection regulations. With regard to the legal information obligations of the EU General Data Protection Regulation (GDPR) applicable in this respect, we would like to inform you as follows:
I. Name and contact details of the responsible person
The respective Röchling Group company is responsible for processing personal data within the meaning of the GDPR. You have either made personal data available to this company yourself or it has been transmitted by a Röchling Group company. The companies belonging to the Röchling Group can be found here:
II. Name and contact details of the responsible person
Mr. Eberhard Häcker
Am Hagelsrech 14
III. Name and contact details of the Group Data Protection Officer
We process the personal data that you make available to us, in particular by transmitting business and/or application documents and your details in business meetings and job interviews. In general, these may include, in particular:
- Master data (name, official/private postal address, telephone numbers, e-mail addresses, date of birth, service or function designation or position),
- Information about the business relationship,
- Information about the employer,
- Information about visits to or stays at plants/locations of companies belonging to the Röchling Group, for employees of the Röchling Group, in particular
- Working time data (attendance times, sick leave and vacation times),
- Accounting data (e.g. salary, bonus payments, non-cash benefits, travel and other expenses, sales figures),
- Social security, bank and tax data (e.g. bank details, income tax class, tax ID number, social security number, religion, health insurance),
- Health data (sick leave, information about pregnancy, severely handicapped status),
- Data on professional qualifications (e.g. application documents, additional qualifications, further training),
- Data on internal appraisals,
- Data from and in connection with the use of business EDP and telecommunications media (IP address, log files, etc.).
IV. Purposes and legal bases of data processing
- Data processing for the fulfilment of a contract or for the implementation of pre-contractual measures
In order to prepare, conclude and execute a contract with you, for example, or to be able to consider you in an application procedure for a job advertised, we require corresponding personal data. We process such personal data on the basis of Art. 6 para. 1 lit. a) and lit. b) GDPR.
- Data processing for the fulfilment of legal obligations
Personal data may also be processed if this is necessary to fulfil legal obligations (e.g. commercial and tax laws, labour law). We therefore process personal data for the fulfilment of tax reporting and control obligations if necessary. The legal basis here is Art. 6 (1) (c) GDPR.
- Data processing for legitimate interest
In addition, we may process personal data on the basis of a weighing up of interests to protect our own legitimate interests or those of third parties. This is done on the basis of Art. 6 para. 1 lit. f) GDPR, in particular for the following purposes:
a) Security and maintenance of operations and IT systems
b) Further development of services and products as well as existing processes
c) Securing and exercising our right to impose house rules through appropriate measures (video surveillance)
d) Determination of default and credit risks by credit agencies (Schufa, etc.)
e) Assertion of legal claims and defence in the event of legal disputes that may have been asserted
f) Prevention and investigation of criminal offences
g) Implementation of application procedures
h) Measures for building and plant security (e.g. access controls)
i) Business management measures
V. Necessity of personal data
As a matter of principle, we only collect data that is necessary for the fulfilment or pursuit of the aforementioned purposes.
Automated decision making, especially profiling, does not take place.
VII. Possible recipients or categories of recipients of your data
- We pass on your personal data within a company to those areas which require this data to fulfil contractual and legal obligations or to implement our legitimate interests, if and to the extent that there is a necessary and justified reason to do so. Furthermore, the data may be passed on within the group of companies.
- We pass on personal data to business partners insofar as this is necessary to fulfil our tasks or business relationships and to comply with legal obligations (Art. 6 para. 1 lit. b), lit. c) and lit. f) GDPR).
- Only those persons who are involved in the application process come into contact with the personal data of our applicants. A passing on to third parties always takes place on a legal basis.
- In addition, personal data may, insofar as this is legally permissible, be passed on to authorities, investigating authorities, official bodies and service providers used by us (e.g. banks and credit institutions for payment processing, financial and tax authorities, print service providers, shipping service providers, collection agencies, experts, auditors, subcontractors, credit agencies, lawyers, accountants, IT service providers, Internet agencies, insurance companies) (Art. 6 para. 1 lit. b) and lit. c), Art. 9 para. 1 lit. b) GDPR.
VIII. Transfer of your data to a third country or to an international organisation
A transfer of your personal data to third countries or to an international organisation does not currently take place. The transfer of personal data within the Röchling Group always takes place in compliance with the applicable legal requirements of the GDPR.
IX. Storage period
- We process your personal data as long as it is necessary for the corresponding purpose, in particular for the duration of the business relationship, including the initiation and execution of a contract and the application procedure, provided that no other legal provisions intervene.
- In addition, as a company we are subject to various storage and accountability obligations, including those arising from the German Commercial Code [Handelsgesetzbuch] and the German Tax Code [Abgabenordnung]. Any erasure by us always takes place according to the legal defaults.
- Within the framework of the application procedure, the data will be deleted after 6 months at the latest in the event of a cancellation, provided that there is no interest in storage of the data to protect against any claims asserted, such as the German Act on Equal Treatment [AGG]. If no suitable job placement for you was found and provided that you have given us your consent, we store your data for 12 months. If your application procedure is successful, the personal data will be stored in accordance with our data protection information for employees. These provisions shall not apply if statutory obligations prescribe longer or shorter storage of data.
X. Your rights
- You and/or your employees have the following rights against us with regard to your personal data:
a) Right of access
b) Right of rectification or erasure
c) Right to limitation of processing
d) Right to object to the processing
e) Right to data portability
- You are entitled to request information about the data stored about you as well as a copy of this data (Art. 15 GDPR). You have the right, under the statutory conditions, to demand the rectification, erasure or limitation of the processing of personal data (Art. 16 to 18 GDPR).
- If you have given your consent to the processing of your data, you can revoke it at any time (Art. 7 para. 3 GDPR). Such a revocation influences the permissibility of the processing of your personal data after you have given it to us.
- You also have the right to object to data processing (Art. 21 GDPR) and to receive the personal data provided by you and concerning you in a structured, common and machine-readable format (Art. 20 GDPR).
The objection can be made in any form with the subject "Objection", stating your name, address and date of birth, and should be addressed to the respective company belonging to the Röchling Group to which you yourself provide personal data or which is transmitted by a company of the Röchling Group
or by e-mail to:
- You also have the right to complain to a supervisory authority not necessarily responsible for the company if you consider that the processing of your personal data is unlawful (Art. 77 GDPR). The address of the supervisory authority responsible for the provider of this website is:
Landesbeauftragter für Datenschutz und Informationsfreiheit in Baden-Württemberg [State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg], Königstraße 10A, 70173 Stuttgart, Germany