Data privacy

We appreciate you visiting our website. We would like to inform you in the following about the processing of your data pursuant to Art. 13 General Data Protection Regulation (GDPR).

Controller

The body named in the legal notice is responsible for the data collection and processing described below.

Usage data

When you visit our websites, usage data is temporarily evaluated on our web server for statistical purposes as a log in order to improve the quality of our websites. This data record consists of

> the name and address of the content requested,
> the date and time of query,
> the amount of data transferred,
> the access status (content transferred, content not found, etc.)
> the description of the web browser and operating system used,
> the referral link, which indicates the page from which you have reached ours,
> the IP address of the requesting computer, which is shortened in such a way that it can no longer be connected to a specific person.

The log data mentioned will only be stored anonymously.

Storage of the IP address for security purposes

We also store the full IP address transmitted by your web browser for a strictly specific purpose for a period of seven days, in the interest of being able to detect, limit and eliminate attacks on our websites. After this period, we delete or anonymise the IP address. The legal basis for this is Art. 6 para. 1 (1) (f) GDPR.

Data security

In order to protect your data from unwanted access as comprehensively as possible, we implement technical and organisational measures. We use an encryption method on our websites. Your information is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognise this by the fact that the lock symbol in the status bar of your browser is closed and the address line starts with https://

Required cookies

We use cookies on our websites, which are necessary for the use of our websites. Cookies are files that can be stored and read on your end device. A distinction is made between session cookies, which are deleted again as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

We use these cookies on the basis of Art. 6 para.1 (1) (f) GDPR.

You can set your browser to notify you before a cookie is placed. This will make their use transparent to you. You can also delete cookies at any time via the corresponding browser setting and prevent the setting of new cookies. Please note in this case that our web pages may not be displayed to their best effect and that some functions may no longer be technically available.

Name Provider Use Storage period Adequate level of data protection/
legal basis of data processing
borlabs-cookie Borlabs Saving the setting in the cookie banner 182 days Required cookie
(Art. 6 para. 1 (1) (f) GDPR)

You can view and change the settings you have made via the cookie banner at any time: Editing Cookies

Matomo

We use the “Matomo” web analysis tool to design our websites according to demands. Matomo creates usage profiles based on pseudonyms. Permanent cookies are stored on your terminal device and read by us for this purpose. This allows us to recognise and count returning visitors.

The data processing is based on your consent, provided that you have given your consent via our banner.

You may revoke your consent at any time. Please follow this link to do so and make the appropriate settings via our banner.

 

Name Provider Use Storage period Adequate level of data protection/
legal basis of data processing
_pk_id.1.a3dc Matomo Analysis of the use of the website 393 days Consent at the beginning of the visit via the cookie banner
(Art. 6 para. 1 (1) (a) GDPR)
_pk_ses.1.a3dc Matomo Analysis of the use of the website 1 day Consent at the beginning of the visit via the cookie banner
(Art. 6 para. 1 (1) (a) GDPR)

 

Google Analytics

We use the “Google Analytics” web analytics tool and “Google Tag Manager” to design our websites according to our customers’ needs. Google Analytics and Google Tag Manager create usage profiles based on pseudonyms. Permanent cookies are stored on your terminal device and read by us for this purpose. This allows us to recognise and count returning visitors.

Google Ireland Limited and Google LLC (USA) support us within the scope of Google Analytics and Google Tag Manager as a processor in accordance with Art. 28 GDPR. Data processing may therefore also take place outside the EU or EEA. No adequate level of data protection can be assumed in respect of Google LLC as processing takes place in the USA. There is a risk in some countries that authorities may access the data for security and surveillance purposes without informing you or allowing you to seek redress. Please keep this in mind if you decide to give your consent to our use of Google Analytics and Google Tag Manager.

Data processing is based on your consent pursuant to Art. 6 para. 1 (1)(a) GDPR or Section 15 para. 3 (1) Telemedia Act, if you have given your consent via our banner. The transfer to a third county takes place on the basis of Art. 49 para. 1 (a) GDPR.

You may revoke your consent at any time. Please follow this link to do so and make the appropriate settings via our banner.

Google AdSense

We use the “Google AdSense” web analysis tool to design our website according to demands. Google AdSense uses existing user profiles to deliver ads that are relevant to you and prevent you from seeing the same ad more than once.

Please note that embedding Google Adsense means that your data will be processed by Google LLC (USA) outside the EU or EEA. There is a risk in some countries that authorities may access the data for security and surveillance purposes without informing you or allowing you to seek redress. Please keep this in mind if you decide to give your consent to our use of Google Adsense.

Data processing is based on your consent pursuant to Art. 6 para. 1 (1)(a) GDPR or Section 15 para. 3 (1) Telemedia Act, if you have given your consent via our banner. The transfer to a third county takes place on the basis of Art. 49 para. 1 (a) GDPR.

You may revoke your consent at any time. Please follow this link to do so and make the appropriate settings via our banner.

Map services

We embed map services on our websites that are not stored on our servers. We only display locally stored preview images of the maps in a first step to ensure that calling up our websites with embedded map services does not automatically lead to content from the third-party provider being reloaded. This does not provide the third-party provider with any information.

The content of the third-party provider is only reloaded after clicking on the preview image. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context. We have no influence on any further data processing by the third-party provider. By clicking on the preview image, you give us permission to reload content from the third-party provider.

Embedding is based on your consent, provided that you have previously given your consent by clicking on the preview image.

Please note that the embedding of some map services means that your data will be processed outside the EU or EEA. There is a risk in some countries that authorities may access the data for security and surveillance purposes without informing you or allowing you to seek redress. If we use providers in insecure third countries and you consent, the transfer to an insecure third country takes place on the basis of Art. 49 para. 1 (a) GDPR.

Provider Maximum storage duration Adequate level of data
protection
Revocation of consent
Google LLC (USA) No adequate level of data protection.
The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.
If you have clicked on a preview image, the content of the third-party provider is immediately reloaded.
If you do not want this reloading on other pages, please do not click on any thumbnails.

Integration of other technical third-party content and functions

We use the technical functions and content of third-party providers mentioned below to present our websites.

Calling up our pages results in the content of the third-party provider who provides these functions and content being reloaded. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context.

We have no influence on any further data processing by the third-party provider.

The data processing is based on your consent, provided that you have previously given your consent via our banner solution.

Please note that the use of third-party content and features may result in your data being processed outside the EU/EEA. There is a risk in some countries that authorities may access the data for security and surveillance purposes without informing you or allowing you to seek redress. If we use providers in insecure third countries and you consent, the transfer to an insecure third country takes place on the basis of Art. 49 para. 1 (a) GDPR.

Provider Technical function or
content
Transfer to third countries according to the provider’s specifications
and assurance of an adequate level of data protection
Revocation of consent
Meta Platforms,
Inc. (USA)
Facebook CDN
(Content Delivery Network)
No adequate level of data protection.

The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.

If you no longer agree to the processing, please no longer use our site or revoke the consent you have given via our cookie banner at Cookie banner settings.
Meta Platforms,
Inc. (USA)
Facebook
social plugins
No adequate level of data protection.

The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.

If you no longer agree to the processing, please no longer use our site or revoke the consent you have given via our cookie banner at Cookie banner settings.
Meta Platforms,
Inc. (USA)
Meta Pixel No adequate level of data protection.

The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.

 

If you no longer agree to the processing, please no longer use our site or revoke the consent you have given via our cookie banner at Cookie banner settings.
LinkedIn Inc.
(USA)
LinkedIn Pixel No adequate level of data protection.

The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.

 

If you no longer agree to the processing, please no longer use our site or revoke the consent you have given via our cookie banner at Cookie banner settings.
Google LLC
(USA)
Google Fonts No adequate level of data protection.
The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.
If you no longer agree to the processing, please no longer use our site or revoke the consent you have given via our cookie banner at Cookie banner settings.

 

Embedded videos

We embed videos on our websites that are not stored on our servers. We only display locally stored preview images of the videos in a first step to ensure that calling up our websites with embedded videos does not automatically lead to content from the third-party provider being reloaded. This does not provide the third-party provider with any information.

The content of the third-party provider is only reloaded after clicking on the preview image. This provides the third-party provider with the information that you have accessed our site as well as the usage data technically required in this context. The third-party provider is then also able to implement tracking technologies. We have no influence on any further data processing by the third-party provider. By clicking on the preview image, you give us permission to reload content from the third-party provider.

The embedding is based on your consent pursuant to Art. 6 para. 1 (1)(a) GDPR, provided that you have given your consent by clicking on the preview image. Please note that the embedding of many videos means that your data will be processed outside the EU or EEA. There is a risk in some countries that authorities may access the data for security and surveillance purposes without informing you or allowing you to seek redress. If we use providers in insecure third countries and you consent, the transfer to an insecure third country takes place on the basis of Art. 49 para. 1 (a) GDPR.

Provider Adequate level of
data protection
Revocation of consent
YouTube/Google LLC. (USA) No adequate level of data protection.
The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.
If you have clicked on a preview image, the content of the third-party provider is immediately reloaded.
If you do not want this reloading on other pages, please do not click on any thumbnails.
Vimeo, LLC (USA) No adequate level of data protection.
The transfer takes place on the basis of
Art. 49 para. 1 (a) GDPR.
If you have clicked on a preview image, the content of the third-party provider is immediately reloaded.
If you do not want this reloading on other pages, please do not click on any thumbnails.

Survey

We regularly use Microsoft Forms to conduct surveys on our website. As a result, the data entered is processed on servers of Microsoft Inc., which may also be located outside the EU or EEA in countries that do not have an adequate level of data protection. The transmission of the data is then based on Art. 49 para. 1 (a) GDPR (consent). Consent is obtained by placing a check box in front of the survey. If you want to participate in the survey, you have to activate the survey by clicking the check box. By doing so, you declare your willingness to participate in the survey and consent to the associated data processing.

Applications

You can apply for a vacancy via our website, but you can also send us a speculative application. You have various options for this:

(1) In some cases you will be redirected to https://career5.successfactors.eu/careers?company=NagelGroup, an external site. Please refer to the data protection information there for information on data processing on this page.

(2) In some cases, you can apply directly on this page at https://www.nagel-group.com/en/driving-for-the-nagel-group or https://www.nagel-group.com/en/berufskraftfahrer. Your data will be forwarded directly to the person in the personnel department who is responsible, who will then organise the next steps. The legal basis for data processing is Section 26 Federal Data Protection Act (BDSG). If your application is successful, the data will be transferred to the personnel file. If your application is unsuccessful, the data will be retained for up to six months after completion of the application process or up to two years in the event of inclusion in our application pool, provided you have consented to this, and then deleted.

Newsletter registration and dispatch

You can request a newsletter on our website. Please note that we require certain data (your e-mail address as a minimum) to subscribe to the newsletter.

The newsletter will only be sent if you have given us your express consent. After making the request on our website, you will receive a confirmation e-mail to the e-mail address you provided (known as a double opt-in). You may revoke your consent at any time. You can easily cancel your subscription, for example, by clicking on the unsubscribe link which is in every newsletter.

Within the scope of the newsletter registration, we store further data in addition to the data already mentioned, to the extent that it is necessary for us to be able to prove that you have ordered our newsletter. This may include storing the full IP address at the time of ordering or confirming the newsletter, as well as a copy of the confirmation e-mail we send. The corresponding data processing is carried out on the basis of Art. 6 para. 1 para. 1 (1)(f) GDPR in the interest of being able to account for the lawfulness of sending the newsletter.

Storage duration

Unless we have already informed you in detail about the storage period, we delete personal data when it is no longer required for the aforementioned processing purposes and deletion is not prevented by statutory retention obligations.

Your rights as a data subject

The GDPR grants you certain rights as a data subject when your personal data is processed:

Right to information (Art. 15 GDPR)

You have the right to request confirmation as to whether your personal data are processed; if this is the case, you have a right to access these personal data and the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to immediately request the incorrect personal data to be corrected and, if necessary, incomplete data to be completed.

Right to deletion (Art. 17 GDPR)

You have the right to request that your personal data be deleted immediately if one of the reasons listed in Art. 17 GDPR applies in detail.

The right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is fulfilled, e.g., if you have lodged an objection against the processing for the duration of investigation by the person in charge.

Right to data portability (Art. 20 GDPR)

In certain cases, which are detailed in Article 20 GDPR, you have the right to receive your personal data in a structured, common and machine-readable format or to request the transmission of these data to a third party.

Right of revocation (Art. 7 GDPR)

If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 para. 3 GDPR. Please note that the revocation only takes future effect. Processing that took place before the revocation is not affected by this revocation.

Right of objection (Art. 21 GDPR)

If data is collected on the basis of Art. 6 para. 1 (1) (f) GDPR (data processing for the protection of legitimate interests) or on the basis of Art. 6 para. 1 (1) (e) GDPR (data processing for the protection of public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling reasons for processing which must be preserved and which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right of appeal to a supervisory authority (Art. 77 GDPR)

You have the right to appeal to a supervisory authority pursuant to Art. Article 77 of the GDPR if you believe that the processing of data concerning you violates data protection regulations. The right of appeal may be exercised in particular before a supervisory authority in the Member State where you habitually reside, work or where the suspected violation took place.

Asserting your rights

Unless otherwise described above, please contact the office named in the legal information to assert your data protection rights.

Contact details for the data protection officer

Our data protection officer will be happy to provide you with information on the subject of data protection. You can contact them at:

Kraftverkehr Nagel SE & Co. KG
Data Protection Officer
Friedrich-Menzefricke-Strasse 6
D-33775 Versmold

E-mail: dataprotection@nagel-group.com