The protection of your personal data, we take seriously, because we want you to feel comfortable when you visit our website. Therefore we treat your personal data strictly confidential and do not pass them on to unauthorized third parties. As soon as you transmit us your personal data, these will always be processed in accordance with the terms of the General Data Protection Regulation (GDPR) and the specific national data protection legislation in force and they will be used only for the purpose intended as well as for the business interests of KOLBUS and in particular for the technical administration of the websites. Read on to learn how we collect data, what data we collect, and why and how we use your data.
Name and address of controller as to the GDPR:
KOLBUS GmbH & Co. KG
Osnabruecker Strasse 77
Phone: ++49 5771 71-0
Fax: ++49 5771 71-333
Contact for Data protection issues
If you have any questions about issues relating to data protection, please contact us at the following email: datenschutz(at)kolbus.de
Legal basis for personal data processing
Insofar as we obtained your consent for the processing of your personal data for one or more specific purposes, Art. 6 (1) a of the EU General Data Protection Regulation (GDPR, or DSGVO in German) is the legal basis.
The legal regulation that governs the processing of personal data necessary for the fulfillment of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract is Art. 6 (1) b of the GDPR.
Insofar as the processing of personal data is necessary for compliance with a legal obligation to which the controller is subject, Art. 6 (1) c is the legal basis.
In case processing is necessary to protect the vital interests of the data subject or of another natural person, Art. 6 (1) d of the GDPR is the legal basis.
The legal regulation that governs the processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, is Art. 6 (1) f.
This website uses a SSL or TLS encryption to ensure confidentiality and security of processing of data as e.g. orders, log-in data or contact requests, you send us as controller of this website. You can see that you have an encrypted connection by „https://“ instead of „http://“ in the browser and a lock symbol in your browser line.
If a SSL or TLS encryption is activated, third parties will not be able to read data you transmit to us.
Collecting and processing data
Every time you access our website or download a file from it, some non-personal data is recorded. We store this data for internal system-related and statistical purposes. We record the following data: name of the file, date and time, data volume, whether the download was successful, the name of the web browser and domain requesting the download. We also record the IP address of the requesting computer. We collect other personal data only when it is supplied voluntarily by website users and/or customers, for example when they register, when they enter into a contract or adjust their browser settings.
The legal regulation which governs the processing of data is Art. 6 (1) f of the GDPR. The above mentioned purposes describe our legitimate interest in data processing.
A cookie is a text file that is sent when you visit a website and stored on the hard disk of the user, the website and / or the customer. If the corresponding server of our website is called up again, the browser of the user of the website and / or the customer sends the previously received cookie back to the server. The server can then, in different species from values. Cookies may control advertisements or make it easier to navigate a website. 6 (1) lit. f DS-GMO required.
Contacting/ Contact form
When contacting us (e.g. via contact form or email) personal data will be processed.
Which data are being processed in detail can be seen from the specific contact form.
These data will exclusively be processed to answer your request or to contact you by the related technical administration.
The legal regulation that governs the processing of data to answer your request is
Art. 6 (1) f of the GDPR.
If contacting you is before the completion of a contract, then the additional legal basis is Art. 6 (1) b of the GDPR.
Your data will be deleted after completion of your request. This will be the case if it is apparent that the respective issue is conclusively clarified and that there is no legal obligation to retain such data.
Application management/ Career portal
We collect and process the personal data of applicants for the purpose of handling the application procedure. Data processing can be done electronically. This is the case when a candidate sends his/her application documents electronically, via email or contact form on the website. If we conclude an employment contract with the candidate, the received data will only be further processed as it is necessary for establishing employment by legal regulations.
If we do not conclude an employment contract with the candidate, the application documents will be automatically deleted six months after the rejection provided that this is not contrary to legitimate interests from our side. Other legitimate interests are for example a burden of proof in a proceeding under the General Equal Treatment Act (AGG).
The legal regulation that governs the processing of data for the application procedure is Art. 6 (1) f of the GDPR.
Use of Social Media Plugins on Facebook, YouTube, Xing, and Linkedin
Our website uses so-called Social Plugins („Plugins“) of the social networks Facebook, and YouTube as well as Xing and LinkedIn. These services are provided by Facebook Inc., Google Inc., Youtube LLC, XING SE, and LinkedIn Inc. („Provider“).
Facebook is run by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA („Facebook“). An overview of the Facebook Plugins and how they look you will find here: https://developers.facebook.com/docs/plugins
YouTube is run by Google Inc., 1600 Amphitheatre Parkway, Mountainview,
CA 94043, USA („Youtube“). An overview of the Youtube Plugins and how they look you will find here: https://developers.google.com/youtube/
XING is run by XING SE, Dammtorstrasse 30, 20354 Hamburg („XING“). An overview of the XING Plugins and how they look you will find here: https://dev.xing.com/
LinkedIn is run by LinkedIn Inc., LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland („LinkedIn“). An overview of the LinkedIn Plugins and how they look you will find here: https://developer.linkedin.com/#
Twitter is run by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA („Twitter“). An overview of the Twitter Plugins and how they look you will find here: https://twitter.com/about/resources/buttons
Instagram is run by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA („Instagram“). An overview of the Instagram Plugins and how they look you will find here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges
If you visit a page on our website, containing this type of plugin, your browser will automatically connect with Facebook's, Google+’s, Youtube’s, Twitter’s or Instagram’s servers. The content of the plugin will be passed by the provider directly to your browser and it will be integrated into the website. By integrating the plugins, the providers receive the information that your browser opened the corresponding page of our website even if you do not have a profile or are not logged in. This information (including your IP address) will be sent by your browser directly to the server of the corresponding provider in the USA and will be stored there.
If you are logged in to one of these services, the providers will be able to assign your visit to our website to your Facebook, Google+, Youtube, Twitter, or Instagram network account. If you interact with the plugins, such as by pressing the "Like" button, the „+1“-, the „Youtube“-, the „Twitter“- or the „Instagram“-button, the corresponding information will also be sent directly to a server of the provider and will be stored there. The information will also be published on the social network, on your Twitter or Instagram account, and will be added to your contacts there.
To learn more about the purpose and extent of data collection, processing, and the use of this data by the providers as well as all your rights and options for privacy, please refer to the data protection notes of the providers.
Data protection notices by Facebook: http://www.facebook.com/policy.php
Data protection notices by Google: http://www.google.com/intl/de/+/policy/+1button.html
Data protection notices by YouTube: http://www.google.com/intl/de/policies/privacy/
Data protection notices by Twitter: https://twitter.com/privacy
Data protection notices by Instagram: https://help.instagram.com/155833707900388/
Data protection notices by XING: https://www.xing.com/privacy
Data protection notices by LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
If you want to avoid these services can assign your visit to our website to your network account, please log out of your account before visiting our website.
This website uses functions of the web analytics service Google Analytics. Provider is the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses so-called cookies, and text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website (including your IP address) is usually transmitted to and stored by Google on servers in the United States.
However, if IP anonymization is enabled on this website, Google will truncate your IP address beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.
Google will use this information on behalf of the website operator to evaluate your website usage, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics within the framework of Google Analytics will not be merged with other data provided by Google.
You can prevent the storage of cookies by setting your browser software accordingly. We point out, however, that you may not be able to use all the features of this website in this case. You may also prevent the collection of cookie-generated and web site-related information, including your IP address to Google, and Google's processing of such data by downloading and installing the appropriate browser add-on.
Alternatively, you can prevent Google Analytics from collecting by placing a special opt-out cookie that prevents future collection of your information when you visit this site.
We use “Google Ads” (formerly Google AdWords) on our website, a service of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Ads enables us to draw attention to our attractive offers with the help of advertising media on external websites. This enables us to determine how successful individual advertising measures are. These advertising materials are delivered by Google via so-called "AdServers". For this purpose, we use so-called AdServer cookies, which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google ad, Google Ads will store a cookie on your PC. These cookies usually lose their validity after 30 days. They are not intended to identify you personally. The following information is usually stored as analysis values for this cookie: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions), opt-out information (marking that the user no longer wishes to be addressed). These cookies enable Google to recognize your web browser. If a user visits certain pages of the website of an Ads customer and the cookie stored on his computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Ads customer. Cookies can therefore not be tracked across Ads customers' websites. We ourselves do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information. Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. According to our knowledge, Google receives the information that you have called up the relevant part of our website or clicked on an ad from us. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is the possibility that Google learns your IP address and stores it.
We use Google Ads for marketing and optimization purposes, in particular, to display ads that are relevant and interesting to you, to improve campaign performance reports, and to achieve a fair calculation of advertising costs. This is also our legitimate interest in the processing of the above data by the third-party provider. The legal basis is Art. 6 para. 1 p. 1 lit. f) GDPR.
You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We point out that in this case, you may not be able to use all features of our website in full.
You can also prevent cookies from being stored by setting your web browser to block cookies from the domain „www.googleadservices.com“ (https://www.google.de/settings/ads). We would like to point out that this setting will be deleted when you delete your cookies. In addition, you can deactivate interest-based ads via the link http://optout.aboutads.info.
We would like to point out that this setting will also be deleted when you delete your cookies.
Information of the third-party provider: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
For more information on data usage by Google, on setting and objection options, and data protection, please refer to the following Google web pages:
Google Tag Manager
We use "Google Tag Manager" on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Tag Manager allows us as marketers to manage website tags through one interface. The Google Tag Manager tool that implements the tags is a cookie-less domain and does not collect any personal data. Google Tag Manager takes care of triggering other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
Information of the third-party provider: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
Further information on data protection can be found on the following Google web pages:
FAQ Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
For our online marketing activities, we use HubSpot, an integrated software solution that allows us to cover a wide range of aspects, including:
- e-mail marketing (newsletter, banner, and automated e-mails, e.g. to provide downloads)
- social media publishing and reporting
- reporting (e.g., sources of traffic, access, etc.)
- contact management (e.g., user segmentation and customer relationship management)
- landing pages, blogs, and contact forms
- services (live chat, chat-bots, ticket system, polls, knowledge databases)
Our contact forms allow you as a visitor to our website, to find out more about our company, download content, and share your contact and demographic information with us. This information and the content of our website are stored on servers belonging to our software partner HubSpot. We will use this information to contact you. Cookies also allow us to find out which of our services might interest you. To do so, we store information about your interaction with our website, such as the documents you download, the pages you visit, and the date and time of your visit (“usage data”), as well as whether and when you have opened marketing e-mails from KOLBUS.
Where can I find out more about HubSpot?
HubSpot is a US software company with offices in Berlin.
HubSpot Germany GmbH
Am Postbahnhof 17
- More information from HubSpot about the EU General Data Protection Regulation »
- More information about the cookies used by HubSpot can be found here and here »
How can I object to the collection of this data?
Although you have the option of revoking your consent at any time, you can also technically exclude the collection of your user data by adjusting the cookie settings of your browser and deleting the respective cookies. More information about the cookies used by HubSpot can be found here and here »
Links to other websites
KOLBUS websites contain links to third-party websites or affiliated companies.
If you click on these links, you leave the KOLBUS website and the scope of validity of our data protection declaration. KOLBUS is not responsible for ensuring compliance with the legal provisions for third-party websites. Responsibility for data protection rests exclusively with the providers of these websites.
We point out that in the current state of technology, personal data protection during internet data communication (for example communication per email) could show security flaws. It could be technically possible, under certain circumstances, for third parties to access network security without authorization and to control data communication.
Please also take into account that all data which are sent by email are basically unencrypted.
Your rights as a data subject
Right to obtain confirmation
You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data.
Right of access to information Art. 15 GDPR
You have the right to obtain from us free of charge information as to what personal data concerning you are being stored and to obtain a copy of these data.
Right to rectification Art. 16 GDPR
You have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed.
Right to erasure Art. 17 DS-GVO
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the given legal grounds applies and insofar as the processing is not necessary.
Right to restriction of processing Art. 18 GDPR
You have the right to obtain from the controller restriction of processing where one of the legal grounds applies.
Right to data portability Art. 20 GDPR
You have the right to receive personally identifiable information you have provided to the controller in a structured, standard, and machine-readable format. You also have the right to transfer these data to another person without hindrance by the controller to whom the personal data were supplied, provided that the processing is based on consent in accordance with Art. 6 (1)a of the GDPR or Art. 9 (2) of the GDPR or on a contract in accordance with Art. 6 (1) b of the GDPR and the processing is performed using automated procedures. The right of data portability does not apply in the case of processing personal data necessary to carry out a task in the public interest or in the exercise of public authority which has been delegated to the controller.
In exercising this right (Art. 20 (2)), you also have the right to ensure that the personal data relating to you are transmitted directly from one controller to another, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this action.
Right to object Art. 21 GDPR
You have the right at any time, for reasons relating to your own particular situation, to raise an objection against any processing of your personal data in accordance with Art. 6 (1) e (processing is carried out in public interest) or f (processing is necessary for the purposes of the legitimate interests pursued by the controller) of the GDPR; this also applies to profiling based on such provisions as to Art. 4 (4).
The controller will no longer be entitled to process the personal data concerning you unless it can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or where the purpose of the processing is to enforce, exercise, or defend legal claims.
Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Art.89 (1), you, on grounds relating to your particular situation, have the right to object to the processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
Regardless of Directive 2002/58/EC, you have the option, within the context of the use of information society services, of exercising your right to object by means of automated procedures that use technical specifications.
Right to revoke the data protection consent declaration
You have the right to revoke your data protection consent declaration at any time with effect in the future. Revocation of this consent does not affect the legality of any processing carried out subject to that consent until your revocation.
Right of complaint to a supervisory authority
You have the right to complain to a supervisory authority if you believe that the processing of the personal data concerning you is in violation of the GDPR.
How we use your personal data
When personal data is provided to KOLBUS, it only will be used for the purpose of answering requests. In general, we process personal data provided exclusively to maintain customer relationships. Your personal data will not be disclosed to any third party. The employees of KOLBUS are obligated to maintain confidentiality.
Routine storage, deletion, and blocking of personal data
We process and store personal data concerning you only for the period necessary for the purpose of storage or insofar as this is required by the legislation in force our company is subject to.
If the specific purpose of storage does no longer apply or a storage period required by law expires, personal data concerning you will be routinely and according to legal regulations deleted or blocked.
The respective period required by law is the criterion for the storage duration of personal data. After the expiry of applicable periods, corresponding data will routinely be deleted if they are no longer necessary for contractual fulfillment or business purposes such as contract preparations.
Validity and updating of the data protection declaration
This data protection declaration is valid and is current as of December 2023.