Türkiye
Bangladesh
پاکستان
中国
close

We take the protection and security of your personal data entrusted to us seriously. It is our claim that you feel as well informed and safe as possible when visiting our internet pages and using our offers with regard to data protection.

Find out below what personal data is collected when you use our offers and services and how we use it.

1.
Data processing on this website

Information on data processing for this website in accordance with Art. 13 EU General Data Protection Regulation (GDPR) [DSGVO] when collecting personal data from the data subject.

Data protection information (Version: GDPR [DSGVO] 2.0 from 26.10.2020)

Data protection

Hohenstein Laboratories GmbH & Co. KG, Hohenstein Textile Testing Institute GmbH & Co. KG and Hohenstein Innovations gGmbH are jointly responsible for this website within the meaning of Art. 26 GDPR.

We attach great importance to the security of your data and compliance with data protection regulations. The processing of personal data is subject to the provisions of the currently applicable European and national laws. With the following data protection information, we would like to show you how we handle your personal data and how you can contact us:

Hohenstein Laboratories GmbH & Co. KG
Register court AG Stuttgart HRA 724658
Personally liable partner:
Hohenstein Verwaltungs GmbH (Register Court AG Stuttgart HRB 752904)
Authorized to represent:
Prof. Dr. Stefan Mecheels, Dr. Stefan Droste, Dr. Timo Hammer

Hohenstein Textile Testing Institute GmbH & Co. KG
Register court AG Stuttgart HRA 723464
Personally liable partner:
Hohenstein Verwaltungs GmbH (Register Court AG Stuttgart HRB 752904)
Authorized to represent:
Prof. Dr. Stefan Mecheels, Dr. Stefan Droste

Hohenstein Innovations gGmbH
Register court AG Stuttgart HRB 738836
Authorized to represent: Prof. Dr. Stefan Mecheels, Dr. Timo Hammer

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail:   

Our data protection officer:
Sven Lenz – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
GERMANY

If you have any questions about data protection or other data protection-related concerns, please feel free to send an e-mail to the following e-mail address:

A. General notes

For better comprehensibility, we refrain from differentiating between the genders. In the interest of equal treatment, the corresponding terms apply to all genders. The meaning of the terms used, such as "personal data" or "processing", can be found in Article 4 of the GDPR.

Personal data processed within the framework of this website include the following:

  • Inventory data (e.g. name and addresses of customers)
  • Contract data (e.g. services used, payment information)
  • Usage data (e.g. pages visited on our website) and
  • Content data (e.g. entries in our contact forms, application forms or registration for our newsletter)

B. Specific notes

Privacy policy

We ensure that we process your data only in connection with the processing of your inquiries and for internal purposes as well as to provide services requested by you or to make content available. 

Basics of data processing

We process your personal data only in compliance with the relevant data protection regulations. Legal bases are:

  • Provision of our contractual services
  • Processing is a legal requirement
  • Existence of your electronic consent (e.g. registration for the newsletter)
  • Enforcement of our legitimate interests

We are happy to show you where the above legal bases are regulated:

  • Processing for the fulfillment of our services and implementation of contractual measures:
    Art. 6 para. 1 lit. b) GDPR
  • Processing for the fulfillment of our legal obligations:
    Art. 6 para. 1 lit. c) GDPR
  • Consent:
    Art. 6 para. 1 lit. a) and Art. 7 GDPR
  • Processing for the protection of our legitimate interests:
    Art. 6 para. 1 lit. f) GDPR

Data transfer to third parties

We would like to point out that a data transfer may take place when using our website.

Data transfer to a third country or an international organization

Third countries are countries in which the GDPR is not directly applicable law. This basically includes all countries outside the EU or the European Economic Area.

In certain cases, we also transfer data to third countries or to international organizations. If a third country transfer takes place, we ensure that appropriate safeguards are in place so that you can enforce your rights and remedies even then.

Storage period of your personal data

We adhere to the principles of data economy and data minimization. This means that we store your data only as long as necessary to fulfill the aforementioned purposes or as specified by the various storage periods provided by law. If the respective purpose ceases to apply, or after expiry of the corresponding periods, your data will be routinely blocked or deleted in accordance with the statutory provisions.

Contact us

If you contact us via the website, you agree to electronic communication. Personal data is processed when you contact us electronically. The information you provide will be stored exclusively for the purpose of processing the request and for possible follow-up questions.

We would like to give you the legal basis for this:

  • Processing for the fulfillment of our services and implementation of contractual measures:
    Art. 6 para. 1 lit. b) GDPR

We would like to point out that e-mails can be read or changed on the transmission path without authorization or being noticed. Furthermore, we draw your attention to the fact that we use software to filter unwanted e-mails (spam filter). The spam filter can reject e-mails if they have been falsely identified as spam by certain characteristics.

Incoming messages sent through our contact form or emailed to us are stored and processed in our system using a service provider. This is the service Pardot (also known as Marketing Cloud Account Engagement) of the provider Salesforce: Salesforce.com, inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States. For more information about Salesforce’s privacy policy, please visit: https://www.salesforce.com/company/privacy/. We also concluded a Data Processing Agreement (DPA) with Salesforce. In this contract, Salesforce obligates itself to process our users' personal data only according to our instructions, to protect the data adequately, and not to share it to third parties. 

What rights do you have?

a) Right to information

You have the right to obtain information about your stored data free of charge. Upon request, we will inform you in writing which of your personal data we have stored. This also includes the origin and recipients of your data as well as the purpose of the data processing.

b) Right to rectification

You have the right to have your data stored by us corrected if it is incorrect. In doing so, you can demand a restriction of processing, e.g. if you dispute the accuracy of your personal data.

c) Right to block

Furthermore, you can have your data blocked. To ensure that a blocking of your data can be taken into account at any time, this data must be kept in a blocking file for control purposes.

d) Right to deletion

You may request the deletion of your personal data, unless there is a legal obligation to retain it. If such an obligation exists, we will block your data upon request. If the relevant legal requirements exist, we will also delete your personal data without your request.

e) Right to data portability

You are entitled to request that we provide the personal data transmitted to us in a format that allows it to be transferred to another entity.

f) Right to complain to a supervisory authority

You have the option of submitting a complaint to one of the data protection supervisory authorities.

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg
Postal address: Postfach 10 29 32, 70025 Stuttgart, GERMANY
Home address: Lautenschlagerstraße 20, 70173 Stuttgart, GERMANY

Phone: +49 711 615541-0
Fax: +49 711 615541-15
E-mail:
Web: https://www.baden-wuerttemberg.datenschutz.de

Note: A complaint can also be made to any data protection supervisory authority within the EU.

g) Right of objection

You have the possibility at any time, for reasons arising from your particular situation, to object to the processing of your data pursuant to Art. 6 (1) (e) and (f); this also applies to profiling based on these provisions.

Hohenstein will then no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If personal data are processed for the purpose of direct marketing, you have the right to object at any time to processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. In the event of such an objection, we will no longer process your personal data for the purposes of direct advertising. For this purpose, it is sufficient to send us an appropriate e-mail.

h) Right of revocation

You have the possibility at any time to revoke your consent to the processing of your data with effect for the future without giving reasons. You will not suffer any disadvantages as a result of the revocation. For this purpose, it is sufficient to send us an appropriate e-mail.

However, such a revocation does not affect the lawfulness of the processing carried out up to the time of the revocation on the legal basis of Art. 6 (1) a) GDPR.

To exercise your data subject rights, send us an email to the following address: .

Protection of your personal data

We take contractual, technical and organizational security measures in accordance with the state of the art to ensure compliance with data protection laws and thus to protect the processed data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

The security measures include in particular the encrypted transmission of data between your browser and our server. For this purpose, a 256-bit SSL (AES 256) encryption technology is used.

In doing so, your personal data will be protected within the scope of the following points (excerpt):

a) Maintaining the confidentiality of your personal data.

In order to maintain the confidentiality of your data stored with us, we have taken various measures to control access, entry and access control.

b) Safeguarding the integrity of your personal data

In order to maintain the integrity of your data stored with us, we have taken various measures to control disclosure and input.

c) Maintaining the availability of your personal data

In order to maintain the availability of your data stored with us, we have taken various measures for order and availability control.

The security measures in place are continuously improved in line with technological developments. Despite these precautions, due to the insecure nature of the Internet, we cannot guarantee the security of your data transmission to our website. Due to this, any data transmission by you is at your own risk.

Protection of minors

Personal information may only be provided to us by persons who have not yet reached the age of 16 with the express consent of their legal guardians. This data will be processed in accordance with this data protection notice.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files (access or error logs), which your browser automatically transmits to us. These are:

  • IP address
  • Timestamp
  • URL
  • Status code
  • File size
  • Referrer URL
  • Browser type and version

The data is automatically deleted after 4 weeks. This data is not merged with other data sources.

The basis for the data processing is our legitimate interest according to Art. 6 para. 1 lit. f) GDPR.

Online applications via a form

We offer applicants on our website the opportunity to apply online using a corresponding form. Inclusion in the application process requires that applicants provide us with all the personal data required for a sound and informed assessment and selection via the form.

The required information includes general personal information (name, address, telephone or electronic contact details) and performance-specific evidence of the qualifications required for a position. Health-related information may also be required, which must be given special consideration under employment and social law in the interest of the applicant's social protection.

When you submit the form, your data will be transmitted to us in encrypted form in accordance with the state of the art and processed exclusively for the purpose of processing your application.

The legal basis for the processing is Art. 6 Para. 1 lit. b) GDPR in conjunction with Section 26 Para. 1 German Federal Data Protection Act (BDSG), in the sense of which going through the application process is considered to be the initiation of an employment contract. Insofar as special categories of personal data within the meaning of Art. 9 (1) GRPR (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. 9 (2) (b) GDPR so that we can exercise the rights arising from labor law and social security and social protection law and fulfill our obligations.

Building on this or alternatively, the processing of the special categories of data may also be based on Art. 9 (1) (h) GDPR if it is carried out for the purposes of preventive health care or occupational medicine, for the assessment of the applicant's ability to work, for medical diagnostics, care or treatment in the health or social sector, or for the management of systems and services in the health or social sector.

If the applicant is not selected in the course of the evaluation described above, or if an applicant withdraws his or her application prematurely, the data provided by the applicant will be deleted at the latest after six months following notification. This period is measured on the basis of our legitimate interest in answering any follow-up questions about the application and, if necessary, to be able to meet our obligations to provide evidence under the regulations on equal treatment of applicants.

In the event of a successful application, the data provided will be further processed on the basis of Art. 6 (1) (b) GDPR in conjunction with Section 26 (1) BDSG for the purposes of implementing the employment relationship.

Cookies

Cookies are small text files that are stored locally in the cache of your Internet browser. The cookies allow, for example, the recognition of the Internet browser. The files are used to help the browser navigate through the website and to make full use of all functions.

We use a cookie consent tool that sets technically necessary cookies to store your cookie preferences. This data processing is carried out in accordance with Art. 6 (1) f) GDPR on the basis of our legitimate interest in providing the management of your cookie consents.

Manage your cookie settings

Newsletter via our service provider Pardot (Marketing Cloud Account Engagement)

If you subscribe to our e-mail newsletter, we will regularly send you information about our offers. Personal data will be collected for this purpose. The only mandatory information for newsletter subscription are your e-mail address and your name. The provision of further data is voluntary and will be used to address you personally. This data will be used by us for our own advertising purposes in the form of the e-mail newsletter, provided that you have expressly consented to this.

We use a double opt-in procedure for sending the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed that you consent to the sending of the newsletter. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in the future by clicking on the corresponding link.

By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 Para. 1 lit. a) GDPR. When you register for the newsletter, we store your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date.

In addition, we are obliged to provide proof that our subscribers actually wanted to receive the newsletter. For this purpose, we collect and store the IP address and the time of subscription and unsubscription.
You can unsubscribe from the newsletter at any time using the link provided for this purpose in the newsletter or by sending a corresponding message to us, e-mail: . After unsubscribing, your e-mail address will be immediately deleted from our newsletter distribution list and included in a blocking file to ensure revocation.

Our newsletters are sent and processed using Pardot ((also known as Marketing Cloud Account Engagement) from Salesforce: Salesforce.com, inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States. For more information about Salesforce’s privacy policy, please visit: https://www.salesforce.com/company/privacy/. We also concluded a Data Processing Agreement (DPA) with Salesforce. In this contract, Salesforce obligates itself to process our users' personal data only according to our instructions, to protect the data adequately, and not to share it to third parties.

Newsletter performance measurement using Pardot

With your consent, an evaluation of your usage behavior through your interaction with the newsletter takes place when you receive the newsletter. In order to be able to evaluate this, the newsletters sent contain so-called web beacons. These are pixel-sized files that are retrieved from our service provider's server when the newsletter is opened. For evaluation purposes, the above interaction data and web beacons are linked to your e-mail address and a unique ID is set.

For technical reasons, this information can be assigned to individual newsletter recipients. The purpose is not to monitor individual users. Instead, these analytics help us to understand our users' reading habits and to customize and constantly improve our content to our users' interests.

Categories of data subjects:

Newsletter subscribers (prospects, customers)

Data categories:

Master data (e.g. name, address), contact data (e.g. email address, phone number), meta and communication data (e.g. device information, IP address).

Purposes of processing:

Marketing, customer retention and new customer acquisition, analysis and evaluation of the success of campaigns.

Legal basis:

Consent (Art. 6 para. 1 lit. a) GDPR) in conjunction with § 25 TTDSG.

Tools for web analysis

Use of Google Analytics

Insofar as you have given your consent, Google Analytics, a web analytics service provided by Google LLC, is used on this website. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Scope of processing

Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

We use the function 'anonymizeIP' (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

During your visit to the website, the following data is collected, among other things:

  • The pages you visit, your "click path"
  • Achievement of "website goals" (conversions, e.g. newsletter sign-ups, downloads, purchases)
  • Your user behavior (for example, clicks, dwell time, bounce rates)
  • Your approximate location (region)
  • Your IP address (in shortened form)
  • Technical information about your browser and the end devices you use (e.g., language setting, screen resolution)
  • Your Internet service provider
  • The referrer URL (i.e. via which website / via which advertising medium you came to this website)

Processing purposes

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your (pseudonymous) use of the website and compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

Data recipient

The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as an order processor. We have concluded an order processing agreement with Google for this purpose. Google LLC, based in California, USA, and, if applicable, US authorities may access the data stored by Google.

Transfer to third countries

A transfer of data to the USA cannot be ruled out.

Duration of storage

The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by:

You can also prevent the storage of cookies by configuring your browser software accordingly. However, if you configure your browser to refuse all cookies, you may experience limitations in functionality on this and other websites.

Legal basis and revocation option

The legal basis for this data processing is your consent, Art. 6 para. 1 p. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.

For more information on Google Analytics terms of use and data protection at Google, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and https://policies.google.com/?hl=en.

Use of Hotjar (hotjar Ltd.)

This website uses the web analytics service Hotjar from Hotjar Ltd. Hotjar Ltd is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe Tel: +1 (855) 464-6788).

With this tool, movements on the websites on which Hotjar is used can be tracked (so-called heat maps). For example, it is possible to see how far users scroll and how often they click on which buttons. Furthermore, with the help of the tool, it is also possible to obtain feedback directly from the users of the website. In this way, we obtain valuable information to make our websites even faster and more customer-friendly.

The above analysis is carried out for optimisation and marketing purposes and for the interest-oriented design of our website. When using this tool, we pay particular attention to the protection of your personal data. For example, we can only track which buttons you click and how far you scroll. Areas of the website in which personal data of you or third parties are displayed are automatically hidden by Hotjar and are therefore not traceable at any time.

All processing described above, in particular the reading of information on the end device used, is only carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" provided on the website.

Further information about Hotjar Ltd. and about the Hotjar tool can be found at: https://www.hotjar.com 

The privacy policy of Hotjar Ltd. can be found at: https://www.hotjar.com/privacy 

Use of Google reCAPTCHA

On this website we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an input is made by a natural person or abusively by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of our legitimate interest in determining individual ownership on the Internet and the prevention of abuse and spam.

The use of Google reCAPTCHA may also involve the transmission of personal data to the servers of Google LLC. in the USA. Further information on Google reCAPTCHA as well as Google's privacy policy can be found at: https://policies.google.com/privacy?hl=en.

As far as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above to make an objection.

Use of Google Maps

On our website, we use Google Maps (API) from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google Maps is a web service for displaying interactive (land) maps to visually display geographical information. By using this service, our location is shown to you and a possible approach is facilitated.

Information about your use of our website (such as your IP address) will be transmitted to and stored by Google on servers in the United States when you access those subpages in which the Google Maps map is integrated. This occurs regardless of whether Google provides a user account through which you are logged in or whether a user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button.

Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage and evaluation are carried out in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of Google's legitimate interest in the insertion of personalized advertising, market research and / or the needs-based design of Google websites. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. If you do not agree to the future transmission of your data to Google in the context of the use of Google Maps, you also have the option of completely deactivating the Google Maps web service by turning off the JavaScript application in your browser. Google Maps and thus also the map display on this website can then not be used.

You can view Google's terms of use at https://policies.google.com/terms?hl=en, and the additional terms of use for Google Maps at https://www.google.com/intl/en/help/terms_maps/.  Detailed information on data protection in connection with the use of Google Maps can be found on the Google website ("Google Privacy Policy"): https://policies.google.com/privacy?hl=en.

As far as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above to make an objection.

Use of YouTube videos

This website uses the YouTube embedding function to display and play videos of the provider "YouTube", which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). The extended data protection mode is used here, which, according to the provider, only triggers the storage of user information when the video(s) is/are played. If playback of embedded YouTube videos is started, the provider YouTube uses cookies to collect information about user behavior.

According to information from YouTube, these are used, among other things, to collect video statistics, improve the user experience and prevent abusive behavior. If you are logged in to Google, your data is directly assigned to your account when you click on a video. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of Google's legitimate interests in the insertion of personalized advertising, market research and/or needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. The use of YouTube may also result in the transmission of personal data to the servers of Google LLC. in the USA.

Regardless of a playback of the embedded videos, a connection to the Google network is established each time this website is called up, which may trigger further data processing operations without our influence. Further information on data protection at YouTube can be found in the provider's privacy policy at: https://policies.google.com/privacy?hl=en.

Insofar as legally required, we have obtained your consent pursuant to Art. 6 (1) a) GDPR for the processing of your data as outlined above. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on our website.

Use of Vimeo videos

Plugins of the video portal Vimeo of Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA are integrated on our website. When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the servers of Vimeo.

The content of the plugin is transmitted by Vimeo directly to your browser and integrated into the page. Through this integration, Vimeo receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information (including your IP address) is transmitted by your browser directly to a Vimeo server in the USA and stored there.

If you are logged in to Vimeo, Vimeo can directly assign your visit to our website to your Vimeo account. If you interact with the plugins (such as pressing the play button of a video), this information is also transmitted directly to a Vimeo server and stored there. The described data processing operations are carried out in accordance with Art. 6 (1) f) GDPR on the basis of Vimeo's legitimate interest in market research and the needs-based design of the Vimeo service. If you do not want Vimeo to assign the data collected via our website directly to your Vimeo account, you must log out of Vimeo before visiting our website.

For the purpose and scope of the data collection and the further processing and use of the data by Vimeo, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy of Vimeo: https://vimeo.com/privacy

For videos from Vimeo that are embedded on our site, the tracking tool Google Analytics of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, is automatically integrated. This is Vimeo's own tracking, to which we have no access and which cannot be influenced by our site. Google Analytics uses so-called "cookies" for tracking, which are text files that are stored on your computer and allow an analysis of your use of the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.

This processing is carried out in accordance with Art. 6 para. 1 lit. f) GDPR on the basis of Vimeo's legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes. To the extent legally required, we have obtained your consent pursuant to Art. 6 (1) a) GDPR for the processing of your data as described above. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website.

Change to our privacy policy

We reserve the right to adapt our data protection information at short notice so that it always complies with the current legal requirements or in order to implement changes to our services. This may, for example, concern the introduction of new services. The new data protection information will then apply to your next visit.

2.
Data processing in the context of our social media channels

2.1.
LinkedIn

Information on the collection of personal data and contact details of the responsible person

In the following, we inform you about the handling of your personal data. Here, personal data is any data by which you can be personally identified. Please check carefully which personal data you share with us via the social medium LinkedIn. We expressly point out that LinkedIn stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. You can find more detailed information on LinkedIn's data processing in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.

We have no influence on the data collection and further processing by LinkedIn. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent LinkedIn complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid LinkedIn processing personal data that you have transmitted to us, please contact us by other means. You can find our full contact details in our imprint on LinkedIn.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is, insofar as we exclusively process the data transmitted to us by you via LinkedIn ourselves:

Hohenstein Laboratories GmbH & Co. KG 
Hohenstein Textile Testing Institute GmbH & Co. KG
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail:    

Insofar as the data you provide to us via LinkedIn is also or exclusively processed by LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland is also the data controller within the meaning of the General Data Protection Regulation (GDPR), provided you are a resident of a country of the European Union, Iceland, Liechtenstein, Norway or Switzerland. If you are resident in another country, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA is also the data controller within the meaning of the GDPR in addition to us. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail:    

Contact Data Protection Officer LinkedIn Ireland Unlimited Company:

LinkedIn Ireland Unlimited Company or the LinkedIn Corporation can be contacted via the contact form available under the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO

Data processing when contacting us

We collect personal data ourselves when you contact us via the contact form or messenger, for example. You can see which data we collect when you contact us via the contact form from the relevant contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 lit. f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified.

Data processing via the Linkedin Insights Tag

The LinkedIn Insight tag enables the collection of data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent) and timestamp. IP addresses are shortened or hashed across devices. Visitors' direct identifiers are removed within seven days to pseudonymise the data. This remaining pseudonymised data is then deleted within 180 days.

LinkedIn does not share any personal data with Hohenstein, but only provides reports and notifications (in which you are not identified) about website audience and ad performance. LinkedIn also provides retargeting for website visitors so that the website owner can use this data to display targeted ads outside of their website without identifying the visitor. LinkedIn also uses the data to improve the relevance of ads and reach its members across devices. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. 

The legal basis is your consent, which you give us via the cookie consent banner, Art. 6 para.1 lit. a) GDPR.

To deactivate the Insight tag on our website ("Opt-out") you can also click here.

Rights of affected persons

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

  • Right to information pursuant to Art. 15 GDPR
  • Right to rectification pursuant to Art. 16 GDPR
  • Right to erasure pursuant to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to information pursuant to Art. 19 GDPR 
  • Right to data portability pursuant to Art. 20 GDPR
  • Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
  • Right to lodge a complaint pursuant to Art. 77 of the GDPR

Right of objection in general

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

Objection to direct advertising

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your right of objection as described above under "Right of objection in general". If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

Storage period of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

2.2.
Twitter

Information on the collection of personal data and contact details of the responsible person

In the following, we inform you about the handling of your personal data. Personal data is any data that can be used to identify you personally. Please check carefully what personal data you share with us via Twitter. We expressly point out that Twitter stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. You can find more information on Twitter's data processing in Twitter's privacy policy at https://twitter.com/en/privacy.

We have no influence on the data collection and further processing by Twitter. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent Twitter complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid Twitter processing personal data that you have transmitted to us, please contact us by other means. You can find our full contact details in our imprint on Twitter.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is, insofar as we ourselves exclusively process the data you have transmitted to us via Twitter:

Hohenstein Laboratories GmbH & Co. KG 
Hohenstein Textile Testing Institute GmbH & Co. KG
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de

Insofar as the data you provide to us via Twitter is also or exclusively processed by Twitter, Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is also the data controller within the meaning of the General Data Protection Regulation (GDPR) in addition to us.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de    

Contact Twitter Data Protection Officer:

You can contact Twitter's data protection officer via the online contact form provided by Twitter: https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp?lang=en

 

Data processing when contacting us

We ourselves collect personal data when you contact us, for example, via the comment function or Messenger. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f) GDPR.

If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified.

Rights of affected persons

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

  • Right to information pursuant to Art. 15 GDPR
  • Right to rectification pursuant to Art. 16 GDPR
  • Right to erasure pursuant to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to information pursuant to Art. 19 GDPR
  • Right to data portability pursuant to Art. 20 GDPR
  • Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
  • Right to lodge a complaint pursuant to Art. 77 of the GDPR

Right of objection in general

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

Objection to direct advertising

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your right of objection as described above under "Right of objection in general". If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

Storage period of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

2.3.
YouTube

Information on the collection of personal data and contact details of the responsible person

In the following, we inform you about the handling of your personal data. Personal data is any data that can be used to identify you personally. Please check carefully what personal data you share with us via YouTube. We expressly point out that YouTube stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. We have no influence on the data collection and further processing by YouTube. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored, to what extent YouTube complies with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. If you would like to avoid YouTube processing personal data that you have transmitted to us, please contact us by other means.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is, insofar as we exclusively process the data you send us via YouTube ourselves:

Hohenstein Laboratories GmbH & Co. KG 
Hohenstein Textile Testing Institute GmbH & Co. KG 
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de

Insofar as the data you provide to us via YouTube is also or exclusively processed by YouTube, Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, is also the data controller within the meaning of the General Data Protection Regulation (GDPR) in addition to us. For more information on the data processing of Google Ireland Limited, please refer to the privacy policy of Google Ireland Limited at https://policies.google.com/privacy?hl=en&gl=en. This privacy policy applies to all services offered by Google Ireland Limited and its affiliated companies - including YouTube. In the course of using YouTube, personal data may also be transmitted to the servers of Google LLC. in the USA.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de

Data processing when contacting us

We ourselves collect personal data when you contact us, e.g. by e-mail or comment function. You can see which data we collect when you contact us from the relevant contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f) GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete when the circumstances indicate that the matter in question has been conclusively clarified.

Rights of affected persons

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

  • Right to information pursuant to Art. 15 GDPR
  • Right to rectification pursuant to Art. 16 GDPR
  • Right to erasure pursuant to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to information pursuant to Art. 19 GDPR
  • Right to data portability pursuant to Art. 20 GDPR
  • Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
  • Right to lodge a complaint pursuant to Art. 77 of the GDPR

Right of objection in general

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

Objection to direct advertising

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. You can exercise your right of objection as described above under "Right of objection in general". If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

Storage period of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

2.4.
Facebook

Information on the collection of personal data and contact details of the responsible person

In the following, we inform you about the handling of your personal data. Personal data is any data that can be used to identify you personally. Please check carefully what personal data you share with us via Facebook. As long as you are logged into your Facebook account and visit our Facebook profile, Facebook can assign this to your Facebook profile. We expressly point out that Facebook stores the data of its users (e.g. personal information, IP address, etc.) and may also use this data for business purposes. For more information on Facebook's data processing, please refer to Facebook's privacy policy at https://www.facebook.com/policy.php.

We have no influence on the data collection and further processing by Facebook. Furthermore, it is not apparent to us to what extent, where and for how long the data is stored by Facebook, to what extent Facebook complies with existing deletion obligations, what evaluations and links are made with the data by Facebook and to whom the data is passed on by Facebook. If you would like to avoid Facebook processing personal data that you have transmitted to us, please contact us by other means.

The person responsible for data processing within the meaning of the General Data Protection Regulation (GDPR), insofar as we exclusively process the data you have sent to us via Facebook ourselves, is:

Hohenstein Laboratories GmbH & Co. KG 
Hohenstein Textile Testing Institute GmbH & Co. KG 
Hohenstein Innovations gGmbH

Address and contact of all responsible persons:

Schlosssteige 1
74357 Bönnigheim
GERMANY
Phone: +49 7143 271-0
Fax: +49 7143 271-51

E-mail: datenschutz@hohenstein.de

Insofar as the data you provide to us via Facebook is also or exclusively processed by Facebook (Insights data), Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is also the data controller within the meaning of the General Data Protection Regulation (GDPR) in addition to us. In this respect, data processing is carried out on the basis of an agreement between jointly responsible parties pursuant to Art. 26 GDPR, which you can view here: https://www.facebook.com/legal/terms/page_controller_addendum

Furthermore, for the use of certain Facebook products, such as the so-called "Facebook Business Tools", and for data processing carried out as a result thereof, a supplementary agreement between us and Facebook Ireland Ltd. as joint controller pursuant to Art. 26 GDPR applies, which can be viewed here: https://www.facebook.com/legal/controller_addendum.

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact Data Protection Officer Hohenstein:

Sven Lenz, E-mail: datenschutz@hohenstein.de

The Facebook data protection officer 
can be contacted via the online contact form provided by Facebook at https://www.facebook.com/help/contact/540977946302970.

Data processing when contacting us

We ourselves collect personal data when you contact us, e.g. via messenger or comments. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f) GDPR. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted once we have completed processing your enquiry, provided there are no legal obligations to retain data. We assume that processing is complete if it can be inferred from the circumstances that the matter in question has been conclusively clarified.

Rights of affected persons

The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:

  • Right to information pursuant to Art. 15 GDPR
  • Right to rectification pursuant to Art. 16 GDPR
  • Right to erasure pursuant to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to information pursuant to Art. 19 GDPR
  • Right to data portability pursuant to Art. 20 GDPR
  • Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR
  • Right to lodge a complaint pursuant to Art. 77 of the GDPR

Right of objection in general

If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to continue processing if we can demonstrate compelling legitimate grounds for the processing, which override your interests, fundamental rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

Storage period of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a) GDPR, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b) GDPR, this data will be routinely deleted after expiry of the retention periods, insofar as it is no longer required for the fulfilment of a contract or the initiation of a contract and/or there is no further justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f) GDPR, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

3.
Data processing in the context of the tools we use for video conferencing

3.1.
Privacy notices for online meetings, telephone conferences and webinars via "Microsoft Teams"

Purpose of data processing

We use the tool "Microsoft Teams" to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: "Online Meetings"). "Microsoft Teams" is a service of Microsoft Corporation.

Responsible person

The responsible party for data processing directly related to the conduct of "online meetings" is the respective Hohenstein company (see 1. above) that conducts the Teams meeting with you.

Note: If you access the "Microsoft Teams" website, the provider of "Microsoft Teams" is responsible for data processing. However, accessing the website is only necessary to download the software for the use of "Microsoft Teams".

If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service will then also be provided via the "Microsoft Teams" website.

What data are processed?

When using "Microsoft Teams", various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an "online meeting".

The following personal data are subject to processing:

  • User details:
    e.g. display name, e-mail address (if applicable), profile picture (optional), preferred language.
  • Meeting metadata:
    e.g. date, time, meeting ID, phone numbers, location
  • Text, audio and video data:
    You may have the opportunity to use the chat function in an "online meeting". In this respect, the text entries you make are processed in order to display them in the "online meeting". In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Microsoft Teams" applications.

Scope of data processing

We use "Microsoft Teams" to conduct "online meetings". If we want to record "online meetings", we will transparently communicate this to you in advance and - where necessary - ask for consent.

Chat content will be logged when using Microsoft Teams. If it is necessary for the purpose of recording the results of an online meeting, we will record the chat content. However, this will not normally be the case.

Automated decision-making within the meaning of Article 22 of the GDPR is not used.

Legal basis for data processing

The legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.

If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. In this case, we are interested in the effective implementation of "online meetings".

Recipients / passing on of data

Personal data processed in connection with participation in "online meetings" will not be passed on to third parties as a matter of principle, unless they are specifically intended to be passed on. Please note that the contents of "online meetings", as well as personal meetings, are often used to communicate information with customers, interested parties or third parties and are therefore intended to be passed on.

Other recipients: The provider of "Microsoft Teams" necessarily receives knowledge of the above-mentioned data, insofar as this is provided for within the framework of our order processing contract with "Microsoft Teams".

Data processing outside the European Union

Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our storage location to data centres in the European Union. However, we cannot rule out the possibility that data may be routed via internet servers located outside the EU. This can be the case in particular if participants in "Online Meeting" are in a third country.

However, the data is encrypted during transport over the Internet and thus protected against unauthorised access by third parties.

Data Protection Officer:

Our data protection officer
Sven Lenz - Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstrasse 50
87435 Kempten
GERMANY

Your rights as an affected person

You have the right to obtain information about the personal data concerning you. You can contact us for information at any time. 

In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be. 

Furthermore, you have the right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law.
Finally, you have the right to object to processing within the scope of the law.

You also have the right to data portability within the framework of data protection law.

You also have the right to complain about the processing of personal data by us to a supervisory authority for data protection.

Deletion of data

We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed in order to fulfil contractual services, to be able to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion is only considered after the expiry of the respective retention obligation.

3.2.
Privacy Notice for Online Meetings, Conference Calls and Webinars via "Cisco Webex"

We would like to inform you below about the processing of personal data in connection with the use of Cisco Webex Teams & Meetings and Cisco Webex Rooms (hereinafter referred to as Webex). The Webex conference and collaboration solutions are provided by Cisco Systems, Inc. with headquarters in San Jose, CA, USA. Procurement and support are provided by Bechtle IT Neckarsulm. Between Hohenstein Laboratories GmbH & Co. KG and Bechtle IT for commissioned data processing.

Purpose of data processing

Webex is a cloud-based web and video conferencing solution. Webex enables global employees and virtual teams to collaborate in real time from any location, at any time, on any mobile device or video system. Solutions include meetings, events, training and support services. 

We use Webex to conduct telefittings for clients.

Responsible person

The data controller for data processing directly related to the conduct of online meetings is Hohenstein Laboratories GmbH & Co. KG. You can also use Webex if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the Webex app. 

If you call up the Webex website, the provider of Cisco International Limited is responsible for data processing. However, accessing the website is only necessary for the use of Webex in order to download the software or the web plug-in for the use of Webex.

What data is processed?

When using Webex, various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an online meeting.

The following personal data are subject to processing:

  • User registration data: activation codes, display name, email address, name, profile picture, password, company name, organisation ID, universal unique identifier.
  • Host and usage information: Device name, geolocation, IP address, mobile type, MAC address, time zone, universal unique identifier, domain name, activity logs 
  • Meeting metadata: Topic, description, participant IP addresses, device/hardware information, polls. 
  • For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings. 
  • For dial-in with the telephone: information on incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored. 
  • Text, audio and video data: You may have the opportunity to use the upload, chat, question or survey functions in an online meeting. In this respect, the text entries you make are processed in order to display them in the online meeting and, if necessary, to log them. 

Legal basis for data processing

The legal basis for data processing when conducting online meetings is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships. 

If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here, our interest is in the effective implementation of online meetings.

Scope of processing

Through Webex, online meetings are conducted. Users can connect with Webex in a way that is as personal as a face-to-face meeting. The meeting leader has the ability to record meetings and all users have the ability to upload and save shared files during and outside of meetings. If the meeting host decides not to retain the meeting content, it is removed from the Cisco Webex platform immediately after the meeting is closed. 

The meeting leader has the ability to record meetings and all users have the ability to upload and save shared files during and outside of meetings. The fact of recording is displayed to all users in the Webex app. Consent must be obtained from users in advance. If the meeting host decides not to retain the meeting content, it will be removed from the Cisco Webex platform immediately after the meeting is closed. 

When users attend meetings hosted by users in other companies, the meeting host controls any meeting recordings or files shared during the meeting that are subject to the host's corporate policies on access, use, monitoring, deletion, retention, and privacy Export of Information.  Automated decision-making within the meaning of Article 22 of the GDPR is not used.

Recipients / passing on of data

Unless specifically intended for disclosure, personal data processed in connection with participation in online meetings will not be disclosed to third parties as a matter of principle. 

Other recipients: The provider of Webex necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with Bechtle IT Neckarsulm.

Data Protection Officer

Our data protection officer
Sven Lenz - Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstrasse 50
87435 Kempten
GERMANY

Your rights as an affected person

You have the right to obtain information about the personal data concerning you. You can contact us for information at any time. 

Furthermore, you have a right to rectification or erasure or to restriction of processing, insofar as you are entitled to this by law. 

Finally, you have a right to object to processing within the scope of the law. 

You also have a right to data portability within the framework of data protection law. 

You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.

Deletion of data

We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion is only considered after the expiry of the respective retention obligation.

4.
Data processing in the context of our fitting tests

Scope and purpose of data processing

If you are available as a test person for fitting tests, we record name, address, telephone, date of birth and body measurements. We also take photos during fittings. The data on body measurements and photos are used to make recommendations for customers on the optimisation of their collections with regard to clothing sizes and processing qualities. This data is only passed on to third parties in an anonymous form. We need the remaining data for contract processing with you, it is not passed on to third parties.

Legal basis for data processing

If we obtain consent from the data subject for processing personal data, Art. 6 para. 1 lit. a) GDPR serves as the legal basis.

When processing personal data that is required for fulfilment of a contract for which the data subject is a contractual party, Art. 6 para. 1 lit. b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the execution of pre-contractual measures.

Duration of storage

The personal data for the person in question is deleted or locked as soon as the purpose of storage lapses.

Your rights

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, correction, deletion of your personal data, as well as a right to data transfer and the restriction of processing. In the cases of Art. 6 (1) e) and f) GDPR, you have the right to object. This also applies to automated individual decisions, including profiling. If you have given your consent to a processing of your personal data, you can revoke this consent at any time with effect for the future. If you believe that the processing of your personal data by Hohenstein is not lawful, you may lodge a complaint with any data protection supervisory authority.

5.
Data processing in relation to our Hohenstein customer portal

Scope and purpose of the data processing

In connection with your registration in the Hohenstein Portal, we process the following personal data from you for the purpose of use and authentication in the Hohenstein Portal: First name, last name, e-mail address and company name.

Your personal data will not be passed on to third parties.

Legal basis for data processing

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest is e.g. to apply an authorization concept for portal usage in order to make documents available only to the right addressees.

If we obtain consent from the data subject for the processing actions for personal data, Art. 6 para. 1 lit. a) GDPR is applicable as the legal basis.

Duration of storage

Your data is stored for the duration of the customer relationship and then deleted after expiration of any statutory retention requirements.

Your rights

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, correction, deletion of your personal data, as well as a right to data transfer and the restriction of processing. In the cases of Art. 6 (1) e) and f) GDPR, you have the right to object. This also applies to automated individual decisions, including profiling. If you have given your consent to a processing of your personal data, you can revoke this consent at any time with effect for the future. If you are of the opinion that the processing of your personal data by Hohenstein is not lawful, you may lodge a complaint with any data protection supervisory authority.

In the case of a request for information that is not made in writing, we ask for your understanding that we may then require evidence from you that proves that you are the person you claim to be.

6.
Data processing within the scope of our video surveillance

Scope and purpose of data processing

The company premises in Bönnigheim is monitored around the clock with video cameras. The resulting recordings may be considered personal data.

The video surveillance of the company premises is used for safeguarding domiciliary rights and to secure the property of the company and employees.

Legal basis for data processing

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interests are the preservation of the house right and the protection of our property.

Duration of storage

The recordings are stored for 10 days. Longer storage only takes place in individual cases if the data is required to preserve evidence due to a specific incident.

Your rights

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

7.
Data processing for events

Scope and purpose of data processing

We collect and use your information (for example, the name, address, telephone number, e-mail address and payment information) within the framework of the respective contract purpose, specifically for the processing of your registration and for the execution of seminars, webinars, workshops, (virtual) press conferences and other events.

If we receive your e-mail address in connection with your participation in an event, we will also use this for the promotion of our own, similar events by e-mail, provided that you have not objected to its use.

If you register for our online information service & newsletter, we also use your e-mail address for sending the newsletter.

Your consent is obtained for the processing of the data during the dispatch process and this data protection declaration is referenced.

Legal basis for data processing

Provided there is the consent of the user, the legal basis for the processing of data after registration for seminars, webinars, events and press conferences is Art. 6 para. 1 lit. a) GDPR. For processing your data in order to fulfil our services and execute contractual measures, legal basis Art. 6 para. 1 lit. b) GDPR is valid, otherwise, for the processing of your data to protect our legitimate interests Art. 6 para. 1 lit. f) GDPR.

Duration of storage

The data is deleted as soon as it is no longer required for achieving the purpose of its collection.

Recipients of data

Partner companies from the textile industry, if applicable.

Your rights

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

If you want us to stop processing and using your personal data for advertising purposes or would like to withdraw any consent that you have granted at any time, simply send a brief message by e-mail to or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

You can also exercise your right of objection to the newsletter distribution, for example, by using the Unsubscribe function on our website. You can find a link to this function in the footer of each newsletter. When unsubscribing, your data is deleted immediately and you will no longer receive a newsletter from us.

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

8.
Data processing in relation to event photography

Scope and purpose of data processing

We take photos and/or videos to provide an illustrative report of our events. These are published in our print media and/or on the website. They are not used for any purpose other than for reporting. Images published on our website can be accessed throughout the world. Their unauthorised use by a third party can therefore not be universally excluded.

Legal basis for data processing

Your image will only be used with your express or implicit consent  Art. 6 para. 1 lit. a) GDPR) or if we base the processing on a legitimate interest according to Art. 6 para. 1 lit. f) GDPR. A legitimate interest is, for example, to report vividly on our events.

Duration of storage

The images are deleted as soon as they are no longer required for achieving the purpose of their collection.

Your rights

If you do not want a photo and/or video to be taken of you, please mention this to the photographer before it is taken or move out of the picture. You can also withdraw your consent at any time with effect for the future. In the case of an revocation, we will not use any unpublished photos/videos and remove any published photos/videos from our internet site. In all other media, we will observe your revocation for the future. If a group photo is published, the subsequent revocation by an individual person does not, in general, mean that the image must be removed.

If you object to the use of your image or would like to withdraw any consent that you have granted, simply send a brief message by e-mail to or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

There are no formal requirements for this message and no additional fees will be charged.

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

9.
Data processing in the context of our advertising measures

Scope and purpose of data processing

If we receive your e-mail address in connection with your participation in a seminar, webinar, event or virtual press conference, we will also use this for the promotion of our own, similar events by e-mail, provided that you have not objected to its use.

Legal basis for data processing

Provided there is the consent of the user, the legal basis for the processing of data is Art. 6, (1), lit. a) GDPR. For processing your data for the protection of our legitimate interests, the legal basis is Art. 6 para. 1 lit. f) GDPR.

Duration of storage

The data is deleted as soon as it is no longer required for achieving the purpose of its collection.

Your rights

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right to information, rectification, erasure of your personal data, as well as the right to data portability and the restriction of processing. In the cases of Art. 6 para. 1 lit. e) and f) GDPR you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to the processing of your personal data, you can withdraw this consent at any time with effect for the future. If you think that the processing of your personal data by Hohenstein is not lawful, you can complain to any data protection supervisory authority.

You can submit an objection to the processing of your personal data at any time; this also includes your e-mail address (Art. 6 para. 1, Art. 21 para. 1, 4 GDPR).

If you want us to stop processing and using your personal data for advertising purposes or would like to withdraw any consent that you have granted at any time, simply send a brief message by e-mail to or by letter to Hohenstein, Abt. Datenschutz, Schlosssteige 1, 74357 Bönnigheim, Germany.

Once you have done so, your data will no longer be used for advertising purposes. This will not affect the legality of any use of your data up until the time at which you withdraw your consent or request that your data is not used for advertising purposes.

You can also exercise your right of objection for example, by using the Unsubscribe function on our website. You can find a link to this function in the footer of each newsletter.

10.
Data processing in relation to our press distribution list

Scope and purpose of data processing

At your explicit request, you will receive press releases by e-mail from Hohenstein on research and development activities, tests, certifications and events in the textile industry, its international locations, the textile certifications of the OEKO-TEX® Association and other news from the textile industry. You can select the areas of particular interest to you when registering for the press release distribution list. We use the information you provide when registering to determine whether you are entitled to receive press releases and to contact you personally. Which data is collected via the contact form is apparent from the respective contact form. Your data will be transmitted securely (SSL encryption).

The information you provide will only be used for the purpose of sending the press release and any queries you may have.

Your consent to the processing of your data will be obtained during the submission process and you will be informed of this privacy policy.

We use the service Pardot (also known as Marketing Cloud Account Engagement) of the service provider Salesforce for the dispatch of mailings to our press distribution list and the associated processing: Salesforce.com, inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States. Further information on the service provider's data protection can be found at: https://www.salesforce.com/company/privacy/. We have also entered into an order processing agreement with Salesforce. This is a contract in which Salesforce undertakes to process our users' data only in accordance with our instructions and to protect it appropriately and, in particular, not to pass it on to third parties.

Performance measurement using Pardot

With your consent, when you receive our press releases, your usage behaviour is evaluated through your interaction with the mailing. In order to be able to evaluate this, the mailings contain so-called web beacons. These are pixel-sized files that are retrieved from the server of our service provider when you open the message sent by us. For the evaluation, the above-mentioned interaction data and the "web beacons" are linked with your e-mail address and an individual ID.

For technical reasons, this information can be assigned to individual recipients of our press releases. The aim is not to monitor individual users. Instead, we use these evaluations to understand the reading habits of our users and to adapt and continuously improve our content to the interests of our users.

Legal basis for data processing

Subject to the user's consent, the legal basis for the processing of data following subscription to press releases is Art. 6 para. 1 lit. a) GDPR in conjunction with § 25 TTDSG.

Duration of storage

The data will be deleted once they are no longer needed to fulfil the purpose to which they were collected. It will be kept for as long as the press release subscription is active.

Your rights

In accordance with the provisions of Art. 15 - 22 GDPR, you have the right of access, right to rectification, right to erasure (right to be forgotten), right to data portability, right to restriction of processing. In the cases of Art. 6 (1) e) and f) GDPR, you have the right to object. This also applies to automated individual decision-making, including profiling. If you have given your consent to a processing of your personal data, you can withdraw this consent at any time with effect for the future. If you believe that the processing of your personal data by Hohenstein is not lawful, you may submit your complaint to any data protection supervisory authority.

If you do not wish to receive any more press releases, it is sufficient to send a short message to the Hohenstein Institute (e-mail: ).

If you feel that Hohenstein has processed your personal data in an unlawful manner, you can contact any data protection supervisory authority with your complaints.

11.
Da­ta pro­ces­sing in re­la­tion to our whis­tle­blow­ing sys­tem

In the following, we inform you about the processing of personal data by Hohenstein* in the context of the whistleblower system "Hohenstein Compliance Line" as well as about the associated data protection regulations, claims and rights

Hohenstein uses a web-based software, a cloud solution hosted in Germany, which supports the detection of operational malpractices. By implementing such a system, criminal, illegal, morally reprehensible or unfair actions can be detected and prevented at an early stage. In this way, incalculable material and immaterial damage as well as damage to the company's reputation can be averted.

* Hohenstein means the following companies:
Forschungsinstitut Hohenstein Prof. Dr. Jürgen Mecheels GmbH & Co. KG, Hohenstein Laboratories GmbH & Co. KG, Hohenstein Textile Testing Institute GmbH & Co. KG, Hohenstein Innovations gGmbH

Purpose of data processing

Hohenstein processes the personal data of the whistleblower(s), unless the information was provided anonymously, as well as the personal data of the accused person(s), such as name and other communication and content data, exclusively for the purpose of receiving and investigating information about criminal, illegal, morally reprehensible or unfair acts in a secure and confidential manner.

Categories of data processing in the context of the whistleblower system

  • Information about the whistleblower(s) (unless the whistleblower(s) wishes to remain anonymous) and the accused(s), such as
    - First and last name
    - Function/Title
    - Contact details
    - If applicable, other personal data related to the employment relationship
  • Personal information identified in intelligence reports (see paragraph 4), including details of allegations made and evidence supporting those allegations
  • Date and time of calls (when the tip is received via the telephone hotline)
  • Any other information identified in the results of the investigation and in the further proceedings following the report, e.g., information on criminal conduct or data on unlawful or improper conduct, to the extent reported

Legal basis for data processing

The collection, processing and disclosure of personal data of the persons named in the notification serves the legitimate interests of Hohenstein (Art. 6 para. 1 p. 1 lit. f GDPR). It is a legitimate interest of Hohenstein to detect, process, stop and sanction violations of the law and serious breaches of duty by employees throughout the company, effectively and with a high degree of confidentiality, and to avert associated damage and liability risks for Hohenstein (Sections 30, 130 OWiG). Directive (EU) 2019/1937 ("EU Whistleblower Directive") and the future Whistleblower Protection Act (currently in draft form) also require the establishment of a whistleblower system to provide employees and third parties with a suitable means of making protected reports of legal violations within the company. As soon as a whistleblower law comes into force, processing is also required due to a legal obligation (Art. 6 para. 1 p. 1 lit. c GDPR). The transfer of personal data to other recipients in the case of non-anonymous reporting may be necessary due to a legal obligation.

Recipients of the data and third country transfer (EU/EEA foreign countries)

All personal data collected via the web-based software is only made available to those persons who have a legitimate need to process this data due to their function.

The Compliance Officer is in charge of the initial processing of incoming tips.

If the tip is received via the telephone hotline, the tip is recorded in the whistleblower system while preserving the anonymity of the whistleblower. The hotline employees are bound to secrecy (see below).

At Hohenstein, only authorized employees from the following departments have access to the data (information center):

  • Compliance
  • HR (case-related)    

In some cases, the Company is required to disclose the data to authorities (such as those having legal or regulatory jurisdiction over the employer, law enforcement agencies and legal bodies) or external advisors (such as auditors, accountants, lawyers).

If the whistleblower has provided his or her name or other personal data (non-anonymous whistleblowing), the identity will not be disclosed to the extent legally possible, and it will also be ensured that no conclusions can be drawn about the identity of the whistleblower.

If personal data is processed by external service providers, this is generally done on the basis of order processing contracts in accordance with Art. 28 GDPR. In these cases, we ensure that the processing of personal data is carried out in accordance with the provisions of the GDPR and that all persons authorized to process personal data have committed themselves to confidentiality or are subject to an appropriate legal duty of confidentiality. The whistleblower system is operated on our behalf by LegalTegrity GmbH, Platz der Einheit 2, 60327 Frankfurt/Main, GERMANY.

Personal data is not transferred to third countries (EU/EEA countries).

Duration of processing, deletion of data

The personal data will be retained in the respective procedure for as long as required for clarification and final assessment, a legitimate interest of Hohenstein or a legal requirement exists. Afterwards, this data is deleted in accordance with the legal requirements. The duration of storage depends in particular on the severity of the suspicion and the reported possible breach of duty.

Technical notes on the use of the whistleblowing system

Communication between your computer and the whistleblower system takes place via an encrypted connection (SSL). The IP address of your computer is not stored during the use of the whistleblowing system. To maintain the connection between your computer and the whistleblower system, a cookie is stored on your computer, which only contains the session ID. The cookie is only valid until the end of your session and becomes invalid when you close the browser.

Data subject rights under the GDPR

You have the following rights in connection with the processing of personal data concerning you:    

  • According to Art. 7 GDPR, you have the right to revoke your consent to data processing at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
  • Pursuant to Article 14 of the GDPR, if your data is collected without your knowledge (for example, because you are involved as an accused person in the proceedings to clarify the information), you have the right to be informed about the storage, the type of data, the purpose of the processing and the identity of the controller and, if applicable, the whistleblower (unless the information was provided anonymously). However, if there would be a significant risk that such information would jeopardize Hohenstein's ability to effectively investigate the allegation or gather the necessary evidence, this information may be postponed pursuant to Art. 14 (5) sentence 1 lit. b GDPR for as long as this risk exists. The information must then be provided as soon as the reason for the postponement has ceased to exist.
  • Pursuant to Art. 15 GDPR, you have the right to request information about the personal data concerning you that is processed by Hohenstein.
  • Pursuant to Art. 16 GDPR, you have the right to request the immediate correction or completion of incorrect or incomplete data stored by us.
  • Pursuant to Art. 17 GDPR, you have the right to request the erasure of personal data concerning you that is stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation to which Hohenstein is subject, for the performance of a task carried out in the public interest, or for the establishment, exercise or defense of legal claims.
  • Pursuant to Art. 18 GDPR, you may request the restriction of the processing of your personal data if you contest the accuracy of such data or if the processing of such data is unlawful.
  • In accordance with Article 20 of the GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format, and to transmit this data to another controller without hindrance or to have it transmitted by us.
  • In accordance with Art. 21 GDPR, you have the right to object to the processing of your personal data, insofar as there are grounds for doing so that arise from your particular situation. Your data will then no longer be processed unless Ho-henstein can demonstrate compelling grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.
  • According to Art. 77 GDPR in conjunction with. § Section 17 BDSG, you have the right to lodge a complaint against Hohen-stein with the competent supervisory authority. This is:

    The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg
    P.O. Box 10 29 32, 70025 Stuttgart
    Königstraße 10a, 70173 Stuttgart
    GERMANY

    Phone: 0711 615541-0
    Fax: 0711 615541-15
    E-mail:
    Internet: https://www.baden-wuerttemberg.datenschutz.de 

Person responsible in the sense of data protection law

Responsible for the processing of the above-mentioned personal data and your related applications and inquiries is:

Hohenstein Laboratories GmbH & Co. KG

If you have any questions regarding data protection, please contact our data protection officer: