Thank you for visiting our website and for your interest in our company and products. The protection of your personal data is very important to us. SPAX International GmbH & Co. KG (hereinafter "SPAX," "SPAX International," "we" or "us") attaches great importance to the security of users' data and compliance with data protection regulations.
This here is to inform you, in detail, about how we handle your data.
The Privacy Notice is based on the terms of the General Data Protection Regulation (GDPR).
„ Personal information“ is any information that refers to an identified or identifiable natural person (the „ data subject“) (Art. 4 no. 1 GDPR). Your personal data includes information such as your master data (first and last name, address and date of birth), your contact details (telephone number, email address), your billing information (bank details) and much more.
„ Processing“ means any process performed, with or without the aid of automated procedures, or any such process associated with personal data, such as collecting, capturing, organizing, classifying, storing, modifying or changing, reading out, searching, using, disclosing through transmission, disseminating or other form of preparing, matching or linking, restricting, erasing or destructing.
„ Data subject“ means any identified or identifiable natural person whose personal data is processed by the controller or person responsible for the processing.
„ Controller“ means the natural or legal person, public authority, entity or other office that, alone or jointly with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by EU law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under EU or national law.
„ Processor“ means a natural or legal person, public authority, entity or other office that processes personal data on behalf of the controller.
„ Recipient“ means a natural or legal person, public authority, entity or other office to whom personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under EU or national law in connection with a particular contract are not considered as beneficiaries.
„ Third party“ means a natural or legal person, public authority, entity or other office other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or processor to process the personal data.
„ Consent“ means any expression of voluntary and unequivocal will made by the data subject in the form of a statement or other unambiguous confirmatory act by the data subject expressing to the person concerned that they are involved in the processing of the personal information concerning them.
Our internet pages can basically be used without providing any personal data. However, if you wish to use special services from our company through our website, it may be necessary to process your personal data. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject.back to the table of contents
You can visit our site without actively providing information about yourself. However, we automatically save the IP address of the computer used with every access of the website (server log files), such as the name of your internet service provider, the operating system used, the website from which you visit us, the date and duration of the visit or the name of the requested file, and for security reasons, e.g., for example, to detect attacks on our web pages, for a period of 7 days. These data are evaluated solely for the purpose of improving our services and do not allow any conclusions to be drawn about you. This data is not merged with other data sources. The legal basis for processing the data is Article 6 (1) GDPR. We process and use the data for the following purposes: 1. Provision of SPAX web pages, 2. Improvement of our web pages and 3. Prevention and detection of errors / malfunctions and abuse of the web pages. This type of data processing is either used to fulfill the SPAX website usage agreement, or we have a legitimate interest in ensuring the functionality and proper operation of the SPAX website and in adapting the web pages to user needs.back to the table of contents
In order to make the visit of our website attractive and to enable the use of certain functions, we use so-called cookies on our pages. This is a standard internet technology used to store and retrieve login and other usage information for anyone who uses the SPAX website. Cookies are small text files stored on your device that allow us to store user preferences, for example, so that our web pages can be displayed in a format tailored to your device. Some of the cookies we use are deleted at the end of the browser session, i.e., after closing your browser (so-called session cookies). Other cookies remain on your device and allow us or our affiliates to recognize your browser the next time you visit (so-called persistent cookies).
You can set your browser so that you are informed about the setting of cookies and individually decide on whether to accept them or refuse them in specific cases or in general. It is also possible to delete the cookies subsequently in order to remove data that websites have stored on your computer. Instructions for this can be easily found on the internet. Disabling cookies may result in some restrictions on the functionality of SPAX web pages.
This website uses functions of the web analytics service Google Analytics. Provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called „ Cookies“ which are text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookies about your use of this website (including your IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators, and providing other services related to website activity and internet usage. Google will also transfer this information to third parties if required by law or if third parties process this data on behalf of Google.
Preventing Cookies from being Set
You can prevent cookies from being stored by setting your browser software appropriately; however, we point out that in this case you may not be able to fully use all functions of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
We have activated the function IP anonymization on this website. As a result, your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States.
Opposition to Data Collection
Please note that on this website, Google Analytics has been extended by the code „ gat.anonymizeIp“ in order to ensure the anonymized collection of IP addresses (so-called IP masking).
Demographics in Google Analytics
This website uses the “ demographics feature” of Google Analytics. As a result, reports can be produced that contain statements on the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. You can disable this feature at any time through the ad settings in your Google Account, or generally prohibit the collection of your data by Google Analytics as outlined in the section “ Opposing Data Collection”.
We use Google Maps to display maps and create direction maps. Google Maps is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
By using this website, you consent to the collection, processing and use by Google, one of its agents, or third parties of the information collected and entered by you.
If you do not wish Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
Our web pages include functions of the YouTube service operated by Google. Site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit any of our YouTube-enabled sites, you will be connected to the servers of YouTube. This will tell the YouTube server which of our pages you have visited.
If you're logged into your YouTube account, YouTube will allow you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
You have the option to register on our website. The purpose of registration is to provide the person concerned with content or services that can only be offered to registered users because of the nature of the content or service. In these cases, we collect the following data: Salutation, first and last name, email address, telephone number, address and country. The information in fields which are marked as mandatory are necessary for registration; the remaining details are voluntary and can be revoked at any time.
By registering on our website, the IP address assigned to you, the user, by the internet service provider (ISP) and the date and time of registration are stored. Storing this data is done with the idea that it is the only way to prevent the misuse of our services and, in the event of a case of need, can make it possible to clarify crimes that might have been committed. In this sense, storing this data is necessary for our protection. This data is never shared with third parties unless there is a legal obligation to transfer it or to disclose it to law enforcement.
Once registered, users are free to change the personal data entered for the registration at any time, or to have it completely deleted from our database, unless we are under a legal requirement to save the data.
On our site you have the possibility to send us inquiries via the contact form. If you use the contact form, the information you enter (content of your request, subject of your request and date, area) including your specific contact data (name, surname, address, country and email) are saved for the purpose of processing your request as well as in case there are follow-up questions. We will not share this information without your consent. The legal basis for collecting and processing data is Article 6 (1) GDPR.
The data entered by you in the contact form will remain with us until you ask us to delete it, or you revoke your consent to having it stored, or the purpose for the data storage is no longer valid (e.g., after completing your request). Mandatory statutory provisions - especially storage periods - remain unaffected.
you send us inquiries or information by email, your details (email address, content of your email, subject of your email and date) will include your contact details (name, surname, telephone number, address) for the purpose of processing the request and in the event that there are follow-up questions. We will not share this information without your consent. The legal basis for collecting and processing data is Article 6 (1) GDPR.
The user should be aware that, during transmission, it can happen that emails are read or changed without being authorized or noticed. SPAX International uses software for filtering unwanted emails (spam filters). The spam filter can incorrectly identify certain features in an email as spam and then reject them.
The data you enter will remain with us until you ask us to delete it, revoke your consent to its storage, or the purpose for the data storage no longer exists (e.g., after completion of your request). Mandatory statutory provisions - especially storage periods - remain unaffected.
You have the option to subscribe to our company newsletter when you are on our website. We use this to inform our customers and business partners about products from the company at regular intervals.To do this, we need a valid email address from you as well as information which allows us to verify that you are the owner of the given email address and to agree with receiving the newsletter. Further data are not collected, or, if so, only on a voluntary basis. For legal reasons, a confirmation email will be sent to the email address entered by the person concerned using the double-opt-in procedure for a first time for newsletter mailing. We use this data exclusively for sending the newsletter and do not share it with third parties. The legal basis for collecting and processing data is Article 6 (1) GDPR.
When registering for the newsletter, we also store the IP address of the computer system you use at the time of registration, as well as the date and time of registration as assigned by the internet service provider (ISP). The collection of this data is necessary in order to be able to understand the (possible) misuse of the email address of a data subject at a later date and therefore serves as protection for us.
Consent to having your data and email address stored as well as for having us send you the newsletter can be revoked at any time, for example, using the „ unsubscribe“ link included in each newsletter. Your revocation has no bearing on the legality of the data processing which has already been performed.
We will store the data you gave us for the purpose of receiving the newsletter until you cancel your subscription to the newsletter at which time it will be deleted.
You have the option to use the careers area on our website and/or to submit an application by email through the website. The personal data (master data, contact data, language skills, professional history, qualifications, experience, and attachments such as cover letter, CV, certificates, etc.) of applicants is collected and processed for the purpose of processing the application process. The processing can also be done electronically. This is particularly the case if an applicant submits the relevant application documents, for example by email or via a web form located on the website, to the responsible party or controller. If the controller for the processing concludes a contract of employment with an applicant, the data which was transmitted will be stored for the purpose of transacting the employment relationship in accordance with the law. If no employment contract is concluded with the candidate by the controller, the application documents will be deleted six months after the applicant was notified of the rejection decision, unless deletion precludes other legitimate interests of the controller. Other legitimate interest in such a case would be, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG). The legal basis for collecting and processing data is Article 6 (1) GDPR.
The information requirements can be downloaded as a PDF here:
German - 2018-05-04 Spax-Altenloh Informationspflichten Art. 13 DSGVO Tippspiel [PDF , ~220 KB]
The duties to inform under Art. 13 EU-GDPR can be downloaded as a PDF here:
English - 2018-05-04 Spax-Altenloh Information duties under Art. 13 GDPR [PDF , ~316 KB]
We transmit your data internally to the administration, human resources, works council and payroll to meet our contractual or legal obligations. Your data is transferred or disclosed only to the extent necessary for this purpose in compliance with the relevant data protection regulations.
SPAX International is a globally active company based in Germany. The data you submit to us will be stored in our centralized customer database in Germany and shared within the group for administrative purposes. If data is exchanged within the group, this will be done in fulfillment of a contract or as a condition of use for the web pages. There may also be an interest in sharing this information for internal, administrative purposes. If the processing of your data takes place outside of Europe, for example in India, Brazil, Russia, China, Switzerland, Singapore or the USA, the transmission of it will be done in compliance with all valid data protection laws and, in particular, according to Art. 44 f. GDPR.
We transfer your data to certain third parties in order to be able to provide applications and services (so-called „ order processors“)who provide external services to us. These are, for example, newsletter services, IT providers, tax office, etc. Transmission to other third parties may also take place in order to fulfill obligations we have (authorities, banks, social security institutions, etc.). Third parties process the data only according to our instructions and are prohibited from using this data for their own commercial purposes which do not correspond to the agreed purposes.
We must disclose personal data if we are required to do so in the course of an ongoing legal proceeding, because of an injunction, by law or under applicable law (Article 6 (1) (f) GDPR).
We only share your personal information with third parties if:
You have given express consent under Art. 6 (1)(1)(a) GDPR for this;
Sharing is required for asserting, exercising or defending legal claims under Art. 6 (1)(1)(f) GDPR and there is no reason to assume that you have a legitimate, prevailing interest in not disclosing your data;
There is a legal obligation to share under Art. 6 (1)(1 )(c) GDPR; and
It is legally permissible and necessary under Art. 6 (1)(1 )(b) GDPR to settle contractual relationships with you.
If the processing of your data takes place outside of Europe, for example in India, Brazil, Russia, China, Switzerland, Singapore or the USA, the transmission of it will be done in compliance with all valid data protection laws and, in particular, according to Art. 44 f. GDPR.
Data is not transferred to a third country or an international organization.back to the table of contents
As a responsible company, we refrain from automated decision-making or profiling.back to the table of contents
As a matter of principle, we retain your data for as long as necessary to provide our online service and the associated services, or, as long as required under the European directives and regulations or the laws or regulations of another legislator to which the controller is subjected. In all other cases, we delete your personal information after the reason for which it was collected has been completed, except for information we may need to retain in order to comply with legal obligations (for example, we are required by tax and commercial retention requirements, such as contracts and to keep invoices for a certain period of time).
SPAX International uses technical and organizational security measures to protect the data we administer against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. We continuously update and improve our security measures in line with technological developments.
This site uses Secure Socket Layer (SSL) encryption in conjunction with the highest level of encryption supported by your browser for security purposes and to protect the transmission of sensitive content, such as requests you send to us as a site operator. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we'll use 128-bit v3 technology instead. It is possible to detect whether a single page of our website is transmitted in encrypted form by the fact that the address line of the browser changes from "http: //" to "https: //" and to the lock symbol in your browser line.
If SSL encryption is enabled, the data you submit to us cannot be read by third parties.
We inform you that data transmission over the Internet (e.g., for communicating via email) can have security gaps. It is not possible to completely protect the data from access by third parties.back to the table of contents
Art. 6 (I)(a) GDPR is the legal basis for our company for processing operations where we obtain consent for a particular processing purpose.
If the processing of personal data is necessary to fulfill a contract in which the data subject is a party, as is the case, for example, in processing operations necessary to supply goods or to provide other services or return services, the processing shall be based on Art. 6 (I)(b) GDPR. The same shall apply to processing operations that are necessary to carry out pre-contractual measures, for example, in cases of inquiries regarding our products or services.
If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 (I)(c) GDPR.
In rare cases, it may be necessary to process personal data in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 (I)(d) GDPR.
Lastly, processing operations could be based on Art. 6 (I)(f) GDPR. This is the legal basis for processing operations that are not covered by any of the above legal bases when processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail. If the processing of personal data is based on Art. 6 (I)(f) GDPR, our legitimate interest is to conduct our business for the benefit of all of our employees and our customers.
We are hereby notifying you that it is partly required by law (e.g., tax regulations) to provide personal data, or it can also result from contractual provisions (e.g., information about the contracting parties). Occasionally, it may be necessary for a person to supply us with personal data that must subsequently be processed by us in order to conclude a contract. For example, the data subject is required to provide us with personal information when our company enters into a contract with her or him. Failure to provide the personal data would mean that the contract with the person concerned could not be completed. Prior to any personal data being prepared by the data subject, the person concerned must contact one of our employees. Our employee will inform the individual on a case-by-case basis whether the provision of the personal data is required by law or by contract or is required to conclude the contract, whether there is an obligation to provide the personal data, and what consequences exist for the non-provision of the personal data.back to the table of contents
This online offer is not intended for children under the age of 16. Persons who have not yet completed their 16th Birthday, may not share any personal data with SPAX International GmbH & Co. KG without the consent of their parent or guardian.back to the table of contents
You have the right:
Under Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned storage period, the right to rectification, deletion, restriction on processing or opposition, the existence of a right to complain, the source of your data if it has not been collected by us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
Under Art. 16 GDPR, to request that we immediately correct of incorrect data or complete personal data stored by us;
Under Art. 17 GDPR, to demand that we delete the personal data we are storing about you except where the processing constitutes the exercise of our right to freedom of expression and information, for the fulfillment of a legal obligation, or is necessary for reasons of public interest or for the assertion, exercise or defense of legal claims;
Under Art. 18 GDPR, to demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful but you reject its deletion and we no longer need the data, however, you need it to assert, exercise or defense of legal claims, or you have objected to the processing under Art. 21 GDPR;
Under Art. 20 GDPR, to receive the personal data that you have provided us in a structured, common and machine-readable format or to request that it be transferred to another controller ( Data Portability);
Under Art. 21 GDPR, to file an objection against the processing of your personal data, provided that there are reasons for this arising from your particular situation or the objection is directed at direct mail if your personal data is being processed based on legitimate interests in accordance with Art. 6 (1)(1)(f) GDPR. In the latter case, you have a general right of objection, which is implemented by us without indicating any particular situation;
Under Art. 77 GDPR, to file a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or work place.
Some data processing operations are only possible with your express consent. You have the option to revoke your consent at any time. To do this, send an informal message to firstname.lastname@example.org by e-mail to us. The legality of the data processing that continues until the revocation takes effect remains unaffected by the revocation.back to the table of contents
SPAX International GmbH & Co. KG
Kölner Straße 71 - 77
Tel .: +49 2333 799-0
Contact details of the external data protection officer:
Tel .: 07544 904 96 91