Data Protection

Career
Informacja z zakresu ochrony danych osobowych dla thyssenkrupp Group Services Gdańsk Sp. z o.o./ Data protection information for thyssenkrupp Group Services Gdańsk

Visitors from the United States of America, the United Kingdom and other English speaking countries are requested to use the English version of our website.

The contents of the website are made available by thyssenkrupp AG, so that website visitors can read information about the product range of thyssenkrupp AG and our company. The handling of personal data of the site visitors follows the strict requirements of the GDPR.

We take the protection of your privacy when using our website very seriously as this important to us. In the following we are pleased to inform you about the collection of personal data.

Name and Contact Data of the Controller

The Controller for the processing of personal data is

thyssenkrupp AG
thyssenkrupp Allee 1
45143 Essen
Germany
Phone: +49 201 844-0
Fax: +49 201 844-536000
Email:info@thyssenkrupp.com

Our Data Protection Officer can be reached at:

Data Protection Officer
thyssenkrupp AG
thyssenkrupp Allee 1
45143 Essen
Germany
Phone.: +49 201 844-0
Fax: +49 201 844-536000
Email: datenschutzbeauftragter@thyssenkrupp.com

Collection and processing of personal data

In general, you can visit the website of thyssenkrupp AG on an anonymous basis, i.e. without informing us of who you are. When you visit our website, our web servers in Germany save as standard the IP address of your internet service provider via which you access our website, the site from which you access our website and the files you access from us, as well as the date of your visit and general information about your browser. These data are processed to ensure the security of the web server and to adapt the output of the information retrieved to your output medium (e.g. your phone. laptop or other device). These data are only analyzed in anonymized form for statistical purposes.

Personal data is stored and processed only if you provide us with this information, e.g. when completing a contact form or registering for personalized services. On the respective website you will be informed about the intended use and, if necessary, your consent to the storage and processing requested. Disclosure will only take place at thyssenkrupp companies and service providers affiliated with us, for example to send you the requested written information. Of course, all service providers are committed to data secrecy and confidentiality. A transfer to other third parties does not take place. Your data is always encrypted before transmission and processing to protect this data against unauthorized access

Cookies

Description and scope of data processing

Cookies are text files that are stored on your computer or other end device. The use of cookies helps us to analyze your website usage, to improve services and products offered, to improve security and to prevent fraud. We differentiate between various cookies:

Session cookies are temporary cookie files that are automatically deleted when you close your browser.
Persistent cookies are cookie files that are stored until they are actively deleted or automatically removed after a certain amount of time.
First-party cookies are cookies that are set directly by us.
Third party cookies are cookies set by a third party

On individual pages, personal data may be stored in cookies if you have previously expressly consented to such, e.g. to not have to re-enter access data. In principle, you can also access all information on our website if you have deactivated cookies in your Internet browser. If you do not accept cookies, this may result in functional limitations of our offers.

Matomo

This website uses the open source web analytics service Matomo. Matomo cookies are stored on the basis of Art. 6 para. 1 lit. a GDPR.

The information generated by the cookie about the use of this website will not be disclosed to third parties. The Matomo cookies are set exclusively by your active consent. You can set the selection of cookies to be stored by making the appropriate setting in your browser software or by using the cookie pop banner. If you have consented to the setting of Matomo cookies, they will remain on your terminal device until you delete them or revoke your consent. You can revoke your consent to the setting of certain or all cookies at any time and unconditionally.

Requests via Email

a) Description and scope of data processing

You can contact us via the e-mail address provided. In this case, the user's personal data transmitted by e-mail will be stored.

In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation

b) Legal basis for data processing

The legal basis for the processing of data in the case of the user's consent is Art. 6 para. 1 lit. a GDPR.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

c) Purpose of data processing

In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.

d) Duration of storage, option for objection and elimination

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data sent by e-mail, this is the case when the conversation with the user is finished. The conversation is terminated when the circumstances indicate that the matter in question has been finally clarified.

The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he/she can object to the storage of his/her personal data at any time. In such a case, the conversation cannot be continued.

b) Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR.

c) Purpose of data processing

Cookies can be used for different purposes.

Functional cookies are used to provide you with standard services on our pages. Without the use of cookies, our website may work only very limited and possibly incorrect.
Optimization cookies enable us to analyze the use of our website. If you have not consented to the use of your personal data for this purpose, this will be anonymous. The analysis helps us to improve our services and offered products and services.
Personalization cookies allow us to determine your personal preferences, such as your preferred language. We use these cookies to improve usability and offer you a customized experience.
Security-relevant cookies are cookies that are necessary to protect the website against attacks and to prevent fraud

d) Duration of storage, option for objection and elimination

Cookies are stored on the user's computer and transmitted to our website. Therefore, you as a user also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

Google Tag Manager

thyssenkrupp AG uses Google Tag Manager, which does not collect any personal information. This tool causes other tags to be created, which in turn collect data under certain circumstances. Google Tag Manager does not access this data. If deactivation was carried out on the domain or cookie level, it remains in place for all tracking tags which were implemented with Google Tag Manager. You can find Google’s Privacy Notice regarding Google Tag Manager here: https://www.google.de/tagmanager/use-policy.html

Privacy policy on the use and application of Facebook

The data controller has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences, or enables the Internet community to provide personal or company-related information. Facebook enables users of the social network to create private profiles, upload photos and network via friend requests, among other things.

The operating company of Facebook is Facebook, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. The person responsible for processing personal data, if a data subject lives outside the USA or Canada, is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Each time a user accesses one of the individual pages of this website, which is operated by the data controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a display of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins is available at https://developers.facebook.com/docs/plugins/?locale=en_US. As part of this technical process, Facebook is informed which specific subpage of our website is visited by the person concerned.

If the person concerned is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the "Like" button, or if the person concerned makes a comment, Facebook assigns this information to the person's personal Facebook user account and stores this personal data.

Facebook receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time when he or she accesses our website; this occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be sent to Facebook, he or she can prevent it from being sent by logging out of his or her Facebook account before accessing our website.

The data policy published by Facebook, which can be accessed at https://www.facebook.com/about/privacy/ , provides information about the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook, for example the Facebook blocker from the provider Webgraph, which can be obtained at http://webgraph.com/resources/facebookblocker/. Such applications can be used by the data subject to suppress data transfer to Facebook.

Contact Form

To respond to your request thyssenkrupp AG will process the following personal data if provided in the contact form: form of address, first name, last name, email, street, zip code, town/city, telephone number and content of your request. We will forward your personal data to recipients where this is necessary to meet your request. The legal basis for processing your personal data depends on your request and may take the form of a contract with you (Art.6 (1) (b) GDPR), your consent (Art. 6 (1) (a) GDPR) or our legitimate interests in providing you with a good service based on a balance of interests (Art. 6 (1) (f) GDPR). We are supported in the operation of our contact form by our IT service providers as order processors. We will process your data – where processing is based on your consent – until your consent is withdrawn or – where processing is based on a balance of interests – until you object to this or your request has been completed. Unless you provide the data required to contact you and to understand and process your request, we will not be able to process your request. All other information is optional. This service is only for persons over the age of 18.

If we process your personal data on the basis of your consent (Art. 6 (1) (a) GDPR), you can withdraw this consent at any time for the future. If we process your personal data on the basis of a balance of interests (Art. 6 (1) (f) GDPR), you can object to this at any time for the future.

In addition we process the referrer information in connection with use of the contact form (Art. 6 (1) (b) GDPR), which is erased after 4 weeks at the latest. It is technically not possible to use the contact form without collecting this information.

Online applications (career section)

For the career section of our online services, please consider the following data protection information.

thyssenkrupp Group Services Gdańsk

Zgodnie z art. 13 ogólnego rozporządzenia o ochronie danych osobowych z dnia 27 kwietnia 2016 r. (RODO) informujemy, że:

Administratorem Państwa danych osobowych jest thyssenkrupp Group Services Sp. z o.o. z siedzibą w Gdańsku.
W razie jakichkolwiek wątpliwości związanych z przetwarzaniem dotyczących Państwa danych proszę kontaktować się z Inspektorem Ochrony Danych mailowo: dpo.gsg@thyssenkrupp.com, bądź pisemnie na adres siedziby Administratora: al. Grunwaldzka 472D, 80-309 Gdańsk
Państwa dane osobowe będą przetwarzane w celu prowadzenia korespondencji, zapewnienia obiegu i archiwizacji dokumentów oraz ustalenia, dochodzenia lub obrony przed ewentualnymi roszczeniami, co stanowi prawnie uzasadniony interes administratora (art. 6 ust. 1 lit. f RODO). W zależności od przedmiotu korespondencji, dalsze informacje na temat celu przetwarzania danych zawartych w treści korespondencji i powiązanych podstaw prawnych, przedstawiane są w odrębnej klauzuli informacyjnej.
Odbiorcami Państwa danych osobowych mogą być:
a) Spółki z grupy thyssenkrupp.
b) Firmy świadczące usługi kurierskie i pocztowe.
c) Firmy świadczące usługi lub dostarczające rozwiązania informatyczne.
d) Firmy audytowe.
e) Firmy archiwizujące i niszczące dokumenty.
Co do zasady, Państwa dane nie będą przekazywane poza Europejski Obszar Gospodarczy. Mając jednak na uwadze usługi świadczone przez podwykonawców Administratora przy realizacji wsparcia dla usług teleinformatycznych oraz infrastruktury IT, Administrator może zlecać wykonanie określonych czynności bądź zadań informatycznych uznanym podwykonawcom działającym poza EOG co może powodować przekazanie Państwa danych poza obszar EOG.
Dane przetwarzane są przez czas, kiedy ich przechowywanie mieści się w ramach prawnie uzasadnionego celu administratora regulowanego czasem możliwego dochodzenia roszczeń. Okres przechowywania danych stanowiących treść korespondencji jest jednak uzależniony od celu przetwarzania danych, którego dotyczy dana korespondencja (jeżeli występują inne terminy usunięcia danych, to informacje na ten temat podano w odrębnej klauzuli informacyjnej).
Przysługuje Państwu:
a) prawo dostępu do swoich danych oraz otrzymania ich kopii,
b) prawo do sprostowania (poprawiania) swoich danych,
c) prawo do usunięcia danych osobowych,
d) prawo do ograniczenia przetwarzania danych,
e) prawo do przenoszenia danych – jeśli podstawą prawną ich przetwarzania jest zgoda (art. 6 ust. 1 lit. a lub art. 9 ust. 2 lit. a RODO) lub umowa (art. 6 ust. 1 lit. b RODO),
f) prawo do cofnięcia zgody na przetwarzanie danych, gdy stanowi ona podstawę przetwarzania danych (art. 6 ust. 1 lit. a RODO), przy czym nie ma to wpływu na przetwarzanie przed terminem cofnięcia,
g) prawo wniesienia sprzeciwu wobec przetwarzania Twoich danych osobowych – jeśli podstawą prawną ich przetwarzania jest prawnie uzasadniony interes (art. 6 ust. 1 lit. f RODO).
Jeśli uznają Państwo, że przetwarzanie danych osobowych Państwa dotyczących narusza przepisy RODO, przysługuje Państwu prawo wniesienia skargi do Prezesa Urzędu Ochrony Danych Osobowych, ul. Stawki 2, 00-193 Warszawa.
Co do zasady, podanie danych osobowych jest dobrowolne, jednak niezbędne do komunikacji z Panią/Panem w ramach prowadzonej korespondencji (jeśli istnieje wymóg podania danych, to informacje na ten temat podano w odrębnej klauzuli informacyjnej).
Co do zasady, Państwa dane nie będą przedmiotem zautomatyzowanego podejmowania decyzji powodujących skutki prawne lub podobnie istotny wpływ (jeśli może mieć to miejsce, to informacje na ten temat podano w odrębnej klauzuli informacyjnej).

Pursuant to Art. 13 of the general regulation on the protection of personal data of 27 April 2016 (GDPR), we would like to inform you that:

The administrator of your personal data is thyssenkrupp Group Services Sp. z o.o. based in Gdańsk.
In case of any doubts related to the processing of your data, please contact the Data Protection Officer by e-mail: dpo.gsg@thyssenkrupp.com, or in writing to the address of the Administrator's seat: al. Grunwaldzka 472D, 80-309 Gdańsk
Your personal data will be processed in order to conduct correspondence, ensure the circulation and archiving of documents, and establish, investigate or defend against any claims, which is the legitimate interest of the administrator (Article 6 (1) (f) of the GDPR). Depending on the subject of the correspondence, further information on the purpose of data processing contained in the correspondence and related legal grounds is presented in a separate information clause.
The recipients of your personal data may be:
a) Companies from the thyssenkrupp group
b) Companies providing courier and postal services
c) Companies that provide services or provide IT solutions.
d) Audit companies.
e) Document archiving and destruction companies.
As a matter of principle, your data will not be transferred outside the European Economic Area. However, bearing in mind the services provided by the Administrator's subcontractors in the implementation of support for ICT services and IT infrastructure, the Administrator may commission specific IT activities or tasks to recognized subcontractors operating outside the EEA, which may result in the transfer of your data outside the EEA.
As a matter of principle, data are processed for the periods specified by law, and if they are not indicated with regard to certain documents, for the time when their storage is within the legitimate purpose of the administrator, regulated by the time of possible redress. The period of storage of data constituting the content of the correspondence, however, depends on the purpose of data processing to which the correspondence relates (if there are other deadlines for data deletion, information on this subject is provided in a separate information clause).
You are entitled to:
a) the right to access your data and receive a copy of it,
b) the right to rectify (correct) your data,
c) the right to delete personal data,
d) the right to restriction of data processing,
e) the right to data portability - if the legal basis for their processing is consent (Article 6 (1) (a) or Article 9 (2) (a) of the GDPR) or a contract (Article 6 (1) (b) of the GDPR),
f) the right to withdraw consent to the processing of data, when it is data closure (Article 6 (1) (a) of the GDPR), but does not affect the processing before the deadline for withdrawal,
g) the right to object to the processing of your personal data - if the legal basis for their processing is a legitimate interest (Article 6 (1) (f) of the GDPR).
Data subjects is also entitled to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, if in their opinion the processing of the personal data violates the provisions of the GDPR.
As a matter of principle, providing personal data is voluntary, but it depends on the purpose of data processing to which the correspondence relates (if there is a requirement to provide data, information on this subject is provided in a separate information clause).
As a matter of principle, your data will not be the subject of automated decision-making with legal effects or a similarly significant impact (if this may be the case, information on this is provided in a separate information clause).

Rights of the data subject

If personal data are processed by you, you are data subject within the meaning of the GDPR and you have the following rights vis-à-vis the Controller:

Right to information

You can ask the Controller to confirm whether personal data concerning you is processed by us.

If such processing has taken place, you can request the following information from the Controller:

the purposes for which the personal data are processed;
the categories of personal data being processed;
the recipients or categories of recipients to whom the personal data concerning you have been or still are disclosed;
the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
the existence of a right to correction or deletion of personal data concerning you, a right to limitation of processing by the Controller or a right to object to such processing;
the existence of a right of appeal to a supervisory authority;
any available information on the origin of the data if the personal data are not collected from the data subject;
the existence of automated decision-making including profiling in accordance with Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you is transmitted to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transmission.

Right to rectification

You have a right to correction and/or completion vis-à-vis the Controller if the personal data processed concerning you are incorrect or incomplete. The Controller shall make the correction without delay.

Right to restriction of processing

You may request that the processing of personal data concerning you be restricted subject to the following conditions:

if you dispute the accuracy of the personal data concerning you for a period that enables the data controller to verify the accuracy of the personal data;
the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
the Controller no longer needs the personal data for the purposes of the processing, but you do need them to assert, exercise or defend legal claims, or
if you have filed an objection to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the Controller outweigh your reasons.

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.

If the processing restriction has been restricted in accordance with the above conditions, you will be informed by the Controller before the restriction is cancelled.

Right to erasure

Obligation to delete

You may request the Controller to delete the personal data relating to you without delay and the Controller is obliged to delete this data without delay if one of the following reasons applies:

The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
You revoke your consent, on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
You file an objection against the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you file an objection against the processing pursuant to Art. 21 para. 2 GDPR.
The personal data concerning you have been processed unlawfully.
The deletion of personal data relating to you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the Controller is subject.
The personal data concerning you have been collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.

Information to third parties

If the Controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17 para. 1 GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal da

Exceptions

The right to erasure does not exist insofar as the processing is necessary:

to exercise freedom of expression and information;
for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the Controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the Controller;
for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the law referred to under a) is likely to make it impossible or seriously impair the attainment of the objectives of such processing, or
to assert, exercise or defend legal claims..

Right to information

If you have exercised your right to have the Controller correct, delete or limit the processing, he/she is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.

You have the right vis-à-vis the Controller to be informed of these recipient

Right to data portability

You have the right to receive the personal data concerning you that you have provided to the Controller in a structured, common and machine-readable format. In addition, you have the right to pass this data on to another Controller without obstruction by the Controller to whom the personal data was provided, if:

processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR, and
processing is carried out by means of automated methods

In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one Controller to another Controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.

Right of objection

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you under Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.

The Controller no longer processes the personal data concerning you, unless he can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the option to exercise your right of objection in connection with the use of Information Society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.

Right to revoke consent under data protection law

You have the right to revoke your consent under data protection law at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until such revocation.

Automated decision in individual cases including profiling

You have the right not to be subject to a decision based exclusively on automated processing - including profiling - that has legal effect against you or significantly impairs you in a similar manner. This does not apply if the decision:

is necessary for the conclusion or performance of a contract between you and the Controller,
is admissible due to the legislation of the Union or of the Member States to which the person responsible is subject and that legislation contains appropriate measures to safeguard your rights, freedoms and legitimate interests; or
is made with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

In the cases referred to in (1) and (3), the Controller shall take reasonable measures to safeguard your rights, freedoms and legitimate interests, including at least the right to obtain the intervention of a person on the part of the Controller, to state the own position and to challenge the decision.

Right of appeal to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or at the place of the suspected infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

Scope and amendments to this privacy statement

This privacy statement applies exclusively to the use of our website. It does not apply to the websites of other service providers to which we provide a link. We accept no responsibility or liability for third-party statements and guidelines with no connection to our website.

We reserve the right to amend these data privacy rules from time to time in accordance with future changes relating to the collection and processing of personal data."