Imprint


Responsible for content § 18 Abs. 2 MStV:
Frieder Spannagel
Gontermann-Peipers GmbH
Hauptstraße 20
57074 Siegen GERMANY
Phone: +49 271 / 60 - 0
Fax: +49 271 / 60 – 200
www.gontermann-peipers.de
infonoSpam@gontermann-peipersnoSpam.de


Vorsitzender des Aufsichtsrats: Eckhard Schulte
Board of Management: Frieder Spannagel, Klaus Habitzki, Rainer Schönauer


Registered office: Siegen
Commercial register: Amtsgericht Siegen HRB 1040


VAT identification number in accordance with § 27a of the German Turnover Tax Law: DE126563569


Copyright
The contents of this website are subject to German copyright law. Reproduction, editing,
distribution and any kind of exploitation require the written consent of the respective author or
creator.

Website design and programming www.yellowtree.de
photography www.sichtplan.de
3D renderings www.markocut.com
Apprenticeship films www.bladevision.de
3D animation and company film: Nutzwert Design, Siegen

Privacy Policy


1. Introduction
We are very pleased about your interest in our company.
Personal data is any information relating to an identified or identifiable person.
Pseudonymous data that we cannot assign to you directly, e.g. via a name or email address,
is also personal data.


Because the protection of your personal data is of great importance to us, we provide you
with this Privacy Policy to inform you about the nature, scope, and purpose of the personal
data we process and your rights as a data subject.

At the end of this Privacy Policy, you will find, under the section "Definitions" various
explanations of the terminologies used.


The data controller for the processing of personal data is:
Gontermann-Peipers GmbH
Hauptstraße 20
57074 Siegen GERMANY
Phone: +49 271 60 - 0
Fax: +49 271 60 - 200


The external corporate data protection officer (DPO) for UPONU GmbH is:
dokuworks GmbH
Mr. Markus Weber
Birlenbacher Str. 20
57078 Siegen
Phone: +49 271 77237-60
datenschutznoSpam@dokunoSpam.works


If you have any questions or suggestions regarding data protection, please feel free to
contact us as the data controller or our data protection officer at any time.


2. Data Subject Rights
You may exercise the following rights with respect to your personal data:

  • Right to Information (Art. 15 GDPR)
  • Right to Rectification (Art. 16 GDPR) or Deletion (Art. 17 GDPR)
  • Right to Restriction of Processing (Art. 18 GDPR)
  • Right to Data Portability (Art. 20 GDPR)
  • Right to Object to Processing (Art. 21 GDPR)

If you request information from us, we will inform you in accordance with data protection
regulations whether and what data we have collected from you. Our goal is always to ensure
current and error-free data collection. If incorrect information has nevertheless been
recorded, we will correct it promptly upon a corresponding request.
To do so, please send us a request to: info@gontermann-peipers.de
In addition to exercising your rights with us, you also have the right to lodge a complaint with
a supervisory authority if you suspect a violation of data protection regulations (Art. 77
GDPR).


3. Transfer of Data to the USA (via Analysis Tools)
For the transfer of personal data to third countries outside the European Union, a sufficient
level of data protection must be guaranteed. For the transfer of personal data to the USA, the
"Privacy Shield 2.0" has now applied as the recognised data protection framework since 10
July 2023. According to this transatlantic agreement, US service providers must be certified
by means of a self-certification procedure with the US Department of Commerce. The
conclusion of standard contractual clauses (SCC) and the performance of a transfer impact
assessment (TIA) are therefore no longer required, unless tools of a US service provider that
has not performed a self-certification are in use.

4. Privacy Notice for Business Partners
We are delighted that you have shown an interest in Gontermann-Peipers GmbH and have
been in contact with us.


The protection of your data is of utmost importance to us. With this privacy notice, we provide
you with the following information in accordance with Article 13 of the General Data
Protection Regulation (GDPR) regarding the processing of your personal data in the context
of our business relationship.


For additional information about our company, details about our authorized representatives,
and further contact options, please visit www.gontermann-peipers.de/impressum-datenschutz/.


What data do we process and for what purposes?
We only process personal data that we have received from you as part of our business
relationship or, if applicable, from publicly available sources.
Personal data as defined by Article 4(1) of the General Data Protection Regulation (GDPR)
may include names, telecommunications data, and address data. In addition, we also
process offer, inquiry, and order data, data related to the fulfillment of our contractual
obligations, product data, documentation data, as well as other data comparable to the
mentioned categories.


The provision of your personal data is necessary for the initiation, implementation and
processing of the contractual relationship. If it is not provided, it will unfortunately not be
possible for us to contact you to clarify pre-contractual or contractual questions.


What is the legal basis for processing your personal data?
Your personal data is processed in accordance with the legal provisions of the GDPR and
the new version of the Federal Data Protection Act to fulfill contractual obligations or to take
measures to initiate a contract (Art. 6 Para. 1 S. 1 lit. b GDPR).
In addition, we may use this data for additional purposes as part of our business relationship.


How long is the data stored?
We process and store your personal data for the duration of our business relationship and at
least in accordance with the statutory retention periods such as for example the Commercial
Code or Tax Code.


Who is the data passed on to and where is it processed?
We only use the personal data for our own purposes as part of the business relationship. We
would like to point out that we generally assume that our e-mail correspondence is business-
related and therefore forward e-mails to your representatives in the absence of employees in
order to provide better service.


5. Applicant Management
The person responsible for processing collects and processes the personal data of
applicants for the purpose of processing the application process. Processing can also take
place electronically. This is particularly the case if an applicant submits relevant application
documents to the person responsible for processing electronically, for example by email or
via a web form on the website. If the person responsible for processing concludes an
employment contract with an applicant, the data transmitted will be stored for the purpose of
processing the employment relationship in compliance with legal regulations.


The legal basis for this processing is Section 26 Paragraph 1 Sentence 1 BDSG in
conjunction with Article 88 Paragraph 1 GDPR.


If the person responsible for processing does not conclude an employment contract with the
applicant, the application documents will be automatically deleted six months after the
rejection decision is announced, provided that deletion does not conflict with any other
legitimate interests of the person responsible for processing. Other legitimate interests in this
sense include, for example, a burden of proof in proceedings under the General Equal
Treatment Act (AGG).


The legal basis in this case is Article 6 Paragraph 1 Letter f GDPR and Section 24 Paragraph
1 No. 2 BDSG. Our legitimate interest lies in legal defense and enforcement.


If you expressly consent to a longer storage of your data, for example for your inclusion in an
applicant or interested party database, the data will be further processed based on your
consent. The legal basis is then Article 6 Paragraph 1 Letter a GDPR. Of course, you can
revoke your consent at any time in accordance with Art. 7 Para. 3 GDPR by notifying us with
effect for the future.


6. Data protection when visiting our website


Type and purpose of processing:
When you access our website uponu.com, the browser used on your device automatically
sends information to our website server. This information is temporarily stored in a so-called
log file. The following information is recorded without your intervention and stored until it is
automatically deleted, usually after one week:

  • IP-address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (Referrer URL)
  • Browser used and, if applicable, the operating system of your computer as well as
    the name of your access provider

The data mentioned will be processed in particular for the following purposes:

  • Ensuring problem-free connection to the website
  • Ensuring smooth use of our website
  • Evaluation of system security and stability
  • Clarification of any abusive page access (DoS/DDoS attacks or similar)
  • Optimization of our website

We do not use your data to draw conclusions about you personally. We reserve the right to
do this in the event that this becomes necessary to investigate abusive page access. We
generally evaluate information of this type anonymously and statistically in order to optimize
our website and the technology behind it.


Legal basis and legitimate interest:
Processing is carried out in accordance with Article 6 Paragraph 1 Letter f of the GDPR
based on our legitimate interest in improving the stability and functionality of our website.

Recipients:
Recipients of the data may be technical service providers who act as contract processors for
the operation and maintenance of our website.


Storage period:
The data will be deleted as soon as it is no longer required for the purpose of collection. This
is generally the case for the data used to provide the website when the respective session
has ended.


If the data is stored in log files, this is usually the case after one week. Storage beyond this is
possible. In this case, the users IP addresses are anonymized so that it is no longer possible
to assign the calling client.


Provision Required or Mandatory:
The provision of the aforementioned personal data is neither legally nor contractually
required. However, without providing your IP address, the service and functionality of our
website cannot be guaranteed. Additionally, certain services and features may not be
available or may be limited. For this reason, objections to providing this data are not
possible.


7. Hosting
We host the content of our website with the following provider:
billiton internet services GmbH
Pfarrwaldstr. 24
57234 Wilnsdorf GERMANY
info@billiton.de
+49 - 271 - 30 38 60


Details can be found in the providers privacy policy:
https://www.billiton.de/datenschutz


The legal basis for hosting is our legitimate interest in presenting our website as reliably as
possible (according to Art. 6 Para. 1 lit. f GDPR). To the extent that appropriate consent has
been obtained, processing is carried out exclusively on the basis of Article 6 Para. 1 lit. a
GDPR and Section 25 Para. e.g. device fingerprinting) within the meaning of the TTDSG.
Consent can be revoked at any time.

8. Usage of Analysis / Tracking Tools
Cookies are small text files placed on your device that collect data that can later be read by a
web server in the domain that placed the cookie.
Our website uses cookies and similar technologies to provide users with a more user-friendly
service, to analyze the performance of our products and for other legitimate purposes.
The data subject can prevent the setting of cookies through our website at any time by
means of an appropriate setting in the Internet browser used and thus permanently object to
the setting of cookies. Furthermore, cookies that have already been set can be deleted at
any time via an internet browser or other software programs. This is possible in all common
internet browsers. If the data subject deactivates the setting of cookies in the Internet
browser used, not all functions of our website may be fully usable.

A distinction can be made between the following types of cookies:


8.1 Technically Necessary Cookies
Technically necessary cookies are those that secure the basic functions of the website,
enabling its operation. This is solely about technical necessity, not economic aspects.
The legal basis for this is our legitimate interest in providing a functioning website, as per
Article 6(1)(f) GDPR, or compliance with a legal obligation as per Article 6(1)(c) GDPR.


8.2 Statistical Cookies and Marketing Cookies
Statistical cookies help website owners understand how visitors interact with websites by
anonymously collecting and reporting information.
Marketing cookies store user information regarding the visited website. This data is used, for
example, to display personalized ads based on user interests, optimize offers, recognize the
user, or simplify website usage.


The legal basis for this is your consent, according to Article 6(1)(a) GDPR.


For the purposes mentioned above, we use the services of the following third-party
providers, who are responsible for data processing that occurs through their respective
services, as defined in Article 4(7) GDPR. You can find further information about data
processing by these providers and your rights as a data subject in the privacy policies of the
providers linked below:


We use the LinkedIn Insight-Tag conversion tracking tool on our website. The service
provider is the American company LinkedIn Corporation, 2029 Stierlin Court, Mountain View,
CA 94043, USA. For data protection aspects in the European Economic Area (EEA), the EU,
and Switzerland, the company LinkedIn Ireland Unlimited (Wilton Place, Dublin 2, Ireland) is
responsible.


9. Social Media
9.1 Integration of Social Media Buttons


The data controller has integrated components of social media on this website. We use the
services of the following third-party providers, who are responsible for data processing that
occurs through their respective services, as defined in Article 4(7) GDPR. These providers
only collect personal data from you when you click the button and are redirected to the
respective page. For further information about data processing by these third-party providers
and your rights as a data subject, you can refer to the privacy policies linked below:

9.2 Use of Social Media Profiles
For the presentation of our content on a social media profile, we access the technical
platform and services of the respective social media providers. As the operator of the social
media profile, UPONU GmbH is jointly responsible with the operator of the social network, as
defined in Article 4(7) of the General Data Protection Regulation (GDPR). When you visit our
social media profile, personal data is processed by the responsible parties. We inform you
about the data processed, how it is processed, and your rights regarding this data.
Please note that you use this website and its functions at your own risk. This applies
especially to the use of interactive features (e.g., commenting, sharing, rating, etc.). We may
use your comments and ratings as an opportunity to respond with our own comments. In
doing so, we exercise our legitimate interest in interacting with active users of our profile
(Article 6(1)(f) GDPR).


If you have any questions, you may have the option to contact us via personal messages.
Your username may be automatically communicated to us in this context. Additional
information may be provided voluntarily, especially when contacting us outside of social
media. Data processing for the purpose of contacting us is based on your voluntarily given
consent in accordance with Article 6(1)(a) GDPR. Personal data processed for contacting us
will be automatically deleted after your request has been addressed unless legal retention
obligations prevent this (e.g., because a contractual relationship has been established based
on your request).


When visiting our social media profile, the provider collects your IP address and other
information in the form of cookies on your PC. This information is used to provide us, as the
operator of the social media profile, with statistical information about the usage of the
website.


The data collected about you in this context by the providers may be processed and
potentially transferred to countries outside the European Union. The providers general data
usage policies describe what information the provider receives and how it is used. You can
find information on how to contact the provider and how to adjust advertising settings in their
data usage policies.


The extent to which providers use data from the visit to social media profiles for their own
purposes, the allocation of activities on the websites to individual users, the retention period
of this data, and whether data is passed on to third parties are not conclusively and clearly
named, and we are not aware of this. When accessing a social media profile, the IP address
assigned to your device is transmitted to the provider. This allows the provider to potentially
associate IP addresses with individual users. If you are currently logged in as a user with a
social media provider, a cookie with your identifier is stored on your device. As a result, the
provider can track that you have visited this page and how you have used it. If you want to
avoid this, you should log out of the respective social media provider or deactivate the "stay
logged in" function, delete the cookies on your device, and restart your browser.
For more information on your rights as a data subject according to the GDPR, please refer to
section 2 "Data Subject Rights".

Additional information is available from the provider at the following links:

10. Contact
If you contact us (e.g. via contact form, chat or email), we will process your information to
process the request and in the event that follow-up questions arise.
If the data processing is carried out to carry out pre-contractual measures at your request or,
if you are already our customer, to carry out the contract, the legal basis for this data
processing is Article 6 Paragraph 1 Sentence 1 Letter b GDPR.


11. Storage period
Unless specifically stated, we only store personal data for as long as is necessary to fulfill the
purposes pursued.


In some cases, the law requires the storage of personal data, for example in tax or
commercial law. In these cases, we will only continue to store the data for these legal
purposes, but will not process it in any other way and will delete it after the statutory retention
period has expired.


12. Disclosure of Data to Third Parties
We do not transfer your personal data to third parties for purposes other than those listed
below. We only disclose your personal data to third parties if:

  • You have given your explicit consent according to Article 6 (1) (a) GDPR.
  • The disclosure is necessary under Article 6 (1) (f) GDPR for the establishment,
    exercise, or defense of legal claims, and there is no reason to believe that you
    have an overriding legitimate interest in not disclosing your data.
  • There is a legal obligation to disclose the data under Article 6 (1) (c) GDPR.
  • The disclosure is legally permissible and necessary under Article 6 (1) (b) GDPR
    for the performance of a contract with you.

13. Data Security
We make every effort to ensure the security of your data in accordance with applicable data
protection laws and technological capabilities.


Your personal data is transmitted to us in encrypted form. This applies to your orders and
also to customer logins. We use the SSL (Secure Socket Layer) encryption system, but
please be aware that data transmission over the Internet (e.g., when communicating via
email) may have security vulnerabilities. It is not possible to provide complete protection of
data from third-party access.


14. Actuality and change of this Privacy Policy

This Privacy Policy is currently valid and has the status October 2023. Due to the further
development of our website and offers on it or due to changed legal or regulatory
requirements, it may become necessary to change this privacy policy.