Data protection declaration of the IMO Corporate Group
We're glad that you decided to visit our Website and that you're interested in our corporate group. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal provisions for the protection of personal data, particularly the EU General Data Protection Regulation (GDPR) and the applicable country-specific implementing legislation. This data protection declaration provides comprehensive information about the processing of your personal data by the IMO Corporate Group on our Website and your associated rights.
Personal data is information that might make it possible to identify a natural person. This includes your name, date of birth, address, telephone number, e-mail address, and IP address.
"Anonymous data" is data for which no personal association can be established to the user.
Responsible body and data protection officer
The responsible body for the operation of the Website and the associated data processing is:
IMO Holding GmbH
Phone: +49 9193 6395-0
Fax: +49 9193 6395-1140
Contact for data protection officer: datenschutz(at)imo.de
Your rights as a data subject
First, we would like to inform you about your rights as a data subject. These rights are stipulated in Art. 15 - 22 GDPR. They include the following:
- Right of access (Art. 15 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to object (Art. 21 GDPR)
To enforce these rights, please contact: datenschutz(at)imo.de. The same applies if you have any questions about our company. You also have the right to appeal to a supervisory data protection authority.
Right to object
Please note the following in relation to your right to object:
If we process your personal data for direct marketing purposes, you are entitled to object to this data processing at any time without stating a reason. This also applies to profiling if it is associated with direct marketing.
If you object to the processing of your data for direct marketing purposes, we will no longer process your personal data for this purpose. Objection is free of charge and without any requirements as to form. Where possible, you should notify your objection to: datenschutz(at)imo.de
If we process your data in order to safeguard our legitimate interests, you can object to this processing for reasons arising from your specific situation at any time; this also applies to profiling on the basis of these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate reasons for this processing that outweigh your interests, rights, and freedoms or if the processing takes place in order to enforce, assert, or defend legal claims.
Purpose and legal bases for data processing
When processing your personal data, we observe the provisions of the GDPR and all other applicable legal provisions relating to data protection. The legal bases for data processing arise in particular from Art. 6 GDPR.
We use your data for initiating business, meeting contractual and legal duties, realizing contractual relationships, offering products and services, and strengthening customer relationships, which can also include analyses for marketing purposes and direct marketing.
Your consent also constitutes the fulfillment of the permission requirement under data protection law. Here, we explain the purpose of data processing and your right to revoke consent. If the consent also extends to the processing of special categories of personal data, we will expressly specify this in the consent declaration; Art. 88 Para. 1 GDPR.
The processing of special categories of personal data as per Art. 9 Para. 1 GDPR shall take place only if this is required due to legal provisions and if there is no reason to assume that your legitimate interests in the exclusion of processing take precedence; Art. 88 Para. 1 GDPR.
Disclosure to third parties
We will pass your data onto third parties only in accordance with legal provisions or with your consent. Otherwise, we will not pass your data onto third parties unless we are obliged to do so due to binding legal stipulations (the disclosure of data to external bodies such as supervisory authorities or law enforcement authorities).
Data recipient/categories of recipient
At our corporate group, we ensure that only people who require your data in order to meet contractual and legal obligations receive your data. In order to process your inquiries and orders, we pass on personal data within the IMO Corporate Group, consisting of:
- IMO Holding GmbH
- IMO GmbH & Co. KG
- IMO Energy GmbH
Naturally, we observe the legal provisions relating to the transfer of data.
In many cases, service providers support our specialist departments in the realization of their tasks. We have entered into the necessary data protection contracts with all service providers. In particular, we use the following types of service provider:
- Providers for the administration, maintenance, and hosting of the Website
- Service providers for the applications portal
Transmission to third country/intent to transmit to third country
The transfer of data to a third country (that is, a country outside the European Union or European Economic Area) takes place only if this is necessary in order to meet a contractual obligation, if it is required by law, or if you have given your consent.
Data storage duration
We save your data for as long as it is required for the processing purpose at hand. Please note that numerous data retention periods mean that data will/must be retained for longer. In particular, this relates to retention obligations in commercial or fiscal law (for example, the Commercial Code, Fiscal Code etc.). If there are no further retention obligations, the data is routinely deleted once the processing purpose has been achieved. However, we can store your data if we have obtained your consent or if legal disputes occur and we use evidence subject to legal periods of limitation, which can be up to thirty years; the normal period of limitation is three years.
Safe transmission of your data
We use appropriate technical and organizational security measures in order to protect the data we store as well as possible against accidental or deliberate manipulation, loss, destruction, or access by unauthorized parties. The security levels are checked in collaboration with security experts and are adjusted in line with new security standards. In addition, we offer our users content encryption for the online application tool. Communication with our online application tool takes place using a secure protocol. You also have the option to use alternative communication methods (post, e-mail). The transfer of e-mails is secured and encrypted using TLS.
Categories, sources, and origin of data
The context determines which data we process: It depends upon whether you are entering an inquiry into our contact form, sending us an application, or submitting a complaint. Please note that we make information for special processing situations available in the appropriate place, e.g. for the upload of applications.
When you visit our Website, we collect and process the following data:
- Name of the Internet service provider
- Specifications on the Web page from which you navigated to our site
- Used Web browser and operating system
- The IP address assigned to you by your Internet service provider
- Requested files, transmitted data volume, downloads/file exports
- Specifications on Web pages within our site that you call, including the date and time
For technical security reasons (in particular in order to defend our Web server against hacking attempts), this data is stored in accordance with Art. 6 Para. 1(f) GDPR. This data is deleted after 30 days.
User profile Web tracking method
With your consent (Art. 6 Para. 1(a) GDPR), we use content/service offerings of third-party providers on our Website. This Website uses Google Analytics, a Web analysis service of Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies" - text files that are saved on your computer and enable the analysis of your Web page usage. The information about your usage of our Website generated by the cookie in question is generally transmitted to a Google server in the USA and saved there. As a result of the activation of IP anonymization on this Website, however, your IP address is truncated first by Google if you are located in a Member State of the European Union or in another signatory state of the Agreement on the European Economic Area. The full IP address is transmitted to a Google server in the USA and truncated there only in exceptional cases. On behalf of the operator of this Website, Google uses this information to analyze usage of the Website, compile reports on Website activities, and render further services for the Website operator relating to Website and Internet usage. The IP address transmitted from your browser for Google Analytics is not associated with other Google data. Sessions and campaigns are ended once a certain amount of time has expired. By default, sessions are ended after 30 minutes of inactivity and campaigns are ended after six months. The personal data of users is deleted or anonymized after 14 months. For more information on usage conditions and data protection, see: www.google.com/analytics/terms/de.html and policies.google.com You can suppress the saving of cookies by making a corresponding setting in your browser software. However, please note that in this case you might not be able to use the full scope of all of the functions of this Website. You can also prevent the capture and processing of the data on your Website usage that is generated by the cookie by Google by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout;
As an alternative to using the browser add-on or if using a browser on a mobile device, please click this link to prevent the capture of data by Google Analytics within this Website in future: Analytics-opt-out. This stores an opt-out cookie on your device. If you delete your cookies, you must click this link again.
Please note that on this Website Google Analytics has been enhanced with the code "gat._anonymizeIp" in order to ensure the anonymized capture of IP addresses (IP masking).
We also use Google Analytics to analyze data from Google Ads (see Google Ads) and the data from the Google advertising functions for purely statistical purposes. If you do not want this, you can deactivate it using the ads settings manager:www.google.de/settings/ads or www.google.com/settings/ads/onweb/ Google also processes your personal data in the USA and has committed to the EU-US Privacy Shield: www.privacyshield.gov/EU-US-Framework.
Google Ads Remarketing and conversion tracking
This Website uses the functions of Google Ads Remarketing to advertise for this Website in Google search results and on the Websites of third-party providers. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For this purpose, Google stores a cookie in the browser of your end device. This automatically enables interests-based advertising using a pseudonym cookie ID on the basis of the pages you have visited.
Processing takes place on the basis of your agreement as per Art. 6 Para. 1(a) GDPR. At any time, you can revoke it under the privacy settings.
Data processing above and beyond this takes place only if you have consented with Google to the linking of your Internet and app browser history with your Google account and to the use of information from your Google account for the personalization of ads that you see on the Internet. If you are logged in to Google during the visit of our website, Google will use your data with Google Analytics data to create and define target audience lists for cross-device remarketing. To do this, Google will temporarily associate your personal information with Google Analytics data to create target audiences.
This Website uses the online advertising program “Google Ads” and Google conversion tracking as part of Google Ads by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We use the Google Ads functions to draw attention to our offerings on external Websites using advertising means (Google Ads). We can determine the degree of success of the individual advertising measures based on the data of the advertising campaigns. In doing so, we are pursuing our interest in showing you advertisements that interest you, making our Website more interesting to you and to achieve a fair calculation of our advertising costs.
The conversion tracking cookie is set when a user clicks on a Google Ads advertisement. These cookies generally lose their validity after 30 days. They are not used for personal identification. If the user visits certain pages on this Website and the cookie has not yet expired, we and Google can detect that the user has clicked the ad and was sent to this page as a result. Each Google Ads customer receives a different cookie. Cookies can therefore not be tracked over the Websites of GoogleAds customers. The information collected using the conversion cookie is used to compile conversion statistics for GoogleAds customers who have chosen to use conversion tracking. Customers find out about the total number of users who have clicked their ad and were forwarded to a page with a conversion tracking tag as a result. However, they do not receive any information that might personally identify users.
You can permanently deactivate the setting of cookies for ads functions at Google using the following link: adssettings.google.com.
Alternatively, you can find out more about cookies from the Digital Advertising Alliance at www.aboutads.info and make settings there. Finally, you can set up your browser so that you are informed about the setting of cookies and can decide individually about accepting them or can generally exclude the acceptance of cookies for certain scenarios. If you choose not to accept cookies, the functions of our Website can be restricted.
Google LLC might transfer personal data to the USA. However, Google is certified for the US-EU Privacy Shield data protection agreement, which ensures the observance of the data protection level that applies in the EU.
For more information and the data protection provisions relating to advertising and Google, see here: www.google.com/policies/technologies/ads/
Integration of content and services of third parties
Google Tag Manager
This Website uses the Google Tag Manager. Using this service, Website tags can be managed via an interface. The Google Tool Manager only implements tags. This means the following: No cookies are used and no personal data is recorded. The Google Tool Manager resolves other tags that might then record data. However, the Google Tag Manager does not access this data. If deactivation has taken place at domain or cookie level, it remains in place for all tracking tags if these were implemented with the Google Tag Manager.
Analysis by wiredminds
Our website uses a counting pixel technology provided by wiredminds GmbH (www.wiredminds.de) to analyze visitor behavior. If necessary, data is collected, processed and stored, from which user profiles are created under a pseudonym. Wherever possible and reasonable, these usage profiles are completely anonymized. Cookies can be used for this purpose. Cookies are small text files that are stored in the visitor's Internet browser and serve to recognize the Internet browser. The collected data, which may also contain personal data, will be transmitted to wiredminds or collected directly by wiredminds. wiredminds may use information that is left by visiting the websites to create anonymized usage profiles. The data obtained without explicit consent of the affected person will not be used to personally identify the visitor of this website and will not be merged with personal data of the bearer of the pseudonym. Whenever IP addresses are recorded, their immediate anonymization takes place by deleting the last number block.
Links to other providers
Our Website contains clearly identifiable links to the Internet sites of other companies. We have no influence on the content of the linked Websites of other providers. For this reason, we cannot offer any guarantee of or liability for this content. The relevant provider or operator of the pages in question is always responsible for the content of these pages.
The linked pages were checked for possible infringements of the law and any detectable legal violations at the time when the links were set. At the time when the links were set, no illegal content was detectable. However, it is not possible to carry out constant checking of the linked pages without any specific indication of a violation of the law. If we become aware of any violations of the law, the relevant links will be removed immediately.
Cookies (Art. 6 Para. 1(f) GDPR / Art. 6 Para. 1(a) GDPR with consent)
These cookies allow us to analyze how users use our Web pages. As a result, we can design Website content that meets the needs of our users. In addition, cookies allow us to evaluate the effectiveness of a specific ad and to place ads in accordance with topical user interests.
Most of the cookies used by us are session cookies. They are deleted automatically after your visit. Permanent cookies are deleted automatically by your computer once their validity has expired (normally six months) or if you delete them yourself before the expiration of their validity.
Most Web browsers automatically accept cookies. However, as a rule you can change your browser settings if you would prefer that this information not be sent. You can then still use our Website without restrictions (exception: Configurators).
Please note: If you deactivate the setting of cookies it might not be possible to use the full functionality of our Website in some circumstances.
Automated case-by-case decisions
We do not use any purely automated processing methods to establish decisions.
Online offerings for children
Persons under the age of 16 are not allowed to transmit personal data to us or give a declaration of consent without the approval of their guardians. Parents and guardians are advised of the importance of actively monitoring the online activities and interests of their children.
Applications portal (Art. 6 Para. 1(a)(b) GDPR)
We are aware of the importance of your data and process all personal data specified on application forms only in order to ensure the efficient and correct handling of the application procedure and to make contact with you as part of the application process. Your data will not be passed onto third parties without your consent.
You are asked to provide personal data on our application form. We apply the principles of data economy and avoidance here. Only data that we require in order to fully check your application documents such as your CV (school reports, training certificates, references) or that we must collect for legal reasons is obligatory. These mandatory fields are marked by an asterisk (*). Due to technical necessity and for legal protection, your IP address is also processed.
Unfortunately, without this data we are not able to check your application documents, and our applications system will not allow you to upload them if you do not specify this data. Naturally, you may also make further voluntary specifications on the application form.
We collect and process the following data for online applications:
- First and last name
- Contact details
- School-leaving qualifications
- Tertiary education
- Salary expectations, notice period
To protect the security and confidentiality of your data to the greatest extent possible, we use appropriate security measures. Your application documents are transmitted to us via our applications system in encrypted form.
We save your data for the aforementioned purpose until your application process is completed and the relevant retention periods for this have expired - at the most for six months after the receipt of a decision.
Your online application
Please note that we can only accept applications that are sent via our online applications portal. Unfortunately, we cannot accept applications by e-mail or post.
In order to establish your profile or apply for a job, you are asked to provide personal data such as your CV, training information, skills, professional qualifications, and work experience.
We are aware of the importance of your personal data. We will use it only for research as to what might prove to be a suitable job for you at our company and for communications relating to applications, the agreement of interview dates, discussion of alternative job areas, and other application-related purposes as part of the personnel selection process. If your application is of interest to other corporate bodies of IMO Holding GmbH, your personal data might be forwarded to these entities and used by them in accordance with the instructions of IMO Holding GmbH. This has the aim of allowing us to process your application in as targeted a manner as possible and will take place only with your express consent, which you can revoke at any time.
IMO Holding GmbH saves your data for the aforementioned purpose until your application process is completed and the relevant legal retention periods for this have expired - at the most for six months after the receipt of a decision. IMO Holding GmbH will delete your data immediately after the expiration of this period.
Disclosure of data to third parties, data security
The data you provide will be passed onto other corporate bodies of IMO Holding GmbH only with your express consent, which you can revoke at any time. We will not pass on your personal data to third parties outside the IMO Corporate Group.
The Website where our applications portal is located is provided by rexx systems GmbH, based in Hamburg, Germany. IMO Holding GmbH uses this company for data processing support; this takes place in accordance with currently applicable legislation. Both IMO Holding GmbH and rexx systems GmbH use technical and organizational security measures to protect your data from accidental or deliberate manipulation, loss, destruction, and access by unauthorized persons. The security measures are constantly improved in accordance with technological development. Following the entry and submission of your data, it is transmitted via an encrypted connection to the server of our external service provider, rexx systems GmbH. All data is encrypted on the basis of the current TLS procedure.