Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages

Privacy policy

Privacy policy

The protection of your personal data is very important to us. In order to ensure that all data processing procedures on our website and in our offers are transparent and comprehensible for you as a visitor and user (referred to as “user”) of our website, we inform you in this data protection declaration about the type, scope and purpose of the processing of your personal data on our website.

You can save or print the privacy policy by either selecting the “print” or “save page as” commands in your browser or by printing or saving the pdf version stored here. To open the pdf version, you need a special program for pdf files (e.g. Adobe Reader).

A form to exercise the affected laws can be found here: Form to exercise the affected laws

Timeliness and change of this privacy policy

This data protection declaration is currently valid and has the status May 2022. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on our website under “Data protection”.

Explanation of Terms

In the following, we explain the terms according to Art. 4 EU General Data Protection Regulation (referred to as “GDPR”), which are mentioned in the Privacy Policy:

  • ‘Personal data’ (referred to as “data”) means any information relating to an identified or identifiable natural person (referred to as “data subject”); a person is identifiable if he or she can be identified, directly or indirectly, in particular by reference to specific identifiers or characteristics. Personal data therefore includes, for example, names, addresses, e-mail address, job title, date of birth, telephone number, user behavior, IP address, location data, genetic data, health data, etc.
  • ‘Processing’ means any operation with respect to personal data, such as collecting, recording, organizing, arranging, storing, adapting, modifying, retrieving, consulting, using, disclosing, transmitting, dissemination, making available, matching, link, restricting, erasing or destroying personal data.
  • ‘Restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.
  • ‘Pseudonymization’ means that personal data are processed in such a way that they can no longer be attributed to specific a data subject without the use of additional information. Provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  • ‘Controller’ means a natural person, company, agency, public authority, agency or other body, which alone or jointly with others, determines the purposes and means of the processing of personal data.
  • ‘Processor’ means a natural person, company, agency, public authority, institution or other body that processes personal data on behalf of the controller.
  • ‘Recipient’ means a natural person, company, agency, public authority, institution or other body to which personal data is disclosed, whether or not a third party.
  • ‘Third party’ means a natural person, company, agency, public authority or body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct authority of the controller or the processor.
  • ‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

General Data

Responsible

Responsible for the processing of personal data on this website is:

FLAVEX Naturextrakte GmbH
Nordstr. 7
66780 Rehlingen
Germany

+49 (0) 6835 / 91 95 – 0
+49 (0) 6835 / 91 95 – 95
info@flavex.com

https://www.flavex.com

https://www.flavex.com/en/imprint/

Data Protection Officer

Contact details of our data protection officer are:

Dipl. Ing. (FH) Dennis W. Nicola
Sicon GmbH
Zeppelinstraße 4
66740 Saarlouis
Tel: 06831/122 411
Fax: 06831/122 370
E-Mail: dn@sicon-it.de

General information on the processing of personal data

Types of data processed

On our website, we collect and process inventory data (e.g. names, addresses), contact data (e.g. e-mail addresses, telephone numbers, fax numbers, postal address), usage data (e.g. websites visited, links clicked, interest in content, assess times, access locations), content data (e.g. comments, text entries, photos, videos) and meta and communication data (e.g. device information, browser information, IP addresses).

Categories of affected persons

The person affected by the processing of personal data are all visitors and users of our website.

Purpose of processing

We collect and process the personal data of the users of our website in order to communicate with them and to inform them (e.g. contact and other inquiries, newsletters), to perform statistics, reach measurement and analyses (e.g. with marketing and analysis tolls), so that we can better design and optimize content and functions, to technically manage and optimize the website and to close security gaps.

Legal basis for the processing of personal data

We only process personal data if we are entitled to do so on a legal basis. We will name these legal bases individually. Apart from that, we are always entitled to process personal data if the data subject has consented (see Art. 6 para. 1 lit. a, Art. 7 GDPR), if we are obliged to fulfill contractual or pre-contractual obligations (see Art. 6 para. 1 lit. b GDPR), if we have to fulfill legal obligations (see Art. 6 para. 1 lit. c GDPR), or if we protect our legitimate interests (see Art. 6 para. 1 lit. f GDPR).

Recipients of personal data

We sometimes transfer personal data to processors or other third parties (e.g. payment service providers, hosting agencies, newsletter services, shipping companies, etc.) with whom we cooperate. We are entitled to do this if the data subject has consented to this (see Art. 6 par. 1 lit. a, Art. 7 GDPR), if we thereby fulfill contractual or pre-contractual obligations (see Art. 6 para. 1 lit. b GDPR), if we thereby fulfill a legal obligation (see Art. 6 para. 1 lit. c GDPR) or if we safeguard our legitimate interests (see Art. 6 para. 1 lit. f GDPR). We conclude a so-called order processing agreement with order processors in accordance with Art. 28 GDPR, according to which they also undertake to comply with data protection.

Hosting

This website is hosted by:

RAIDBOXES GmbH
Friedrich-Ebert-Straße 7
DE 48153 Münster
Telefon: +49 251 1498 2000
Mail: support@raidboxes.io

The hosting services used by us serve to provide the following services:

Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this website. The legal basis for the use of the hosting services is the protection of our legitimate interests in the analysis, optimization and economic and secure operation of our website (see Art. 6 para. 1 p. 1 lit. f GDPR).

In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of all users of this website on a basis. The data is stored as long as there is a purpose for it. After that the data will be deleted, unless there are legal retention obligations to the contrary.

Processing of personal data in third countries

If we transfer data to a third country, e.g. because we commission service providers there, we are entitled to do so if the data subject has consented to this (see Art. 6 Para. 1 lit. A, Art. 7 GDPR), if we thereby fulfill contractual or pre-contractual obligations (see Art. Art. 6 para. 1 lit. b GDPR), if we thereby fulfill a legal obligation (see Art. 6 para. 1 lit. c GDPR) or if we safeguard our legitimate interests (see Art. 6 para. 1 lit. f GDPR). A third country is any country outside the European Union (EU) or the European Economic Area (EWR). When transferring data to third countries, we pay attention to compliance with Art. 44 ff. GDPR), to existing guarantees or findings of the EU on an adequate level of data protection in the third country, as well as to the conclusion of any necessary agreements, e.g. standard contractual clauses.

Contact
When you contact us by e-mail, fax, telephone or mail, the data you provide (e.g. e-mail address, name, telephone number, fax number, address) will be processed by us in order to respond to your inquires. We are entitled to do this in accordance with Art. 6 Para 1 lit b GDPR. User data many also be stored in a customer relationship management system (“CRM system”) or in comparable databases.

We delete all data after storage is no longer necessary or restrict processing if there are legal retention obligations. The necessity of retaining the data is reviewed every two years at the latest.

Deletion / blocking of your personal data

We store your personal data only for as long as is necessary to achieve the purposes stated here. In addition, we only store your data if this is required by (e.g. 6 years in accordance with § 257 (1) HGB and 10 years in accordance with § 147 (1) AO for commercial and business letters, invoices, offers, etc.). After the respective purpose has ceased or these periods have expired, that data will be blocked or deleted in accordance with the statutory provision pursuant to Art. 17, 18 GDPR.

Encrypted transmission of your data

All personal data that you enter on our website and send to us are transmitted encrypted on our website according to the state of the art.
Furthermore, we secure our website and associated IT systems through technical and organizational measures against loss, destruction, access, modification or distribution of your personal data by unauthorized persons.

Collection of access data and web server log files

On the basis of our legitimate interests in the analysis, optimization and economic operation of our website, we collect the following data pursuant to Art. 6 para. 1 lit. f GDPR about each access tour website (so-called we server log files):

  • IP address of the user
  • Name of the accessed website
  • File, date and time of access
  • Amount of data transmitted (Body Bytes Sent)
  • Message about successful access
  • Browser type together with version
  • Htaccess user
  • Domain name of the requesting Internet Service Provider
  • Called URL/subpage
  • Protocol (e.g. http 2.o)
  • Status
  • Referrer URL (previously visited website)
  • User Agent
  • Operating system of the user

The data is used for statistical evaluations for the purpose of the operation, security and optimization of the website. The data is stored for security reasons (e.g. for the clarification of the fraud/abuse cases) for a period of 7 days. If longer storage is required for evidentiary purposes, they will be deleted after the final clarification of the matter.

Your rights as a data subject

You have the right to receive information and a copy of your personal data stored by us free of charge at any time (see Art. 15 GDPR).

You have the right to correct or complete your possibly incorrectly stored data (see Art. 16 GDPR).

You also have the right to restrict the processing of your data (see Art. 18 GDPR) and the right to delete your data (see Art. 17 GDPR). Deletion of your data is not possible insofar as we are obligated to continue to store the data for the purpose of processing the contract or due to the other legal retention obligations. Instead of deletion, we will block your data.

You also have the right to request the transfer of your data stored by us to another company or to have it transferred by us (see Art. 20 GDPR).

You also have the right to object to future processing of the data concerning you (see Art. 21 GDPR).

Furthermore, you have the right to revoke any consent you have given for the future (see Art. 7 (3) GDPR).

To exercise the aforementioned rights, please contact our data protection officer mentioned above.

In addition, you can file a complaint with the competent data protection supervisory authority (see Art. 77 GDPR).

Cookies

Furthermore, cookies are stored on your computer when you use our website. Cookies are small text files that enable specific information related to the device to be stored on the user’s access device (PC, smartphone).  They are used for the user-friendliness of websites (e.g. storage of login data), the collection of statistical data on website usage and for analysis for the purpose of improving the website. Cookies cannot execute programs or transfer viruses to your computer.

This website uses the following types of cookies:

  • Transient (temporary) cookies
  • Persistent (permanent) cookies

Transient cookies are automatically deleted when you close the browser or log out. These include in particular the session cookies. These sore a so-called ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website.
Persistent cookies are automatically deleted after a specified duration, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Both types of cookies may originate from us (then “first-party cookies”) or from third parties (“third-party cookies”).

Cookie consent with Borlabs cookie

Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to the storage of certain cookies in your browser and to document this in accordance with data protection law. The provider of this technology is Borlabs – Benjamin A. Borschein, Rübenkamp 32, 22305 Hamburg (referred to as Borlabs).

When you visit our website, a Borlabs cookie will be stored in your browser, which archives any declarations or revocations of consent you have entered. This data is not shared with the Borlabs cookie provider.

The collection data will be stored until you request us to delete it or you delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

The use of Borlabs cookie consent technology takes place in order to obtain the legally required consent for the use of cookies. The legal basis for the is Art. 6 para. 1 p. 1 lit. c GDPR.

etracker

The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user’s device. etracker cookies do not contain any information that could identify a user.

The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.

The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the outlined data processing at any time. Your objection has no disadvantageous consequences.

Further information on data protection with etracker can be found here.

General objection to cookies for marketing purposes

You can generally object to the use of cookies used for reach measurement and advertising purposes further via the Network Advertising Initiative opt-out page  (http://optout.networkadvertising.org/) and additionally the U.S. website   (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Furthermore, the storage of cookies can be prevented by setting this in the security settings of your browser. However, you may then not be able to use all the functions for this website. These options apply to all cookies or analysis tools mentioned below that we use for marketing purposes on this website.

cookie settings

Other offers on our website

Vacancies/Jobs

Vacancies/jobs are published on our website for which you can apply by e-mail, fax or post. Applicants are responsible for the secure transmission of applications containing personal data via these communication channels.

In order to be able to process the applications, we require minimum data resulting from the job advertisement. These are, for example, data such as names, address data and the documents belonging to the application, such as cover letter, resume and certificates. Further data can be submitted voluntarily.

We process the data provided by applicants only for the purposes of the application process. The legal basis for the processing of this data is the fulfillment of our pre-contractual obligations within the scope of the application procedure pursuant to Art. 6 (1) lit. b GDPR in conjunction with § 26 Privacy Act-new. An additional legal basis may result from Art. 6 (1) lit. f GDPR, insofar as data processing becomes necessary for us, for example in the context of legal proceedings.

We process all data that applicants submit to us, e.g. name, address, e-mail address, telephone number, specific data of the application. By submitting, applicants consent to the data processing in accordance with this privacy policy.

If applicants voluntarily provide special categories of personal data pursuant to Art. 9 (1) GDPR, we process them in accordance with Art. 9 (2) lit. b GDPR. Insofar as we request these special categories of data, the data processing is carried out in accordance with Art. 9 (2) lit. a GDPR.

In the event of a successful application, the applicant data will be processed by us for the purpose of establishing an employment relationship in accordance with Art. 6 para. 1 lit. b GDPR in conjunction with § 26 Privacy Act-new.

Otherwise, the data of the applicants will only be stored by us for the period of the application procedure and at the longest in accordance with the generally recognized and statutory retention periods. After this period, or in the event that an application is withdrawn, the data will be deleted. The data will be deleted at the latest six months after the position has been filled, in order to be able to respond to any claims by applicants under the General Equal Treatment Act. Further data may also be stored for longer in order to fulfill other legal obligations.

If an applicant consents, we include his or her applicant data in our applicant pool in order to be able to contact him or her for future job postings. The legal basis for such data processing is the applicant’s voluntary informed consent pursuant to Art. 6 para. 1 lit. a, Art. 7 GDPR. Applicants ae informed that their consent to inclusion in the applicant pool is voluntary and has no influence on the current application process. They can revoke their consent at any time for the future and object to data processing in the applicant pool for the future in accordance with Art. 21 GDPR. These declarations can be sent to the above address for data protection inquiries/to our data protection officer. The applicant data in the applicant pool is deleted after a maximum of two years, unless legal regulations require longer storage.

Integration of third-party services and content

YouTube videos information

This website does not embed videos from the YouTube company. When you click on the company videos displayed on our website, you leave our site and are redirected to YouTube’s servers. After starting a YouTube video, further data processing operations are established, in which we have no influence or control.

Please refer to YouTube’s privacy policy at:  https://policies.google.com/privacy?hl=de. The operator of the YouTube pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Font Awesome (local hosting)

This website uses Font Awesome to ensure the uniform use of font rendering. Font Awesome is locally installed. A connection to servers of Fonticons, Inc. is not established. For more information about Font Awesome, please see the Font Awesome Privacy Policy at: https://fontawesome.com/privacy.