The regulations contained in the EU General Data Protection Regulation (hereinafter GDPR) apply across Europe. We wish to inform you of the processing of personal data carried out by our company in accordance with this regulation (see Articles 13 and 14). Should you have any queries or comments concerning this data protection declaration, you can send these to the email address provided in Numbers 2 and 3 at any time.
Content overview:
I. Overview
1. Area of applicability
2. Responsible body
3. Data protection officer
4. Data security
II. Data processing broken down
1. General information concerning data processing
2. Accessing the website/application
3. Data protection information for applicants
4. Tracking
5. Data protection notice for our newsletter and the mailing via sendinblue
III. Rights of affected persons
1. Right of information
2. Right of correction
3. Right of deletion ("right to be forgotten")
4. Right to have the processing restricted
5. Right of data portability
6. Right of revocation in case of consent being issued
7. Right to complain
IV. Glossary
I. Overview
In this section of the data protection declaration, you can find information concerning the area of applicability, the responsible body for the data processing, its data protection officer and data security.
1. Area of applicability
The data processing by Jebsen & Jessen Life Science GmbH can be essentially broken down into two categories: - For the purpose of performing contracts, all necessary data in order to carry out a contract with Jebsen & Jessen Life Science GmbH will be processed. Should external service providers also be involved in the performance of the contract, your data will also be passed on to these to the necessary extent. - When you access the website/application of Jebsen & Jessen Life Science GmbH, various information will be exchanged between your end device and our server. This can also include personal data. The information which is gathered in this way is used in order to optimise our website amongst other reasons. This data protection declaration applies to the following services: - Our online service, which can be accessed at www.jj-lifescience.de - Always when reference is made to this data protection declaration from one of our services (for example websites, subdomains, mobile applications, web services or integration into third party sites), regardless of how you access or use these. The term "services" relates to all of these.
2. Responsible body
The responsible body for the processing, ie the location which takes decisions concerning the purpose and method of the processing of personal data, in connection with the services is: Jebsen & Jessen Life Science GmbH Kehrwieder 11 D-20457 Hamburg E-Mail: info@jj-lifescience.de
3. Data protection officer
You can get in touch with our data protection officer as follows:
Contact form:
https://www.dsextern.de/anfragen
DS EXTERN GmbH
Dipl.-Kfm. Marc Althaus
Frapanweg 22
D-22589 Hamburg
4. Data security
In order to develop the measures required by Article 32 GDPR and to achieve a level of protection which is reasonable in relation to the risk, we have implemented an information security standard at our company.
II. Data processing broken down
In this section of the data protection declaration, we will inform you in detail of the processing of personal data within the framework of our services. For better understanding, we will break this information down according to specified functions of our services. During normal use of the services, various functions and by extension various processing may follow each other or take place at the same time.
1. General information concerning data processing
Applies to all processing stated below, unless otherwise provided for:
a. No provision obligation
There is neither a contractual nor a legal obligation to provide the personal data. You are not obliged to provide data.
b. Consequences of failure to provide data
In case of necessary data (data which is identified as mandatory information), failure to provide the data will mean that the service concerned cannot be provided. Otherwise, failure to provide the data means that our services cannot be provided in the same form and to the same level of quality.
c. Consent
In various cases, you have the option of issuing us with your consent to further processing in connection with the processing set out below (if applicable for part of the data). In such a case, we will inform you separately in connection with the submission of the respective declaration of consent of all procedures and extension of the consent, and of the purposes we pursue in connection with this processing.
d. Forwarding on of personal data to third countries
Should we transfer data to third countries, ie countries outside of the European Union, the transfer takes place exclusively in compliance with the lawfulness requirements set by legislation. The lawfulness requirements are set out in Articles 44-49 GDPR.
e. Hosting by external service providers
In individual cases, our data processing takes place by using so-called hosting providers, which provide us with storage space and processing capacities in their computer centres and also process personal data on our behalf in accordance with our instructions. These service providers process data either exclusively in the EU, or we have guaranteed a reasonable level of data protection with the assistance of the EU standard data protection clauses.
f. Transfer to state authorities
We transfer personal data to state authorities (including criminal prosecution authorities), should this be necessary to fulfil a legal obligation to which we are subject (legal basis: Article 6 Paragraph 1 Letter c) GDPR) or should this be necessary in order to assert, exercise or defend legal claims (legal basis: Article 6 Paragraph 1 Letter f) GDPR).
g. Duration of the saving
We only save your data for as long as we require it for the respective purposes of the processing. Should the data no longer be necessary in order to fulfil contractual or legal obligations, it is deleted regularly, unless temporary storage of it continues to be necessary. Reasons for this can be as follows:
- Fulfilment of retention obligations under commercial law and tax laws
- Gaining of evidence for legal disputes within the framework of the statutory limitation period regulations It is also possible for us to continue to save your data if you have issued your express consent to this.
h. Categories of data
Core personal data: Title, gender, first name, surname, date of birth
Address data: Road, building number, any additional address data, postcode, town/city, country
Contact data: Telephone number(s), fax number(s), email address(es)
Access data: Date and time of the visit to our service; the site from which the accessing system came across our site; pages accessed during the use; data for session identification (Session ID); also the following information relating to the accessing computer system; Internet protocol (IP) address used, browser type and version, device type, operating system and similar technical information.
Application data: CV, references, proof, work samples, certificates, photos
2. Accessing the website/application
Here, a description concerning how we process your personal data when accessing our services is provided. We particularly wish to point out that the transfer of access data to external content providers (see b below) is necessary due to the technical functions of information transfer over the Internet.
We use the following cookies on the website:
Delete All Cookies Reload
3. Data protection information for applicants
We are pleased that you are interested in us and are applying or have applied for a position in our company. We would like to provide you with the following information on the processing of your personal data in connection with your application.
a. Who is responsible for data processing?
The persons responsible for applicant data processing are different from the persons responsible for general data processing. Commonly responsible persons in the sense of data protection law are Jebsen & Jessen (GmbH & Co.) KG
Kehrwieder 11
20457 Hamburg
("Jebsen & Jessen")
and its subsidiaries own address Jebsen & Jessen Trading Solutions GmbH
Jebsen & Jessen Life Science GmbH
Jebsen & Jessen Chemicals GmbH
Jebagro GmbH
Ruhr Petrol GmbH
Juritex Import-Export GmbH
GMA Garnet (Europe) GmbH
Jebsen & Jessen Industrial Services GmbH
Jebsen & Jessen Industrial Solutions GmbH
Jebsen & Jessen Metals GmbH
(each a "Jebsen & Jessen Subsidiary")
(Jebsen & Jessen and Jebsen & Jessen Subsidiaries together also "Jebsen & Jessen Group of Companies", "we", "us") You will find further information about our company, details of the persons authorized to represent us and also further contact options in our imprint on our website https://www.jebsen-jessen.de/impressum/ and on the websites of the Jebsen & Jessen Subsidiaries.
b. Which of your personal data do we process? And for what purposes?
We process personal data that you have sent us in connection with your application in order to assess your suitability for the position (or other open positions in our companies, if applicable) and to carry out the application process. This information includes, in particular, your contact details, the information contained in your CV and your references.
c. On what legal basis is this based?
The primary legal basis for the processing of your personal data in this application procedure is Section § 26 BDSG. According to this, the processing of data that is required in connection with the decision on the establishment of an employment relationship is permissible. In our application form on our website, you have the option of having CV data automatically extracted from documents or your profile on Xing.com or LinkedIn.com by a tool and transferred in structured form to the appropriate form fields (so-called "CV parsing"). The offer to you to use CV parsing serves the user-friendly design of the application process and is based on § 26 (1) sentence 1 BDSG. The tool does not serve the purpose of reviewing applications. Any decision on the suitability of a candidate is made by one of our employees. If you do not apply to us via the applicant management system, we will transfer your application into the system and also use CV parsing for this purpose to extract your data from the CV into the system. This processing is also based on § 26 (1) sentence 1 of the BDSG and is necessary to carry out the application process effectively and securely. If you apply for a specific position, you can consent to us reviewing your application for further employment opportunities in our company. This processing is based on Art. 6 Para. 1 lit. a GDPR. You can revoke your consent to this at any time. The revocation of your consent does not affect the permissibility of the data processing carried out up to this point. Furthermore, you are free to consent to the inclusion of your application in our general applicant pool. We will then store your application on the basis of Art. 6 Para. 1 lit. a GDPR You can revoke your consent to this at any time. The revocation of your consent does not affect the permissibility of the data processing carried out up to this point. Should the data be required for legal prosecution after the application process has been completed, if applicable, data processing may be carried out on the basis of Art. 6 (1) lit. f GDPR for the purpose of safeguarding legitimate interests. Our legitimate interest is then the assertion or defense of claims.
d. How long is the data stored?
Data of applicants will be deleted after 6 months in case of rejection. In the event that you have consented to your data being included in the applicant pool, your data will be deleted there after two years. If you are accepted as part of the application process and are hired, we will transfer your personal data from the applicant data system to our personnel information system.
e. To which recipients is the data passed on?
After receipt of your application, your applicant data will be viewed by the personnel department at Jebsen & Jessen, which is responsible for all subsidiaries.
In addition to the Jebsen & Jessen HR department, the relevant employees of the subsidiaries will have access to those applications that relate to their subsidiary. As a matter of principle, only those persons have access to your data who require it for the proper conduct of our application process.
We use specialized applicant management software from the provider d.vinci HR-Systems GmbH, Nagelsweg 37-39, 20097 Hamburg ("d.vinci") for the application process. D.vinci acts as a service provider for us and may also obtain knowledge of your personal data in connection with the maintenance and servicing of the systems. We have concluded a so-called order processing agreement with this provider, which ensures that the data processing is carried out in a permissible manner. The provider of the CV parsing tool and to that extent our processor is Textkernel BV, Nieuwendammerkade 28/a17, 1022, Amsterdam, The Netherlands ("Textkernel"). Textkernel processes the received data immediately and sends it back after analysis without any storage by entering it into the form fields and displaying it to the user.
f. Where is the data processed?
The data is primarily processed in data centers within the Federal Republic of Germany, and in some cases also in other EU or EEA countries.
g. Consent to the examination of further application possibilities
I consent to Jebsen & Jessen not only considering my application for the selected position, but also checking it for further employment opportunities within the company. I agree that other companies of the Jebsen & Jessen Group may have access to my personal data for this purpose. If my details include a picture and/or references to my ethnic origin, religion or health (e.g. skin color, headgear, glasses), my consent also relates to these details. My application will be deleted from the system after six months at the latest. This consent is voluntary. I can refuse it without giving reasons and without having to fear any disadvantages. I can also revoke this consent at any time in text form (e.g. letter, e-mail) and without giving reasons. In the event of revocation, my application will no longer be reviewed for further employment opportunities. However, the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
h. Consent to inclusion in the applicant pool
I consent to Jebsen & Jessen including my application in the applicant pool of the Jebsen & Jessen group of companies. Applications in the applicant pool will be considered on an ongoing basis for newly opening positions. I agree that my personal data may be repeatedly inspected by the personnel department for this purpose and, if suitable, that other companies of the Jebsen & Jessen group of companies may be granted access to my personal data. If my details include a picture and/or references to my ethnic origin, religion or health (e.g. skin color, headgear, glasses), my consent also relates to these details. My application will be deleted from the system after two years at the latest. This consent is voluntary. I can refuse it without giving reasons and without having to fear any disadvantages. I can also revoke this consent at any time in text form (e.g. letter, e-mail) and without giving reasons. In the event of revocation, my application will be deleted from the applicant pool. However, the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
4. Tracking
Below we describe how your personal data is processed using tracking technologies to analyze and optimize our services and for advertising purposes. The description of the tracking methods also includes information on how you can prevent or object to the data processing. Please note that the so-called "opt-out", i.e. the refusal of processing, is usually stored via cookies. If you use our services via a new end device or in a different browser, or if you have deleted the cookies set by your browser, you must declare the rejection again. The tracking methods presented process personal data only in pseudonymous form. A connection with a concrete, identified natural person, i.e. a combination of the data with information about the bearer of the pseudonym, does not take place.
a. Purposes of the processing
The analysis of user behavior by means of tracking helps us to check the effectiveness of our services, to optimize them and adapt them to the needs of users, and to correct errors. It also serves to statistically determine key data on the use of our services (reach, intensity of use, user surfing behavior) on the basis of uniform standard procedures and thus to obtain values that can be compared across the market. Tracking to measure the success of advertising campaigns serves to optimize our ads for the future and also to enable marketers and advertisers to optimize their ads accordingly. The purpose of tracking to optimize the display of advertisements is to show users advertisements tailored to their interests, to increase the success of the advertisements and thereby also to increase advertising revenues.
b. Legal basis of the processing
In case of services which enable the behaviour of affected persons on the Internet to be traced and when creating user profiles, informed consent under the GDPR is required.
c. The tracking procedure used at a glance
c. The tracking procedure used at a glance
c. Reach measurement with Google Analytics
The following data is processed as part of the reach analysis: The browser type and version you use, the operating system you use, your country of origin, the date and time of the server request, the number of visits, the time you spend on the website, and the external links you click. The IP address of users is anonymized before it is stored. Google Analytics uses cookies that are stored on the users computer and that enable an analysis of the use of our online offer by the user. In the process, pseudonymous user profiles can be created from the processed data. The cookies have a storage period of one week. The information generated by the cookie about your use of this website is only stored on our server and is not passed on to third parties.
Users can object to the anonymized data collection by Google Analytics at any time with effect for the future by clicking on the corresponding opt-out button at the end of this privacy policy.
In this case, a so-called opt-out cookie will be stored in their browser, with the result that Google Analytics will no longer collect any session data. If users delete their cookies, however, this has the consequence that the opt-out cookie is also deleted and must therefore be reactivated by the users. The logs containing the users data are deleted after 6 months at the latest. If we ask users for consent (e.g. in the context of a cookie consent), the legal basis for this processing is Art. 6 (1) lit. a GDPR. Otherwise, the users personal data is processed on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) lit. f GDPR).
5. Data protection notice for our newsletter and the mailing via sendinblue
a. What is the newsletter about and where does the content come from?
If you are interested, you can subscribe to our newsletter. This informs you about our products and services as well as current developments in the industry. Said services include comprehensive services ranging from procurement, sales, quality management and logistics. Our products include additives for food and feed, home & personal care products and industrial chemicals. The forecasts of future price developments of products, freights etc. are based on our experience of many years and the knowledge of our employees about the current market situation with regard to our suppliers and customers. A prerequisite for sending the newsletter is that you give your consent to this.
b. How do I register for the newsletter?
The registration for our newsletter takes place in the so-called double opt-in procedure. After your registration on our website, we will send you a confirmation email. By clicking on the confirmation link, you confirm that the e-mail address provided is yours and that you agree to receive newsletter e-mails. In order to be able to provide proof of your registration, we store the IP address you used as well as the times of registration on the website and the confirmation via confirmation link. The legal basis for this is Art. 6 para. 1 lit. f GDPR.
c. What data do I have to provide when registering and from what point on are these stored on the servers of sendinblue? In order to enable the sending of the newsletter, the provision of your e-mail address and your company name is required and mandatory. We store these after your confirmation for the purpose of sending the newsletter. We also use this data to create a list of potential new customers and store it on our servers. Further information, such as first name, last name and country in which you work, is voluntary. The legal basis for this processing is Art. 6 para. 1 lit. a GDPR.
d. Can I also revoke my consent and if so, where?
You can revoke your consent to receive the email newsletter at any time either here or by emailing marketing@jebsen-jessen.de.
e. What data of mine is tracked on Sendinblue and how, and where is it stored?
You also agree that your user behavior on the websites of Jebsen & Jessen Life Science GmbH as well as within the individual newsletter emails including attachments will be tracked and analyzed. During the registration process for the newsletter, all data that you enter will be stored and managed on the servers of sendinblue. The storage on the servers takes place exclusively in Europe, predominantly even in Germany (with Google Cloud Platforms ("GCP") in Germany and Belgium and Amazon Web Services ("AWS") in Ireland). The GDPR applies in all member states of the European Union (Art. 3 para. 1 GDPR). Consequently, both GCP in Belgium and Germany and AWS in Ireland are bound by the requirements of the GDPR. With both companies, sendinblue has concluded order processing contracts in accordance with Art. 28 GDPR.
Furthermore, the following data from you will be stored and processed: Clicking behavior (by means of tracking domains), opening rate (by means of tracking pixels), your e-mail client used (by means of user agent string) and your geographical location (by means of tracking pixels). Tracking allows us to work with A/B testing and perform analysis regarding our target groups.
Newsletter subscription without tracking is not possible. If you have already agreed to the newsletter and tracking, but no longer wish to receive tracking, you must unsubscribe either here or by sending an email to marketing@jebsen-jessen.de.
III. Rights of affected persons
1. Right of information
You have the right to be informed whether personal data relating to you is processed by us, what personal data this is, as well as to receive other information in accordance with Article 15 GDPR.
2. Right of correction
You have the right to request the immediate correction by us of incorrect personal data relating to you (Article 16 GDPR). Taking the purposes of the processing into account, you have the right to request the completion of incomplete personal data, also by means of a supplementary declaration.
3. Right of deletion ("right to be forgotten")
You have the right to request that the personal data relating to you be immediately deleted, should one of the reasons named in Article 17 Paragraph 1 GDPR be present and should the processing not be necessary for one of the purposes set out in Article 17 Paragraph 3 GDPR.
4. Right to have the processing restricted
You are entitled to request that the processing of your personal data be restricted, should one of the requirements set out in Article 18 Paragraph 1 Letters a) to d) be present.
5. Right of data portability
You have the right to receive the personal data relating to you which you have provided to us in a structured, up-to-date and machine readable format. You also have the right to transfer this data to another responsible body without hindrance by us or to have a direct transfer carried out by us, should this be technically possible. This should always be the case when the basis of the data processing is the consent or a contract and the data is processed automatically. Accordingly, this does not apply to data which is held solely in paper form.
6. Right of revocation in case of consent being issued
7. Right to complain
You have the right to complain to a supervisory authority.
IV. Glossary
Order processor: A natural or legal person, authority, institution or other body which processes personal data on behalf of the responsible body.
Browser: Computer program for displaying websites (for example Chrome, Firefox, Safari).
Cookies: In connection with the World Wide Web, a cookie is a small text file which is stored locally on the computer of the user when visiting a website. This file saves data concerning the behaviour of the user. Should the browser be opened and the relevant website be accessed again, the cookie is used and informs the web server of the surfing behaviour of the user with the assistance of the data which has been saved. In this case, cookies are not biscuits, rather information which a website saves locally on the computer of the website visitor in a small text file. This can concern settings which have already been carried out by the user on a site, but can also include information which the website has collected independently from the user itself. Later, these text files which are stored locally can be read once again by the same web server which created them. Most browsers accept cookies automatically. You can administer cookies with the help of the browser functions (usually under "options" or "settings"). By means of these, the saving of cookies can be de-activated, made dependent on your consent or otherwise restricted. You can also delete cookies at any time.
Third countries: Country which is not bound by the legal requirements of the GDPR (country outside of the EEA).
Personal data: All information which relates to an identified or identifiable natural person. A natural person is considered identifiable if he or she can be identified directly or indirectly, in particular by means of assignment to a label, such as a name, number, location data, online profile or one or more special characteristics which express the physical, physiological, genetic, psychiatric, economic, cultural or social identity of this natural person.
Pixel: Pixels are also called number pixels, tracking pixels, web beacons or web bugs. These are small, invisible graphics in HTML emails or on websites. Should a document be opened, this small picture is then loaded by a server on the Internet, whereby the downloading is registered there. By means of this, the operator of the server can see if or when an email was opened or a website was visited. This function is usually carried out by accessing a small program (JavaScript). By means of this, certain types of information on your computer system can be recognised and passed on, such as the content of cookies, time and date of the site access, as well as a description of the site which contains the number pixel.
Profiling: Any type of automated processing of personal data which means that this personal data is used in order to evaluate certain personal aspects which relate to a natural person, in particular in order to analyse or forecast the work performance, economic position, health, personal preferences, interests, reliability, behaviour, place of residence or change of location of this natural person.
Services: Our services to which this data protection declaration applies (see area of applicability).
Tracking: The collection and evaluation of data in relation to the behaviour of visitors to our services.
Tracking technology: Tracking can take place both via activity protocols (logfiles) saved on our web servers and by means of data gathering from your end device via pixels, cookies and similar tracking technology.
Processing: Any process or succession of processes carried out in connection with personal data with or without the assistance of automated procedures, such as the gathering, recording, organisation, filing, saving, adjustment or alteration, reading, retrieval, use, disclosure by transfer, distribution or other form of provision, comparison or connection, restriction, deletion or destruction.
Hamburg, September 2022
Kehrwieder 11,
DE-20457 Hamburg