In the following, we would like to inform you as to when, how and which personal data we collect and how we handle such data. Please use the navigation menu to quickly and easily find any particular information you are looking for. We collect and process your personal data in accordance with national and European laws, in particular the German Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (EU-GDPR). If you have any further questions regarding data protection at Pfeifer & Langen, please feel free to contact us at one of the telephone numbers, fax numbers or e-mail addresses listed below.
Responsible body for data processing
Pfeifer & Langen GmbH & Co. KG
Aachener Straße 1042 a
Tel. +49 221 4980-0
Fax +49 221 4980-371
Our data protection officer
PricewaterhouseCoopers Legal Aktiengesellschaft Rechtsanwaltsgesellschaft
In this section you will find information on data collection, data processing, data deletion, data security and the involvement of third-party providers in connection with your visit to our websites www.pfeifer-langen.com and www.diamant-zucker.de.
Server log files
Your browser automatically transmits access data (so-called “server log files”) to our servers each time you visit one of our websites. Such server log files contain the following information:
- the time of your visit,
- the page from which you visit us (referrer URL),
- the subpages visited,
- the names of requested files,
- Your IP address,
- data volume,
- the browser you are using and
- the requesting provider.
We require the aforementioned information to ensure system security and to compile usage statistics. Both purposes are in our overriding legitimate interest (Art. 6 I 1 f EU-GDPR). The respective data record will be deleted immediately after the respective purpose ceases to apply, but no later than 90 days after their collection.
Our website www.diamant-zucker.de features a contact form. By sending a message over the contact form function, you provide us with all the data you have entered in the mandatory and non-mandatory fields and give your consent (Art. 6 I 1 a EU-GDPR) to our collecting and processing of such data. They will be processed exclusively for the purpose of handling your request and deleted no later than one year after completion of the processing.
Please note: By clicking on e-mail addresses provided on our websites, you will send enter your e-mail software and transmit your message as a conventional e-mail to the address pre-filled in the recipient line. Please be informed that we have no influence on the data collection and data processing by your e-mail provider.
If you would like to learn how we process the contents of messages submitted via the contact form, please continue here.
On our websites www.diamant-zucker.de and www.liz-online.de you can subscribe to our newsletters. We will ask you to provide contact details (e.g. e-mail address, mobile number, fax number) and in some cases additional personal data (e.g. first name and surname). The collection and processing of such data is based on your consent (Art. 6 I 1 a EU-GDPR) and will be processed solely for the purpose of delivering the subscribed newsletters. For the dispatch of our newsletters, we use external service providers which we have carefully selected, whose activities we monitor and with which we have concluded data processing agreements pursuant to Art. 28 EU-GDPR. These service providers are located in Germany or in the EU.
You can revoke your consent at any time by unsubscribing from the relevant newsletter on our respective website. The data collected during registration will be deleted immediately after you have unsubscribed from the relevant newsletter.
In order to protect your personal data to the greatest extent possible we use SSL encryption (https standard). This also applies to the transmission of data via the contact form. This type of encryption is a risk-appropriate and state-of-the-art technical and organizational security measure.
Integration of external content
On our websites www.diamant-zucker.de and www.liz-online.de we integrate Analytics software from Google, Inc. For further information, please refer to the cookie banner on the respective website. We have no influence whatsoever on the data processing at Google. Further information on data protection can be found at https://policies.google.com/privacy?hl=de&fg=1
External Service Providers
In providing and operating our websites we work together with external service providers which we have carefully selected, whose activities we monitor and with which we have concluded data processing agreements pursuant to Art. 28 EU-GDPR. These service providers are located in Germany or in the EU.
Linking to external content
Please be informed that, where our websites link to third-party websites, we are not responsible for the content provided by such third party and have no influence on the data collection and data processing their websites. Please refer to the privacy policies provided on the respective websites.
We use the following services of the respective providers to evaluate the use of our company profiles and thereby improve our appearance and the respective offer:
- XING Brand Manager
- LinkedIn Analysen
- kununu Insights
- Facebook Seiten-Insights
- Instagram Seiten-Insights
- YouTube Analytics
- Twitter Analytics
- Pinterest Analytics
When you visit our company profiles, we process your data collected by means of the respective service as jointly responsible parties together with the respective provider. This data includes information about your visit or your interaction on or with our fan page, which can be related to you and may therefore qualify as personal data. Such data processing is based on our overriding legitimate interest (Art. 6 I 1 f EU-GDPR) in opening up a platform for exchanging information with you and in evaluating who visits our Fanpage in order to be able to align our content accordingly.
The respective provider undertakes to us to fulfill your rights as a data subject under Chapter 3 of the EU-GDPR. You can obtain further information on the processing of your personal data under said services at:
- https://privacy.xing.com/de/datenschutzerklaerung [for XING and kununu]
- https://policies.google.com/privacy [for YouTube]
Your job application
We thank you for your interest in our company and your application. We collect and process personal data contained in the documents you submit on the basis of your consent (Art. 6 I 1 a EU-DSGVO) and for the purpose of deciding whether or not to establish an employment relationship (Art. 6 I 1 b EU-DSGVO). If we contact you following an application, you can find out here how we handle the contents of the communication.
If you apply for a specific, advertised position, we will only process your application documents for the purpose of deciding whether you are suitable for the position to which the application relates. In the course of the application process, further personal data may also be collected and processed from you personally, from generally accessible sources or from former employers (Art. 6 I 1 b EU-GDPR). In addition, we are required by law to subject your person to a so-called “sanctions list check” or a so-called “anti-terror screening” in the course of which we will assess your personal data against the EU and U.S. sanctions lists. Such checks are carried out in fulfillment of our legal obligations (Art. 6 I 1 c EU-GDPR; REG 2580/2001/EG and REG 881/2002/EG).
Should your application be unsuccessful, your personal data will be deleted six months from the time the position is filled. Should your application be successful, the data collected, including your application documents, will be included in your personnel file (Art. 6 I 1 b EU-GDPR) and remain there for the duration of the employment relationship.
Applications that do not relate to a specific position (unsolicited applications) are processed for the purpose of deciding whether or not your qualifications match any current vacancy (Art. 6 I 1 a, b EU-GDPR). In the course of the application process, further personal data may also be collected and processed from you personally, from generally accessible sources or from former employers (Art. 6 I 1 b EU-GDPR). In addition, we are required by law to subject your person to a so-called “sanctions list check” or a so-called “anti-terror screening” in the course of which we will assess your personal data against the EU and U.S. sanctions lists. Such checks are carried out in fulfillment of our legal obligations (Art. 6 I 1 c EU-GDPR; REG 2580/2001/EG and REG 881/2002/EG).
Your personal data will be deleted one year from the date of your submission unless they are still subject of ongoing application procedures. If no application procedure leads to your employment, your personal data will be deleted six months from the date on which the last position for which we have considered you is filled. If an application procedure leads to your employment, the data collected, including your application documents, will be included in your personnel file (Art. 6 I 1 b EU-GDPR) and remain there for the duration of the employment relationship.
Transfer of submitted data
Personal data you provide to us in the course of an application and / or which we collect from generally accessible sources or from former employers will be processed exclusively by us. Data will only be passed on to affiliated companies within the Pfeifer & Langen group of companies if and insofar as you expressly express this wish in your application (Art. 6 I 1 a EU-GDPR).
We may use, from time to time, external service providers or digital application portals to advertise vacancies or to process applications. Providers of such services and softwares are located in Germany or in the EU, have been carefully selected, we monitor their activities and have concluded data processing agreements pursuant to Art. 28 EU-GDPR wit them.
Career Platforms and Professional Social Networks
Insofar as we place job advertisements on external career platforms and you apply via functions provided on such platform, we receive your documents from the operators of the respecive platform. As soon as we have received your personal data, we process it in the manner described here-above. There is no further cooperation between the platform operatos and us and we have no influence on the data collection and data processing performed by such operators. Please inform yourself about the handling of your personal data on the respective platform.
We may also use platform accounts to look for and get in touch with suitable candidates. In such cases we use the platforms‘ existing features and functions and view the personal data provided by you. In case we export your personal data from a platform (e.g., via a download feature offered on the platform), we will process this data in the manner we have set out here-above with regards to unsolicited applications.
If you contact us or cooperate with us
We are pleased that you are reaching out to us or working with us as our business partner. In this section you will find information on data collection, data processing, data deletion, data security and involvement of third-party providers in connection with a business contact.
Data collection, data processing and data deletion
In the course of a business contact, we regularly collect and process the following personal data:
- Full name
- Professional contact details (address, phone, e-mail, position, position in the company)
In addition, we may, in individual cases, ask you to provide further information, e.g. private contact data or your date of birth. Such queries are, however, limited to the absolutely necessary minimum. In particular, we make sure that there is a technical or organizational necessity behind any additional data requested.
We process your personal data in particular to initiate future business relationships or perform our mutual obligations under existing business relationships (Art. 6 I 1 b EU-GDPR) as well as to perform anti-terror and sanctions checks on our customers, suppliers and service providers to the extent required by law (Art. 6 I 1 c EU-GDPR, REG 2580/2001/EC, REG 882/2002/EC, REG 2017/1420/EU). Other purposes may be added depending on the individual case.
Your personal data will be promptly deleted as soon as the processing purpose has ceased to exist. Insofar as data is subject to statutory retention obligations in individual cases, it will remain stored until the respective retention period has expired and will then be deleted.
Aforementioned data is transferred to companies within the Pfeifer & Langen group only to the extent that we use such companies for the fulfillment of our contractual obligations (Art. 6 I 1 b EU-GDPR) or if such transfer is in our overriding, legitimate interest (Art. 6 I 1 f EU-GDPR).
Your personal data may be disclosed to authorities and courts as well as to lawyers, auditors, tax consultants, management consultants and similar service providers who are bound by legal secrecy.
External Service Providers
Your personal data is stored in our IT systems. To the extent that use external providers for IT infrastructure, IT applications and / or data processing, we select them carefully, monitor their activities and conclude with them data processing agreements in accordance with Art. 28 EU-GDPR.
We generally avoid transferring personal data to countries outside the EU. Should this occur in individual cases, we ensure an appropriate level of data protection in accordance with Art. 44 et seq. EU-GDPR at the recipient.
Your rights vis-a-vis Pfeifer & Langen
In this section, you will find out which are your rights vis-a-vis us if and to the extent we collect and process your personal data. Please note that we will comply with your legitimate requests as soon as possible and free-of-charge. Please exercise your rights at the following address: firstname.lastname@example.org
Pursuant to Art. 15 EU-GDPR, you can request information from us on your personal data stored by us, its origins, recipients or categories of recipients to whom we transfer your personal data, and the purpose of the processing.
Pursuant to Artt. 16 – 18 EU-GDPR, you may have a right to rectification, erasure or restriction of the processing of your personal data in individual cases. In addition, pursuant to Art. 20 EU-GDPR, you may request the transfer of your personal data to another controller. Furthermore, you may have the right to object to the processing of your personal data pursuant to Art. 21 EU-GDPR if and to the extent that this processing takes place exclusively on the grounds of our overriding, legitimate interest (Art. 6 I 1 f EU-GDPR) or to the extent that the processing is carried out for direct marketing purposes.
You can revoke your consent given to data collection and data processing (Art. 6 I 1 a EU-GDPR) at any time. In this case, we will not further process your personal data unless such further processing is permitted or required by law.
The aforementioned objections or revocations only take effect for the future and do not render past data collection and data processing inadmissible.
Finally, you have the right to complain to the competent data protection supervisory authority in accordance with Art. 77 EU-GDPR.
[As of: 03 / 2021]
- Server log files
- Contact Forms
- Data Security
- Integration of external content
- External Service Providers
- Linking to external content