In the following policy, we would like to inform you how, when and which personal data we collect and how we handle such data. Please use the navigation menu to quickly and easily find any particular information you are looking for. We collect and process your personal data in accordance with national and European laws, in particular the German Federal Data Protection Act (BDSG) and the EU General Data Protection Regulation (EU-GDPR). If you have any further questions regarding data protection at Pfeifer & Langen, please feel free to contact us at one of the telephone numbers, fax numbers or e-mail addresses listed below.
Responsible body for data processing
Pfeifer & Langen GmbH & Co. KG
Aachener Straße 1042 a
Tel. +49 221 4980-0
Fax +49 221 4980-371
Our data protection officer
PricewaterhouseCoopers Legal Aktiengesellschaft Rechtsanwaltsgesellschaft
When you visit our websites
In this section you will find information on data collection, data processing, data deletion, data security and the involvement of third-party providers in connection with your visit to our websites www.pfeifer-langen.com, www.diamant-zucker.de, www.liz-online.de and www.liz-herbizid.de.
Server log files
Your browser automatically transmits access data (so-called “server log files”) to our servers each time you visit one of our websites. Such server log files contain the following information:
- the time of your visit,
- the page from which you visit us (referrer URL),
- the subpages visited,
- the names of requested files,
- Your IP address,
- data volume,
- the browser you are using and
- the requesting provider.
We require the aforementioned information to ensure system security and to compile usage statistics. Both purposes are in our overriding legitimate interest (Art. 6 I 1 f EU-GDPR). The respective data record will be deleted immediately after the respective purpose ceases to apply, but no later than 90 days after their collection.
Our website www.diamant-zucker.de features a contact form. By sending a message over the contact form function, you provide us with all the data you have entered in the mandatory and non-mandatory fields and give your consent (Art. 6 I 1 a EU-GDPR) to our collecting and processing of such data. They will be processed exclusively for the purpose of handling your request and deleted no later than one year after completion of the processing.
Please note: By clicking on e-mail addresses provided on our websites, you will send enter your e-mail software and transmit your message as a conventional e-mail to the address pre-filled in the recipient line. Please be informed that we have no influence on the data collection and data processing by your e-mail provider.
If you would like to learn how we process the contents of messages submitted via the contact form, please continue here.
On our websites www.diamant-zucker.de and www.liz-online.de you can subscribe to our newsletters. We will ask you to provide contact details (e.g. e-mail address, mobile number, fax number) and in some cases additional personal data (e.g. first name and surname). The collection and processing of such data is based on your consent (Art. 6 I 1 a EU-GDPR) and will be processed solely for the purpose of delivering the subscribed newsletters. For the dispatch of our newsletters, we use external service providers which we have carefully selected, whose activities we monitor and with which we have concluded data processing agreements pursuant to Art. 28 EU-GDPR. These service providers are located in Germany or in the EU.
You can revoke your consent at any time by unsubscribing from the relevant newsletter on our respective website. The data collected during registration will be deleted immediately after you have unsubscribed from the relevant newsletter.
In order to protect your personal data to the greatest extent possible we use SSL encryption (https standard). This also applies to the transmission of data via the contact form. This type of encryption is a risk-appropriate and state-of-the-art technical and organizational security measure.
Our websites www.pfeifer-langen.com and www.diamant-zucker.de use the web analysis service Google Analytics provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Analytics script is loaded with every page view, however, only in the case of your consent, the cookies from Google Analytics are also set on your end device and usage data is collected and evaluated. The cookies set by Google remain on your end device even after you leave our website (for up to 2 years). You can delete them from your end device.
Google Analytics cookies are only stored, and this analysis tool is only used, if you have consented to this via our cookie banner (Section 25 (2) No. 2 TTDSG, Art. 6 I 1 a, Art. 49 I 1 a EU-GDPR). No adequate level of data protection is currently ensured for the transfer of personal data to the USA. Your data may be subject to access by authorities for control and monitoring purposes against which neither effective legal remedies nor data subject rights can be enforced. Therefore, please only consent to the transfer of your data to the USA if you nevertheless agree to this. Specifically, the Google Analytics script is loaded with every page view, but only after you click “agree” will usage data be collected and transmitted to Google. If you click on “decline”, a cookie will be placed on your terminal device that prevents the analysis by Google Analytics and the setting of cookies used for this purpose by Google Analytics also during future visits to our website (“opt-out cookies”). Even if you have clicked on “agree”, you can revoke your consent at any time.
We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
External Service Providers
In providing and operating our websites we work together with external service providers which we have carefully selected, whose activities we monitor and with which we have concluded data processing agreements pursuant to Art. 28 EU-GDPR. These service providers are located in Germany or in the EU.
Meta (Facebook & Instagram) Pixel
On our homepages www.pfeifer-langen.com and www.diamant-zucker.de we use so-called pixels or tags from Facebook and Instagram, subject to your consent. Both applications are operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use these pixels for displaying targeted personalized advertising on Facebook and Instagram. We use supplementary services of Google Ireland Ltd. for handling the advertisements.
If you visit one of the aforementioned homepages, give us your consent in this regard and are a user of Facebook and / or Instagram, information that you have visited our homepage and whether you have performed certain actions there (so-called “events”, for example the search for certain content) will automatically be transmitted to the respective network. Together with this information, the pixels transmit a hashed version of your Facebook / Instagram ID.
We also use so-called “conversion information”, i.e. statistical information about how many Facebook and Instagram users have visited our homepage following our advertisements placed there.
We use pixels exclusively on said homepages. There are no links to further homepages. We are unable to assign the hashed version of your Facebook / Instagram ID to your person; only Meta is technically capable of this. A further transfer of your personal data does not take place, neither from us to Meta nor from Meta to us.
The above processing of your personal data is based on your consent (Section 25 para. 1 TTDSG, Art. 6 I 1 a, Art. 49 I 1 a EU-DSGVO), which we obtain in accordance with ePrivacy law. You can give your consent separately for each service and revoke it via the cookie banner.
To also prevent further data processing by Meta / Facebook, use the following links to change your settings there:
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fpreferences%2F%3Fentry_product%3Dad_settings_screen → Advertising preferences
Alternatively, you can also delete your browsing history or select in your Facebook or Instagram account at “Advertising Preferences” that advertisements based on partner data shall not be permitted. These settings are independent from local settings on the device you use when making the setting. They are therefore adopted for all your devices (computers, smartphones, …) used with the corresponding login.
The pixels are only active during your visit to our homepages or until you revoke your consent. We have no influence whatsoever on how long Meta continues to process the transmitted data.
For more information about data processing by Meta / Facebook via the so-called Custom Audiences maintained by the Facebook and Instagram pixels, please contact the responsible third-party provider directly:
Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; in particular on the Facebook pixel at https://www.facebook.com/business/learn/facebook-ads-pixel and on data protection at https://de-de.facebook.com/privacy/explanation and at https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc=368390626577968&bc=285881641526716
Since Meta Platforms Ireland Ltd.’s parent company is located in the US, the aforementioned personal data may be transferred to the USA. In case of data transfer to Meta’s / Facebook’s US servers, the use of the EU standard contractual clauses improves the level of data protection. You can request a copy of the standard contractual clauses used by Meta for the use of the Facebook and Instagram pixel at the following link: https://www.facebook.com/help/566994660333381. An adequate level of data protection is currently not ensured in the US. Your data may be subject to access by authorities for control and monitoring purposes, against which neither effective legal remedies nor data subject rights may be enforceable. Therefore, please only consent to the transfer of your data to third countries if you nevertheless agree to this.
On our website www.diamant-zucker.de, we use a chatbot to improve our offer and to carry out marketing campaigns. You can interact with us via this feature.
We collect and store the content of the interactions of all users anonymously, i.e. without reference to natural persons. The contents of these interactions are stored and processed in an aggregated manner for statistical evaluation and performance measurement. To ensure system security, session data, i.e. your IP address, the browser you use, the URL from which you access the chatbot (referrer URL), and the time and duration of your interaction with the chatbot are collected and stored. The session data is automatically deleted within 7 days after its collection.
To provide this service, we use an external service provider which we have carefully selected, whose activities we monitor and with which we have concluded data processing agreements pursuant to Art. 28 EU-GDPR. This service provider is located in Germany. By activating the chatbot, you switch to the server of our provider. Our service provider uses services of Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, U.S.A. for technical security. The data transfer between your browser and our service provider’s servers passes through Cloudflare’s infrastructure in the U.S. and is analyzed there to prevent attacks. Cloudflare is listed on the qualified DDoS mitigation service provider list of the German Federal Office for Information Security (BSI). Further information on data protection at Cloudflare can be found at https://www.cloudflare.com/de-de/privacypolicy/.
The legal basis for the collection and processing, including the transfer of your personal data to Cloudflare in the U.S., is your consent pursuant to Section 25 (2) No. 2 TTDSG, Art. 6 I 1 a, Art. 49 I 1 a EU-GDPR. The chatbot cannot be activated without your consent via the cookie banner. You can revoke your consent at any time by adjusting your corresponding options in the cookie banner. The legal basis for storing and transferring your already collected data for 7 days for the purpose of ensuring system security is our overriding legitimate interest, Art. 6 I 1 f EU-GDPR.
Linking to external content
Please be informed that, where our websites link to third-party websites, we are not responsible for the content provided by such third party and have no influence on the data collection and data processing their websites. Please refer to the privacy policies provided on the respective websites.
If you communicate with us via social media
We use the following services of the following providers to evaluate the use of our company profiles and thereby improve our appearance and the respective offer:
- XING Brand Manager
- LinkedIn Analyses
- kununu Insights
- Facebook Page Insights
- Instagram Page Insights
- YouTube Analytics
- Twitter Analytics
- Pinterest Analytics
When you visit our company profiles, we process your data collected by means of the respective service as jointly responsible parties together with the respective provider. This data includes information about your visit or your interaction on or with our fan page, which can be related to you and may therefore qualify as personal data. Such data processing is based on our overriding legitimate interest (Art. 6 I 1 f EU-GDPR) in opening up a platform for exchanging information with you and in evaluating who visits our Fanpage in order to be able to align our content accordingly.
The respective provider undertakes to us to fulfill your rights as a data subject under Chapter 3 of the EU-GDPR. You can obtain further information on the processing of your personal data under said services at:
- https://privacy.xing.com/de/datenschutzerklaerung [for XING and kununu]
- https://policies.google.com/privacy [for YouTube]
Your job application
We thank you for your interest in our company and your application. We collect and process personal data contained in the documents you submit on the basis of your consent (Art. 6 I 1 a EU-GDPR) and for the purpose of deciding whether or not to establish an employment relationship (Art. 6 I 1 b EU-GDPR). If we contact you following an application, you can find out here how we handle the contents of the communication.
If you apply for a specific, advertised position, we will only process your application documents for the purpose of deciding whether you are suitable for the position to which the application relates. In the course of the application process, further personal data may also be collected and processed from you personally, from generally accessible sources or from former employers (Art. 6 I 1 b EU-GDPR). In addition, we are required by law to subject your person to a so-called “sanctions list check” or a so-called “anti-terror screening” in the course of which we will assess your personal data against the EU and U.S. sanctions lists. Such checks are carried out in fulfillment of our legal obligations (Art. 6 I 1 c EU-GDPR; REG 2580/2001/EG and REG 881/2002/EG).
Should your application be unsuccessful, your personal data will be deleted six months from the time the position is filled. Should your application be successful, the data collected, including your application documents, will be included in your personnel file (Art. 6 I 1 b EU-GDPR) and remain there for the duration of the employment relationship.
Applications that do not relate to a specific position (unsolicited applications) are processed for the purpose of deciding whether or not your qualifications match any current vacancy (Art. 6 I 1 a, b EU-GDPR). In the course of the application process, further personal data may also be collected and processed from you personally, from generally accessible sources or from former employers (Art. 6 I 1 b EU-GDPR). In addition, we are required by law to subject your person to a so-called “sanctions list check” or a so-called “anti-terror screening” in the course of which we will assess your personal data against the EU and U.S. sanctions lists. Such checks are carried out in fulfillment of our legal obligations (Art. 6 I 1 c EU-GDPR; REG 2580/2001/EG and REG 881/2002/EG).
Your personal data will be deleted one year from the date of your submission unless they are still subject of ongoing application procedures. If no application procedure leads to your employment, your personal data will be deleted six months from the date on which the last position for which we have considered you is filled. If an application procedure leads to your employment, the data collected, including your application documents, will be included in your personnel file (Art. 6 I 1 b EU-GDPR) and remain there for the duration of the employment relationship.
Transfer of submitted data
Personal data you provide to us in the course of an application and / or which we collect from generally accessible sources or from former employers will be processed exclusively by us. Data will only be passed on to affiliated companies within the Pfeifer & Langen group of companies if and insofar as you expressly express this wish in your application (Art. 6 I 1 a EU-GDPR).
We may use, from time to time, external service providers or digital application portals to advertise vacancies or to process applications. Providers of such services and softwares are located in Germany or in the EU, have been carefully selected, we monitor their activities and have concluded data processing agreements pursuant to Art. 28 EU-GDPR wit them.
Our Career Platform
You can apply via our online platform available on our website at “Jobs”.
You are required to provide your first and last name, e-mail, telephone and your application documents with your salary expectations, as we need this data to process your application. You can also voluntarily provide your title, home address and start date, as well as information on whether you are applying internally for an advertised position. This data is recorded electronically via the career platform and transmitted to us. Once the application data has been transmitted, you will receive a confirmation e-mail.
In addition, we process your application documents for the internal review and processing of your application electronically in our e-mail system and, if necessary, additionally by using printouts or copies (paper form).
For the provision and operation of our career platform, we work with external service providers that we have carefully selected and obligated in accordance with the data protection requirements by means of order processing contracts pursuant to Art. 28 EU-GDPR and whose activities we monitor. These service providers are based in Germany or in the EU.
External Career Platforms and Professional Social Networks
Insofar as we place job advertisements on external career platforms and you apply via functions provided on such platform, we receive your documents from the operators of the respective platform. As soon as we have received your personal data, we process it in the manner described here-above. There is no further cooperation between the platform operators and us and we have no influence on the data collection and data processing performed by such operators. Please inform yourself about the handling of your personal data on the respective platform.
We may also use platform accounts to look for and get in touch with suitable candidates. In such cases we use the platforms‘ existing features and functions and view the personal data provided by you. In case we export your personal data from a platform (e.g., via a download feature offered on the platform), we will process this data in the manner we have set out here-above with regards to unsolicited applications.
If you contact us or cooperate with us
We are pleased that you are reaching out to us or working with us as our business partner. In this section you will find information on data collection, data processing, data deletion, data security and involvement of third-party providers in connection with a business contact.
Data collection, data processing and data deletion
In the course of a business contact, we regularly collect and process the following personal data:
- Full name
- Professional contact details (address, phone, e-mail, position, position in the company)
In addition, we may, in individual cases, ask you to provide further information, e.g. private contact data or your date of birth. Such queries are, however, limited to the absolutely necessary minimum. In particular, we make sure that there is a technical or organizational necessity behind any additional data requested.
We process your personal data in particular to initiate future business relationships or perform our mutual obligations under existing business relationships (Art. 6 I 1 b EU-GDPR) as well as to perform anti-terror and sanctions checks on our customers, suppliers and service providers to the extent required by law (Art. 6 I 1 c EU-GDPR, REG 2580/2001/EC, REG 882/2002/EC, REG 2017/1420/EU). Other purposes may be added depending on the individual case.
Your personal data will be promptly deleted as soon as the processing purpose has ceased to exist. Insofar as data is subject to statutory retention obligations in individual cases, it will remain stored until the respective retention period has expired and will then be deleted.
Aforementioned data is transferred to companies within the Pfeifer & Langen group only to the extent that we use such companies for the fulfillment of our contractual obligations (Art. 6 I 1 b EU-GDPR) or if such transfer is in our overriding, legitimate interest (Art. 6 I 1 f EU-GDPR).
Your personal data may be disclosed to authorities and courts as well as to lawyers, auditors, tax consultants, management consultants and similar service providers who are bound by legal secrecy.
External Service Providers
Your personal data is stored in our IT systems. To the extent that use external providers for IT infrastructure, IT applications and / or data processing, we select them carefully, monitor their activities and conclude with them data processing agreements in accordance with Art. 28 EU-GDPR.
We generally avoid transferring personal data to countries outside the EU. Should this occur in individual cases, we ensure an appropriate level of data protection in accordance with Art. 44 et seq. EU-GDPR at the recipient.
Your rights vis-a-vis Pfeifer & Langen
In this section, you will find out which are your rights vis-a-vis us if and to the extent we collect and process your personal data. Please note that we will comply with your legitimate requests as soon as possible and free-of-charge. Please exercise your rights at the following address: email@example.com
Pursuant to Art. 15 EU-GDPR, you can request information from us on your personal data stored by us, its origins, recipients or categories of recipients to whom we transfer your personal data, and the purpose of the processing.
Pursuant to Artt. 16 – 18 EU-GDPR, you may have a right to rectification, erasure or restriction of the processing of your personal data in individual cases. In addition, pursuant to Art. 20 EU-GDPR, you may request the transfer of your personal data to another controller. Furthermore, you may have the right to object to the processing of your personal data pursuant to Art. 21 EU-GDPR if and to the extent that this processing takes place exclusively on the grounds of our overriding, legitimate interest (Art. 6 I 1 f EU-GDPR) or to the extent that the processing is carried out for direct marketing purposes.
You can revoke your consent given to data collection and data processing (Art. 6 I 1 a EU-GDPR) at any time. In this case, we will not further process your personal data unless such further processing is permitted or required by law.
The aforementioned objections or revocations only take effect for the future and do not render past data collection and data processing inadmissible.
Finally, you have the right to complain to the competent data protection supervisory authority in accordance with Art. 77 EU-GDPR.
[Version 08 / 2022]
- Server log files
- Contact Forms
- Data Security
- Google Analytics
- External Service Providers
- Meta (Facebook & Instagram) Pixel
- Linking to external content
- Jobs advertised
- Unsolicited applications
- Transfer of submitted data
- Our Career Platform
- External Career Platforms