Privacy policy

This Privacy Policy provides information about how we collect and use personal data during the use of our website. Personal data means any information relating to an identified or identifiable natural person. In particular, this includes information that enables us to identify you, such as your name, telephone number, address or e-mail address. Statistical data that we collect when you visit our website that cannot be associated with your person, does not fall under the term of personal data.

You can print or save this privacy policy by using the usual functions of your browser.


1.            Contact Person

Contact person and the controller of the processing of your personal data when you visit this website in accordance with the basic EU data protection regulation (GDPR) is

Blumenstraße 28
80331 München
Tel: +49 89 665 32 1253

If you have any questions regarding data protection in connection with the use of our website, you can also contact our data protection officer at any time. She can be reached at the following address:

Simone Rosenthal
ISiCO Datenschutz GmbH
Am Hamburger Bahnhof 4
10557 Berlin

Tel: +49 30 213 002 85 0
Fax: +49 30 213 002 89 9




2.            Data processing on our website

2.1.        Visit our website / access data

Every time you use our website, we collect access data that your browser automatically transmits to enable you to visit the website. The access data includes, for example, the IP address of the requesting device, the date and time of the request and the address of the website accessed and the requesting website. The processing of this access data is necessary to enable you to visit the website and to ensure the long-term functionality and security of our systems. The access data is temporarily stored in internal log files in order to produce statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices with which the pages are called up increases) and to generally maintain our website administratively. The legal basis is Art. 6 (1) lit. b GDPR. The information stored in the log files does not allow any direct conclusion to your person, in particular we only store the IP addresses in abridged, anonymous form.


2.2.        Contact

You have several possibilities to contact us. This includes, for example, contact forms, by telephone, e-mail or mail. In this context, we process the contact and other data you provide us exclusively for the purpose of communicating with you. The legal basis is Art. 6 (1) lit. b GDPR.


2.3.        Applications

You can apply to us for open positions at any time. The purpose of data collection is to select applicants for possible employment. In this context, we process the contact and other data (e.g. application documents, certificates, CV, date of earliest possible job start, salary expectation) submitted by you for processing your application. The legal basis for processing your application documents is Art. 6 (1) lit. b and Art. 88 (1) GDPR in conjunction with § 26 para. 1 sentence 1 BDSG (German Federal Data Protection Act).


2.4.      Cookies, comparable technologies for analysis purposes an Social-Media

To improve our website, we use cookies and similar technologies (e.g. web beacons) for statistical recording and analysis of general usage behavior based on access data. A cookie is a small text file that is stored by the browser on your device. Cookies are not used to run programs or download viruses onto your computer.

The legal basis for the data processing described in this section is Art. 6 (1) lit. f GDPR, based on our legitimate interest in the demand-oriented design and continuous optimisation of our website.


MyFonts Counter

Our website also uses MyFonts Counter, a web analysis service of MyFonts Inc. 500 Unicorn Park Drive, Woburn, MA 01801, USA. Based on the license terms, page view tracking is performed by counting the number of visits to the website for statistical purposes and transmitting them to MyFonts. MyFonts only collects anonymous data. The data may be passed on by activating JavaScript code in your browser. To prevent MyFonts from executing Java script code altogether, you can install a Java script blocker (e.g.

Further information can be found in the Privacy Policy of MyFonts.


Links to social media channels

On our website we link to our profiles on Xing, Facebook and Instagram. These links are not integrated via so-called social plugins. The integrated graphics only contain an HTTP link to our profile at the respective social media provider. When you visit our site, no direct connection is established with the servers of the providers.


3.            Transfer of data

The data collected by us will only be transfered to third parties if:

  • you have given your explicit consent according to Art. 6 (1) lit. a GDPR;
  • the disclosure according to Art. 6 (1) lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an predominating interest worthy of protection in not disclosing your data;
  • we are legally obliged according to Art. 6 (1) lit. c GDPR; or
  • this is legally permissible and is required under Art. 6 (1) lit. b GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures that are taken at your request.

Part of the data processing can be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, this may include data centers that store our website and databases, IT service providers that maintain our systems, and consulting firms. If we provide data to our service providers, they may use the data exclusively for the fulfilment of their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have appropriate technical and organisational measures in place to protect the rights of the persons concerned and are regularly monitored by us.


4.            Time of storage

In principle, we only store personal data as long as it is necessary to fulfil contractual or legal obligations for which we have collected the data. Afterwards we delete the data immediately unless we need the data until the end of the limitation period to prove legal claims or due to retention obligations. For evidence purposes, we must store contract data for three years from the end of the year in which the business relationship with you ends. This is the earliest a legal claim can become barred. Even after that, we still have to store some of your data due to accounting requirements. We are obliged to do so on the basis of retention obligations that may arise from the german national law (Handelsgesetzbuch, Abgabenordnung, Kreditwesengesetz, Geldwäschegesetz, Wertpapierhandelsgesetz.) The periods specified there for the storage of documents are two to ten years.


5.            Your rights

You have the right to request information about the processing of your personal data by us at any time. We will explain the processing to you and provide you with an overview of the data stored about you as part of the provision of information. If data about you is incorrect or not up-to-date anymore, you can demand a correction of your data. You may also request that your data will be deleted. If, in exceptional cases, deletion is not possible due to other legal requirements the data will be blocked so that it is only available for this legal purpose. You may also have the processing of your data restricted if you believe that the data we have stored is incorrect. You also have the right to data portability. We will send you a digital copy of your personal data on request.

To exercise your rights as described here, you may contact the contact addresses mentioned above at any time. You can also do so if you want to receive copies of guarantees to prove an adequate level of data protection.

You have the right to object to data processing based on Art. 6 (1) lit. e or f GDPR. You have the right to complain to our data protection supervisory authority. You may exercise this right before a supervisory authority in the member State in which you are staying, working or where your rights might be infringed. As our registered office is in Berlin, the responsible supervisory authority is:

Bayerischer Landesbeauftragter für den Datenschutz, Postfach 22 12 19, 80502 Munich.


6.            Objection and withdrawal of consent

According to Article 7 (3) GDPR, you have the right to withdraw your given consent at any time. As a result, we will no longer process data based on this consent. The withdrawal of consent shall not affect the lawfulness of processing based on given consent before its withdrawal.

If we process your data on the basis of legitimate interests according to Art. 6 (1) lit. f GDPR, you have the right to object to the processing of your data according to Article 21 GDPR and to give us reasons which arise from your particular situation and which in your opinion indicate that your interests worthy of protection predominate.

If you object to data processing for direct advertising purposes, you have a general right of objection, which we will implement without you giving reasons.

If you would like to make use of your right of withdrawal or objection, an informal message to one of the contact addresses mentioned above is sufficient.


7.            Data security

We maintain current technical measures to guarantee data security, in particular to protect your personal data from unauthorized access by third parties and from risks during transmission. These measures are implemented to the current state of the art in each case. To secure personal information you provide on our website, we use Transport Layer Security (TLS) to encrypt the information you enter.


8.            Changes to our privacy policy

We may update this privacy policy from time to time, for example when we update our website or when legal or regulatory requirements are changing.


© SALT WORKS GmbH – Stand: July 2019