DE BLOIS
SECURITY
De Blois Security

Privacy Policy

preamble

We appreciate your interest in our company. Data protection is of utmost importance to the DE BLOIS SECURITY group.

The website www.deblois.de can generally be used without providing any personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we will obtain the consent of the data subject.

Through this privacy policy, our company would like to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.

The DE BLOIS SECURITY group, as the operator of the website www.deblois.de, has implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed and uses the highest levels of encryption to prevent manipulation. Nevertheless, internet-based data transmissions may have security gaps, so absolute protection cannot be guaranteed.

Name and address of the controller

The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the EU and other provisions of a data protection nature is:

DE BLOIS SECURITY Group
North-West-South Security Services GmbH & Co. KG
German Works and Security Services GmbH
BRAWE Fire and Plant Protection GmbH

Operator of the website

North-West-South Security Services GmbH & Co. KG
Wermelskirchener Str. 27
D – 42859 Remscheid
Phone +49 (0)2191 3701-0
Fax +49 (0)2191 3701-30
Homepage: www.deblois.de
E-mail: datenschutz@deblois.de

Registered at the Wuppertal District Court HRA 20718, VAT ID: DE 120767533
Managing Director: Barbara de Blois
Person responsible for content according to § 6 MDStV: Barbara de Blois

General information

SSL or TLS encryption

When you enter your data on websites, place online orders, or send emails over the internet, you must always expect unauthorized third parties to access your data. There is no complete protection against such access. However, we make every effort to protect your data as best as possible and to close security gaps wherever possible.

An important security mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the entered Internet address in your browser and by the fact that our Internet address begins with https:// and not http://.

How long do we store your data?

At certain points in this privacy policy, we inform you how long we or the companies that process your data on our behalf will retain your data. If no such information is provided, we will retain your data until the purpose for which it was processed no longer applies, you object to the processing, or you withdraw your consent to the processing.

However, in the event of an objection or revocation, we may continue to process your data if at least one of the following conditions is met:

  • We have compelling legitimate grounds for continuing the data processing which override your interests, rights and freedoms (only if you object to data processing; if the objection is directed against direct marketing, we cannot provide legitimate grounds).
  • Data processing is necessary to assert, exercise or defend legal claims (does not apply if your objection is directed against direct marketing).
  • We are legally obliged to retain your data.

In this case, we will delete your data as soon as the requirement(s) no longer apply.

Data transfer to the USA

We also use tools from companies on our website that transfer your data to the USA, where they store it, and possibly process it further. The European Commission has adopted an adequacy decision for the EU-US data protection framework. This determines that the USA ensures an adequate level of protection for personal data from the EU that is transferred to US companies. This decision is based on new safeguards and measures introduced by the USA to meet data protection requirements. The adequacy decision includes, among other things, restrictions and safeguards regarding US intelligence services' access to data. Binding safeguards have been introduced to limit US intelligence services' access to the necessary and proportionate extent to protect national security. In addition, increased oversight of the activities of the US intelligence services has been established to ensure that restrictions on surveillance activities are adhered to. An independent redress mechanism has also been established to process and resolve complaints from European citizens about access to their data. The EU-US Data Protection Framework thus allows European companies to transfer data to certified US companies without having to implement additional data protection safeguards. A list of all certified companies can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search

A change in the European Commission’s decision cannot be ruled out.

Your rights

Objection to data processing

IF YOU READ IN THIS PRIVACY POLICY THAT WE HAVE LEGITIMATE INTERESTS IN PROCESSING YOUR DATA AND THEREFORE BASE THESE ON ARTICLE 6 (1) SENTENCE 1 LIT. F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THIS INTEREST ACCORDING TO ARTICLE 21 GDPR. THIS ALSO APPLIES TO PROFILING CARRIED OUT ON THE BASIS OF THE ABOVE-MENTIONED PROVISION. THE PRECONDITION IS THAT YOU PROVIDE REASONS FOR THE OBJECTION THAT ARISE FROM YOUR PARTICULAR SITUATION. JUSTIFICATION IS NOT REQUIRED IF THE OBJECTION IS DIRECTED TO THE USE OF YOUR DATA FOR DIRECT MARKETING.

The consequence of objecting is that we are no longer permitted to process your data. This only does not apply if one of the following conditions applies:

  • WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS.
  • THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

THE EXCEPTIONS DO NOT APPLY IF YOUR OBJECTION IS DIRECT TO DIRECT MARKETING OR TO PROFILING ASSOCIATED WITH IT.

Further rights

Revocation of your consent to data processing

Many data processing operations are based on your consent. You give this consent, for example, by checking the appropriate box on online forms before submitting them or by allowing certain cookies when you visit our website. You can revoke your consent at any time without giving reasons (Art. 7 (3) GDPR). From the time of revocation, we are no longer permitted to process your data. The only exception is that we are legally obliged to retain the data for a certain period of time. Such retention periods exist, in particular, in tax and commercial law.

Right to lodge a complaint with the competent supervisory authority

If you believe that we are violating the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with a supervisory authority under Art. 77 GDPR. You can contact a supervisory authority in the Member State of your habitual residence, place of work, or the place where the alleged violation occurred. This right of complaint exists alongside administrative or judicial remedies.

Right to data portability

We must provide data that we process automatically based on your consent or in fulfillment of a contract to you or a third party in a common machine-readable format upon your request. We can only transfer the data to another controller if this is technically feasible.

Right to data information, deletion and correction

According to Art. 15 GDPR, you have the right to receive information free of charge about what personal data we have stored about you, where the data comes from, to whom we transmit the data, and for what purpose it is stored. If the data is incorrect, you have the right to rectification (Art. 16 GDPR); under the conditions of Art. 17 GDPR, you may request that we delete the data.

Right to restriction of processing

In certain situations, you can request that we restrict the processing of your data in accordance with Art. 18 GDPR. The data may then only be processed – apart from storage – as follows:

  • with your consent
  • to assert, exercise or defend legal claims
  • to protect the rights of another natural or legal person
  • for reasons of important public interest of the European Union or of a Member State

The right to restriction of processing exists in the following situations:

  • You have disputed the accuracy of your personal data stored by us, and we need time to verify this. In this case, you have the right to object for the duration of the verification.
  • If your personal data is being processed unlawfully or has been processed unlawfully in the past, you have the alternative right to have the data deleted.
  • We no longer need your personal data, but you require it to exercise, defend, or assert legal claims. Alternatively, you have the right to have the data deleted.
  • You have lodged an objection pursuant to Art. 21 (1) GDPR, and now your interests and ours must be weighed against each other. This right exists as long as the outcome of the balancing exercise has not yet been determined.

Hosting and Content Delivery Networks (CDN)

External hosting

Our website is hosted on a server of the following Internet service provider (hoster):

Hetzner Online GmbH
Industriestraße 25
91710 Gunzenhausen

RAIDBOXES GmbH
Hafenstr. 32
48151 Münster

How do we process your data?

The hosting provider stores all data from our website. This includes all personal data collected automatically or through your input. This can include, in particular, your IP address, pages accessed, names, contact details and queries, as well as metadata and communication data. When processing data, our hosting provider adheres to our instructions and only processes the data to the extent necessary to fulfill its service obligations to us.

On what legal basis do we process your data?

Since we address potential customers and maintain contact with existing customers via our website, the data processing by our host serves to initiate and fulfill contracts and is therefore based on Art. 6 (1) (b) GDPR. Furthermore, it is our legitimate interest as a company to provide a professional internet offering that meets the necessary requirements for security, speed, and efficiency. In this respect, we also process your data on the basis of Art. 6 (1) (f) GDPR.

Data collection on this website

Server log files

Server log files record all requests and accesses to our website and record error messages. They also contain personal data, in particular your IP address. However, this is anonymized by the provider after a short time, so we cannot assign the data to you personally. The data is automatically transmitted from your browser to our provider.

How do we process your data?

Our provider stores server log files to track activity on our website and troubleshoot errors. These files contain the following data:

  • Browser type and version
  • operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address (possibly anonymized)

We do not combine this data with other data, but use it solely for statistical analysis and to improve our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our website functions flawlessly. It is also our legitimate interest to obtain an anonymized overview of access to our website. Data processing is therefore lawful pursuant to Art. 6 (1) (f) GDPR.

Contact form

You can send us a message using the contact form on this website.

How do we process your data?

We save your message and the information you provide in the form so we can process your inquiry, including any follow-up questions. This also applies to the contact information you provide. We will not share your data with third parties without your consent.

How long do we store your data?

We will delete your data as soon as one of the following occurs:

  • Your request has been finally processed.
  • You ask us to delete the data.
  • You revoke your consent to storage.

This only does not apply if we are legally obliged to retain the data.

On what legal basis do we process your data?

If your inquiry is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data on the basis of Art. 6 (1) (b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries addressed to us. The legal basis for data processing is therefore Art. 6 (1) (f) GDPR. If you have consented to the storage of your data, Art. 6 (1) (a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Inquiry by email, telephone or fax

You can send us a message by email or fax or call us.

How do we process your data?

We save your message, as well as your provided contact information or the phone number you provided, in order to process your inquiry, including any follow-up questions. We will not share your data with third parties without your consent.

How long do we store your data?

We will delete your data as soon as one of the following occurs:

  • Your request has been finally processed.
  • You ask us to delete the data.
  • You revoke your consent to storage.

This only does not apply if we are legally obliged to retain the data.

On what legal basis do we process your data?

If your inquiry is related to our contractual relationship or serves to carry out pre-contractual measures, we process your data on the basis of Art. 6 (1) (b) GDPR. In all other cases, it is our legitimate interest to effectively process inquiries addressed to us. The legal basis for data processing is therefore Art. 6 (1) (f) GDPR. If you have consented to the storage of your data, Art. 6 (1) (a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Plugins and tools

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally, so there is no connection to Google's servers when you visit our website.

For more information about Google Fonts, see https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Font Awesome (local hosting)

We use icons from the Font Awesome icon library on our website. This library is provided by Fonticons Inc. We have installed the icons locally, so there is no connection to the company's servers when you visit our website.

For more information about Font Awesome, visit https://fontawesome.com/ and specifically in the privacy policy: https://fontawesome.com/privacy.

Google reCAPTCHA

What is Google reCAPTCHA?

Test tool to distinguish between humans and computers from Google Ireland Ltd.

Who processes your data?

Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland

Where can you find more information about Google's privacy policy?

https://policies.google.com/privacy?hl=de

On what basis do we transfer your data to the USA?

Based on the adequacy decision of the European Commission and the corresponding certification of the company.

How do we process your data?

We use Google reCAPTCHA to verify whether data entered into forms on our website originates from a human or a computer. For you, this means that the testing tool analyzes your behavior as a visitor to our website based on various characteristics. The analysis does not begin when you use the testing tool, but rather immediately when you access our website. Various data is collected, such as your IP address, the time spent on our website, and mouse movements. The data is forwarded to Google.

On what legal basis do we process your data?

As a company, we have a legitimate interest in protecting our website from spam and abusive spying. Data processing is therefore lawful under Art. 6 (1) (f) GDPR.

If you have consented to data processing, we will process your data exclusively on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time. From the time of revocation, we may no longer process your data.

Own services / Other

Handling applicant data

If you'd like to work for us, we'd be happy to receive your application. We treat all submitted personal data with the utmost confidentiality. This also applies to data we collect later during the application process.

How do we process your data?

We store all data we collect during the application process and use it to the extent necessary to decide whether to establish an employment relationship. This includes contact and communication data, application documents, and notes we take during interviews, for example. Within our company, we only share your data with people involved in processing your application.

If your application is successful, we will store the data required to carry out the employment relationship in our data processing systems.

How long do we store your data?

If we are unable to offer you a job, you decline a job offer, or withdraw your application, we reserve the right to retain your documents and other application data for up to six months after the application process has ended. This is because we may need the data for evidentiary purposes in the event of a legal dispute. After this period, we will delete the data and destroy the documents. If legal proceedings are actually imminent or are already pending, we will delete the data and documents if they are no longer required for evidentiary purposes.

The deletion of your data always presupposes that we are not legally obliged to retain it for a longer period.

On what legal basis do we process your data?

We process your application data on the basis of Section 26 of the new Federal Data Protection Act (BDSG-neu) (initiation of an employment relationship) and Article 6 (1) (b) GDPR (general contract initiation).

The same applies if your application is successful.

If we are unable to make you a job offer, you reject a job offer, or withdraw your application, we have a legitimate interest in using your data for evidentiary purposes in a potential legal dispute. Data processing is therefore based on Art. 6 (1) (f) GDPR.

If you have expressly consented to the storage of your data, we will process your data on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect.

Data processing on social media

What is social media?

By social media, we mean the social networks on which we have created publicly accessible profiles. You can read more about these social networks below.

Who processes your data?

The respective operating companies of the social networks. You can find the individual operators below under the respective networks.

How is your data processed?

The operators of social networks are generally able to collect and evaluate comprehensive data on the behavior of visitors and users of the network. It is not possible for us to track all processing operations on the social networks we use, which is why additional processing operations not listed here may be carried out by the operators of the social networks. Further information on this can be found in the terms of use and privacy policies of the respective social networks.

The processing of your data can be triggered by you visiting the website of the social network or our profile page there. Even if you access a website that uses certain content from the network, e.g. Like or Share buttons, data can already be transferred to the operators of the social network. If you are a user of the social network and logged into your user account, your visit to our profile page can be assigned to your account by the operator of the social network. Even if you have not registered a user account or are not logged in, the operator of the network may still collect your personal data, e.g. by recording your IP address or setting cookies. With this data, the operators can create user profiles tailored to your behavior and interests and show you interest-based advertising both within and outside the network. If you are a registered user of the network, interest-based advertising can also be displayed on all devices on which you are or were logged in.

On what legal basis are your data processed?

Our social media profiles are intended to ensure the most comprehensive online presence for our company. As a company, we have a legitimate interest in this. Data processing is therefore lawful under Art. 6 (1) (f) GDPR.

The data processing and analyses carried out by the operators of the social networks themselves may be based on other legal bases. These must be specified by the operators of the social networks.

Who is responsible for processing your data and how can you assert your rights?

If you visit one of our profiles on social networks, we and the operator of the respective network are jointly responsible for the data processing operations initiated during this visit. You can generally assert your rights against both us and the operator of the respective network.

Despite our joint responsibility with the operators of the social networks, our influence on the data processing procedures of the respective operator is limited and is primarily based on the operator's specifications.

How long will your data be stored?

If we collect data through our social media profiles, this data will be deleted from our systems as soon as the purpose for storing it no longer applies, you request deletion, or you revoke your consent to storage. Stored cookies remain on your device until you delete them. Mandatory legal provisions—in particular, retention periods—remain unaffected.

We have no influence on how long the operators of social networks store your data, which they collect for their own purposes. You can obtain information about this directly from the operator of the respective social network, for example, in the respective privacy policy.

Which social media do we use?

Facebook

What is Facebook?
A social network

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Will your data be transferred to third countries?
Yes, to the USA and also to other third countries

Where can you find more information about Facebook's privacy policy?
https://www.facebook.com/about/privacy/

Where can you adjust your advertising settings as a Facebook user?
As a registered Facebook user, you can adjust your advertising settings in your user account. To do so, click the following link and log in:
https://www.facebook.com/settings?tab=ads.

Twitter

What is Twitter?
A social network in the form of a micro-blogging platform

Who processes your data?
Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Will your data be transferred to third countries?
Yes, to the USA

Where can you find more information about Twitter's privacy policy?
https://twitter.com/de/privacy

Where can you adjust your advertising settings as a Twitter user?
As a registered Twitter user, you can adjust your privacy settings in your user account. To do so, click the following link and log in:
https://twitter.com/personalization.

Instagram

What is Instagram?
A social network specializing in photos and videos

Who processes your data?
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Will your data be transferred to third countries?
Yes

Where can you find more information about privacy on Instagram?
https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc[0]=Instagram-Hilfebereich&bc[1]=Richtlinien%20und%20Meldungen

Where can you as a user adjust your privacy settings?
As a registered Instagram user, you can adjust your privacy settings in your user account. To do so, click the following link and log in:
https://www.instagram.com/accounts/privacy_and_security/

LinkedIn

What is LinkedIn?

A social network for business contacts

Who processes your data?

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Will your data be transferred to third countries?

Yes

Where can you find more information about LinkedIn's privacy policy?

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where can you as a user adjust your privacy settings?

As a registered LinkedIn user, you can adjust your privacy settings in your user account. To do so, click the following link and log in:
https://www.linkedin.com/psettings/

Xing

What is Xing?

A social network for professional contacts

Who processes your data?

New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

Will your data be transferred to third countries?

Yes, to fulfill the contract with Xing, if you have given your consent, if it is necessary to assert, exercise or defend legal claims or if an adequacy decision pursuant to Art. 45 EU GDPR or appropriate safeguards pursuant to Art. 46 EU GDPR exist.

Where can you find more information about data protection at Xing?

https://privacy.xing.com/de/datenschutzerklaerung/druckversion

Where can you as a user adjust your privacy settings?

As a registered Xing user, you can adjust your privacy settings in your user account. To do so, click the following link and log in:
https://www.xing.com/settings/privacy

EN
DE EN