ALUCOBOND® ALUCORE®

Choose a different region to see content for your location

Privacy statement

Information with regard to the processing of Personal Data in accordance with Art. 13 of the General Data Protection Regulation (GDPR) of the European Union.

1. Scope

This Data Security Declaration applies for the Website of 3A Composites GmbH. In particular it refers to personal information that are processed while utilizing our websites. It does not apply for external websites or other services. Here, the respective data security declarations are to be considered.

References to the legal framework refer to the General Data Protection Regulation (GDPR) of the European Union in the version of May 25th 2018. Additionally, the respective German national legislation (Bundesdatenschutzgesetz/BDSG) in the version of November 26th 2019 applies.

Personal Information ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Art. 4 GDPR). Furthermore this declaration contains all relevant information with regard to the provision of our services.

2. Controller

The responsible authority/controller for the processing of data is

3A Composites GmbH
Alusingenplatz 1
78224 Singen

Phone: +4977319410
E-Mail: info@3acomposites.com

Represented by:
Dr. Joachim Werner

3. Data Protection Officer

We have appointed an external Data Protection Officer:

Ingenieurbüro Pfeil GmbH
Daniel Jahn
Alte Gärtnerei 2
04425 Taucha

Phone: +49 34197578700
E-Mail: 3ac.datenschutz@3acomposites.com

4. Information regarding the processing of data on our Website

4.1 Web-Hosting

The Web-Servers for the Websites https://alucobond.com; https://global.alucobond.com; https://cms.alucobond.com; https://cms.global.alucobond.com is operated by 1&1 IONOS SE.

Their contact information are:
1&1 IONOS SE
Elgendorfer Str. 57
56410 Montabaur

Phone: +49 721170555
E-Mail: info@ionos.de

1&1 IONOS SE is a processor on behalf of our service provider Third Wave GmbH. We appeal on our contract regulating the processing on behalf with Third Wave GmbH according to Art. 28 GDPR.

The adminsitrative support of the websites https://alucobond.com; https://global.alucobond.com; https://cms.alucobond.com; https://cms.global.alucobond.com is ensured by Third Wave GmbH.

Their contact information are:
Third Wave GmbH
Rosenthaler Str. 34-35
10178 Berlin

Phone: +49 30275937180
E-Mail: info@thirdwaveberlin.de

We concluded a contract regulating the processing on behalf with Third Wave GmbH according to Art. 28 GDPR.

4.2 SSL-/TLS-Encryption

This website utilizes SSL- and/or TLS-encryption for securing personal data. A secure connection is established if the address-line in your Browser changes from “http://” to “https://” and indicates a lock-symbol. A third party is not able to read data that is transferred to our website if SSL- or TLS-encryption is enabled.

4.3 Processing of personal data when visiting our website

When visiting our website, selected personal data is automatically processed by our IT-systems. Predominantly these data is technical data (e.g. Information about your Internet browser, operating system or Time of your visit). These data are processed to ensure the functionality of our website. Furthermore, this data can be used to analyse your user behaviour and to improve our services and products. On the basis of processing on behalf, these data is transferred to Hetzner Online GmbH.

4.4 Cookies

Our websites utilize cookies. Cookies are not causing any damage on your system and do not contain viruses. Cookies are used, to improve our services, to make it more effective and to improve security. Cookies are small Text files, that are stored in your browser.

Mostly, “Session-Cookies” are used. They are deleted after every session. Other Cookies remain stored on your device until you delete them manually. These Cookies enable us, to recognize your browser during your next visit.

You can change your browser settings, in order to be informed about the inclusion of Cookies. When deactivating Cookies, the functionality can be limited.

Cookies used when exercising the communication process or for the provision of certain functions are processed on the basis of Art. 6(1)f GDPR. We have a vital interest in the storage of cookies in order to provide functional, error-free and optimized services.

4.5 Server-Log-Files

The provider of our websites gathers and stores data automatically in so called Server-Log-Files. Your browser automatically gathers the following data:

  • Visited website
  • Time of the server-request
  • Quantity of exchanged data
  • Referrer URL
  • Browser type and Browser version
  • Operating system
  • IP-address

The Data is used für analytic purposes and to improve our services. The Website-operator reserves the right to check the Server-log-Files retrospectively if there are specific indications of illegal use. This data is not aggregated with data from other sources.

The acquisition of this data is conducted on the basis of Art. 6(1)f GDPR. We have a vital interest in the functional, error-free and optimized services on our website. Therefore, Server-Log-Files must be collected. After 7 days the data is anonymized by shortening of the IP-address on the domain-level. Backtracking of the user is no longer possible.

4.6 Content Management Systeme (CMS)

The Websites https://alucobond.com; https://global.alucobond.com; https://cms.alucobond.com; https://cms.global.alucobond.com utilize the CMS „Cockpit“ operated by Agentejo.

Their contact information are:
Agentejo
Breslauer Str. 13
21629 Neu Wulmstorf, Germany

Phone: +49 4057240633
E-Mail: hello@agentejo.com

Agentejo SE is a processor of our service provider Third Wave GmbH. We appeal on our contract regulating the processing on behalf with Third Wave GmbH according to Art. 28 GDPR.

4.7 Google Analytics

Our websites utilize the services of the web-analytic-service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses so called "Cookies". These are small text-files that are stored on your device and enable an analysis of your user behavior on our website.

The following information are processed:

  • Browser-Typ/-Version,
  • operating system,
  • Referrer-URL (previously visited Site),
  • Hostname (IP-address),
  • Time of server-request

The Information on your user behaviour, generated by cookies, is regularly transmitted to and stored on a Google-operated server in the USA.

The storage of Google-Analytics-Cookies and the use of analytic tools is conducted on the basis of Art. 6(1)f GDPR. We have a vital interest in the analysis of user behaviour in order to improve our services and our marketing efforts.

To protect your personal data, we have enabled IP-anonymization. Thereby your IP is shortened by Google within the member states of the EU as well as other signatories in the European Economic Area and when transferred in the U.S. Full IPs are transferred to Google servers in the U.S. and shortened there, only in exceptional cases.

On our order Google evaluates the data in order to create reports on website activities and fulfil other related services. Data gathered by Google Analytics is not merged with other data from Google.

You can prevent the storage of cookies by implementing special browser settings. Please be advised that some services may not function properly in this case. Furthermore, you can deny the acquisition of data, generated by the cookie and data regarding your use of our website (including your IP-address) as well as the transmission and procession to and by Google, by downloading and installing the following browser-plugin: https://tools.google.com/dlpage/gaoptout?hl=de.

Additional information regarding the use of personal data by Google Analytics can be found in the Data Security Declaration of Google: https://support.google.com/analytics/answer/6004245?hl=de.

User and Event related data, that is connected to cookies, user recognition Data or promotion-IDs are anonymized /deleted after 14 months. More details can be found under the following link: https://support.google.com/analytics/answer/7667196?hl=de.

Google inc. is certified in accordance with the „EU-Privacy-Shield“, which ensures the fulfilment of GDPR Data processing- standards.

4.8 Google reCAPTCHA

This website utilizes the service reCAPTCHA of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) in order to differentiate between personal or automated conduct on our websites. This includes the transmission of the utilzed device, as well as the website you are visiting that uses reCAPTCHA, the date, the duration of your visit, your log-in information (in case you are a registered Google-user, mouse-movements on the reCAPTCHA content as well as tasks you have to fulfil. These are provided by Google. This Google Fonts are installed locally. A connection to Google servers is not taking place. The Information can be transmitted to and stored on a Google-operated server in the USA. Google inc. is certified in accordance with the „EU-Privacy-Shield“, which ensures the fulfilment of GDPR Data processing- standards.

The data und the use of reCAPTCHA is conducted on the basis of Art. 6(1)a GDPR on the basis of given consent or on the basis of Art. 6(1)f GDPR, on our vital interest to avoid misuse and spam of our webiste-services.

Additional information regarding the use of personal data by Google reCAPTCHA can be found in the Data Security Declaration of Google: https://policies.google.com/privacy/.

4.9 Social Media

Facebook-Plugins (Like & Share-Button)

On our webistes we utilize the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA). You recognize the Facebook-Plugin by the Facebook-Logo or the „Like-Button“ on our websites. An overview on Facebook-Plugins is to be found here: https://developers.facebook.com/docs/plugins/?locale=en_EN.

When visiting our websites a direct conection between your browser and facebook is established. Thereby, Facebook get the information, that you visited our website with your IP-address. If you click the Facebook "Like-Button", while being logged on to your Facebook-account, the content of our webistes to your Facebook-account can be linked. Therby, Facebook can assign the visit on our websites your Facebook-Account. We declare, that we as the provider of the website do not get any knowledge on the transmitted information and their utilization by Facebook. Further information are to be found in the data-security declaration of Facebook. https://de-de.facebook.com/privacy/explanation.

If you do not wish that Facebook can assign your visit on our webistes to your Facebook-Account, pleas log-off from your Facebook-Account. The use of Facebook is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Twitter Plugin

On our webistes we utilize the social network Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA). By using Twitter or the function „Re-Tweet“, your visited websites are assigned to your Twitter-Account and communicated to other users. We declare, that we as the provider of the website do not get any knowledge on the transmitted information and their utilization by Twitter. Further information are to be found in the data-security ofTwitter: https://twitter.com/de/privacy.

The use of the Twitter-plugin is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Tumblr Plugin

Our websites utilizes buttons of the service Tumblr (Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA).

These buttons allow to share websites on Tumblr or follow the provider on Tumblr. If you contact one of our websites via Tumblr-Button, your browser establlishes a direct connection with Tumblr servers. We have no influence on the amount of data that is processed and transmitted by Tumblr.

Currently, the IP-address of the user, as well as the URL of the respective website is confirmed to be transmitted. The use of the Tumblr-plugins is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Further information are to be found in the data-security of Tumblr: https://www.tumblr.com/privacy/en.

Pinterest Plugin

Our websites utilizes social plugins of the social network Pinterest (Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA ).

If you contact one of our websites that contains such a plugin, your browser establishes a direct connection with Pinterest servers. The plugin transmits protocoll-information to the Pinterest servers in the USA. These protocoll-information might contain your IP-address, the address of the visited websites, that contain Pinterest-functions as well, type and setting of your browser, date and time of your request, your user-history as well as cookies.

The use of the Pinterest-plugin is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Further information are to be found in the data-security of Pinterest: https://policy.pinterest.com/de/privacy-policy.

Instagram Plugin

Our websites utilizes social plugins of the social network Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA). If you contact one of our websites that contains such a plugin, your browser establishes a direct connection with Instagram servers. The plugin transmits protocoll-information to the Instagram servers in the USA. These protocoll-information might contain your IP-address, the address of the visited websites, that contain Instagram-functions as well, type and setting of your browser, date and time of your request, your user-history as well as cookies.

The use of the Pinterest-plugin is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Further information are to be found in the data-security of Instagram: http://instagram.com/about/legal/privacy.

LinkedIn Plugin

Our websites utilizes social plugins of the social network LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland). If you contact one of our websites that contains such a plugin, your browser establishes a direct connection with LinkedIn servers. The plugin transmits protocoll-information to the Instagram servers in the USA. These protocoll-information might contain your IP-address, the address of the visited websites, that contain Instagram-functions as well, type and setting of your browser, date and time of your request, your user-history as well as cookies.

The use of the LinkedIn-plugin is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Further information are to be found in the data-security of LinkedIn: https://www.linkedin.com/legal/privacy-policy. Users have the possibilty to dissent(Opt-Out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Youtube Plugin

Our websites utilizes social plugins of the service Youtube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, Mutterunternehmen: Google LLC, 1600 Amphitheatre

Parkway, Mountain View, CA 94043, USA). ). If you contact one of our websites that contains such a plugin, your browser establishes a direct connection with Youtube servers. The plugin transmits protocoll-information to the Instagram servers in the USA. These protocoll-information might contain your IP-address, the address of the visited websites, that contain Instagram-functions as well, type and setting of your browser, date and time of your request, your user-history as well as cookies. The use of the Youtube-plugin is conducted on the basis of Art. 6(1)f GDPR and on our vital interest on a comprehensive visibility of our services on social media.

Further information are to be found in the data-security of Youtube: https://policies.google.com/privacy

Users have the possibilty to dissent(Opt-Out): http://tools.google.com/dlpage/gaoptout?hl=de.

Furthermore useres have the possibility to adapt the settings with regard advertising banners: https://adssettings.google.com/authenticated.

5. Information regarding the processing of personal data within our service provision

Insofar the Internet services of 3A Composites GmbH provide the option to enter personal or business data, this data is entered by the user on a voluntary basis. To process your enquiry (to send brochures, samples or to respond to price enquiries), we sometimes work with partners/distributors to whom we forward your data to enable the timely completion of your enquiry. All information is treated confidentially in accordance with the provisions of the applicable data protection legislation.

5.1 Processing purposes

Completion of orders, information regarding orders and delivery data, execution of logistic services, completion of tasks and projects, registration of contract and contact information in fulfilment of tasks or in preparation of tasks, accountancy, accounting, dunning, organization and execution of purchase and procurement, sales and marketing, maintain customer and supplier relationship.

5.2 Legal foundations

  • Fulfilment of contract and pre-contract measures (Article 6 (1)b GDPR),
  • Legal obligations (Article 6 (1)c GDPR),
  • Public interest (Article 6 (1)e GDPR),
  • Consent (Article 6 (1)a GDPR iccw (Article 6 (1-4) GDPR)
  • Safeguarding our vital interests (Article 6 (1)f GDPR),

5.3 Categories of affected data subjects

Interested parties, customers and/or employees of customers, suppliers, partners, mediators, ext. service-providers and freelancers.

5.4 Categories of personal data

We process personal data, which we receive from data subjects in their function as representatives or Plenipotentiaries of the respective entities (Interested parties, customers and/or employees of customers, suppliers, partners, mediators, ext. service-providers and freelancers).

In particular:

  • Contact information (name, title, surname, phone, fax, Mobil phone, internet-address, E-Mail, position, company, company address, number of employees, branch, customer-type, contact-history und correspondence, Information with regard to Quotations and und initiation of business),
  • Account data (order information, payment information, account information, bank, IBAN, BIC, name of the account holder, Information to fulfil contractual duties),
  • Personal data from quotations, orders, contracts address, contact-data, contract components.

5.5 Categories of recipients

Internal entities that are involved in the fulfilment of business processes (e.g. purchase, sales, marketing, administration, order execution, accounting).

Public authorities such as social insurance agencies and fiscal authorities in case of prioritized legislations

External contractors (processing on behalf Art. 4 & Art. 28 GDPR for the processing purposes mentioned above).

Further distribution of personal data is only happening with explicit consent according to Art. 6(1)a GDPR or a legal obligation according to Art. 6 (1)c GDPR is in place.

5.6 Legal retention/deletion

If the legal retention period is over, we delete the respective personal data- as long as personal data is no longer needed for preparation of a contract or performance of a contract or a legitimate interest for the storage is no longer given.

Storage period of personal data:

  • 10 years according to § 14 UStG.
  • 10 years according to § 147 AO for all tax-relevant information.
  • 10 years according to § 257 1 Nr. 1 + 4 HGB.

Data transmission to non EU-countries:

A transmission to third states is not conducted and not planned. However, when using internet-based technologies it cannot be ruled out, that at some point a transmission to third states occurs.


6. Processing personal data in applications

We offer to apply digitally (e.g. via E-Mail). Processing of applicant data proceeds in accordance with data security legislation. Furthermore, applicant data is handled as restricted data.

If you transmit your application, we process the related personal data (e.g. contact- and communication, application documents, notes taken during interviews) insofar they are necessary to justify the decision for or against an employment relationship. The legal foundation is § 26 BDSG-new/ German national legislation (initiation of an employment relationship), Art. 6 (1) b GDPR (general initiation of a contract) and in case you consented – Art. 6(1) a GDPR. The consent can be revoked at any time. Internally, your personal data is only transmitted to recipients, involved in the application process.

If an application is successful, the transmitted personal data is stored in our computer systems on the basis of § 26 BDSG-new und Art. 6(1)b GDPR with the purpose to initiate an employment relationship.

If we cannot offer you a position, you decline a job offer, withdraw your consent or request deletion of your data, we keep your personal information no longer than 6 months after the end of the application process in order to retrace particularities of the application process (Art. 6 (1)f GDPR).

You have the right to veto against the procession of your data at any time. We will keep your data as long as our significant interest is not interfering with your personal interests.

7. Data subject rights

You can obtain information about your personal data at any time free of charge on the basis of data protection regulations or demand their correction, completion, deletion or blocking, if this is not contrary to statutory regulations. You may also request that the processing of your personal data be restricted.

Withdrawal of consent (Art. 7 GDPR)

You have the right to withdraw your consent at any time. The withdrawal of consent is not affecting the lawfulness of processing based on consent before the withdrawal.

Right to object (Art. 21 GDPR)

You have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.

Right to lodge a complaint at the responsible supervisory authority (Art. 13 GDPR)

You have the right to lodge a complaint with a supervisory authority. Equally, you can complain or submit a request about the data processing to the data protection officer. The data subject can address the complaint to the supervisory authority in his or her federal state or to the supervisory authority in the federal state of the responsible company. The supervisory authority in Germany is mostly the Landesbeauftragte für Datenschutz und Informationsfreiheit.

Right to data portability (Art. 20 GDPR)

It is the right of the data subject to receive the personal data, which he provided the responsible, if the processing is based on a consent (Article 6(1)a or Article 9 (2 ) GDPR or a contract (Article 6 (1) GDPR. The responsible has to provide the data in a structured, common and machine-readable format for the data subject.

Right to access, immediate rectification, correction and immediate erasure (Art. 15,16,17 GDPR)

You can request the confirmation of the responsible that his or her data are processed. If personal data of the data subject are processed by the responsible you have the right to access, immediate rectification, correction and immediate erasure of your personal data.

Right to restriction of processing (Art. 18 GDPR)

You have the right to demand the limitation of the processing from the responsible.

Therefore you can contact us any time under the given contact information

The right to restrict processing your data is possible in the following scenarios.

If you doubt the correctness of your processed information, we need some time in order to verify your claim. In this case you can demand the restriction of processing for the time given.

If your personal information were obtained unlawful, you can request restriction instead of deletion.

If we no longer need your information the personal data would be deleted by the responsible authority, but the data subject would be required to claim, exercise or defend against legal claims. You also have the right to object against the process, however, it is not determined yet, whether the legitimate reasons of the responsible outweigh those of the data subject. Any recipient of the personal data has to be informed accordingly by the responsible authority.

As at 15th January 2020