The Symrise Group (hereinafter "Symrise"), is pleased that you are visiting our website. Data protection and data security are very important to us. Therefore, we would like to inform you about the personal data we collect during your visit to our website and about the intended purposes.
§ 1 Data Controller and Scope
The controller according to the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection acts of the Member States, as well as other data protection regulations, is:
Phone: +49 (0) 5531 90-0
Fax: +49 (0) 5531 90-1617
§ 2 Data Protection Officer
The external Data Protection Officer of Symrise is:
Dr. Karsten Kinast, LL.M.
KINAST Rechtsanwaltsgesellschaft mbH
Phone: +49 (0)221 – 222 183 – 0
§ 3 Principles of Processing Personal Data
Personal data are all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior. Information that cannot (or only with a disproportionate effort) be referred to your person, e.g. by anonymizing the information, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis or your consent.
Processed personal data will be deleted as soon as the purpose of the processing has been fulfilled and no legally prescribed retention obligations are to be observed.
In case we process your personal data for the provision of certain offers, please find below information about the specific processes, the scope and purpose of data processing, the legal basis for processing and the respective storage period.
1. Access and Use of the Website
a. Scope and Purpose of the Processing
When you access and use our website, we only collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file.
The following personal data is recorded to the extent necessary for the provi¬sion of a functional website and our contents and services:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- The website from which access is made (referrer URL)
- The used browser and, if applicable, the operating system of your computer as well as the name of your access provider
b. Legal Basis
Article 6 (1) lit. f)GDPR serves as the legal basis for the data processing. The processing of the mentioned data is necessary for the provision of our services and thus serves the protection of a legitimate interest of our company.
c. Data Deletion and Storage Time
The data subject’s personal data are deleted or blocked as soon as the purpose of the storage is fulfilled. Data older than seven days is getting deleted. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection for the user. Further storage may take place in individual cases if this is required by law.
2. Contact form
a. Scope and Purpose of Processing
You have the opportunity to contact us using a form provided on our website. In the course of sending your inquiry via the contact form, reference is made to this data protection declaration in order to obtain your consent. If you use the contact form, the following personal data will be processed:
- Phone number
- Fax number
The purpose of entering your e-mail address is to assign your request and to be able to reply to you. When using the contact form, your personal data will not be forwarded to third parties.
b. Legal Basis
The data processing described above (cf. § 4 3. a.) for the purpose of establishing contact is carried out voluntarily in accordance with Article 6 (1) lit. a) GDPR on the declaration of consent submitted by you.
c. Storage Time
As soon as the request you have made has been dealt with and the relevant facts have been finally clarified, your personal data processed by the contact form will be deleted. Further storage may take place in individual cases if this is required by law.
3. Application Data
a. Scope and Purpose of the Processing
Your personal data, which you communicate to us in the course of an application and/or registration on the application portal, is recorded, processed and stored, in order to correspond with you exclusively in the context of, and for the purpose of, our personnel selection process.
b. Legal Basis
Article 6 (1) (b) GDPR serves as the legal basis for the data processing. The processing of the mentioned application data is necessary for personnel selection process and therefore represents the first stages of a potential contractual relationship between you and the company.
c. Data Deletion and Storage Time
The data subject’s personal data are deleted or blocked as soon as the application process is finished. Further storage may take place in individual cases if this is required by law.
§ 5 Third Party Transfers
We only share your personal information with third parties if:
- you have given your express consent pursuant to Article 6 (1) ( a) GDPR,
- it is legally permissible and necessary for the fulfilment of a contractual relationship with you pursuant to Article 6 (1) (b) GDPR,
- there is a legal obligation to pass on the data in accordance with Article 6 (1) ( c) GDPR,
- the disclosure pursuant to Article 6 (1) lit. f)GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
Before we set any, not technically necessary, Cookies on our website, we obtain your consent via the Cookie Banner respectively the Cookie Settings in accordance with Article 6 (1) lit. a) GDPR. You can of course change your preferences at any time in the Cookie Settings.
§ 7 Tools for Tracking and Analysis
We use tracking and analysis tools to ensure continuous optimization and user-oriented design of our website. With the help of tracking measures it is also possible for us to statistically record the use of our website by visitors and to further develop our online offer for you with the help of the knowledge gained.
Our website contains hyperlinks to websites of other providers. When you activate these hyperlinks, you will be directed directly to the other providers' website. You will recognize this when the URL is changed. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
§ 9 Your Rights as a Data Subject
The GDPR provides you as a Data Subject with the following rights in case you are subject to a data processing:
- Pursuant to Article 15 GDPR you can request information about your personal data processed by us.
- In particular, you may obtain information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the right to lodge a complaint with a supervisory authority, the origin of your data, if not collected from us, about transfer to third countries or international organizations, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about the logic involved.
- Pursuant to Article 16 GDPR you can immediately demand the correction of incorrect data or the completion of your personal data stored with us.
- Pursuant to Article 17 GDPR, you may request the deletion of your personal data stored by us, provided that the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
- Pursuant to Article 18 GDPR, you can request the restriction of the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful, if we no longer need the data and if you refuse their deletion because you need to establish, exercise or defend legal claims. You are also entitled to the right under Article 18 GDPR if you have objected to the processing in accordance with Article 21 GDPR.
- Pursuant to Article 20 GDPR, you may request that the personal data you have provided us with be received in a structured, current and machine-readable format or you may request that it be transmitted to another person responsible.
- Pursuant to Article 7 (3) GDPR you can withdraw your consent at any time. As a consequence, we are no longer allowed to continue the data processing based on this consent for the future.
- Pursuant to Article 77 GDPR, you have the right to complain to a supervisory authority. You can contact the supervisory authority of your habitual residence, place of work or our company headquarters.
In case the processing of your personal data is based on legitimate interest in accordance with Article 6 (1) lit. f)GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR insofar as there are reasons which arise from your particular situation or if the objection refers to direct marketing. In the case of direct marketing, you have a general right of objection which will be considered without mentioning any particular situation.
§ 11 Data Security and Security Measures
We are committed to protecting your privacy and treating your personal information confidentially. In order to avoid any manipulation, loss or misuse of your data stored by us, we take extensive technical and organizational security measures that are regularly reviewed and adapted to technological progress. This includes, among other things, the use of recognized encryption methods (SSL or TLS).
However, we would like to point out that due to the structure of the internet, it is possible that the rules of data protection and the above mentioned security measures may not be observed by other persons or institutions for which we are not responsible.
In particular, unencrypted data - e.g. if this is done by e-mail - can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him against misuse by encryption or in any other way.