Data protection information
Data protection information
We take data protection seriously
We are delighted that you are interested in our company. Data protection is of great importance to us. Your personal data is always protected in compliance with the General Data Protection Regulation and the applicable national data protection provisions. Personal data is only collected to the extent technically required on this website. The data collected will never be sold or released to third parties for any reason under any circumstances. The following declaration gives you an overview of how we guarantee this protection and what type of data is collected for which purpose.
ILLE-SERVICE HR D.O.O.
Nova Ulica 25
Telefon: +385 (0) 42 200 090
You can contact our data protection officer at:
Ille Papier-Service GmbH
Telefon: +49 6047 980 - 000
Telefax: +49 6047 980 - 70
All data subjects may, at any time, contact our data protection officer directly if they have any questions or suggestions regarding the protection of data.
Personal data refers to any information pertaining to an identified or identifiable natural person (hereinafter referred to as “data subject”). A natural person is considered identifiable if they can be identified directly or indirectly, in particular through the means of the allocation of an identifier such as a name, a code number, location data, an online code, or one or several special features that are the expression of the physical, physiological, genetic, mental, economic, cultural, or social identity of this natural person.
Data processing on this website
Ille automatically collects and stores information in its server log files, which your browser sends to us. This includes:
- Browser type/version
- Operating system used
- Referrer URL (site visited previously)
- Host name of the accessing computer (IP address)
- Time of server query
Ille cannot attribute this data to any specific person. This data is not merged with other data sources and is deleted after a statistical analysis.
Disclaimer of Liability
Pursuant to Section 7, Paragraph 1 of the German Telemedia Act (Telemediengesetz), we are responsible in our capacity as a service provider for our own information that we store for use, under general legislation. However, we are not responsible in our capacity as a service provider for any external data transmitted by third parties within a communication network or to which third parties allow access for use, pursuant to Section 8, Paragraph 1 of the Telemedia Act. Furthermore, pursuant to Section 10 of the Telemedia Act, we are not responsible for any external data that we save on behalf of a user, in so far as we have no knowledge of any unlawful activity or of the data nor, in the event of any claims for damage, knowledge of any acts or circumstances as a result of which unlawful activity or information becomes apparent or we have taken action immediately to remove the information or block access to it as soon as we become aware of it. We assume no liability for any links on our website to third-party sites, since we have no control over their content. The operators of such sites bears exclusive responsibility for their content. All links were checked for unlawful content at the time of publication on our website and did not contain any legal infringements. It is not possible to permanently monitor these links without any specific indications of legal infringements.
Contact opportunity via the website
The website offers the opportunity to contact us using the contact form.
When using the contact form, the following mandatory information is stored: (1) first name and surname, (2) industry, (3) position, (4) address, (5) and email address of the data subject.
- First name
- Postal address
- Email address
If a data subject uses a contact form to get in touch with the controller responsible for processing, the personal data transferred by the data subject is stored automatically. Such personal data transferred on a voluntary basis by a data subject to the controller responsible for processing is stored for the purposes of processing or contacting the data subject. This personal data is not transferred to third parties.
Our web pages use 'cookies' at several points. They serve to make our service more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are called 'session cookies'. These are deleted automatically at the end of your visit. Cookies do not cause any damage to your computer and do not contain viruses.
Managing cookies Most web browsers enable you to block cookies. If you do not agree to the use of these cookies, please deactivate them as described in the instructions for your browser www.allaboutcookies.org or where available use the automatic deactivation tool. However, some of the services associated with the Ille websites will not function correctly if cookies are deactivated.
If you would like to receive the newsletter mentioned on the website, we need a valid e-mail address from you, and also information that allow us to verify that you are the owner of the specified email address or that its owner agrees to receive the newsletter. No other data is collected. You can withdraw your consent to the storage of this data, the e-mail address and its use for receipt of the newsletter.
This website uses Google Analytics, a web analysis service from Google Inc. ("Google"). Google Analytics uses so-called 'cookies' – text files that are saved on your computer and that enable your use of the website to be analysed. The information that is generated by the cookie regarding your use of this website (including your IP address) is transmitted to a Google server in the USA, where it is saved. Google will use this information to analyse your use of the website, compile reports on your website activities for the website operator, and provide additional services associated with the use of the website and use of the Internet.
Google may also pass this information on to third parties where this is required by law or third parties are processing this data on behalf of Google. Google will not under any circumstances link your IP address with other data from Google. It is possible to prevent cookies from being installed by configuring the relevant setting in your browser software; however, it should be noted that, should you do so, you may be unable to make full use of all functions of this website as a result. Through the use of this website, you express your consent to the processing of data collected by Google about you in the manner described above and for the purpose previously stated.
You can furthermore prevent the recording of the data relating to your use of the website (including your IP address) created by the cookie and also prevent it from being processed by Google by downloading and installing the browser plug-in available from the following link. The current link is tools.google.com/dlpage/gaoptout
Products on the Ille homepage may be linked to Google Plus. This creates a direct connection to Google, which also entails further processes relating to data protection. It is therefore recommended to add the following extract on data protection.
The Google Plus plugin automatically sends information from our website directly to Google. This includes websites you have previously visited and your IP address. Google may also install cookies in your browser or access existing cookies.
More information is available at the following address:
Your trust is important to us. For this reason, we are available at any time to discuss the processing of your personal information. If you have any questions that this data privacy statement has not answered or if you would like more detailed information on a specific point, please contact the Data Protection Manager at any time. E-mail: firstname.lastname@example.org.
Customers and business partners
We process personal data that we have received from you in the context of our business relationship. In addition – to the extent necessary for the provision of our services – we process personal data that we have permissibly (e.g. in order to execute orders, comply with contracts, or due to consent you have issued) received from other companies within Ille Group or business partners performing external work, or service providers, or other third parties (e.g. credit information). In addition we process personal data that we have permissibly obtained from publicly accessible sources (e.g. records of debtors, commercial registers, the press, the media, and the internet), and are permitted to process. Personal data that we process in the context of the business relationship is as follows: your name, address, contact details, date of birth, order data, payment data, bank details, contract data, credit data, sales data, and documentation data (e.g. usage of our website, and newsletters).
The purpose and legal basis of processing
We process personal data in compliance with the provisions of data protection laws:
Based on your consent (point (a) of Article 6(1) GDPR)
In as far as you have issued us consent to process personal data for certain purposes, this processing is legally valid based on your consent. Once consent has been issued, it may be withdrawn at any time.
For compliance with contractual obligations (point (b) of Article 6(1) GDPR)
If the processing of personal data is necessary for fulfilment of a contract to which the data subject is party, as for example in the event of processing procedures which are necessary for the delivery of goods or provision of another service or return service, processing is based on point(b) of Article 6(1) GDPR. The same applies for such processing procedures as are necessary for the undertaking of pre-contractual measures, such as in cases of requests regarding our products and services.
Due to legal specifications or in the public interest (point (c) of Article 6(1) and point (e) Article 6(1) GDPR)
In addition, we process your personal data to the extent required under legal specifications, or for reasons of public interest such as for the fulfilment of tax obligations.
For the protection of the vital interests of the data subject or of another natural person (point (d) of Article 6(1) GDPR)
In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor to our company is injured and as a result their name, age, health insurance data, or other vital information needs to be transferred to a doctor, hospital, or other third party.
In the context of the balancing of interests (point (f) of Article 6(1) GDPR)
When necessary, we process your data beyond the actual fulfilment of the contract in order to safeguard justified interests held by us or third parties, unless the interest, basic rights and basic freedoms of the data subject are overriding (e.g. credit information, marketing or market and opinion research, the establishment of legal claims and defence in the event of legal disputes, guaranteeing IT security, business management measures, and the further development of products and services).
Who will receive your data?
Within Ille Group, those offices that require your data for the fulfilment of our contractual and legal obligations receive access to your data. Processors we contract may also receive data for the stated purposes. Other recipients of your data may be suppliers and service providers, for the purposes of implementing the business relationship, or public bodies and institutions in the event of a legal or official obligation. Additional data recipients may be those bodies to which you have provided us with your consent to transfer data.
The duration of storage, erasure and blocking of personal data
The criteria for the duration of personal data storage are the purpose of processing and the respective statutory retention period. After the purpose of processing has been fulfilled, and taking into account the statutory retention period, the corresponding data is deleted or blocked unless it is still required for contract fulfilment or entering into a contract.
Transfer of personal data
Personal data is only transferred to companies within Ille Group, or to suppliers and service providers in the context of contract fulfilment; these bodies may also be countries outside the EU. Personal data is not transferred to an international organisation. Personal data is only transferred if an appropriate level of data protection has been confirmed by the EU commission, or other appropriate data protection guarantees (such as standard EU contract clauses) are in place.
Rights of the data subjectRights to confirmation
All data subjects have the right granted by the European policymaker and regulator to request confirmation from the controller responsible for processing as to whether their personal data is processed.
Right to access
All data subjects affected by the processing of personal data have the right granted by the European policymaker and regulator to at any time receive information free of charge from the controller responsible for processing regarding the data stored about the data subject’s person.
Right to rectification
All data subjects affected by the processing of personal data have the right granted by the European policymaker and regulator to request the immediate rectification of incorrect personal data concerning the data subject. Furthermore, the data subject is entitled to the right to request the completion of incomplete personal data, taking into account the purposes of processing.
Right to erasure (right to be forgotten)
All data subjects affected by the processing of personal data have the right granted by the European policymaker and regulator to request from the controller that the data concerning the data subject is immediately erased, provided that one of the following grounds applies and provided that processing is not necessary:
- The personal data has been collected for such purposes or processed in another way for which it is no longer required.
- The data subject withdraws their consent on which processing was based pursuant to point (a) of Article 6(1) GDPR, or point (b) of Article 9(2) GDPR, and there is no other legal basis for processing.
- The data subject submits an objection to processing pursuant to Article 21(1) GDPR, and there are no overriding legitimate grounds for processing, or the data subject submits an objection pursuant to article 21(2) GDPR.
- The personal data have been processed unlawfully.
- The erasure of the personal data is necessary in order to comply with a legal obligation in accordance with Union law, or the law of member states to which the controller is subject.
- The personal data has been collected in respect of services offered by the information society pursuant to Article 8(1) GDPR.
The right to restriction of processing
Any data subject affected by the processing of personal data is granted the right by the European policymaker and regulator to request that the controller restricts processing if one of the following requirements are met: § The accuracy of the personal data is disputed by the data subject – in this instance, the restriction may be of a suitable duration for the controller to verify the accuracy of the personal data. § Processing is unlawful, but the data subject refuses the erasure of the personal data and instead requests the restriction of the use of the personal data. § The controller the longer requires the personal data for the purposes of processing; however, the data subject requires it for the establishment, exercise or defence of legal claims. § The data subject has submitted an objection to processing pursuant to Article 21(1) GDPR, and it has not yet been determined whether the controller’s legitimate interests override those of the data subject.
Right to data portability
Every data subject affected by processing has the right granted by the European policy maker and regulator to receive, in a structured, commonly used and machine-readable format, the personal data concerning them that has been provided to a controller by the data subject.
Right to object
Every data subject affected by the processing of personal data has the right granted by the European policy maker legislator to at any time object, for grounds arising from a particular situation, to the processing of personal data concerning them based on points (e) or (f) of Article 6(1) GDPR. This also applies for profiling based on these provisions. The controller will no longer process the personal data in the event of an objection unless we are able to prove mandatory, legitimate grounds for processing which override the interests, rights and freedoms of the data subject, or unless processing serves the establishment, exercise or defence of legal claims. If the controller processes personal data in order to undertake direct marketing, the data subject has the right to at any time object to the processing of personal data for the purposes of marketing of this type. If the data subject objects to processing for the purposes of direct marketing, we will no longer process their personal data for this purpose.
You can submit your objection to the following body:
ILLE-SERVICE HR D.O.O.
Nova Ulica 25
Telefon: +385 (0) 42 200 090
Right to withdraw consent
All data subjects affected by the processing of personal data have the right granted by the European policymaker and regulator to at any time withdraw their consent to the processing of personal data.
Obligation to provide data
We hereby clarify that the provision of some personal data is legally stipulated (e.g. tax regulations) or may also result from contractual provisions (such as information regarding a contractual partner). From time to time, it may be necessary, in order to conclude a contract, that a data subject provides us with personal information that subsequently needs to be processed by us. The data subject is for example required to provide us with personal data if our company concludes a contract with the data subject. Not providing the personal data would result in it not being possible to conclude the contract with the data subject.
The existence of automated decision-making
As a responsible company we do not use automated decision-making or profiling.
Data protection in the case of applications and in the application procedure
The controller responsible for processing collects and processes personal data concerning applicants for the purposes of handling the application procedure. Processing may also take place by electronic means. This is the case in particular if corresponding application documents are transferred by an applicant, via electronic means, to the controller responsible for processing – for example by email or using a web form located on the website. If the controller responsible for processing concludes an employment contract with an applicant, the transferred data will be stored for the purposes of executing the employment relationship, subject to the statutory specifications. If the controller responsible for processing does not conclude an employment contract with the applicant, the application documents shall be erased six months after the refusal decision has been communicated, unless other justified interests held by the controller responsible for processing contradict erasure. Another justified interest in this sense may be for example a duty to provide proof in proceedings in accordance with the General Act on Equal Treatment (Allgemeines Gleichbehandlungsgesetz, AGG).
Where can you lodge a complaint?
You have the option of lodging a complaint with the data protection officer specified above, or with the supervisory authority for data protection that is responsible for us: Bayerisches Landesamt für Datenschutzaufsicht, Promenade 27, 91522 Ansbach, Tel. +49 (0)981-531300.
Our website uses a Facebook plugin, which can be recognised by the "Like" button. An overview of Facebook plugins is available from the following link: developers.facebook.com/docs/plugins
As with Google Plus, information such as your IP address is sent to the Facebook server.
If you are logged into Facebook, you can link content on our site directly to your profile, which involves Facebook collecting the personal information relating to your visit to our website.
We have no control or knowledge of how the data transmitted to Facebook is used or to what extent it is collected.
You can view Facebook's data policy here:
The Twitter plugin works in the same way as stated for Google Plus and Facebook.
You can view Twitter's data policy here:
The controller responsible for processing has integrated components from YouTube into this website. YouTube is an internet video portal that enables video publishers to upload video clips free of charge, and allows other users to view, rate and comment on these video clips also free of charge. YouTube permits the publication of all types of videos, meaning that complete film and TV transmissions, music videos, trailers and videos produced by users themselves can all be accessed via this internet portal.
The operator of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages on this website which is operated by the controller responsible for processing, and on which a YouTube component (YouTube video) has been integrated is accessed, the web browser on the IT system operated by the data subject is automatically triggered by the YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information on YouTube is available at www.youtube.com/yt/about/. In the context of this technical procedure, YouTube and Google are notified about which specific sub-page on our website the data subject visits. If the data subject is logged into YouTube at the same time, YouTube is notified – when the data subject accesses a sub-page that contains a YouTube video – of which specific sub-page on our website the data subject has visited. This information is collected by YouTube and Google and allocated to the respective YouTube account of the data subject. YouTube and Google always receive a notification via the YouTube component that the data subject has visited our website, if the data subject is simultaneously logged into YouTube at the time of accessing our website; this takes place regardless of whether or not the data subject clicks a YouTube video. If the data subject does not wish for information to be transferred to YouTube and Google in this way, the data subject may prevent the transfer by logging out of their YouTube account before accessing our website.