Privacy Policy
Privacy Policy for this website ('Site') of el-spec GmbH Electronic-Vertrieb, Lauterbachstr. 23 c, D-82538 Geretsried ('we' and/or 'Controller')
I. General Information
As the provider of this website, we are legally obliged to inform you about the purpose, scope and nature of the collection and use of your personal data. In order to give you a good feeling for the way we process data, we would like to provide you with an overview of data processing.
If you have any further questions regarding the handling of your personal data, please do not hesitate to contact our Data Protection Officer, whose contact details can be found below (Section 1b).
Ongoing technological developments, changes to our services or the legal situation and other reasons may require us to adapt our privacy policy. We therefore reserve the right to amend this Privacy Policy at any time and we encourage you to check back regularly for updates.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security gaps. It is not possible to provide complete protection against access by third parties.
1. Contact information
a) Contact information of the controller
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
The controller responsible for the data processing on this website within the meaning of the GDPR is:
el-spec GmbH Electronic-Vertrieb
Lauterbachstr. 23 c D-82538 Geretsried
Phone: +49 8171 4357-0
E-mail: info@elspecgroup.de
b) Contact details of the data protection officer
Haus & Gross it.services GmbH
Jan Schäfer
Heinrich-Barth-Str. 28
66115 Saarbrücken
Tel: 0681-96767-10
E-mail: dsb@hausgross.de
2. SSL or TLS Encryption
This site uses SSL or TLS encryption for security purposes and to protect the transmission of confidential content, such as requests you send to us as the site operator. You can tell that you are using an encrypted connection by the browser address bar changing from 'http://' to 'https://' and by the lock icon in your browser address bar.
When SSL or TLS encryption is enabled, the information you send to us cannot be read by third parties.
3. Links
If you use external links offered on our website, this privacy statement does not extend to those links. In the event that you follow a link to one of these websites, we would like to point out that the use of these websites is subject to the privacy policy of the respective provider. We encourage you to review the privacy policies of the linked websites. This will enable you to determine whether and to what extent personal data is collected, processed, used or made available to third parties.
II. Definitions
Our privacy notices should be simple and understandable for everyone. The privacy notice generally uses the official terms of the General Data Protection Regulation (GDPR). The official definitions are set out in Art. 4 GDPR.
"Personal data“ means any information relating to the personal or material circumstances of an individual, by which he or she can be identified. This includes, for example, your name, your email address, but also, for example, the content of a message or order that you send to us.
„Controller“ means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
„Processing“ shall mean any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“Data subject” shall mean any natural person whose personal data are processed and who is in a position to determine the processing.
III. General data processing when visiting our website
Description and scope of data processing: It is generally possible to use our website without providing any personal data. However, each time you visit the website, the web server automatically stores information in so-called server log files, which your terminal automatically transmits to us. We have no direct control over the collection of this data, but for reasons of transparency we do not want to keep you in the dark. The data collected by the web server includes:
- the web page viewed
- the IP address of the terminal
- the operating system of the terminal
- your browser type and the version of the browser used on the terminal
- the referrer URL, i.e. the URL from which you originally came to us
- the host name of the accessing terminal
- the date and time of the server request, and
- the volume of data transmitted
Purpose of data processing: We process this usage data to ensure the smooth operation of the website and to guarantee IT security.
Legal basis for storage: We process this personal data on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR). Our legitimate interest is to enable you to use the website without interruption and to ensure IT security.
Duration of storage: We delete your usage data immediately after the usage process and when it is no longer required for the fulfilment of the contractual relationship or for IT security purposes. In addition, we store your usage data only to comply with legal retention obligations.
Right of objection and deletion: The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Therefore, there is no way for the user to object.
IV. Cookies and Similar Technologies
When you visit our website, we may store information on your computer in the form of a cookie or similar technology ("Cookies"). Cookies are small text files that are stored on your device either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them or your web browser automatically deletes them.
Cookies have different functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. language setting). Other cookies are used to evaluate user behaviour or to display advertisements. We only use technically necessary cookies on our website. We do not use cookies that require consent.
We use the following technically necessary cookies on our website, without which the website cannot be made available:
| Provider | Cookie | Processing purpose | Processed data and storage duration |
|---|---|---|---|
| TYPO3 | fe_typo_user | Identifies an active frontend session (e.g. for login, shopping cart) | Session (until browser is closed) |
V. Specific processing situations on our website
1. Contact via the contact form
Description and scope of data processing: You can enter personal data via a contact form on our website. When you use the contact form, we process the data you enter in the input mask (e.g. name, first name, e-mail address, telephone number, message, time of enquiry and server log data).
Purposes of data processing: The processing of the personal data provided in the form is carried out for the sole purpose of dealing with the contact. The other personal data processed during the sending process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.
Legal basis: The processing of your data takes place exclusively on the basis of contract fulfilment (Art. 6 para. 1 lit. b GDPR), insofar as it concerns contract-related matters, and in all other cases in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (processing is necessary to safeguard legitimate interests). In the latter case, our legitimate interest is to respond to your request.
Duration of storage: We only process the personal data we receive from you for the purpose of contacting you until we have finally responded to your enquiry. In addition, we will only store personal data for the purpose of asserting or defending legal claims or for as long as we are required to do so by law.
Objection and deletion options: You may object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data collected in the course of the contact will be deleted.
2. Contact by e-mail, telephone, post
Description and scope / purpose of data processing: If you contact us by e-mail, post or telephone using the contact channels we provide, the data you provide (e.g. your e-mail address and name, the content of your enquiry and the further processing of your enquiry) will be processed by us in order to process and respond to your questions or concerns.
Legal basis: The processing of your data takes place exclusively on the basis of contract fulfilment (Art. 6 para. 1 lit. b GDPR), insofar as it concerns contract-related matters, and in all other cases in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (processing is necessary to safeguard legitimate interests). In the latter case, our legitimate interest is to respond to your request.
Duration of storage: We only process the personal data we receive from you for contact purposes until we have finally responded to your enquiry. In addition, we will only store personal data for the purpose of asserting or defending legal claims or for as long as we are required to do so by law.
Right of objection and deletion: You may object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. In this case, all personal data collected in the course of contacting us will be deleted.
We ensure that data is stored securely to prevent unauthorised access by third parties. However, please note that unencrypted emails sent over the internet are not adequately protected against unauthorised access by third parties. Alternatively, you can send us a message using our secure contact form (SSL standard).
3. Handling of applicant data
We offer you the opportunity to apply to us (e.g. via the contact form, by e-mail or by post). Below we inform you about the scope, purpose and use of your personal data collected during the application process. We assure you that your data will be collected, processed and used in accordance with applicable data protection laws and all other legal requirements, and that your data will be treated as strictly confidential.
Purpose of data collection and data processed: If you send us a job application, we will process your personal data (e.g. contact and communication data, application documents, interview notes, etc.) to the extent necessary to decide on the establishment of an employment relationship.
The legal basis for this is § 26 BDSG under German law (establishment of an employment relationship), Art. 6 para. 1 lit. b) GDPR (general conclusion of a contract) and - if you have given your consent - Art. 6 para. 1 lit. a) GDPR. You may withdraw your consent at any time.
Your personal data will only be passed on within our company to persons who are involved in processing your application.
If your application is successful, your data will be stored in our data processing systems in accordance with § 26 BDSG and Art. 6 para. 1 lit. b) GDPR for the purpose of implementing the employment relationship.
Data Retention Period: If we are unable to make you a job offer, if you reject a job offer or if you withdraw your application, we reserve the right to store the data provided by you on the basis of our legitimate interests (Art. 6 para. 1 lit. f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. In particular, the data will be retained as evidence in the event of litigation.
If it is obvious that the data will be needed after the six-month period has expired (e.g. due to an imminent or pending legal dispute), the data will only be deleted if the purpose for further storage no longer applies.
Longer storage may also occur if you have given your consent (Art. 6 para. 1 lit. a) GDPR) or if legal retention requirements preclude deletion.
Admission to the applicant pool:
Purpose of data processing/data processed:
If we do not make you a job offer, you may be included in our applicant pool. If you are accepted, all documents and information from your application will be added to the pool so that we can contact you if suitable vacancies arise.
Legal basis: Inclusion in the applicant pool is based solely on your express consent (Art. 6 para. 1 lit. a) GDPR). Your consent is voluntary and is not linked to the current application process.
Revocation of Consent / Retention Period: The data subject may revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retaining the data. The data will be irrevocably deleted from the applicant pool no later than two years after consent is given.
VI. YouTube Links
YouTube is only embedded on our website in the form of a link. Clicking on the embedded link will take you to the YouTube site. User information is only transferred to the respective provider after the redirection. Please review YouTube's privacy policy to learn more about how they treat your personal information when you use YouTube.
VII. Transfer of data
We will only transfer your personal data to third parties if this is necessary for the performance of our contract with you, if we have a legitimate interest in doing so, if you have given your consent to the transfer and/or if we are required to do so by law or by official or court order. We disclose your personal information generally as follows:
1. Processors
All personal data that we process in connection with this website is processed by us or our service providers. We may transfer your personal data to external service providers, such as IT and website optimisation service providers (e.g._____), in order to provide you with our services. We have carefully selected these service providers and entered into data processing agreements with them.
2. Third parties (so-called recipients)
a) Contractual partners
We pass on your personal data to other responsible parties who process the personal data for their own purposes, insofar as this is necessary for the performance of the contract or the provision of the service. Our contractual partners may only use the data transmitted in this way for the purpose for which we transmitted it.
The transfer of your personal data for these purposes is carried out for the fulfilment of the contract, art. 6 par. 1 lit. b GDPR or on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in the efficient organisation of our business.
b) Legal obligation or enforcement of legal claims
We will otherwise only transfer your personal data to third parties if and to the extent that this is legally required or permitted or in order to enforce legal claims or to investigate or prevent suspected or actual illegal activities. In such cases, we will notify you separately of the transfer if and to the extent required by law.
3. Transfer to third countries
If we transfer your personal data to countries outside the European Economic Area (EEA) or instruct processors in such countries (e.g. the USA), we will ensure before the transfer that the recipient either has an adequate level of data protection (e.g. on the basis of an adequacy decision by the EU Commission for the relevant country pursuant to Art. 45 GDPR or the agreement of so-called EU standard contractual clauses of the European Commission with the recipient in accordance with Art. 46 GDPR) or if our users have given their express consent. Please contact us as described in Section I. 1 to find out more about the specific security mechanisms we use.
VIII. Data Deletion
We store your personal data for as long as is expressly stated for the respective processing and in any case no longer than is necessary to fulfil the purpose for which it was collected. In addition, we will only store your personal data for the purpose of asserting or defending legal claims or for as long as we are required to do so by law.
IX. Your rights
You have the following legal rights with respect to el-spec GmbH Electronic-Vertrieb, provided that the relevant conditions are met. You can find more information about your rights and the relevant conditions on the website of the EU Commission at ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_de.
1. Right of access
As a data subject, you have the right under Article 15 of the GDPR to obtain confirmation as to whether or not we are processing personal data relating to you. If this is the case, you have the right to access such personal data and to obtain further information, such as the purposes of the processing, the recipients and the envisaged retention period of the personal data or the criteria used to determine that period.
2. Right to rectification and integration
As a data subject, you have the right to request the immediate rectification of inaccurate personal data pursuant to Art. 16 GDPR. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.
3. Right to erasure ("right to be forgotten")
As a data subject, you have the right to request the erasure of your personal data in accordance with Art. 17 GDPR. This is the case, for example, if your personal data is no longer required for the original purposes, if you have withdrawn your consent under data protection law, or if the personal data has been processed unlawfully.
4. Right to restrict processing
As a data subject, you have the right to restrict processing in the cases provided for by law, in accordance with Art. 18 GDPR.
5. Right to data portability
As the data subject, you have the right to obtain the personal data concerning you in a structured, commonly used and machine-readable format in the cases prescribed by law in accordance with Art. 20 GDPR.
6. Right to revoke your data protection consent
You may revoke your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the lawfulness of the processing carried out until the revocation.
7. Right to object
If we process your personal data on the basis of legitimate interests in accordance with Art. 6 (1) sentence 1 point f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, if this is done for reasons arising from your particular situation. If the objection concerns the processing of personal data for the purpose of direct marketing, you have a general right to object without having to indicate a particular situation.
8. Right to lodge a complaint with a data protection authority
Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a data protection authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you is in breach of the GDPR.
The competent authority for us is the Bavarian Data Protection Authority (https://www.lda.bayern.de/de/kontakt.html). You can contact them using the following contact details:
Bayerisches Landesamt für Datenschutz (BayLDA) Promenade 18 91522 Ansbach Telephone: +49 (0) 981 180093-0 Fax: +49 (0) 981 180093-800 E-mail: poststelle@lda.bayern.de
X. Changes to our Privacy Policy
We reserve the right to update this Privacy Policy from time to time in accordance with applicable data protection legislation. We do this to adapt it to current legal requirements and to reflect changes in our services. The current version applies to your visit.
As of this privacy statement: March 2025
