​Privacy Policy of Donaustahl GmbH

General Information

​

We appreciate your interest in our company. Data protection is of particular importance to the management of Donaustahl GmbH. The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is all data that can be used to personally identify you.

 

Data Collection on This Website

​

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the "Information on the Responsible Party" section of this privacy policy.

 

How do we collect your data?
Your data is collected, on the one hand, when you provide it to us (e.g., by email). Other data is collected automatically or with your consent when you visit the website by our IT systems (e.g., internet browser, IP address, time of page access).

​

What do we use your data for?
Some of the data is collected to ensure the error-free and secure provision of the website. Other data may be used to analyze your user behavior if you have given your consent.

​

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:
​
Donaustahl GmbH
Alte Straße 4
94116 Hutthurm
Germany

 

Represented by the Managing Director: Stefan Thumann

Telephone: +49 (0)8505 723 88 59
Email: info@donaustahl.com

Registration Court: Passau District Court
Registration Number: HRB 10808

 

Data Protection Officer

 

We have not appointed a data protection officer because we do not meet the legal requirements for a mandatory appointment pursuant to Section 38 of the German Federal Data Protection Act (BDSG). For questions regarding data protection, please contact the controller listed above directly.

Legal basis for processing

If we obtain the consent of the data subject for processing personal data, Art. 6 (1) (a) GDPR serves as the legal basis.

​

For the processing of personal data necessary to fulfill a contract or to carry out pre-contractual measures (e.g., inquiries about our products or investments), Art. 6 (1) (b) GDPR serves as the legal basis.

​

If the processing of personal data is necessary to fulfill a legal obligation (e.g., tax obligations), Art. 6 (1) (c) GDPR serves as the legal basis.

​

If processing is necessary to protect a legitimate interest of our company and your interests do not override it, Art. 6 (1) (f) GDPR serves as the legal basis (e.g., for the operation and security of the website).

​

Duration of storage

​

Unless a more specific storage period is specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you revoke your consent or request deletion, your data will be deleted unless there are other legally permissible reasons for storage (e.g., retention periods under tax or commercial law).

 

 

SSL or TLS encryption

​

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the lock symbol in your browser bar and by the fact that the browser's address bar changes to "https://".

 

 

Notice on data transfer to the USA and other third countries

​

We may use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there.

​

 

For the USA, the EU Commission has adopted an adequacy decision in the form of the EU-US Data Privacy Framework (DPF). If a US company is certified under the DPF, an adequate level of data protection applies.

​

For other third countries without an adequacy decision or if a provider is not certified, we ensure an adequate level of data protection through appropriate safeguards, usually through the conclusion of EU standard contractual clauses (SCCs) or through your explicit consent.

Hosting
​
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers.
​
Our hoster is:
ALL-INKL.COM, Hauptstraße 68, D-02742 Friedersdorf
​
The hoster is used in the interest of ensuring the secure, fast, and efficient provision of our online services (Art. 6 (1) (f) GDPR).
​
Contract Processing

​

We have concluded a contract for contract processing (AVV) with the above-mentioned provider. This ensures that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
​
Server Log Files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
​

• Browser type and version

• Operating system used

• Referrer URL (the previously visited page)

• Hostname of the accessing computer

• Date and time of the server request

• IP address (possibly in anonymized form)

 

This data will not be merged with other data sources.

​

This data is collected on the basis of Art. 6 (1) (f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website, as well as in ensuring system security and stability. The log files are deleted after 14 days.

Use of Cookies

​

Our website uses "cookies." Cookies are small data packets that are stored on your device.

 

Technically necessary cookies (e.g., for language settings or cookie consent) are stored on the basis of Section 25 (2) No. 2 of the German Telemedia Act (TTDSG). The associated personal data is processed on the basis of Art. 6 (1) (f) GDPR (legitimate interest in the error-free provision of the service).

​

All other (non-essential) cookies (e.g., for analysis or marketing) are only stored with your express consent on the basis of Section 25 (1) TTDSG in conjunction with Art. 6 (1) (a) GDPR. Consent can be revoked at any time.

​

Cookie Consent Tool (Consent Management)

​

This website uses cookie consent technology to obtain your consent for the storage of certain cookies and to document this consent in compliance with data protection regulations.
​
This technology is provided by Usercentrics, Cookiebot.

​

This technology is used to obtain the legally required consent (Art. 6 (1) (c) GDPR).

You can adjust your settings at any time using the "Cookie Settings" link in the footer.

If you contact us by email, telephone, or fax, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of processing your request.

​

This data is processed on the basis of Art. 6 (1) (b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures (this applies in particular to inquiries about our products or investment initiations). In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 (1) (f) GDPR).

​

The data will remain with us until the purpose for storing it no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

We offer you the opportunity to apply for a job with us. We process your data exclusively for the purpose of deciding whether to establish an employment relationship.

​

 

The legal basis for this is Section 26 of the German Federal Data Protection Act (BDSG) (initiation of an employment relationship) and Article 6 (1) (b) of the GDPR (general contract initiation).

 

 

If we are unable to make you a job offer, we reserve the right to retain the data you have submitted for up to six months from the end of the application process based on our legitimate interests (Article 6 (1) (f) of the GDPR). This storage serves, in particular, as evidence in the event of a legal dispute.

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

 

 

Google Analytics is used exclusively on the basis of your consent (Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG).

 

 

Data transfer to the USA is based on the EU Commission's standard contractual clauses or occurs because Google is certified under the EU-US Data Privacy Framework (DPF).

 

We have activated the IP anonymization function on this website. We have concluded a data processing agreement (DPA) with Google.

Google Fonts (Web Fonts)

 

This website uses so-called web fonts from Google for the consistent display of fonts.

 

When you visit a page, your browser downloads the required web fonts from Google's servers. This allows Google to know your IP address. This may also involve transmission to the USA. Use only with your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG.

You are entitled to the following rights if the legal requirements are met:

​

 

• Right to information (Art. 15 GDPR)

• Right to rectification (Art. 16 GDPR)

• Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

• Right to restriction of processing (Art. 18 GDPR)

• Right to data portability (Art. 20 GDPR)

• Right to withdraw consent (Art. 7 (3) GDPR)

 

Right to object (Art. 21 GDPR)

​

You have the right to object at any time to the processing of personal data concerning you based on Art. 6 (1) (f) GDPR (processing based on legitimate interests), for reasons arising from your particular situation.

​

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates the GDPR.

​

The supervisory authority responsible for us is:

​

Bavarian State Office for Data Protection Supervision (BayLDA)
P.O. Box 1349
91504 Ansbach
Germany

 

Phone: +49 (0) 981 180093-0
Email: poststelle@lda.bayern.de
Website: https://www.lda.bayern.de

This privacy policy is currently valid and is dated August 2025.

​

 

Due to the further development of our website or due to changes in legal requirements, it may become necessary to amend this privacy policy.