Daily Price
Daily Price Inquiry

Receive a daily price for your shipment request quickly and easily! Enter your shipment information in our online form and select the desired date of your order. You will then receive a price quote from us immediately and can convert your inquiry into an order without much effort.

Request daily price now

Privacy Policy

1. An overview of data protection

General
The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.

Data collection on our website

Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.

How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form or in the electronic chat.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools

When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.

You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.

If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website
The party responsible for processing data on this website is:

NOSTA Holding GmbH
Buchenbrink 1
49086 Osnabrück

Telefon: +49 (0)541-9333-0
E-Mail: info@nosta.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

3. Data protection officer

Statutory data protection officer
We have appointed a data protection officer for our company.
amerdis GmbH
Udo Wehkamp
Telephone: + 49 251 489 570 - 41
Email: dsb@amerdis.de


4. Data collection on our website

Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.

We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.

reCaptcha

We use Google's reCaptcha service to determine whether a human or a computer is making a particular entry in our contact or newsletter form. Google uses the following data to check whether you are a human or a computer: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the described data processing is Art. 6 (1) lit. f of the General Data Protection Regulation. There is a legitimate interest on our side in this data processing to ensure the security of our website and to protect us from automated entries (attacks).

Chat with Userlike
At various places on our website you are offered a chat as a contact option.

This website uses Userlike, a live chat software of the company Userlike UG (haftungsbeschränkt). Userlike uses "cookies" to enable a personal conversation in the form of a real-time chat with you.

The data collected is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. The data is also stored with our chat service provider Userlike.

Legal basis for processing:
The processing is carried out on the basis of Art. 6 (1) f) EU-DSGVO.

Data collected:
Content of the chat, date and time of the call, browser type/version, operating system used, URL of the previously visited website, and amount of data sent.

Storage period:
We delete the data from us after 12 months.

Further information on data protection:

For more information on how we handle your data through the live chat function, as well as your rights and settings options for protecting your personal data, please contact our data protection officer or refer to Userlike's privacy policy at www.userlike.de/privacy_policy.

Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.

To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.

We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Handling of supplier data via shipzero

Sources
We process personal data that we have received from you or from publicly available sources in the course of our business relationship.

Data
Relevant personal data are names, address data and telecommunications data. In addition, this may also include inquiry, offer and order data, data from the fulfillment of our contractual obligation, product data, documentation data, as well as other data comparable to the mentioned categories.

Purpose of processing

The processing of your personal data (Art. 4 No. 2 GDPR) is carried out in accordance with the provisions of the GDPR and the Federal Data Protection Act for the following purposes: For the fulfilment of contractual obligations (Art. 6 para. 1 (b) GDPR), as is necessary for the execution and organization of the business relationship. In addition, we may use this data for additional purposes in the context of our business relationship and for analysis purposes.

Security measures

We train all our employees who come into contact with personal data and oblige them to comply with data protection requirements in accordance with the principles of the GDPR for the processing of personal data, as defined in Article 5 (1) GDPR.

Use and disclosure of personal data

We only use the personal data for our own purposes in the course of the business relationship. In the event of the involvement of third parties in work processes that would make it necessary to temporarily pass on your data for processing solely for this purpose, we apply the same high standards and oblige the third party to comply with data protection regulations within the framework of an agreement on order data processing in accordance with Art. 28 GDPR.  

Duration of storage

We process and store your personal data for the duration of our business relationship and in accordance with the statutory retention periods.

Right to information

Every data subject has the right to information pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, as well as the right to data portability pursuant to Article 20 GDPR. The restrictions according to §§ 34 and 35 BDSG apply to the right to information and the right to erasure. In addition, there is the right to lodge a complaint with a data protection authority (Art. 77 GDPR in conjunction with § 19 BDSG).

Responsibilities

If you have any questions regarding the processing of your personal data, you are welcome to contact our data protection officer, who is also available for information, suggestions and complaints.

Data protection information for appointment bookings via Microsoft Bookings

We would like to inform you below about the processing of personal data in connection with the use of "Bookings".

Purpose of processing

We use the "Bookings" tool to be able to arrange appointments between our customers and our sales staff. (Hereinafter: "online booking").

Person responsible

The person responsible for data processing directly related to the implementation of online bookings is NOSTA Holding GmbH.

Order processing contract

We use Microsoft 365 and Microsoft Bookings, to carry out our appointment bookings by sending a link via email.

Microsoft 365 and Microsoft Bookings are a service provided by Microsoft Ireland Operations, Ltd.

We have concluded an order processing contract with the provider.

Microsoft Bookings is part of the cloud application Office 365. Microsoft reserves the right to process customer data for its own business purposes. This poses a data protection risk for Microsoft Bookings users.

Please note that we have no influence on Microsoft's data processing activities. To the extent that Microsoft Bookings processes personal data in connection with Microsoft's legitimate business operations, Microsoft is an independent data controller for such use and, as such, is responsible for compliance with all applicable laws and obligations of a data controller.

More information about the purpose and scope of data collection and processing by Microsoft Bookings can be obtained from Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

There you will also find more information about your rights in this regard. Microsoft also processes your personal data in the USA. EU standard contracts with Microsoft on Office 365 and Teams are in place to ensure an adequate level of data protection. You can access the EU standard contractual clauses at https://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF.

The following personal data is subject to processing:

User details: display name, email address, preferred language, metadata: e.g. date, time, phone number, location.

Cookies

Cookie Consent with CookieFirst

This website uses CookieFirst's cookie content technology to obtain your consent to the storage of certain cookies on your end device and to document this consent in accordance with data protection regulations. The provider of this technology is Digital Data Solutions B. V. , Plantage Middenln 42a, 1018 DH Amsterdam, website: cookiefirst.com (hereinafter “CookieFirst”).

When you enter our website, the following personal data is transferred to CookieFirst: 

  • Your consent(s) or the revocation of your consent(s)
  • Your IP address 
  • Information about your browser 
  • Information about your terminal device 
  • Information about the time of your visit to the website 
  • Furthermore, CookieFirst stores a cookie in your browser in order to provide you with the consent or information you have given or to be able to assign their revocation. The data collected in this way is stored until you request us to delete the CookieFirst.

Delete the cookie itself or the purpose for which the data is stored is no longer applicable. Mandatory statutory storage obligations remain unaffected. CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. Article 6, paragraph 1 p. 1 lit. c DSGVO.

Order Processing Agreement 
We have entered into an order processing agreement with CookieFirst. This is a data protection contract which guarantees that CookieFirst processes the personal data of our website visitors only according to our instructions and in compliance with the DSGVO. 

Cookie policy

This cookie policy was created and updated by the company CookieFirst.com.

Cookie Policy eCommerce for Online Stores and Start-ups

to the cookie policies of eCommerce for Online Stores and Start-ups

5. Analytics and advertising

Google Ads 
The website operator uses Google Ads. Google Ads is an online promotional program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. 
 
Google Ads enables us to display ads in the Google search engine or on third party websites, if the user enters certain search terms into Google (keyword targeting). It is also possible to place targeted ads based on the user data Google has in its possession (e.g. location data and interests; target group targeting). As the website operator, we can analyze these data quantitatively, for instance by analyzing which search terms resulted in the display of our ads and how many ads led to respective clicks. 
 
The use of Google Ads is based on Art. 6 Sect. 1 lit. et seq. GDPR. The website operator has a legitimate interest in marketing the operator’s services and products as effectively as possible. 
 
Google Remarketing 
This website uses the functions of Google Analytics Remarketing. The provider of these solutions is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. 
 
Google Remarketing analyzes your user patterns on our website (e.g. clicks on specific products), to allocate a certain advertising target groups to you and to subsequently display matching online offers to you when you visit other online offers (remarketing or retargeting). 
 
Moreover, it is possible to link the advertising target groups generated with Google Remarketing to device encompassing functions of Google. This makes it possible to display interest-based customized advertising messages, depending on your prior usage and browsing patterns on a device (e.g. cell phone) in a manner tailored to you as well as on any of your devices (e.g. tablet or PC). 
 

If you have a Google account, you have the option to object to personalized advertising under the following link: www.google.com/settings/ads/onweb/. 


 
The use of Google Remarketing is based on Art. 6 1 lit. et seq. GDPR. The website operator has a legitimate interest in the marketing of the operator’s products that is as effective as possible. If a respective declaration of consent was requested, processing shall occur exclusively on the basis of Art. 6 Sect. 1 lit. a GDPR; the given consent may be revoked at any time. 
 

For further information and the pertinent data protection regulations, please consult the Data Privacy Policies of Google at: policies.google.com/technologies/ads;


 
Formation of Target Groups with Customer Reconciliation 
For the formation of target groups, we use, among other things, the Google Remarketing customer 8 / 10 reconciliation feature. To achieve this, we transfer certain customer data (e.g. email addresses) from our customer lists to Google. If the respective customers are Google users and are logged into their Google accounts, matching advertising messages within the Google network (e.g. YouTube, Gmail or in a search engine) are displayed for them to view.
 

Google Analytics
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

IP anonymization
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.

For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic data collection by Google Analytics
This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".

Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").

As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.

Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.

Conversion cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.

For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://www.google.de/policies/privacy/.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

6. Newsletter

CleverReach
This website uses CleverReach to send newsletters. The supplier is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede. CleverReach is a service which organizes and analyzes the distribution of newsletters. The data you provide (e.g. your email address) to subscribe to our newsletter will be stored on CleverReach servers in Germany.

Sending our newsletters with CleverReach enables us to analyze the behavior of newsletter recipients. Among other things, we can find out how many recipients have opened the email containing the newsletter and how often various links contained therein are clicked. With the help of conversion tracking, we can also analyze whether a predefined action (such as the purchase of a product on our website) takes place after clicking on the link in the newsletter. For more information on how data is analyzed by CleverReach, please visit https://www.cleverreach.com/de/funktionen/reporting-und-tracking/.

Data processing is based on Art. 6 (1) (a) DSGVO. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.

If you do not want your usage of the newsletter to be analyzed by CleverReach, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website. The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of CleverReach. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.

For more information, see the privacy policy of CleverReach at https://www.cleverreach.com/de/datenschutz/.

Completion of an outsourced data processing contract
We have entered into an agreement with CleverReach for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using CleverReach.

7. Plugins and tools

YouTube
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://policies.google.com/privacy?hl=de&gl=de

YouTube with expanded data protection integration

Our website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video.
Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 Sect. 1 lit. f GDPR, this is a legitimate interest. If a corresponding agreement has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under:
https://policies.google.com/privacy?hl=en.

OpenStreetMap

We use the map service of OpenStreetMap (OSM). The provider is the Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.

When you visit a website on which OpenStreetMap is integrated, your IP address and other information about your behavior on this website is forwarded to OSMF. OpenStreetMap may store cookies in your browser or use similar recognition technologies to do this. Furthermore, your location may be recorded if you have allowed this in your device settings - e.g. on your cell phone. The provider of this site has no influence on this data transmission. Details 11 / 13 can be found in the privacy policy of OpenStreetMap at the following link: https://wiki.osmfoundation.org/wiki/Privacy_Policy

 

8. Use of SalesViewer® technology: 

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.

In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally
The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

9. Our social media appearances

Data processing through social networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, Google+ etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads).
When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

Legal basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).

Responsibility and assertion of rights

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

Storage time

The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.

We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g. in their privacy policy, see below).

Individual social networks Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.

We have signed an agreement with Facebook on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Facebook are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: www.facebook.com/legal/terms/page_controller_addendum.

You can customize your advertising settings independently in your user account. Click on the following link and log in:

www.facebook.com/settings.

Details can be found in the Facebook privacy policy: www.facebook.com/about/privacy/.

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal information, see the Instagram Privacy Policy: https://help.instagram.com/519522125107875.

XING

We have a profile on XING. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. Details on their handling of your personal data can be found in the XING Privacy Policy:

privacy.xing.com/de/datenschutzerklaerung.

LinkedIn

We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.

If you want to disable LinkedIn advertising cookies, please use the following link:

www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

This website uses elements of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Any time you access a page of this website that contains elements of LinkedIn, a connection to LinkedIn’s servers is established. LinkedIn is notified that you have visited this website with your IP address. If you click on LinkedIn’s “Recommend” button and are logged into your LinkedIn account at the time, LinkedIn will be in a position to allocate your visit to this website to your user account. We have to point out that we as the provider of the websites do not have any knowledge of the content of the transferred data and its use by LinkedIn.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6 (1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der- schweiz?lang=en.

For further information on this subject, please consult LinkedIn’s Data Privacy Declaration at: https://www.linkedin.com/legal/privacy-policy.

Use of LinkedIn Lead Gen Forms

We use lead generation tools to acquire new customers. We use so-called “Lead Gen Forms” (forms for the purpose of lead generation), for example to inform you about products, services or events that may be of interest to you. In this context, selected information already stored by you on LinkedIn is transmitted to NOSTA for further processing for marketing and sales purposes. We use the data transmitted in this way to subsequently send you further information, products or invitations to events. Furthermore, the data received may be passed on to cooperation partners (e.g. co-organizers).

In particular, the following types of data may be processed by us in this context:

  • Contact details: First and last name, email address, LinkedIn profile URL, telephone number, city, country/region, zip code, business email address, business telephone number
  • Qualification data: Education, degrees, subjects studied, university/vocational school, start or graduation date
  • Employer details: company name, company size, sector
  • Job details: job title, areas of activity, career level

The relevant legal basis here is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time via the contact options mentioned above, so that no further processing of the data received via LinkedIn will take place in the future. The processing activities carried out up to that point remain unaffected by this.

On LinkedIn, the lead data is automatically deleted after 90 days. For more information on how LinkedIn uses your data, please refer to LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.

LinkedIn Insight Tag

This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight tag

We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place.

LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days.

The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Legal basis

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (German Telecommunications Act). Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of Art. 6(1)(f) GDPR; the website operator has a legitimate interest in effective advertising promotions that include the utilization of social media.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:

https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

Objection to the use of LinkedIn Insight Tag

You can object to LinkedIn’s analysis of user behavior and targeted advertising at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

In addition, LinkedIn members can control the use of their personal information for promotional purposes in the account settings. To prevent LinkedIn from linking information collected on our site to your LinkedIn account, you must log out of your LinkedIn account before you visit our site.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in the YouTube privacy policy: policies.google.com/privacy.


 

10.Use of LinkedIn Marketing Solutions

We use LinkedIn Marketing Solutions on our website, a service provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

LinkedIn Marketing Solutions collects and processes information about your user behaviour on our website. This includes cookies, which are small text files that are stored locally in the cache of your web browser on your terminal device and allow analysis of your use of our website.

We use LinkedIn Marketing Solutions for marketing and optimization purposes, in particular to analyze the use of our website and to continuously improve individual functions and offers. Through the statistical evaluation of user behaviour, we can improve our offer and make it more interesting for you. This is also our legitimate interest in the processing of the above data by the third party provider. The legal basis is Art. 6 Para. 1 S. 1 lit. f) EU-DSGVO.

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. Please note that in this case you may not be able to use all the functions of our website to their full extent.

You can object to the collection and forwarding of personal data or prevent the processing of this data by deactivating the execution of Java Script in your browser. You can also prevent the execution of Java-Script code by installing a Java-Script blocker (z.B. noscript.net oder

https://www.ghostery.com ). We would like to point out that in this case you may not be able to use all the functions of our website to their full extent.

LinkedIn has signed and is certified under the Privacy Shield Agreement between the European Union and the United States. LinkedIn undertakes to comply with the standards and regulations of European data protection law. For more information, please refer to the following linked entry: www.privacyshield.gov/participant



You can find further information on data protection from the third party provider on the following website: www.linkedin.com/legal/privacy-policy

11. Custom Services

Job Applications

We offer website visitors the opportunity to submit job applications to us (e.g. via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.

Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g. contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 New GDPR according to German Law (Negotiation of an Employment Relationship), Art. 6 Sect. 1 lit. b GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6 Sect. 1 lit. a GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.
If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 New GDPR and Art. 6 Sect. 1 lit. b GDPR for the purpose of implementing the employment relationship in our data processing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application).
Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g. due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.
Longer storage may also take place if you have given your agreement (Article 6 (1) (a) GDPR) or if statutory data retention requirements preclude the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our applicant pool. In case of admission, all documents and information from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.
Admission to the applicant pool is based exclusively on your express agreement (Art. 6 para. 1 lit. a GDPR). The submission agreement is voluntary and has no relation to the ongoing application procedure. The affected person can revoke his agreement at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for storage.
The data from the applicant pool will be irrevocably deleted no later than two years after consent has been granted.
 

12. Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

In the event that data are processed on the basis of art. 6 sect. 1 lit. e or f gdro, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. To determine the legal basis, on which any processing of data is based, please consult this data protection declaration. You log an objection, we will no longer process your affected personal data, unless we are in a position to present compelling protection worthy grounds for the processing of your data, that outweigh your interests, rights and freedoms or if the purpose of the processing is the claiming, exercising or defence of legal entitlements (objection pursuant to art. 21 sect. 1 GDPR). 

If your personal data is being processed in order to engage in direct advertising, you have the right to at any time objects to the processing of your affected personal data for the purposes of such advertising. This also applies to profiling to the extent that it is affiliated with such direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objections pursuant to art. 21 sect. 2 GDPR).
 

13. Handling of data in the context of the application procedure

The career portal is operated by NOSTA Holding GmbH, Buchenbrink 1, 49086 Osnabrück, Germany (hereinafter referred to as NOSTA) as the controller within the meaning of the General Data Protection Regulation.
By accepting our privacy policy for the career portal, you consent to NOSTA storing and processing your personal data for the purposes of application and recruitment. In the case of applications by minors, a declaration of consent from a parent or guardian is required.

Use and disclosure of personal data for specific purposes
Application procedure via career portal

The data you enter on the career portal pages will be collected, processed and used exclusively for the purpose of processing your application. If you apply for a position in a company affiliated with NOSTA or submit an unsolicited application, NOSTA will forward your application to the relevant specialist department of the NOSTA Holding GmbH company. Your details will be treated confidentially throughout the application process.
The data is stored and processed on a server within Germany in accordance with the applicable data protection regulations. NOSTA takes security precautions to protect your data managed by us against manipulation, loss, destruction or access by unauthorised persons or unauthorised disclosure. The data transfer between your browser and our career portal is encrypted.

Application procedure via WhatsApp
We use the instant messaging service WhatsApp to communicate with applicants. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If you wish to carry out the application process via WhatsApp, you consent to participation in the messenger communication and the use of the service in accordance with Art. 6 para. 1 lit. a GDPR. We would like to point out that NOSTA cannot influence the handling of user data and its processing by the WhatsApp service.
Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp receives access to metadata that is created in the course of the communication process (e.g. sender, recipient and time). We would also like to point out that WhatsApp states that it shares the personal data of its users with its parent company Meta, which is based in the USA.
Details on data processing by WhatsApp can be found in the privacy policy at the following link
https://www.whatsapp.com/legal?eea=0#privacy-policy

The company is certified in accordance with the ‘EU-US Data Privacy Framework’ (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: 
https://www.dataprivacyframework.gov/participant/7735 
We use WhatsApp in the ‘WhatsApp Business’ version. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.whatsapp.com/legal/business-data-transfer-addendum 
We have set up our WhatsApp accounts so that it does not automatically synchronise data with the address book on the smartphones in use. We have concluded an order processing contract (AVV) with the above-mentioned provider.

Deletion of data
The data transmitted as part of the application process will be deleted if your application is rejected or a negative decision is made no later than six months after the end of the application process. This does not apply if statutory provisions prevent the deletion or if further storage is necessary for the purpose of providing evidence.
If your application is followed by the conclusion of an employment contract, your data may be stored and used as part of the necessary organisational and administrative process. You have the right to withdraw your application and have your data deleted at any time.

Up