General data protection information


I. General data protection information of BORNIT-Werk Aschenborn GmbH concerning our data processing in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (DSGVO)

1. Mandatory information according to Art. 12 cont. DSGVO

In charge:

Company: BORNIT-Werk Aschenborn GmbH
Address: Reichenbacher Straße 117, 08056 Zwickau (Germany)
Telephone: +49 (0) 375 27 95 0
Fax: +49 (0) 375 27 95 150

You can reach our data protection officer at:

Company: Basalt-Actien-Gesellschaft
Address: Linzhausenstraße 20, 53545 Linz am Rhein (Germany)
Telephone: +49 (0) 2644 563 0

We are very pleased about your interest in our company. Data protection is of particularly high priority for the management of BORNIT-Werk Aschenborn GmbH. Your personal data will therefore be processed confidentially and in accordance with the provisions of the General Data Protection Regulation (DSGVO), the German Federal Data Protection Act (BDSG-neu) as well as other statutory data protection rules.

Which data is processed in detail primarily depends on the contents of the contractual and pre-contractual business relationship. Details and supplements on the scope and purposes of data processing can be found in this data protection notice (including the supplementary data protection notice for the use of our website and for applicants), in the respective contractual documents, forms, a declaration of consent and/or other information provided to you (e.g., in the context of the use of our website).

2. Where do we obtain your personal data?

The collection of your data basically takes place with yourself. The processing of your personal data is necessary for the fulfilment of the contractual obligations arising from the contract concluded with us. Due to your obligations to cooperate, it is unavoidable to provide the personal data requested by us, as otherwise we cannot fulfil our contractual obligations.

In the context of pre-contractual measures (e.g., master data collection in the interested party process, answering enquiries), the provision of your personal data is necessary. If the requested data is not provided by you, a contract cannot be concluded.

In order to provide our services, it may be necessary to process personal data we have received from other companies or other third parties, e.g., tax offices, your and our business partners or the like, permissibly and for the respective purpose.

Furthermore, we may process personal data from publicly accessible sources, e.g., websites, which we use permissibly and only for the respective contractual purpose. In addition, we process personal data, that we have permissibly taken, received, or acquired from publicly accessible sources (such as telephone directories, commercial and association registers, civil registers, debtor registers, land registers, the press, the Internet, and other media) and may process.

Relevant categories of personal data may include in particular:

  • Personal data (name, date of birth, place of birth, nationality, marital status, profession, industry, position in the company and comparable data),
  • Contact data (address, e-mail address, telephone number and comparable data),
  • Address data (registration data and comparable data),
  • Contract data (property and delivery address, bank details, picture documentation and comparable data),
  • Payment/coverage confirmation for bank and credit cards,
  • Information about your financial situation (creditworthiness data including scoring, i.e., data for assessing economic risk),
  • Data about your use of the telemedia offered by us (e.g., time of visiting our websites, apps or newsletters, pages/links or entries by us clicked on and comparable data),
  • Meta/communication data (e.g., device information, IP addresses),

as well as other data comparable with the aforementioned categories.

3. Purposes and legal bases of processing

We process your personal data in compliance with the applicable legal data protection requirements. The processing is lawful, as long as at least one of the following conditions is met:

a. Based on consent (according to Art. 6 Para. 1 lit. a DSGVO).

The purposes of processing personal data result from the granting of consent. Consent given can be revoked by you at any time with effect for the future. Consent granted before the DSGVO came into force (25 May 2018) can also be revoked. Processing that took place before the revocation remains unaffected by the revocation.

b. For the fulfilment of contractual obligations or pre-contractual measures (pursuant to Art. 6 Para. 1 lit. b DSGVO).

The purposes of data processing result, on the one hand, from the initiation of pre-contractual measures that precede a contractually regulated business relationship and, on the other hand, to fulfil the obligations arising from the contract concluded with you,

  • to be able to identify you as our business partner/contact person,
  • to be able to provide our services,
  • for correspondence with you,
  • to issue invoices,
  • for measures to control and optimise business processes,
  • for the verifiability of orders and other agreements,
  • to ensure IT security (including system and plausibility tests),
  • to fulfil general duties of care,
  • to ensure and exercise domiciliary rights (e.g., through access controls and video surveillance),
  • for cost recording and controlling as well as for reporting,
  • for the settlement of possibly existing liability claims and the assertion of any claims against you.

c. Due to legal requirements (pursuant to Art. 6 Para. 1 lit. c DSGVO) or in the public interest (pursuant to Art. 6 Para. 1 lit. e DSGVO).

The purposes of data processing result from legal requirements or are in the public interest (e.g., compliance with retention obligations).

d. Within the framework of the balancing of interests (pursuant to Art. 6 para. 1 lit. f DSGVO).

The purposes of processing result from the protection of our legitimate interests. It may be necessary to process your personal data beyond the actual performance of the contract. This legitimate interest may be used to justify further processing of your personal data, provided that your interests or fundamental rights and freedoms are not overridden. The legitimate interest may, in particular, be in individual cases:

  • Revision and improvement of procedures for general business management and further development of products and services
  • Advertising, market and opinion research, provided you have not objected to the use of your data
  • Assertion of legal claims and defence in legal disputes
  • Inhibition, clarification, and prevention of criminal offences
  • Ensuring IT security and IT operations
  • Consultation by and data exchange with credit agencies to determine creditworthiness or default risks
  • Deletion is not possible or only possible with disproportionate effort due to the special nature of the storage, and processing for other purposes is excluded by appropriate technical and organisational measures.
4. Who receives your personal data?

Within our company, those areas receive access to your personal data that need it to fulfil contractual and legal obligations and that are authorised to process this data.

We also have individual of the aforementioned processes and services carried out by carefully selected service providers, who are based within the EU and who are commissioned in accordance with data protection law. These are companies in the categories of IT services, payment transactions, print service providers, logistics, shipping, billing, debt collection, consulting, sales, and marketing as well as other service providers that we use within the framework of order processing relationships.

With regard to the transfer of data to other recipients, we may only transfer your personal data if this is required by law, you have consented, or we are authorised to transfer it. If these requirements are met, recipients of personal data may include:

  • public organisations and institutions (e.g., tax authorities, social insurance institutions, courts), if there is a legal or official obligation;
  • other companies or comparable institutions to which we transfer personal data in order to carry out the business relationship with you (e.g., credit agencies);
  • other companies of Basalt AG.

Other institutions may also be recipients of data, if you have given us your consent to the transfer of data.

5. Is your personal data transferred to third countries or international organisations?

An active transfer of your personal data to a third country or to an international organisation does not take place. If, in individual cases, you wish your personal data to be transferred to a third country or an international organisation, or if this is necessary due to the contents of the contract, we will only do so with your written consent.

6. Does automated decision-making, including profiling, take place?

No fully automated decision-making, including profiling, pursuant to Art. 22 DSGVO is used to process your personal data.

7. Duration of processing (criteria for deletion)

Your personal data will be processed for as long as it is necessary to achieve the contractually agreed purpose - basically for as long as the contractual relationship with you exists. After termination of the contractual relationship, your personal data will be processed to comply with statutory retention obligations or on the basis of our legitimate interests. After the expiry of the statutory retention periods and/or the lapse of our legitimate interests, your personal data will be deleted. Anticipated periods of the retention obligations incumbent upon us and our legitimate interests:

  • Fulfilment of retention periods under commercial and tax law. The periods specified there for storage or documentation are two to ten years.
  • Preservation of evidence within the framework of the statute of limitations.
    According to §§ 195 cont. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.
8. What rights do you have?
  • Right to information pursuant to Art. 15 DSGVO,
  • Right to rectification pursuant to Art. 16 DSGVO,
  • Right to erasure ("right to be forgotten") pursuant to Art. 17 DSGVO,
  • Right to restriction of processing pursuant to Art. 18 DSGVO, § 35 BDSG-neu (new Federal Data Protection Act),
  • Right to data portability pursuant to Art. 20 DSGVO,
  • Right to lodge a complaint with a supervisory authority pursuant to Art. 13 Para. 2 lit. d, 77 DSGVO in conjunction with Art. 19 BDSG-neu,
  • Withdrawal of consent pursuant to Art. 7 para. 3 DSGVO, as well as
  • Right of objection pursuant to Art. 21 DSGVO:

You have the right to object at any time, on grounds arising from your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6(1)(e) (data processing in the public interest) or (f) DSGVO (data processing on the basis of a balance of interests); this also applies to profiling based on these provisions within the meaning of Art. 4 No. 4 DSGVO.

If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

We may also process your personal data for the purposes of direct marketing. If you do not wish to receive advertising, you have the right to object to this at any time; this also applies to profiling, insofar as it is associated with such direct advertising. We will observe this objection for the future.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

The objection can be made form-free and should preferably be addressed to:

BORNIT-Werk Aschenborn GmbH
Reichenbacher Strasse 117
08056 Zwickau (Germany)
Tel.: +49 (0) 375 27 95 0
Fax: +49 (0) 375 27 95 150

9. Up-to-dateness and amendment of this privacy policy

This privacy policy as well as our information on data protection are currently valid and were last updated on 1st June 2020.

Due to the further development of our offers, including our website, or due to changes in legal or regulatory requirements, this may change from time to time. You can access the current privacy policy at any time on the website at and print it out or request it from the responsible office (see above).

II. Supplementary data protection information for our website

1. Collection and storage of personal data as well as type and purpose of their use

Upon using the website for information purposes only, i.e., if you do not register or otherwise transmit information to us, we only collect the personal data your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for that is Art. 6 para. 1 p. 1 lit. f DSGVO:

  • IP address
  • Directory protection user
  • Date and time of the enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Contents of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request came
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive in relation to the browser you are using and which provide the party setting the cookie (in this case, us) with certain information. Cookies cannot execute programmes or transfer viruses to your computer. They serve to make the internet offer as a whole more user-friendly and effective.

2. Use of cookies

This website uses the following types of cookies, the scope and functionality of which are explained below:

Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This enables your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.

Persistent cookies are automatically deleted after a set period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may then not be able to use all the functions of this website.

3. Further functions and offers of our website

In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you usually have to provide further personal data, which we use to provide the respective service and for which the aforementioned data processing principles apply.

In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly monitored.

If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.

4. Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provided therein, will be stored by us for the purpose of processing the enquiry and in the case of follow-up questions. The personal data transmitted to the data controller is specified in the respective input mask. The legal basis for this is Art. 6 para. 1 p. 1 lit. b DSGVO.

5. Newsletter

We send out a newsletter. You can subscribe to this with your separate consent. The only mandatory data for sending the newsletter is your e-mail address. We use this data exclusively for the delivery of our newsletter with information on current topics, products, and events.

After your confirmation, we will store your e-mail address for the purpose of sending you the newsletter. The legal basis for this is Art. 6 para. 1 p. 1 lit. a DSGVO.

You can revoke your consent to receive the newsletter and unsubscribe at any time. You can revoke your consent at any time by sending an email to the address given in the newsletter or to , or by sending a message to the contact details given in the imprint.

6. Use of Google Analytics

This website does not use Google Analytics.

7. Integration of Google Maps

On this website we use the offer of Google Maps. This allows us to display interactive maps directly on the website and enables you to conveniently use the map function.

By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. In addition, the data mentioned in point 2 of this section will be transmitted. This occurs regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses it for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is, in particular, carried out (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, wherein you must contact Google to exercise this right..

For more information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the provider's privacy policy. There you will also find further information on your rights in this regard and setting options for protecting your privacy: . Google also processes your personal data in the USA.

8. Integration of YouTube

We have integrated YouTube videos into our online offer, which are stored on and can be played directly from our website. [These are all integrated in the "extended data protection mode", i.e., no data about you as a user is transmitted to YouTube, if you do not play the videos. Only when you play the videos, the data mentioned in paragraph 2 will be transmitted. We have no influence on this data transmission].

By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, the data mentioned in paragraph 2 of this section is transmitted. This occurs regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to YouTube, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is, in particular, carried out (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.

For more information on the purpose and scope of data collection and its processing by YouTube, please refer to the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: . Google also processes your personal data in the USA.

9. Data security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

III. Additional data protection information for applicants

In the following, we provide our applicants with additional data protection information on the collection and processing of your personal data within the scope of the application procedure.

1. To what extent do we process your data?

Only the data you provide (e.g., name, contact details, CV, photo) will be processed as part of the application process.

2. What is the purpose of data processing?

The collection of the personal data collected from you is the basis for participation in the application procedure. Furthermore, the data provided is intended to enable an assessment of the applicant's suitability for the vacant position. Without this data, we cannot consider your application in the application process.

The permission to process data in order to carry out pre-contractual measures is based on Art. 6 para. 1 lit. b DSGVO.

3. Who receives the data in the course of processing?

Within our company, only those departments and employees involved in the application process receive your personal data.

Furthermore, a transfer of the relevant data in the respective individual case to third parties on the basis of legal provisions or contractual agreement is possible. These may be order processors, such as IT service providers.

4. For how long will the data be stored?

The storage period of your data is at least the period for the application procedure. Notwithstanding this, in case of a rejection, we delete your data no later than 6 months after the rejection has been sent.

In case of a successful application, we store the data in the personal file for further processing.

Apart from that, we refer in full to our above General Data Protection Notice and the supplementary Data Protection Notice for the use of our website.

Last updated: 1st June 2020