Skip navigation

Data policy

Status: July 2022

Thank you for visiting our website and for your interest in our company. We consider data protection a customer-oriented quality feature. The protection of your personal data and the safeguarding of your personal rights are important to us. With this privacy policy, we would like to inform all visitors to our website transparently about the type, scope, and purpose of the personal data we collect, use, and process, and to inform you about your rights.

Using our website is generally possible without providing personal data. However, if you use our company's services via our website, the processing of your personal data may be necessary. The data automatically collected when you visit our website or the personal data you enter when using our services will be processed in accordance with the applicable legal provisions for the protection of personal data.

If the processing of your personal data is necessary and there is no legal basis for such processing, we will generally obtain your consent for the required purpose of processing. As the company responsible for processing, we have implemented technical and organizational measures to ensure the highest possible level of protection for your personal data. However, we would like to point out that data transmission via the World Wide Web can generally have security vulnerabilities.

If you would like to use our company's services and do not wish to transmit data via the World Wide Web, you can also contact us by telephone.

1. Contact details of the data controller

The data controller within the meaning of the General Data Protection Regulation is:
Company: MAD Recycling GmbH
Street: Freimanner Bahnhofstraße 24
Postal code/City: 80807 Munich
Tel.: +49 89 323657-0
Email: info@mad-recycling.com

The data protection officer is:
Mr. Stephan Hartinger
Coseco GmbH
Phone: +49 8232 80988-70
Email: datenschutz@coseco.de

2. Collection of general access information

Each time you access our website, server log file information that your browser transmits to us is automatically collected. This includes:

  1. IP address (Internet Protocol address) of the accessing computer
  2. the website from which you are visiting us (referrer)
  3. the website you are visiting on our site
  4. the date and duration of the visit
  5. Browser type and browser settings
  6. Operating system

Please note that this data cannot be assigned to a specific person.

We use this technical access information exclusively for the following purposes:

  1. To improve the attractiveness and usability of our websites,
  2. To detect technical problems on our website at an early stage,
  3. To deliver the content of our website correctly,
  4. And to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.

This data is stored for a maximum of 7 days as a technical precaution to protect the data processing systems against unauthorized access.

3. Collection and Disclosure of Personal Data

We only use your personal data for the purposes listed on this data protection information page.
The following input forms for the collection of personal data exist on our website:

3.1 Contact Fields on Our Website

3.2.1 Contacting Us via Email or Contact Form

On our website, we offer you the opportunity to contact us by email and/or via a contact form.
If you contact us by email or via a contact form, the personal data you provide will be stored automatically.
Such personal data, voluntarily transmitted by you to us, will be stored for the purpose of processing your inquiry or contacting the person concerned. This personal data will not be disclosed to third parties.

5,000

3.2.2 Career Portal (Online Application)

You can apply for open positions with us online through a career portal. The portal is operated on our behalf by softgarden e-recruiting GmbH, Tauentzienstraße 14, 10789 Berlin (hereinafter: softgarden). We have concluded a data processing agreement with softgarden, in which we obligate softgarden to protect the applicants' data and not to disclose it to third parties. You can find detailed information under softgarden's data protection regulations.

4. Deletion, Blocking, and Retention Period of Personal Data

We process and store your personal data only for the period necessary to achieve the respective storage purpose or as required by the various retention periods stipulated by law.
After the storage purpose ceases to apply or after the expiry of the retention period stipulated by law, the personal data will be routinely blocked or deleted in accordance with legal regulations.

5. Data Protection Rights of the Data Subject

If you have any questions about your personal data, you can contact us in writing at any time. You have the following rights under the GDPR:

5.1 The Right of Access (Article 15 GDPR)

You have the right at any time to receive information about which categories and information regarding your personal data are processed by us, for what purpose, and for how long and according to which criteria this data is stored, and whether automated decision-making, including profiling, is used in this context. You also have the right to know which recipients or categories of recipients your data has been or will be disclosed to; in particular, recipients in third countries or international organizations.

In this case, you also have the right to be informed about appropriate safeguards relating to the transfer of your personal data. In addition to the right to lodge a complaint with the supervisory authority and the right to information about the origin of your data, you have the right to erasure, rectification, and the right to restrict or object to the processing of your personal data. In all of the above cases, you have the right to request a free copy of your personal data processed by us from the data processor. For all further copies that you request or that go beyond the data subject's right to information, we are entitled to charge a reasonable administrative fee.

5.2 The Right to Rectification (Art. 16 GDPR)

You have the right to request the immediate rectification of your inaccurate personal data and, taking into account the purposes of the processing, to request the completion of incomplete personal data, including by means of a supplementary statement.

If you wish to exercise your right to rectification, you can contact our data protection officer or the data controller at any time.

5.3 The Right to Erasure (Art. 17 GDPR)

You have the right to request the immediate erasure of your data ("right to be forgotten"), in particular if the storage of the data is no longer necessary, you withdraw your consent to data processing, your data has been processed unlawfully or collected unlawfully, and there is a legal obligation to erase the data under EU or national law.

However, the right to be forgotten does not apply if there is an overriding right to freedom of expression or freedom of information, the data storage is necessary for compliance with a legal obligation (e.g., retention obligations), archiving purposes preclude erasure, or the storage serves to assert, exercise, or defend legal claims.

5.4 The Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request the restriction of the processing of your data by the data controller if the accuracy of the data is contested by you, the processing is unlawful, you refuse the erasure of your personal data and instead request a restriction of processing, if the necessity for the processing purpose ceases to exist, or you object to the processing pursuant to Article 21, paragraph 1, as long as it has not yet been determined whether our legitimate reasons outweigh yours.

5.4 The Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request the restriction of the processing of your data by the data controller if the accuracy of the data is contested by you, the processing is unlawful, you object to the erasure of your personal data and instead request the restriction of processing, if the data is no longer necessary for the purposes of processing, or if you have objected to the processing pursuant to Article 21(1), pending verification of whether our legitimate grounds override yours.

5.5 The Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data, which you have provided to our company in a commonly used format, so that you can transmit your personal data to another controller without hindrance, provided, for example, that you have given your consent and the processing is carried out by automated means.

5.6 The Right to Object (Art. 21 GDPR)

You have the right to object at any time to the collection, processing, or use of your personal data for the purposes of direct marketing or market and opinion research, as well as general business data processing, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms.

Furthermore, you cannot exercise your right to object if a legal provision stipulates or mandates the collection, processing, or use of the data.

5.7 Right to Lodge a Complaint with the Data Protection Supervisory Authority (Art. 77 GDPR in conjunction with § 19 BDSG)

You have the right to lodge a complaint with the competent supervisory authority if you believe that there has been a violation in the processing of your personal data.

is available.

5.8 Right to withdraw consent under data protection law (Art. 7 para. 3 GDPR)

You can withdraw your consent to the processing of your personal data at any time and without giving reasons. This also applies to the withdrawal of declarations of consent given to us before the entry into force of the EU General Data Protection Regulation.

6. Legal Basis for Processing

When processing personal data for which we obtain the data subject's consent, Article 6, paragraph 1, sentence 1 a) of the General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6, paragraph 1, sentence 1 b) (GDPR) serves as the legal basis. This provision also includes processing operations that are necessary for carrying out pre-contractual measures.
Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6, paragraph 1, sentence 1 c) (GDPR) serves as the legal basis.

If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and these interests are not overridden by the interests, fundamental rights and freedoms of the data subject, then Article 6, paragraph 1, sentence 1 f) (GDPR) serves as the legal basis for the processing. The legitimate interest of our company lies in conducting our business activities and in the analysis, optimization, and maintenance of the security of our online services.

7. Transfer of Data to Third Parties

We generally do not sell or rent user data. Data will only be transferred to third parties beyond the scope described in this privacy policy if this is necessary for the provision of the requested service.

We only transfer data if there is a legal obligation to do so. This is the case when government agencies (e.g., law enforcement authorities) request information in writing or when there is a court order.

No transfer of personal data to so-called third countries outside the EU/EEA area takes place.

8. Legal or contractual requirements for the provision of personal data and possible consequences of failure to provide such data

We hereby inform you that the provision of personal data is legally required in certain cases (e.g., tax regulations) or may arise from contractual agreements (e.g., information about the contracting party). For example, it may be necessary for a contract to be concluded that the data subject/contracting party must provide their personal data so that their request (e.g., order) can be processed by us. An obligation to provide personal data arises primarily when concluding contracts. If, in this case, no personal data is provided, the contract with the data subject cannot be concluded.

Before providing personal data, the data subject can contact our data protection officer or the data controller. The data protection officer or the data controller will then inform the data subject whether the provision of the required personal data is legally or contractually required or necessary for the conclusion of the contract, and whether the data subject's request creates an obligation to provide the personal data, or what consequences the failure to provide the requested data will have for the data subject.

9. Existence of automated decision-making

As a responsible company, we refrain from using automated decision-making or profiling in our business relationships.