Thank you for visiting our website and for your interest in our broad range of products. To help us provide you with the best possible service, personal data are collected, processed and transmitted on our web pages.
Personal data (e.g. the name, postal address, email address and telephone number of a data subject) are always processed in accordance with the EU’s General Data Protection Regulation (GDPR) as well as with the specific national data protection rules applicable to us.
As the controller responsible for data processing, we have implemented numerous technical and organisational measures to ensure the fullest possible protection for all personal data which is processed on our website. However, no data transmission over the Internet can be guaranteed to be one hundred percent secure and vulnerabilities can never be completely ruled out.
1. Key concepts and definitions
This Privacy Statement is based on the key concepts and definitions as used by the Community legislature and regulatory authority at the time the GDPR was adopted (Art. 4 GDPR). This Privacy Statement is written in plain language, so that it can be easily understood by anyone. To make doubly sure of this, we shall begin by explaining and defining a few key concepts. The following key concepts and definitions are used in this Privacy Statement:
- "Personal data":
Any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, geographical location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
- "Data subject":
Any identified or identifiable natural person whose personal data are processed by the controller responsible for processing;
Any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- "Restriction of processing":
The marking of stored personal data with the aim of limiting its processing in the future;
Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, geographical location or movements;
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
A natural or legal person, public authority, agency or other body, to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of such data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
- "Third party":
A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
NORRES Schlauchtechnik GmbH
Am Stadthafen 12-16
Telefon +49 209 8 00 00 0
External Data protection officer
As data protection officer is ordered from us:
Mr. Dipl.-Inform. Olaf Tenti
GDI Gesellschaft für Datenschutz und Informationssicherheit mbH
Phone +49 2331 356 832 0
Our website is operated on servers of NORRES Schlauchtechnik GmbH, Am Stadthafen 12-16, 45881 Gelsenkirchen, Germany.
Collection and storage of personal data and nature and purpose of its processing
When you visit the website
We may, to a limited extent, collect information automatically when you visit the website. These data help us to focus on improving your experience of our website, and we will always use them in a responsible way. Such information is automatically collected and stored in log files on the server of our provider. The data thus collected include:
- Name of the website you accessed
- Date and time of the access
- Volume of data transmitted
- Confirmation that the access was successful
- Type of browser
- Browser version
- Patch level of the browser
- Site you visited previously
- Requesting provider
- IP addresses [anonymised]
We will process this information for the following purposes:
- To improve our website
- To ensure IT security
- To improve our services
The legal basis for processing on our website is Art. 6(1) sentence 1(f) GDPR. Our legitimate interests are derived from the aforementioned data collection purposes.
Duration of retention of your data:
Any data stored by us will be deleted after the legal retention periods.
Before initiating a business relationship:
We store your contact details (title, first and last name, postal address, email address, landline and / or mobile telephone number and fax number) to enable us to contact you in the course of present or future dealings. These data which we have collected about you are stored until such time as the establishment or continuation of a business relationship is no longer realistic.
We use information held about you in the following ways:
- For the performance of a contract
- For the purpose of sending you an offer
We will process this information for the following purposes:
- To facilitate the maintenance of business relationships
- To facilitate the proper execution of a contract
- To facilitate the proper and efficient processing of your enquiry
The legal basis for processing is Art. 6(1) sentences 1(b) and (f) GDPR and is derived from the aforementioned purpose.
4. When do we store personal information?
We collect personal information about you whenever you:
- Use our website
- Open a personal customer account
- Subscribe to our newsletter
- Fill in a request or quotation form
- Contact us by email
- Share such information with us in conversation provided you have given us your consent
5. Who do we share your personal information with?
We share your personal information with the following business partners:
- Episerver GmbH, Wallstraße 16, 10179 Berlin, Germany
- Google Inc, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) (Google Analytics, Google Tag Manager)
To our knowledge, our business partners apply all the required data protection standards and demonstrate compliance with data protection principles.
We use the following cookies on our website::
Google Analytics/ Google Tag Manager
|_ga||2 years after your last visit to the website||Used to track if you have visited before.|
|_gat||10 minutes after your last visit to the website||Used to manage the rate at which page view requests are made.|
|_gid||24 hours after your last visit to the website||Used to store the session ID and to group the entire session’s activity together for each user.|
|_gac_UA-32375863-1||90 days after your last visit to the website||This cookie is set when a user clicks on a Google advertisement to reach the website. It contains information about which ad was clicked, so that achieved successes such as orders or contact requests can be assigned to the ad.|
|VISITOR_INFO1_LIVE||179 days after your last visit to the website||Tries to estimate the user bandwidth on pages with embedded YouTube videos.|
|PREF||8 months after your last visit to the website||Registers a unique ID that is used by Google to keep statistics on how a visitor uses YouTube videos across different websites.|
|YSC||At the end of your session||Registers a unique ID to keep statistics on embedded YouTube videos the user has seen.|
|GPS||At the end of your session||Registers a unique ID on mobile devices to enable tracking based on the geographical GPS location.|
|CONSENT||8031 days after your last visit to the website||This cookie tracks information about how the end user uses the site and what advertisements the end user may have seen before visiting the site.|
|cookieChoiceDone||1 year after your last visit to the website||Saves the settings of visitors selected in the cookie box and controls the display of cookie settings.|
|sid||At the end of your session||Identifies the user to provide essential functionalities such as the shopping cart.|
How to block cookies
- Open the Firefox browser.
- Press the “Alt” key on your keyboard.
- Click the menu button and choose “Options”.
- Select the “Privacy & Security” panel.
- Under “Firefox will remember history:”, choose “Use custom settings for history”.
- Uncheck “Accept cookies” and save your own settings.
You can also find current information here: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
- Open Internet Explorer.
- Click the “Tools” button, then select “Internet options”.
- Select the “Privacy” tab.
- Under “Cookies”, uncheck the settings and save your own settings.
You can also find current information here: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Open Google Chrome.
- Choose “Settings”.
- Click “Advanced”.
- Under “Privacy and security”, click “Content settings”.
- In the “Cookies” section you can disable cookies and save your own settings.
You can also find current information here: https://support.google.com/chrome/answer/95647?co=GENIE.Platform&hl=en
- Open Safari.
- Choose “Preferences” from the toolbar (grey cog in the top right-hand corner) and click “Privacy”.
- In the “Accept cookies” section, you can specify whether, and if so, when Safari should accept cookies from websites. To see an explanation of the options, click the Help button (“?”).
- f you want to see which websites store cookies on your computer, click “Display cookies”.
You can also find current information here: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
- Open the Edge browser.
- Click the three dots in the top right-hand corner.
- Go to “Settings” -> “View advanced settings”.
- Scroll down to “Cookies”.
- Click the radio button underneath and set it to “Block all cookies”.
- Open the Opera-browser.
- Click the Opera icon in the top left-hand corner.
- Go to “Settings”.
- Choose “Privacy and security”.
- In the “Cookies” section, you can set “Block sites from setting any data”.
How you can contact us
Our website offers you the opportunity to contact us, either by sending us an email or using the contact form. You may want to contact us for the following reasons:
We provide various forms for this purpose in which all required information is recorded.
Your personal data are stored and processed in this connection for the purpose of communication. We do not share the data thus collected ([title, first and last name, telephone number, email address, IP address]) with third parties.
Your data will not be associated with other data collected on this website.
If you are already a customer of our company, these data may be stored for the purpose of customer relationship management (CRM).
The contact form is transmitted using TLS encryption, which serves to protect your personal data against unauthorised access.
The basis for data collection pursuant to Art. 6(1) sentence 1 GDPR is, where applicable, the consent you have given us (point a), the processing of data for the purpose of performing a contact or in order to take steps prior to entering into a contract (point b) as well as the legitimate interests of our company in the communication initiated by you (point f).
The data will be erased as soon as the purpose for which they have been stored no longer applies.
In order to protect data forms on our site, we use the “reCAPTCHA” service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (referred to below as “Google”). With this service, we can differentiate between information that has been entered into a form by a human and information entered by an automated machine. The use of automated information entry constitutes misuse. The legal basis is Art. 6(1) sentence 1(f) GDPR.
To our knowledge, the referrer URL, the IP address, the behaviour of the website visitors, information about the operating system, browser and length of stay, cookies, display instructions and scripts, user input behaviour and mouse movements in the “reCAPTCHA” checkbox are transmitted to “Google”.
Amongst other things, Google uses the information obtained in this manner in order to digitise and optimise various of its own services.
The IP address transmitted by “reCAPTCHA” is not associated with other data by Google unless you are logged into your Google account at the time the “reCAPTCHA” plug-in is used, in other words when you visit our website. If you want to prevent this transmission and storage of data by Google about you and your behaviour on our website, you must log out of Google before you access our website. For the “reCAPTCHA” terms of service, see:
Google Tag Manager
Google is certified under the EU-US Privacy Shield and an appropriate level of data protection is therefore ensured when data are processed by Google.
For more information on data privacy, please refer to the following Google websites:
- FAQ Google Tag Manager: https://support.google.com/tagmanager/?hl=en#topic=3441530
- Google Tag Manager Terms of Service: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/
7. Applications (email / application form)
Please feel free to apply for vacancies advertised on our website directly or send us a speculative application.
You can do this using the email address indicated. Alternatively, you may complete our online application form.
When you apply for a job with us, we will process the information we receive from you in the course of the application procedure, e.g. in your letter of application, CV, references and correspondence as well as by telephone or verbally. In addition to your contact details, your training, qualifications, work experience and skills are of particular relevance to us. We will only judge you by your suitability for the job, so that you do not need to send us a photograph.
If you send us your application by email, the information you supply to us will not be encrypted for transmission unless your email provider supports SSL (Secure Socket Layer) or TLS (Transport Layer Security) encryption. If you prefer, you may instead send us encrypted emails provided you give us advance notification by telephone. Alternatively, you can send us your application details in encrypted files which are protected by password (for example *.zip) and tell us the password which we need to decrypt them by telephone or other means.
If you apply to us using the application form, we will process the data you enter in the input fields (title, first and last name, email address, desired starting date, salary expectations, other voluntary information) as well as any documents uploaded by you to enable us to process your application.
If we conclude a contract of employment with you on the basis of this application, we will store the data transmitted to us for the purpose of processing the employment contract in compliance with legal regulations.
However, if we do not conclude a contract of employment with you, we will erase this data six months after your application is rejected. The legal basis is Art. 6(1) sentence f GDPR (legitimate interests). Our legitimate interests in storage for this period are derived from the exercise or defence of claims, for example in connection with the burden of proof in a procedure under the German General Equal Treatment Act (AGG).
If you have given your consent to the storage of your application details for a longer period, we will transfer these data to our applicant pool (Section 26(2) BDSG (German Data Protection Act) in conjunction with Art. 6(1) sentence a GDPR). The data stored there will be erased after one year has elapsed.
Data are processed for the purpose of carrying out an application procedure.
The legal basis for processing in the context of the application procedure and as part of your personnel file is Section 26(1) sentence 1 BDSG and Art. 6(1) sentence b GDPR as well as – insofar as you have given your consent, for example by communicating other information which is not essential for the application procedure – Art. 6(1) sentence a GDPR.
You may withdraw your consent to the processing of personal data during the application procedure at any time by sending an email to dataprotection(at)norres.eu.
The legal basis for processing after your application has been rejected is Art. 6(1) sentence f GDPR.
Our legitimate interests in processing on the basis of Art. 6(1) sentence f GDPR are derived from the defence of legal claims.
The legal basis for budgetary and tax storage is Art. 6(1) lit. c GDPR in conjunction with § 147 AO.
Applicants wishing to submit their application using the online form should read our Privacy Notices for online applicants.
8. Data protection
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as any purchase orders or enquiries which you send to us as the site operator. You can recognise an encrypted connection in your browser when the address changes from “http://” to “https://” and a locked padlock is displayed in the address line.
If SSL or TLS encryption is enabled, the data you transfer to us cannot be read by third parties (end-to-end encryption). The protocols provide authentication of the communication partner and secure the integrity of the data transmitted.
Our website offers you the opportunity to subscribe to a newsletter, which will be sent to you by email. The newsletter will be sent to the email address provided by you at the time of registering. We will also require confirmation that you are the owner of this email address (double opt-in) and that you agree to receive the newsletter. The legal basis for this is Art. 6(1) sentence 1(a) GDPR. We will store your email address as well as other optional information such as your first and last name for the purposes of sending you the newsletter.
These data will be passed on to Episerver, our service provider, to enable the newsletter to be sent to you.
Our newsletter system has a tracking function that allows us to keep track of which recipients opened the newsletter at what time. These data are stored and used to evaluate the reach of individual campaigns.
Withdrawal of consent: You may object to the future use of your data at any time. For example, you can unsubscribe from the newsletter by clicking the link at the bottom of every email.
9. Google Analytics
This website uses “Google Analytics”, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (referred to below as “Google”).
We have signed an agreement with Google to handle order processing and the strict requirements of the German data protection authorities are fully implemented when using Google Analytics.
The legal basis for using Google Analytics is your consent pursuant to Art. 6(1) sentence 1(a) GDPR.
If you have given your consent to the processing of your personal data, Google may place cookies on your device in order to make the service available. Cookies are small text files which enable us to recognise your browser the next time you visit our website. To help monitor your website activity, Google stores your IP address as well as the time, place, duration and frequency of your visits to our sites.
As part of processing by Google Analytics, personal data will be transmitted to the United States.
Google will use this information to evaluate how you use the website, compile reports on website activity and offer other services relating to website activity to the controller. Google Analytics is supplemented by -anonymizeIP, and prior to transmission to the United States your IP address will be anonymised on servers within the member states of the European Union.
The transmission of personal data to the United States takes place on the basis of an adequacy decision issued by the European Commission on 12 July 2016 (“EU-US Privacy Shield”). You can access the certification here:
Data transmitted by us and associated with cookies are automatically erased after 14 months.
Furthermore, you can prohibit Google from collecting and analysing the data generated by the cookie about your use of the website (including your IP address) by downloading and installing the browser add-on. Opt-out cookies prevent any future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across multiple devices, you must opt out on all of the systems you are using. Clicking here will place the opt-out cookie: Disable Google Analytics
10. Fan Page on Facebook / Facebook Page
Our presence on social networking sites and platforms like Facebook enables us to communicate actively with existing and prospective customers using modern methods. We use these sites to provide information on our services, products and any special activities or events at our company which may be of interest. When you visit our online services on social media, your personal data may be automatically collected and stored for market research and advertising purposes. User profiles may then be created under a pseudonym from the data which is processed in this way. These profiles may be used, for example, to place advertisements on or outside platforms which are presumed to match your interests. Cookies are generally placed on your device for this purpose. Our Privacy Statement explains how cookies work; please refer to the notices there for all further information. These cookies track visitor behaviour and users’ interests. This is necessary in order to safeguard our predominantly legitimate interest, based on a balance of interests, in improving the presentation of our products and services as well as in effective communication with existing and prospective customers. The legal basis for processing is therefore Art. 6(1) sentence f of the EU’s GDPR. If the operator of a social media platform asks you to give your consent to the processing of your personal data, for example by checking a box, the legal basis for processing is Art. 6(1) sentence a of the EU’s GDPR. Insofar as the aforementioned social media platforms have their headquarters in the USA, the following applies: the European Commission has issued an adequacy decision with regard to the United States of America. This decision is based on the EU-US Privacy Shield. You can find a current certificate for the company concerned on the following website: www.privacyshield.gov/list.
For more comprehensive information on the processing and use of personal data by the providers on their respective websites as well as contact details, the rights you have in relation to your data and the settings you can choose to protect your privacy – in particular, how to exercise your right of objection (opt out) – please follow the links below to the providers’ privacy policies:
To exercise your right of objection (opt out), go to:
Please also feel free to contact us (contact details above) if you have any questions in this respect. Data processing takes place on the basis of an agreement between jointly responsible parties pursuant to Art. 26 GDPR which you can access here:
11. Using YouTube components in Enhanced Privacy mode
This website uses components (videos) of YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a company of Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA; YouTube’s “Enhanced Privacy” feature is enabled for this purpose. This means that only information required to play the videos – in other words, which of our pages you have visited – is actually transmitted to the service provider. If you are logged into YouTube when you visit our website, this information will be assigned to your YouTube member account. You can prevent this by logging out of your YouTube account before you visit our website.
When you access one of our pages in which a YouTube video is embedded, you will be connected to the YouTube servers; your browser is informed which of our pages you have visited, to enable the content (in other words, the video) to be displayed. The legal basis for processing in this connection is Art. 6(1) sentence 1(f) GDPR.
Our website employs components and services provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Each time our website receives an access request equipped with a LinkedIn component, the component prompts your browser to download an image of this component from LinkedIn. Through this process, LinkedIn is informed exactly which page of our website is being accessed. We have no control over the data that LinkedIn collects thereby, nor over the extent of the data that LinkedIn collects or how such data are processed. The legal basis is Art. 6(1) sentence 1(f) GDPR.
You can change your personal privacy settings in your account settings:
Our website employs components and services provided by XING SE, Dammtorstraße 30, 20534 Hamburg, Germany. Each time our website receives an access request equipped with a XING component, the component prompts your browser to download an image of this component from XING. Through this process, XING is informed exactly which page of our website is being accessed. We have no control over the data that XING collects thereby, nor over the extent of the data that XING collects or how such data are processed.
The legal basis is Art. 6(1) sentence 1(f) GDPR.
You can change your personal privacy settings in your account settings:
14. Rights of the data subject
Your rights / exercise of rights
You are entitled to the rights set out below. You may exercise these rights against us. To exercise your rights, please use the aforementioned contact methods or send an email to email@example.com
- Right of access under Art. 15 GDPR:
You have the right to request information about your personal data processed by us, in particular about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data as well as to object to such processing, the right to lodge a complaint with a supervisory authority, the origin of your data if they were not collected by us, the existence of automated decision-making including profiling and, where applicable, meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for you, and finally, where personal data are transferred to a third country, the right to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
- Right to rectification under Art. 16 GDPR:
You have the right to demand the rectification of inaccurate personal data concerning you and / or the right to have incomplete personal data completed without undue delay.
- Right to erasure under Art. 17 GDPR::
You have the right pursuant to Art. 17(1) GDPR to demand the erasure of personal data concerning you. This right shall not apply to the extent that processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
- Right to restriction under Art. 18 GDPR:
You have the right to demand the restriction of processing of your personal data as long as the accuracy of the personal data is contested by you, the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead, we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or if you have objected to processing for reasons arising from your particular situation, pending the verification whether our legitimate grounds override your own as the data subject.
- Notification obligation under Art. 19 GDPR:
If you have asserted the right of rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.
- Right to data portability under Art. 20 GDPR:
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to have that personal data transmitted directly to another controller, where technically feasible.
- Right to withdraw consent under Art. 7(3) GDPR
If our processing of personal data is based on your consent, you have the right to withdraw your consent to future processing at any time. If you withdraw your consent, we will cease processing of the data for which you have withdrawn consent, unless we have a legal obligation to keep some or parts of your data. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
- Right to lodge a complaint under Art. 77 GDPR
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
15. Right to object
You may object to the future use of your data at any time by email or in writing.
If you exercise your right to object, we will cease processing of the data concerned.
16. Storage period for personal data
The storage period for personal data is determined by the respective legal retention period. After expiry of this period, the data concerned will be routinely deleted, provided they are no longer necessary for the performance or initiation of the contract and / or there is no longer any legitimate interest on our part in further storage.
17. Updates and changes to this Privacy Statement
This Privacy Statement is regularly reviewed and was last updated in September 2019.
We reserve the right to change this Privacy Statement without prior notice to reflect improvements to our website, or to the services offered on our website, as well as legal and regulatory changes. The most current version of the Privacy Statement can be reviewed on our website and printed out at any time by following this link: