

Handling of personal data
Data privacy at HOYER
We are delighted at your interest and your visit to our website. Protection of your personal data is especially important to us in every phase of the collaboration. We would therefore like to explain to you what information we collect and how this information is used.
1. Handling of usage data on our homepage www.hoyer-group.com
1.1 Server log data
The page provider automatically collects and stores information in what are called server log files, which your browser automatically transfers. These data are mainly:
- Browser type and browser version
- Operating system used
- Referrer URL (origin address)
- Date and time of day of the server request
- IP address
These data are stored separately from other data that you may transfer to us, and are not merged with data from other sources.
The basis for data processing is Article 6, Para. 1, Letter f of the GDPR (General Data Protection Regulation), which allows data processing based on legitimate interests. In this case, there is legitimate interest in the secure, trouble-free operation of the web server. To ensure this, the administration must be able to recognise and understand attacks on the system, and its malfunctions, via server log files. Accesses to the server must be stored to enable recognition of attack patterns. These data are deleted as soon as they are no longer needed. As a rule, this happens after seven (7) days. For technical reasons, data are available to the hosting service provider, but the latter is bound by our instructions and contractually obliged to us.
1.2 Contact form
When you send enquiries to us via a contact form, we store and process your information from the form in order to process the enquiry and in the event of follow-up questions.
Mandatory fields are identified accordingly. Completing mandatory fields is necessary to enable us to reply to and process your enquiries. Moreover, all information is voluntary.
Data entered into the contact form are processed exclusively based on your consent (Article 6, Para. 1, Letter a of the GDPR). You can revoke this consent at any time. Revocation applies only for the future.
We do not give your data to third parties without your consent or without another permissible legal basis. The fact that our technical service providers can gain insight cannot be excluded, but they are, however, obliged to maintain secrecy.
The data you enter into the contact form remain with us until you ask us to delete it, or you revoke your consent to storage, or the purpose of the data storage no longer applies (e.g. after processing of your enquiry is complete). Mandatory statutory provisions – especially retention periods – remain unaffected.
1.3 Cookies
We can use cookies for technical reasons, to optimise our Internet pages and to determine page views.
The cookies that are involved can be seen here, where you can also revoke consents that may possibly have been granted.
1.4 HOYER Connect customer portal (including web analysis)
To be able to use the HOYER Connect customer portal, you must be registered with HOYER and log on with your user name and password.
The following personal data are processed for this purpose: names, E-mail address, employer, telephone number.
These data originate from yourself or were communicated to us by your employer/client and/or by your colleagues.
Data processing takes place based on the legitimate interests of HOYER (Article 6, Para. 1, Letter f of the GDPR). The legitimate interests consist of providing information und in fulfilling the contract with your employer or client. Insofar as corresponding consent was requested, processing takes place exclusively based on Article 6, Para. 1, Letter a of the GDPR; you can revoke consent at any time.
Our IT service providers can access users’ personal data. They also include Microsoft in the USA. We draw attention to the fact that according to the present legal situation, no adequate level of protection exists in the USA. Microsoft bases its data transmission on the EU Commission’s standard contractual clauses, which you can see here.
Personal data are stored for as long as they are required for the purposes mentioned above, or until you request deletion, or for as long as this is required by legal retention periods.
When using the HOYER Connect customer portal, and if you voluntarily consent before the respective use, Microsoft’s “Azure Application Insights” web analysis service will also be used. You can access more information about this here, where you can also revoke any consent that may possibly have been granted.
You can find more information about Microsoft’s handling of your data in the Microsoft Data Protection Provisions at Microsoft Privacy Statement – Microsoft privacy
1.5 Google Analytics
With your consent, Google’s web analysis service is used. Detailed information about this can be accessed here, where you can also revoke consents that may possibly have been granted.
1.6 YouTube
With your consent, YouTube videos are loaded and displayed on our pages. Detailed information about it can be accessed here, where you can also revoke consents that may possibly have been granted.
1.7 Consent management in cookies and other data storage
We use a service of Usercentrics GmbH, Sendlinger Strasse 7, 80331 Munich, Germany, to manage consents granted for cookies and similar technologies. Detailed information about this can be accessed here.
1.8 Google Web Fonts
For the uniform display of certain typefaces, our web site uses what are called Web Fonts provided by Google. When a page is accessed, your browser loads the necessary fonts directly from Google to enable your terminal device to display them correctly. To do this, your browser makes a connection to Google servers in the USA. As a result of this, Google obtains knowledge that our web site is being accessed through your IP address.
The use of Google Web Fonts is necessary to ensure a uniform typeface on our web site. This represents a legitimate interest within the meaning of Article 6, Para. 1, Letter f of the GDPR.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s Data Protection Declaration: https://www.google.com/policies/privacy.
2. Handling job applicant’s data
2.1 Collecting and processing personal data
Personal data, e.g. your name, your address and your telephone number or E-mail address, are transmitted to us, with your consent, through your job application. In compliance with the Data Protection Regulation, and safeguarding your protection-worthy interests, we process these data only in the context of the job recruitment process for the advertised position, or for a similar vacancy for which we are considering you. If you do not agree to the processing of your personal data for another vacancy, please inform us of this after your job application has been received, in writing, either to jobs@hoyer-group.com or by post to the following address:
HOYER GmbH Internationale Fachspedition
Corporate Human Resources
Wendenstrasse 414 – 424
20537 Hamburg, Germany
The legal bases for processing personal data are described in detail in Article 6, Para. 1, Letter b of the General Data Protection Regulation (GDPR).
2.2 Duration of storage
Your job application documents will be stored for as long as necessary for the purposes mentioned above, and for as long as required by statutory retention periods. We delete your data after the expiry of six (6) months after the vacant position has been filled, unless we have your consent to store the data for longer.
3. Facebook
We maintain an online presence on Facebook, and in this context we process the data of users who are active there, in order to communicate with them and offer them information about ourselves. We draw attention to the fact that this may involve processing users’ data outside of the European Union. This may entail risks for users, e.g. because enforcing their rights may become more difficult.
Together with Facebook Ireland Ltd., we are jointly responsible for collecting (but not for the further processing of) the data of visitors to our Facebook page (the so-called “Fanpage”). These data includes information about the types of contents that users view or with which they interact, or the actions they take (see under “actions taken and things provided by you and others” in Facebook’s Data Guideline: https://www.facebook.com/policy), and also information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings and cookie data; see under “device information” in Facebook’s Data Guideline). As explained in the Facebook Data Guideline, Facebook also collects and uses information to provide analysis services for page operators. We have concluded a special agreement with Facebook for this purpose. You can see the essential aspects of this agreement here: https://www.facebook.com/legal/controller_addendum
As a rule, users’ data are processed for market research and advertising purposes. User profiles can be created from the usage behaviour and the interests arising therefrom. These profiles can be used, for example, to insert advertising inside and outside of Facebook and corresponding to users’ presumed interests. As a rule, for this purpose, cookies are set on users’ computers, through which users’ usage behaviour and interests are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by users (especially if the users are Facebook members and are logged in there).
For a detailed presentation of the respective processing, and the opportunities to object (Opt-Out), we refer to Facebook’s Data Protection Declarations and statements. Requests for information and the assertion of users’ rights can also be asserted most effectively there.
Processing users’ personal data is based on our legitimate interests in effective information about/for users, and communication with users, pursuant to Article 6, Para. 1, Letter f of the GDPR. If the respective providers ask users for consent to data processing (i.e. to declare their agreement by, for example, ticking a checkbox or confirming a button), the legal basis of the processing is Article 6, Para. 1, Letter a of the GDPR.
For a detailed presentation of the respective processing, and the opportunities to object (Opt-Out), we refer to Facebook’s General Data Protection Declaration at: https://www.facebook.com/policy
4. Twitter
We maintain an online presence on Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) to communicate with the customers, interested parties and users who are active there, and to inform them there about our offers. We draw attention to the fact that Twitter also processes users’ data outside of the European Union. This may entail risks for users, e.g. because it may make enforcing their rights more difficult.
As a rule, users’ data are also processed for market research and advertising purposes. Thus, for example, usage profiles can be created from the usage behaviour and users’ interests arising therefrom. The usage profiles can in turn be used, for example, to insert advertising inside and outside of the platforms and corresponding to users’ presumed interests. As a rule, for these purposes, cookies are set on users’ computers, through which users’ usage behaviour and interests are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by users (especially if the users are members of the respective platforms and are logged in to the latter).
Processing users’ personal data is based on our legitimate interests in effective information about/for users, and communication with users, pursuant to Article 6, Para. 1, Letter f of the GDPR. If the respective providers ask users for consent to data processing (i.e. to declare their agreement by, for example, ticking a checkbox or confirming a button), the legal basis of the processing is Article 6, Para. 1, Letter a of the GDPR.
For a detailed presentation of the respective processing, and the opportunities to object (Opt-Out), we refer to Twitter’s statements: Data Protection Declaration: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.
In the event of requests for information and the assertion of users’ rights, we also draw attention to the fact that these can be most effectively asserted with the providers. Only the provider has respective access to the users’ data in each case, and can directly take corresponding measures and give information.
5. LinkedIn
Moreover, we maintain an online presence on LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland), in order to communicate with users who are active there and to offer information about ourselves.
We draw attention to the fact that this may involve processing users’ data outside of the European Union. This may entail risks for users, e.g. because enforcing their rights could become more difficult.
As a rule, users’ data are also processed for market research and advertising purposes. Thus, for example, usage profiles can be created from the usage behaviour and users’ interests arising therefrom. The usage profiles can in turn be used, for example, to insert advertising inside and outside of the platforms and corresponding to users’ presumed interests. As a rule, for these purposes, cookies are set on users’ computers, through which users’ usage behaviour and interests are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by users (especially if the users are members of the respective platforms and are logged in to the latter).
Processing users’ personal data is based on our legitimate interests in effective information about/for users, and communication with users, pursuant to Article 6, Para. 1, Letter f of the GDPR. If the respective providers ask users for consent to data processing (i.e. to declare their agreement by, for example, ticking a checkbox or confirming a button), the legal basis of the processing is Article 6, Para. 1, Letter a of the GDPR.
For a detailed presentation of the respective processing, and the opportunities to object (Opt-Out), we refer to LinkedIn’s statements: Data Protection Declaration: https://de.linkedin.com/legal/privacy-policy, opportunity to object (Opt-Out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
In the event of requests for information and the assertion of users’ rights, we draw attention to the fact that these can be most effectively asserted with the provider, LinkedIn. Only the provider has access to the users’ data in each case, and can directly take corresponding measures and give information.
6. YouTube
Furthermore, we maintain an online presence on YouTube (operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), in order to communicate with users who are active there and to offer information about ourselves.
We draw attention to the fact that this may involve processing users’ data outside of the European Union. This may entail risks for users, e.g. because enforcing their rights could become more difficult.
As a rule, users’ data are also processed for market research and advertising purposes. Thus, for example, user profiles can be created from the usage behaviour and the users’ interests arising therefrom. The usage profiles can in turn be used, for example, to insert advertising inside and outside of the platforms and corresponding to users’ presumed interests. As a rule, for these purposes, cookies are set on users’ computers, through which users’ usage behaviour and interests are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by users (especially if the users are members of the respective platforms and are logged in to the latter).
Processing users’ personal data is based on our legitimate interests in effective information about/for users, and communication with users, pursuant toArticle 6, Para. 1, Letter f of the GDPR. If the respective providers ask users for consent to data processing (i.e. to declare their agreement by, for example, ticking a checkbox or confirming a button), the legal basis of the processing is Article 6, Para. 1, Letter a of the GDPR.
For a detailed presentation of the respective processing, and the opportunities to object (Opt-Out), we refer to Google’s statements: Data Protection Declaration: https://policies.google.com/privacy; opportunity to object (Opt-Out): https://adssettings.google.com/authenticated.
In the event of requests for information and the assertion of users’ rights, we draw attention to the fact that these can be most effectively asserted with the provider, Google. Only the provider has access to the users’ data in each case, and can directly take corresponding measures and give information.
7. Xing
We maintain an online presence on Xing (operated by New Work SE, Am Strandkai 1 20457 Hamburg, Germany), in order to communicate with users who are active there and to inform them there about our offers.
Users’ data can also be processed for market research and advertising purposes. Thus, for example, usage profiles can be created from the usage behaviour and the users’ interests arising therefrom. The usage profiles can in turn be used, for example, to insert advertising inside and outside of the platforms and corresponding to users’ presumed interests. As a rule, for these purposes, cookies are set on users’ computers, through which users’ usage behaviour and interests are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by users (especially if the users are members of the respective platforms and are logged in to the latter).
Processing users’ personal data is based on our legitimate interests in effective information about/for users, and communication with users, pursuant to Article 6, Para. 1, Letter f of the GDPR. If the respective providers ask users for consent to data processing (i.e. to declare their agreement by, for example, ticking a checkbox or confirming a button), the legal basis of the processing is Article 6, Para. 1, Letter a of the GDPR.
For a detailed presentation of the respective processing, we refer to Xing’s statements: Data Protection Declaration: https://privacy.xing.com/de/datenschutzerklaerung. You can find a description of the Opt-Out on this page: https://privacy.xing.com/de/datenschutzerklaerung/informationen-die-wir-auf-grund-ihrer-nutzung-von-xing-automatisch-erhalten/tracking-in-eingebundenen-fremdinhalten.
In the event of requests for information and the assertion of users’ rights, we draw attention to the fact that these can be most effectively asserted with the provider, LinkedIn. Only the provider has respective access to the users’ data in each case, and can directly take corresponding measures and give information.
8. Rights of data subjects
As a data subject, you are entitled to the following rights, insofar as the statutory conditions for them are fulfilled:
- Right to information, Article 15 of the GDPR
- Right to correction, Article 16 of the GDPR
- Right to deletion, Article 17 of the GDPR
- Right to restriction of processing, Article 18 of the GDPR
- Right to data portability, Article 20 of the GDPR
- Right to object, Article 21 of the GDPR
You have the right, with effect for the future, to revoke at any time the consent to data processing that you granted.
You have the right to complain to the Data Protection Supervisory Authority about data processing.
9. Contact details of the Data Protection Officer
If you have any more questions on the subject of data protection and the handling of your personal data in the HOYER Group, please contact our Data Protection Officer:
fox-on Datenschutz GmbH
Pollerhofstrasse 33 a
51789 Lindlar/Cologne, Germany
www.fox-on.com
E-mail: dsb@fox-on.com
Tel.: +49 2266/90 15 920
10. Responsible body
The body responsible for data processing on this web site is:
HOYER GmbH Internationale Fachspedition
Wendenstrasse 414–424
20537 Hamburg, Germany
Tel.: +49 40 21044 0
Fax: +49 40 21044 246
E-mail: hoyer@hoyer-group.com