Data Protection
according to the EU General Data Protection Regulation (GDPR)

1. General Information
 

The following privacy notice pursuant to Article 13 of the General Data Protection Regulation (GDPR) provides an overview of how we process your personal data when you visit our website.

The subject of data protection is personal data. According to Article 4(1) GDPR, these are all information relating to an identified or identifiable natural person. This includes, for example, details such as name, postal address, email address, telephone number or payment data.

Below we provide detailed information about how we handle your personal data.
 

2. Controller and Data Protection Officer
 

The controller pursuant to Article 4(7) GDPR is:

M. Faust Kunststoffwerk GmbH & Co. KG
Schulstr. 15–17
49219 Glandorf
Phone: +49 5426 88-0
Email: info@faust-kunststoff.de

​

For any questions regarding data protection, you can contact our Data Protection Officer at any time:

Said-Elham Sadat
DSB Münster GmbH
Martin-Luther-King-Weg 42–44
48155 Münster
Phone: +49 251 718 79 0
Email: datenschutz@dsb-ms.de

​

3. Scope and Purpose of Processing Personal Data
 

When you use this website, various personal data will be collected. This privacy notice explains what data we collect and what we use it for. It also explains how and for what purpose this occurs.
 

3.1 When visiting this website
 

a) Server Log Files

When you access our website, your internet browser automatically sends data to the server of our website and stores it temporarily in a log file. The following data are stored without any action on your part and deleted automatically after a certain period:
 

• IP address of the accessing device

• Date and time of access

• Name and URL of the accessed page

• Referrer URL

• Browser type, operating system, and name of the access provider
   

The processing of these personal data is justified according to Article 6(1)(f) GDPR. Our legitimate interest lies in:
 

• Enabling a fast connection setup

• Ensuring user-friendly use of the website

• Ensuring system security and stability

• Facilitating website administration and improvement
   

These data are not used to draw any conclusions about your identity. Data will be deleted when no longer necessary for the purposes for which they were collected. For log files, this is usually after seven days. In exceptional cases, IP addresses may be anonymized for longer storage.
 

b) Cookies

Cookies are small text files that your browser stores on your device when you access a website. Cookies collect and store information to improve your browsing experience by recognizing preferences and needs.
 

If you do not wish to allow cookies to be stored on your device, you can disable this in your browser settings. However, disabling technically necessary cookies may limit the functionality of the website.
 

Common types of cookies explained:

• Session Cookies: Temporarily stored for the duration of your session. Deleted after logout or session expiry.

• Persistent Cookies: Remain on your device for a predetermined period to remember your settings.

• Third-Party Cookies: Set and managed by partners, used for analytics or marketing purposes.

• Technically Necessary Cookies: Essential for basic website functionality such as navigation and secure area access.
   

Some website elements cannot function without cookies, which are required to recognize the browser during sessions.
 

These technically necessary cookies are processed under Article 6(1)(f) GDPR, based on our legitimate interest in ensuring website usability.
 

c) Wix

Our website is hosted by Wix.com Ltd., based in Tel Aviv, Israel (40 Hanamal Tel Aviv St., Tel Aviv 6350671), with additional offices in Berlin, Dublin, Vancouver, and New York.

Wix enables us to provide a modern and user-friendly website, manage content efficiently, and integrate functions.
 

Data collected by Wix includes:

• Device and browser information (OS, resolution, language)

• ISP and anonymized IP address

• Website interactions and session duration

• Visit frequency and time

• Voluntarily submitted contact details (e.g., email, phone)

• Location data derived from IP address

• On-site user behavior (e.g., areas visited, time spent)
   

Legal bases for processing:

• Article 6(1)(f) GDPR: Improving user experience and website functionality

• Article 6(1)(a) GDPR: Consent for use of cookies or tracking technologies
   

Data is retained as long as necessary for processing purposes, and deleted when no longer required.
 

Wix may store data in Israel (adequate level of data protection) or in countries like the USA, Ireland, South Korea, Taiwan. Transfers are secured by Standard Contractual Clauses under Article 46 GDPR.
 

More information: https://de.wix.com/about/privacy-dpa-users
 

d) Google Ads

We use Google Ads (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) for conversion tracking. This allows us to see what happens after you click on an ad.

Data collected includes:
 

• Visited pages

• Browser language and type

• Cookie ID and information

• Duration of website visit

• Clicked advertisements and interest areas

• IP address and referrer URL

• Web requests and usage data
   

Processing is based on your consent in accordance with Article 6(1)(a) GDPR. You can withdraw your consent at any time.
 

Data may be transferred to the USA. Google is currently certified under the EU-U.S. Data Privacy Framework.
 

More information: https://policies.google.com/privacy
 

e) Google Maps

We use Google Maps (Google Ireland Ltd.) to display interactive maps and provide location-based services on our website.

Processed data includes:

• Location data

• Usage data

• IP address

• Browser and device information
   

Processing is based on your consent (Article 6(1)(a) GDPR). You may withdraw consent at any time by disabling Google Maps via browser settings or rejecting cookies.
 

Data may be stored in the USA. Google complies with the EU-U.S. Data Privacy Framework.

For details on storage and deletion: https://policies.google.com/privacy
 

f) Use of Our Contact Form

You can contact us via the contact form provided on our website. A valid email address is required so we can respond to your inquiry. Other information is optional.
 

Processing is based on Article 6(1)(b) GDPR for customer inquiries, or Article 6(1)(f) GDPR for other inquiries, based on our legitimate interest in handling requests.
 

Data will be deleted once the request is resolved and no further legal basis for retention exists.
 

3.2 Within Our Company
 

a) Contacting Us

You can contact us via several methods: email or telephone. We will process any personal data you voluntarily provide in this context solely for the purpose of individual communication with you.

The processing of this data is based on Article 6(1)(b) GDPR if your inquiry relates to the fulfillment of a contract or is necessary for pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively handling your inquiry (Article 6(1)(f) GDPR), or on your consent (Article 6(1)(a) GDPR) if such consent has been requested.

The data you provide will be retained until you request deletion, withdraw your consent to storage, or the purpose for storing the data no longer applies. Statutory retention obligations remain unaffected.

 

b) Customer and Supplier Data
 

We process these data for the performance of our contracts with customers and to carry out pre-contractual measures. The purpose of the processing is based on customer needs and may include sales or consultation discussions.
 

We also process personal data to initiate and fulfill contracts with suppliers and service providers on the basis of Article 6(1)(b) GDPR.
 

c) Applicant Data

We process the data you send us as part of your application to assess your suitability for the position (or other open positions) and to carry out the recruitment process.
 

The legal basis for processing is Article 6(1)(b) GDPR. If data are required after the conclusion of the application process for legal purposes, processing may be based on Article 6(1)(f) GDPR, in particular our legitimate interest in asserting or defending legal claims.
 

An additional legal basis is your explicit consent under Article 6(1)(a) GDPR, and for special categories of personal data (e.g., health, religion, ethnicity), consent under Article 9(2)(a) GDPR. If you do not wish us to process such special categories of data, please refrain from submitting them.

We retain your personal data for as long as necessary for the recruitment process. If no employment relationship arises, we delete the data after 6 months. If you consent to be included in our applicant pool, your data will be stored for 2 years. If you are hired, the data will be transferred to your personnel file.
 

After receipt, your application will be reviewed by our HR department. Suitable applications are forwarded internally to the responsible department heads. Within the company, only individuals involved in the recruitment process have access to your data. Data will not be shared with third parties.
 

d) Social Media Presence

We appreciate your interest in our social media presences on Instagram, LinkedIn, and YouTube. We process personal data that you provide by interacting with our profiles, e.g., through likes, comments, shares, or messages.
 

Processed data includes your name, profile picture, shared content, and technical usage data such as IP address, browser type, and access time. Please note that your use of social media platforms and their functions is your own responsibility.
 

We process your data for interaction, to respond to inquiries, improve platform use, for promotional purposes, and to provide information about our services.
 

The legal basis is Article 6(1)(f) GDPR, and Article 6(1)(a) GDPR if you voluntarily submit personal data through interactions.
 

Generally, we do not share your data with third parties. However, the platform operators may process your data independently. In such cases, we are joint controllers within the meaning of the GDPR. Please refer to the platforms' privacy policies for further information:
 

• Instagram: https://help.instagram.com/155833707900388

• LinkedIn: https://de.linkedin.com/legal/privacy-policy

• YouTube: https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/privacy/
   

These platforms are operated in third countries. If data is transferred, it is protected by standard contractual clauses or other appropriate safeguards.
 

e) Direct Marketing to Existing Customers

If you have provided us with your data in connection with the purchase of products or services, we may use this data to send you offers and information about similar products and services via email.

We process this data (e.g., name, address, email) based on our legitimate interest in direct advertising pursuant to Article 6(1)(f) GDPR and Section 7(3) of the German Act Against Unfair Competition (UWG).
 

If you object to the use of your email address for this purpose, we will not send any marketing emails. Your personal data will be stored only until you object or until further storage is legally required or permitted.
 

In the event of an objection, we reserve the right to store your email address in a suppression list ('blacklist') to comply with your objection.
 

4. Legal Basis for Data Processing
 

Unless otherwise stated in this privacy policy, the following applies to the legal basis of data processing:
 

• Where we obtain your consent, Article 6(1)(a) GDPR serves as the legal basis.

• Where processing is necessary for the performance of a contract or for pre-contractual measures, Article 6(1)(b) GDPR applies.

• Where processing is necessary for compliance with a legal obligation, Article 6(1)(c) GDPR applies.

• Where processing is based on our legitimate interests or those of a third party, and your interests or fundamental rights do not override these, Article 6(1)(f) GDPR applies.
   

5. Recipients or Categories of Recipients of the Data
 

Within our company, only those who need access to your data to perform their duties receive it.

We do not transfer your personal data to third parties unless necessary for contract performance, legally permitted, or you have provided your consent.
 

This includes transfers to service providers (processors) or third parties involved in the fulfillment of the contract (e.g., event organizers, authorities, courts, experts). These recipients may only use your data for the specified purposes.
 

6. Processors
 

We use processors in accordance with Article 28 GDPR to support the operation of our website and associated processes (e.g., hosting providers). These service providers are contractually obligated to follow our instructions and maintain adequate data protection.
 

Processor: Wix
Purpose: Web hosting, analytics
Data protection level: Processing in a secure third country (Israel), or under the EU-U.S. Data Privacy Framework
 

7. Data Retention
 

Unless stated otherwise, we retain your personal data only as long as necessary to fulfill the purposes for which it was collected.
 

The data will be deleted as soon as the purpose ceases to apply. If statutory retention obligations (e.g., tax or commercial law) apply, data processing will be restricted during that time and deleted once the obligation ends.
 

8. Rights of Data Subjects
 

You have the following rights under the GDPR:
 

• Right of access (Art. 15 GDPR): Obtain information on your stored data and their processing.

• Right to rectification (Art. 16 GDPR): Correct inaccurate or incomplete data.

• Right to erasure (Art. 17 GDPR): Request deletion unless processing is required by law or for legal claims.

• Right to restriction of processing (Art. 18 GDPR): Limit processing if conditions under GDPR are met.

• Notification obligation (Art. 19 GDPR): We will inform recipients of any rectification or erasure unless impossible or disproportionate.

• Right to data portability (Art. 20 GDPR): Receive or transfer your data in a machine-readable format.

• To exercise your rights, please contact us via email or post, including proof of identity.
   

9. Right to Object
 

You have the right to object at any time to the processing of your personal data based on Article 6(1)(f) GDPR for reasons arising from your particular situation.
 

If you object, we will stop processing your data unless we demonstrate compelling legitimate grounds or the processing is for legal claims.
 

10. Right to Withdraw Consent
 

If we process your data based on consent (Article 6(1)(a) GDPR), you may withdraw that consent at any time with future effect.

​

Upon withdrawal, we will delete the data unless another legal basis applies. The lawfulness of processing before withdrawal remains unaffected.

​

11. Right to Lodge a Complaint with a Supervisory Authority
 

You may file a complaint with a supervisory authority, in particular in your place of residence or the location of the alleged violation.
 

Supervisory authority responsible for us:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
P.O. Box 20 04 44
40102 Düsseldorf
Phone: +49 211/38424-0
Email: poststelle@ldi.nrw.de
 

12. Data Security
 

We implement technical and organizational measures to protect your data against unauthorized access. This includes TLS encryption on our website.

You can recognize a secure connection by the lock icon in your browser’s address bar and the prefix 'https://'.

​

13. Updates to This Privacy Policy

This privacy policy is current as of March 2025.

We reserve the right to amend it regularly to reflect changes in our data processing or legal requirements.