Data Protection

Privacy Statement

On this website, we, Croozer GmbH, provide information about our products and services. The protection of your personal data is very important to us. Therefore, we collect and process your personal data exclusively in accordance with data protection law. On this page, we provide all relevant information on data protection in accordance with Articles 13 and 14 of the EU General Data Protection Regulation (GDPR) on the collection and processing of your personal data.

Responsible for data processing:

Croozer GmbH
Oskar-Jäger-Straße 125
D - 50825 Cologne
Managing directors: Andreas Gehlen, Hanna Gehlen, Markus Krill
Telephone: +49 (0) 221-9514700
E-mail: datenschutz@croozer.com

Our data protection officer can be reached at:

__Croozer GmbH

  • Data Protection Officer -
    Oskar-Jäger-Str. 125
    D – 50825 Köln
    Telephone: +49 (0) 221-9514700
    E-mail: datenschutz@croozer.com__

When you visit this website and use the various services, we process your personal data as described in detail below.
For the operation of this website with its various services (including the online shop for our customers and the processing of orders), we work together with a number of external service providers, all of whom are carefully selected and contracted to us in accordance with data protection law.

1. Croozer-Cookies

Each time you visit our website, we use so-called cookies, i.e. small text files that are stored in your browser.

a. Session Cookies
For example, we use so-called session cookies, which are retained until you close all browser windows. We need these session cookies so that we can process your queries on our website and direct you to the various sub-pages. It is in our legitimate interests to use session cookies, as otherwise we would not be able to provide our website services in this way (Art. 6 para. 1 lit. f GDPR). If you do not want cookies to be used, you can block the use of cookies in your browser settings. You can still visit our website if you block cookies, but you may not be able to use all the website functions to their full extent.
b. Long-Term Cookies
In addition, we use the following longer-term cookies, which allow us to make our website more user-friendly, namely persistent cookies, which are used for a fixed period of an hour (“frontend” cookie) and of a month (“store” and “croozer-user” cookies).
These cookies remain on your device and enable us to recognise your browser the next time you visit our website (“persistent cookies”) so that, for example, previous settings are retained, e.g. if you place an item in your shopping basket and then leave our site and return again. Persistent cookies are automatically deleted after a pre-defined period, depending on the cookie, as specified above. Long-term cookies enable us to recognize you on your next visit to our website. This recognition using cookies helps us optimise the content of our website and make it more user-friendly for you, e.g. by restoring the contents of your shopping basket when you return. These cookies are stored by Croozer GmbH; our company and the external service providers who are engaged by us to offer support in the operation of the website as processors have access to these cookies.

It is in our legitimate interests to use these cookies in order to make our website as attractive and user-friendly as possible and develop it accordingly (Art. 6 para. 1 lit. f GDPR). If you do not want cookies to be used, you can block the use of cookies in your browser settings. You can still visit our website if you block cookies, but you may not be able to use all the website functions to their full extent.

2. Server Log Files

Furthermore, each time you access our website, your browser transfers access data, so-called server log files, which we process to maintain system security and analyse user statistics. The information that we receive in the server log files includes, in particular, the time of the access, the website from which our website was accessed (referrer URL), the sub-pages accessed, the names of requested files, your IP address, the volume of data transmitted, your browser type and your access provider. This data is required in order to ensure system security, e.g. to identify and block the attacker in the event of a hacker attack. This is in our overriding, legitimate interests (Art. 6 para. 1 lit. f GDPR).
Server log file data also allows us to perform a statistical analysis (scope of use and user behaviour, e.g. total number of visits or total page views in a certain month) which we use to optimize the website design. However, the IP address is shortened and thus anonymised.

3. Social Media

We use offers from third-party providers in several places on our website. These offer our visitors various opportunities for social interaction.

a. Facebook, Twitter, Pinterest, Instagram, GooglePlus and E-Mail
Links to social media platforms, which you can access via the light-blue button that can be found in the right margin on several sub-pages, enable you to share information from our site with others. These platforms include Facebook, Twitter, Pinterest, Instagram and Google Plus, in addition to an email function. By clicking on the respective content, which is identifiable with a corresponding icon, you can log into the respective platform with your account and subsequently share our content with others. In some cases, the information on our products and services has already been entered in advance (particularly with a link). Information will only be transferred to these third-party providers when you click on one of the links. With the email function, your email program opens, and you can send the information via email. We have no influence on the data processing by the email program of your respective provider; we only provide a link to your email program.
Furthermore, you have the option in various places (e.g. via the grey buttons at the bottom of the sub-pages under “Legal Notice ” and also at various places in our blog and via the homepage) to click on the social media tools (particularly Facebook, Twitter, Instagram, YouTube and Pinterest) and not only to view our information there but also to share information about our offers with other users You can recognise these tools by the respective icons. The plugins are deactivated by default while you visit our website, meaning that no data will be transferred to the corresponding provider unless you click on the respective link.
If you click on one of the links, a new window will open in your browser, and your data will be transferred to the respective provider, particularly the URL of the page from which you came. The same also applies if you do not have your own account with the respective provider or are not logged in.
We have no influence on and no information about what personal data is collected by these third-party providers and what they do with this data. Please keep in mind that some of these providers have headquarters outside of the EU and that your data could therefore be transferred to third countries where an adequate level of data protection is not necessarily guaranteed. More information on the handling of your data is provided by the respective third-party providers.
We receive usage information from Facebook (Facebook Insights), Instagram, YouTube, Twitter and Pinterest. This data is analysed in anonymised form.

Information on third-party providers:
Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, privacy policy: https://www.facebook.com/about/privacy/update?ref=old_policy, https://www.facebook.com/privacy/explanation, https://de-de.facebook.com/policies/cookies, data protection information: https://www.facebook.com/help/568137493302217, terms of service: https://www.facebook.com/legal/terms/update
there also Pinterest and Instagram, additionally: https://help.instagram.com/519522125107875?helpref=page_content
Twitter, Twitter International Company, Attn: Privacy Policy Inquiry
One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND. Privacy policy: https://twitter.com/en/privacy
Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Privacy policy: http://www.google.de/intl/de/policies/privacy
YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Privacy policy: https://policies.google.com/privacy?hl=de&gl=de, data protection information: https://www.youtube.com/intl/en/yt/about/policies/#community-guidelines, terms of service: https://www.youtube.com/t/terms and https://www.youtube.com/t/terms_paidservice

Via the social media links, we enable you to receive even more attractive offers from us through other channels and to communicate directly with these platforms and their users; furthermore, you can easily share offers and information from our company with others in various ways. This is how we design our website to be more attractive and interesting for you. Therefore, the embedding of social media links is in our overriding, legitimate corporate interests (Art. 6 para. 1 lit. f GDPR). By actively clicking on these links, you yourself can decide whether your personal data will be transferred to third-party providers.
Most of the parent companies of the embedded social media providers are based in the United States. Insofar as personal data is sent to the US, an adequate level of data protection is guaranteed via the EU-US Privacy Shield which all of the aforementioned providers have agreed to observe and maintain, insofar as they are based in the US (Facebook, Twitter and Google (under data protection law, Google is responsible for YouTube) – list available at https://www.privacyshield.gov/list).

b. YouTube Video Plugins
On our website, you can watch videos: these are embedded in our website so that you can watch the videos directly on our site. Advanced privacy settings are activated for YouTube videos integrated into our site. This means that YouTube does not process your data unless you play an embedded video.
Furthermore, you can also watch the video yourself on youtube.com (via the YouTube icon and via the “share” button); there, you can view our information or communicate with other users about our products and services. In this case, data will also be transferred to YouTube. By clicking on the “share” button, you can use the services of Facebook, Twitter and Google Plus. Here, the same applies as stated above under section 3 a.
If you watch the video (on our site or on YouTube), your data will be transferred to YouTube, in particular the URL of the page from which you came. The same also applies if you do not have your own account with the respective provider or are not logged in.
We have provided additional information for you on the third-party provider YouTube above, under 3a.

4. Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. Google Analytics uses so-called tracking cookies, text files that are saved on your computer and that make it possible to analyse your use of the website. The information generated by the cookie concerning your use of this website is usually transferred to one of Google’s US-based servers and stored there. The website uses Google Analytics with the extension “_anonymizeIp()”. This means that your IP address is truncated and thereby anonymised immediately after being transferred. Your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area prior to transmission. Only in exceptional cases will the full IP address be transferred to one of Google’s US-based servers and truncated there. The IP address initially transferred by your browser and then truncated in the context of Google Analytics will not be linked with other Google data. On behalf of the website provider, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services related to website activity and internet usage to the website provider. Google Analytics cookies and the data collected through them are deleted after a maximum of 26 months.
We use Google Analytics in order to analyse the use of our website and make routine improvements. Using the statistics provided, we are able to improve our website content and make it more interesting for you as the user. For the exceptional cases in which personal data is transferred to the United States, an adequate level of data protection is guaranteed because Google is certified under the EU-US Privacy Shield (list available at https://www.privacyshield.gov/list). It is in our legitimate interests to use these cookies in order to make our website as attractive and user-friendly as possible and develop it accordingly (Art. 6 para. 1 lit. f GDPR). You may block the use of cookies or this service through your browser settings and browser add-ons (e.g. “uBlock origin” or “AdBlock plus”).

Information on the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Privacy policy: https://www.google.de/intl/de/policies/privacy; overview of data protection: https://www.google.com/intl/de/analytics/learn/privacy.html; terms of service: https://www.google.com/analytics/terms/de.html

5. eTracker

Furthermore, this website uses eTracker GmbH technologies (https://www.etracker.com/) for web analysis. The data is processed by eTracker for marketing and optimisation purposes. User profiles are generated from this data under a pseudonym in order to analyse user behaviour on our website with the aim of improving the content for you and making the site more interesting and user friendly. The pseudonymised, analysed data is permanently stored.
For this purpose, eTracker uses long-term cookies (“persistent cookies”) that remain on your device and make it possible to recognise your browser on your next visit. The cookies are automatically deleted after a pre-defined period.
The data collected by eTracker will not be used to personally identify the website visitor without the explicit consent of the person concerned, nor shall it be combined with the personal information on the bearer of the pseudonym.

It is in our legitimate interests to use these cookies in order to make our website as attractive and user-friendly as possible and develop it accordingly (Art. 6 para. 1 lit. f GDPR). You may block the use of cookies or this service through your browser settings and browser add-ons (e.g. “uBlock origin” or “AdBlock plus”). You can prevent the processing of your data in the future by clicking on the following link: http://www.etracker.de/privacy?et=jLs. When you click on the link, an opt-out cookie is installed on your device. If you delete your cookies, you will have to click on the link again if you do not want your data to be processed by eTracker.

Information on the third-party provider: etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg. Privacy policy: https://www.etracker.com/de/datenschutz.html.

6. Google Ad Services and DoubleClick

Furthermore, after your visit to our website, we use the IDE cookie from Google to take advantage of the opportunity to show you even more targeted advertising based on your interests. For this purpose, we set a long-term cookie that saves information on which of our products you are interested in. You can delete this cookie manually:
https://adssettings.google.com/authenticated
It is in our legitimate interests to use these cookies in order to make our website as attractive and user-friendly as possible and develop it accordingly (Art. 6 para. 1 lit. f GDPR). You may block the use of cookies or this service through your browser settings and browser add-ons (e.g. “uBlock origin” or “AdBlock plus”).

7. Google WebFonts

Our website uses Google WebFonts, a service that is made available to us by Google, Inc. This service enables us to provide you with a uniform, visually appealing website using the associated font library. This is done by loading and subsequently displaying the fonts used on this website through the browser you are using.
According to our information, the browser you use establishes a connection to the servers of our service provider, and the information is recorded that our website was accessed with the IP address you used. It is possible that, in this context, your IP address will also be transmitted to the United States. The certification of our service provider under the EU-US Privacy Shield ensures an adequate level of data protection (list available at https://www.privacyshield.gov/list).
A uniform and visually attractive design of our website is in our overriding, legitimate interests (Art. 6 para. 1 lit. f GDPR). Through this service, no user analysis is performed, and no user profile is created; your IP address is used exclusively for the targeted transmission of fonts.
Information on the third-party provider Google WebFonts: https://fonts.google.com/about

7a. Other Connections to Servers
For the programming of our website, we use program parts that offer standardised functionalities and designs. These include in particular the handling of error messages (error logging) in the programming. These are reloaded by means of a direct connection between your browser and these services. For the establishment of this connection to the service provider , an analysis of our website, along with your IP address, is transferred.
A functional, safe and visually attractive design of our website is in our overriding, legitimate interests (Art. 6 para. 1 lit. f GDPR). Through this service, no user analysis is performed, and no user profile is created; your IP address is used exclusively for the targeted transmission of fonts.

7b. PayOne
Your payment and credit card information from our web shop is neither collected nor stored by Croozer GmbH. For the payment processing and management of the credit card, Sofortüberweisung and PayPal payments, we use services provided by BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt am Main. Our payment service is certified by PCI DSS for the provision of data security. PCI DSS is short for “Payment Card Industry Data Security Standard”, an information security standard based on the Visa AIS (Account Information Security) program and MasterCard SDP (Site Data Protection) program, and therefore meets the most stringent requirements for the secure handling and storage of credit card data.
The transfer of the data to PayOne is required for the processing of the order and is therefore permissible according to Art. 6, para. 1 lit. b of the GDPR. Your data will be deleted at the end of the retention period required by law.

7c. Trusted Shops
Provided that you have given us your explicit consent by ticking the respective box or clicking on the respective button during or after the ordering process (“Rate Later”), we will forward your email address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne, Germany (www.trustedshops.de), so that this company can send you an email reminder with the option for rating your purchase. The legal basis for this is Art. 6 para 1 lit. a of the GDPR.
This consent can be withdrawn at any time by sending a message to Trusted Shops at datenschutz@trustedshops.de.

8. Dealer Section

We have a dealer section on our website for the dealers with whom we work and the dealers who are interested in working with us. The dealer section can also be reached via our website. From the dealer section, it is possible to reach us via a contact email and to subscribe to our newsletter.


a. Form for New Dealers
At https://www.croozer.com/de-DE/haendler-bereich, interested dealers can find a form that they can fill out and return to us via email or fax. In order to get to know your business better, we ask for further information: e.g. information on your business (including the billing and shipping address and details about the branches where products should be sent, on the distribution channels (stationary and online), on the products you sell and on sales figures), on the owner of the business and on communication (contact persons).

The processing of your personal data is required in this context in order to take steps at your request prior to entering into a contract and – if a contract with you is concluded – for the fulfilment of the contract between you and Croozer GmbH (Art. 6 para. 1 lit. b of the GDPR). For us, it is important that the respective contact persons can be quickly and easily reached; the processing of the personal data of your employees (whom you can name as contact persons) is performed on the basis of overriding, legitimate interests (Art. 6 para. 1 lit. f GDPR).
The data will be stored for the duration of the contractual relationship with Croozer GmbH and subsequently for the retention period required by law; when changes are made to the information (e.g. on the owner or the contact persons), the old information will be deleted. If no partnership results, then the data will be deleted in accordance with the retention period required by law.

b. Dealer Contact Form
In addition, our dealers have the possibility to contact us via a dealer contact form. This form can be opened in the dealer section; it is also possible to open the form on the website https://www.croozer.com/de-DE/ (via “Contact”) (you are then redirected to the respective page).
The required fields on this form are your message, the subject of your message, your title, your surname/company, the address of your company and the email address of your company. You can voluntarily provide your first name, additional names/company names and telephone and fax numbers. We only process your data as required to answer your inquiry. After we have responded to your inquiry, this data will be deleted insofar as there is no retention period required by law.
We need the data in order to quickly forward your inquiry to the responsible employee at our company so that your inquiry can be answered without delay. In this sense, the data provided by you is processed on the basis of overriding, legitimate interests (Art. 6 para. 1 lit. f GDPR).

c. Newsletter
After a dealer agreement has been concluded, our dealers have the opportunity to subscribe to our email newsletter in order to stay up to date on news from our company. For this purpose, we will ask you for your email address. You can also voluntarily provide us with your first name and surname (as well as title) if you would like the newsletter to be personally addressed to you. We use the data that you provide to us for the newsletter subscription exclusively for the purpose of sending you the newsletter. In this context, we work with an external service provider for the technical implementation: CleverReach GmbH & Co. KG, Mühlenstr. 43 26180 Rastede, Germany. This company has been carefully selected and contracted to us in accordance with data protection law.
Prior to the first newsletter, we require your consent (Art. 6 para. 1 lit. a of the GDPR). You can withdraw your consent at any time by using the unsubscribe link included in every newsletter. For this purpose, simply use the unsubscribe function in the newsletter or contact us directly using the contact details provided above.

9. Making Contact: Email Function

On various sub-pages, we offer you the opportunity to make direct contact with us or our dealers via email. If you click on one of the email addresses with coloured letters, your email program will open, and you can send an email to the respective email address, which will be automatically inserted into the “to” field. We have no influence on the data processing by the email program of your respective provider; we only provide a link to your email program.
We will use information that you send us via email exclusively for processing your inquiry; this information will be deleted as soon as the communication is completed, unless a certain retention period is required by law. This processing of the information you send to us is in our legitimate interests (Art. 6 para. 1 lit. f GDPR).

10. Online Shop

In addition to the purely informational use of our website, you can also order our products online (only on https://www.croozer.com/de-DE/) if you wish to do so. For this purpose, there is an online shop solely for end consumers www.croozer.com, for which the terms and conditions apply to consumers; there is a separate online shop for dealers that is exclusively accessible on the basis of a dealer agreement through an account area with restricted access. In order to process an order, we require additional personal data from you. This data is only collected, stored and processed if you share it with us in the context of your product order. The data in fields marked with an asterisk (title, first name, surname, address, email address) is required for processing an order.

We use the data you have provided without your separate consent exclusively for the purpose of fulfilling and processing your order. On a case-by-case basis, we use your email address to contact you should special situations arise (e.g. late payment) in the processing of your order. The legal basis for the processing of this data is Art. 6 para 1 lit. b of the GDPR. Upon complete fulfilment of the contract and full payment of the purchase price, your personal data will be blocked from further usage and erased upon expiry of the retention periods stipulated by applicable tax and commercial law provisions (10 years for billing-relevant data), provided that you have not expressly agreed to the further use of your data.

Under no circumstances will the collected data be sold or passed on to third parties without user consent or legal authorisation. Without the involvement of third parties (in compliance with data protection law), it would not be possible for us to process your order. Therefore, we work with various third parties, in particular:

• with external service providers who provide technical support for the delivery of our products and services, and who have been carefully selected and contracted to us in accordance with data protection law,
• with postal service providers, who are involved with the processing of your order (shipping), and
• with payment service providers for the processing of your payment in cooperation with the certified payment provider BS PAYONE (see above), depending on the payment type you select, e.g. with banks, giroPay, Sofortüberweisung and PayPal (see below for more information on this special case).

We would like to provide you with more detailed information on the processing of data in connection with the following services:
PAYPAL
Our customers can make direct payments through the company PayPal, with headquarters in Luxemburg, via their PayPal account. For the processing of these order payments, PayPal requires information like your name or address, your email address and the items purchased, along with the amount to be paid. PayPal receives some of this information from us through the transfer of your order data and the remaining information directly from you, through the required data that you have stored in your PayPal account.
We do not know how PayPal handles your data. The handling of data by PayPal is covered by the existing contract between you and PayPal. The current privacy policy for PayPal can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
You are free to choose this payment service and not required to do so. If you choose to make your payment via PayPal, the transfer of the order data to PayPal is required for the processing of the order and is therefore permissible according to Art. 6, para. 1 lit. b of the GDPR.

11. Google Maps

We use Google Maps in order to show you our location, as well as the locations of our partners. We have embedded Google Maps into our website so that we can show the corresponding maps directly on our website. As a result, you can see the locations of nearby dealers at a glance. In this context, the application may request location data from your device; you can block this information in your browser settings.
Google Maps is a service that is offered by Google, Inc. By clicking on the map itself (e.g. if you access information on a dealer), you can open an external window where the Google Maps services are available (including route planning). You can also view the location of our company via the German version of our homepage (by clicking on “Croozer Store”) in an external field if you click on the corresponding field (on “Auf Google Maps anzeigen”).
Through your visit to our website, Google receives information.

More information on Google can be found above under “Google Analytics”.

The embedding of maps enables us to make our services more attractive and interesting for you and is therefore in our overriding, legitimate corporate interests (Art. 6 para. 1 lit. f GDPR).

12. Data Security

In order to ensure the highest possible level of protection for your personal data, we have implemented technical and organisational security measures using SSL/TLS encryption (https standard). These measures serve to ensure a risk-appropriate level of protection taking into account the current state of technology.

13. Data Subject Rights

If personal data related to you as a natural person is processed, you have a number of data-protection rights that we are responsible for upholding. In accordance with Section 34 of the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and Article 15 of the GDPR, you have the right to obtain information about your personal data that is being stored and its source, the recipients or categories of recipients to whom the personal data has been disclosed and the purpose of its storage.
Furthermore, you also have the right (as per Section 35 BDSG and Articles 16-18 GDPR) to the rectification, erasure or restriction (of the processing) of your personal data. In addition, you can request the transmission of your data to another controller in accordance with Article 20 of the GDPR.

You can also object to the further processing of your data if we process your data for the purposes of a legitimate interests (Art. 6 para. 1 lit. f GDPR). If we are not processing your data for advertising purposes, you can only object for reasons arising from your personal situation. As of the date on which you exercise this right to object, we will stop processing your personal data until your objection has been reviewed. If the review reveals that your objection is justified, we will delete the data (Section 36 BDSG, Article 21 GDPR).

You can withdraw your consent to the processing of your personal data (Art. 6 para. 1 lit. a GDPR) at any time; in such cases we will no longer process your personal data unless we are permitted to do so by law.

An objection or withdrawal of consent does not affect the admissibility of the processing up to the time of the objection or withdrawal of consent.
We will act to uphold your rights free of charge and without delay. Please use the contact details provided at the beginning of this privacy policy to contact us or our data protection officer in order to exercise your rights.
Lastly, you have the right to complain to the competent supervisory authority in accordance with Art. 77 of the GDPR.

Contact information for the competent supervisory authority:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44, 40102 Düsseldorf, Germany
Tel.: +49 (0) 211/38424-0 Fax: +49 (0) 211/38424-10 Email: poststelle@ldi.nrw.de

Information on Data Protection According to Art. 13 GDPR

For the processing of applicant data

Submitted application documents and other data collected in the context of the application process that can be used to personally identify you as the applicant are considered protected personal data in the sense of Art. 4 para. 1 of the General Data Protection Regulation (EU) 2016/679 (GDPR). In this text, we provide you with detailed information on the processing of your applicant data in accordance with Art. 13 of the GDPR.
Our company processes your personal data exclusively in accordance with data protection law, in particular the GDPR and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). Under applicable data-protection legislation, your personal data may only be collected, stored, disseminated or used (data processing, Art. 4 para. 2 GDPR) with your express consent (Art. 6 para. 1 lit. a, in conjunction with Art. 7 GDPR) or if a legal provision expressly permits or requires us to do so. In particular, the processing of your personal data is lawful if necessary for deciding whether to establish an employment relationship or, after the employment relationship has been established, to conduct or terminate the contractual relationship (Section 26 para. 1 BDSG, Art. 6 para. 1 lit. b GDPR ). The same applies if the data processing is necessary for purposes other than the employment relationship for safeguarding the legitimate interests of the controller and there is no reason to believe that these interests are overridden by your legitimate interests (as the data subject) for excluding the processing or use of the data (Art. 6 para. 1 lit. f GDPR).

Responsibility and Contact Person

The “controller” (as per Art. 4 para. 7 GDPR) responsible for the processing of your personal data in the context of the employment relationship, including the application process is:

Croozer GmbH
Personalabteilung (HR Department)
Oskar-Jäger-Straße 125
50825 Cologne
Germany
Telephone: +49 (0) 221-9514700
Email: bewerbung@croozer.com
Managing directors: Andreas Gehlen, Hanna Gehlen, Markus Krill

If you have any questions concerning data protection at Croozer GmbH, please feel free to contact our Data Protection Officer at any time: Croozer GmbH, - Data Protection Officer -, Oskar-Jäger-Str. 125, 50825 Cologne, Germany, datenschutz@croozer.com

Personal Data and Purposes of Processing

1. Application for an advertised position

In order to apply for a certain position, you need to provide us with information on your personal profile and qualifications through the customary, informative application documents. We receive applications regularly at the email address bewerbung@croozer.com. This email address is only accessible by the Human Resources Department and – for technical reasons – the IT Administration. In general, we will also confirm the receipt of your application. This confirmation is routinely sent via email. We communicate with you via secure and encrypted email connections (TLS).

We will only use the information found in your application documents for making hiring decisions related to the position(s) for which you have explicitly applied. For this purpose, we will assess your application documents in the Human Resources Department, and then, if after the initial review process you are selected as a potential candidate for the position to be filled, these documents will be made available to the company employees who will take part in the respective decision-making process, including the managing directors. In addition, we process your application documents electronically in our email system and store them on our server as a PDF document in a protected file to which only the Human Resources Department and – for technical reasons – the IT Administration have access; we make the data available to the other employees involved in the hiring process via a file on our server with restricted access. If necessary, we additionally use printouts and copies (on paper). During the application process we may collect additional personal data from you personally, from generally accessible sources or from former employers and education providers, for these information purposes. The legal bases for the processing of your personal data are Art. 6 para. 1 lit. b of the GDPR and Section 26, para. 1 of the BDSG.

If you are not hired at the end of the application process, we will delete and destroy all of your application data within six months after you have conclusively rejected our job offer or we have conclusively rejected your application.
If you are hired at the end of the application process, we will – in accordance with Art. 6 para. 1 lit. b of the GDPR and Section 26 para. 1 of the BDSG – add your application documents to your personnel file because it contains information about your personal profile and qualifications that may be necessary for the purpose of executing the employment relationship. In addition, your application documents will be stored on our server in the employee file, to which only the Human Resources Department, the managing directors and – for technical reasons – the IT Administration have access. Additionally, a printout will be placed in the respective paper file and stored in a locked cabinet in the Human Resources Department. Your application documents will be deleted three years after the termination of the employment relationship.

2. Unsolicited Applications

If you send us an unsolicited application that makes no reference to a specific position, we may use your application documents in the context of hiring decisions for any potentially suitable job vacancy. For this purpose, we will first review your application documents in the Human Resources Department and then send them via email to the heads of the departments where there may be a suitable job vacancy for you in the future.

In all cases, we process your application documents electronically in our email system. Additionally, for the continued application process, we store interesting applications on our server as PDF documents in a protected file to which only the Human Resources Department and – for technical reasons – the IT Administration have access; we make the data available to the other employees involved in the hiring process via a file on our server with restricted access. If necessary, we additionally use printouts and copies (on paper).

As soon as your application documents are reviewed in the context of an application process, we may collect additional personal data from you personally, from generally accessible sources or from former employers and education providers for the purpose of obtaining more detailed information about your personal profile and qualifications. Your application data will be duly deleted and destroyed within one year after the receipt of your application, but not until all application processes involving your application documents have concluded or until six months after you have conclusively rejected a job offer from our company or if we have conclusively rejected your application.

These time limits do not apply if you have given your concrete and voluntary consent for a longer period of storage for your data.

If you are hired at the end of the application process, we will – in accordance with Art. 6 para. 1 lit. b of the GDPR and Section 26 para. 1 of the BDSG – add your application documents to your personnel file because it contains information about your personal profile and qualifications that may be necessary for the purpose of executing the employment relationship. In addition, your application documents will be stored on our server in the employee file, to which only the Human Resources Department, the managing directors and – for technical reasons – the IT Administration have access. Additionally, a printout will be placed in the respective paper file and stored in a locked cabinet in the Human Resources Department. Your application documents will be deleted three years after the termination of the employment relationship.

Our Cooperation with Third-Party Companies

Like other companies, we too benefit from the advantages of a society and business community that is based on the division of labour. In the area of data processing, this means that we do not perform all data processing activities on an in-house basis. Some activities are performed by external service providers:

  • Career platforms: In order to find you, we also advertise our job vacancies on external career platforms, such as the German employment office (Agentur für Arbeit) or Stepstone. If you apply for a job through one of these platforms, the platform will send us your documents where appropriate. No further collaboration takes place.
  • External (IT) service companies that, as so-called “data processors”, have concluded contracts with us in which they undertake to process data strictly in accordance with our specifications and instructions and to take comprehensive technical and organisational measures to protect this data.
  • External (IT) service companies that work for us under their own responsibility and are contractually obliged to take technical and organisational measures to protect data.

Your Data-Protection Rights and the Responsibilities of Those Who Hold and Process Your Personal Data

If we process your personal data, you have a number of data-protection rights that we are responsible for upholding. You have the right

  • to obtain information about your personal data that is being stored and its source, the purpose of the processing and the recipients or categories of recipients to whom the personal data has been disclosed (Art. 15 GDPR, Section 34 BDSG),
  • under certain circumstances to request the rectification, restriction of processing or erasure of your personal data by us (Articles 16–18 GDPR, Section 35 BDSG),
  • to request the transmission of your data to another controller (Article 20 GDPR) and
  • to lodge a complaint with us or the competent supervisory authority about the processing of your personal data (Article 77 GDPR).

You can also object to the further processing of your data if we process your data for the purposes of a legitimate interest (Art. 6 para. 1 lit. f GDPR). Since we do not process your data for advertising purposes, you can only object for reasons arising from your personal situation. As of the date on which you exercise this right to object, we will stop processing the personal data to which your objection refers until your objection has been reviewed. If the review reveals that your objection is justified, we will delete the data (Section 36 BDSG, Article 21 GDPR).

You can withdraw your consent to the processing of your personal data (Art. 6 para. 1 lit. a GDPR) at any time; in such cases we will no longer process your personal data unless we are permitted to do so by law.

A justified objection or withdrawal of consent does not affect the lawfulness of processing up to the time of the objection or withdrawal of consent.

We will act to uphold your rights free of charge and without delay. Please use the contact details provided to contact us or our data protection officer in order to exercise your rights or obtain clarification on any other issue.

For complaints that fall under Art. 77 of the GDPR, please contact the competent supervisory authority using the contact details provided above.

Select your country

We've a couple of stores, please select the country where you want to buy here.

Croozin’