Skip to content

GDPR

Website data protection statement and information for data subjects pursuant to Articles 13 and 14 of the EU General Data Protection Regulation(GDPR)

 

General Information

Data Controller & Contact Information

The data controller for the Website is Glatfelter Corporation, Thomas Fahnemann, CEO, Capitol Towers South, 4350 Congress Street, Suite 600, Charlotte, NC 28209 USA, Info@glatfelter.com, www.Glatfelter.com, Tel:  +1-866-744-7380, +1-717-850-0170

Please contact our Legal Department if you have any questions about our policy and privacy practices:

Glatfelter Legal Department
Capitol Towers South
4350 Congress Street, Suite 600
Charlotte, NC 28209 USA
Email:GeneralCounsel@glatfelter.com
Telephone: +1-717-225-2066

German Entities

Glatfelter Berlin GmbH
MD:  Peter Hettesheimer
Jägerstrasse 58-60
10117 Berlin, Germany

Glatfelter Dresden GmbH
MD:  Peter Hettesheimer, Robert Somers
Pirnaer Strasse 31-33
01809 Heidenau, Germany
Phone: +49-03529-554-0

Glatfelter Falkenhagen GmbH
MD:  Peter Hettesheimer, Robert Somers
Gewerbepark Prignitz/Falkenhagen
Rolf-Hövelmann-Strasse 10
16928 Pritzwalk, Germany
Phone: +49-3-39-86-69-0

Glatfelter Gernsbach GmbH
MD: Peter Hettesheimer, Robert Somers
Hördener Strasse 3-7
76593 Gernsbach, Germany
Phone: +49-7224-66-0

Glatfelter Services GmbH
MD:  Peter Hettesheimer, Peter Straub
Hördener Strasse 3-7
76593 Gernsbach, Germany

Glatfelter Steinfurt GmbH
MD:  Peter Hettesheimer, Robert Somers
Dieselstrasse 16
48565 Steinfurt, Germany
Phone: +49-2551-1400

Specific information about the website

Website Log Files

When you visit the Glatfelter website, your browser transmits certain data to our web server for technical reasons. The following data are recorded during an ongoing connection for communication between your internet browser and our web server:

  • Date and time of your request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • Type and version of the browser and the operating system you use
  • Full IP address of the requesting computer
  • Quantity of data transferred

For reasons of technical security and to prevent cyber attacks on our web server, we store this data for a short period of time. It is impossible to discern the identity of individual person(s) based on this data. After a short period, the data is anonymized by shortening the IP address at the domain level, so it is no longer possible to establish any reference to an individual user(s). The anonymized data will be processed for statistical purposes. We do not compare, share, or forward data to third parties and/or databases, even in excerpts.

We use our own cookies to display the website’s content

The Glatfelter website uses its own cookies to store the settings required to display the content of this website (cookies are data records sent by the web browser to the user’s browser where they are stored for later retrieval). Our cookies do not store any personal data. You can prevent the use of cookies if you prohibit your browser from storing them.

Please see more information about our use of cookies https://www.glatfelter.com/cookie-declaration/.

 

Information about other data processing procedures/information for data subjects pursuant to Articles 13 and 14 of the EU General Data Protection Regulation(GDPR) for all Glatfelter EU entities. Enclosed you find:

General data processing information

Affected data:

Personal data is only collected if the user provides consent.  Otherwise, no personal data is collected.  Any processing of your personal data that goes beyond the scope of the statutory permission is only possible on the basis of your express consent.

Processing purpose: Contract execution.
Categories of recipients: Public authorities in the event of priority legislation.
External service providers or other contractors.
Other external bodies in so far as the data subject has given their consent or a transmission is permitted due to a prevailing interest.
Third-country transfers: As part of contractual execution, processors could also be used outside the European Union.
Duration of data storage: The duration of data storage depends on the statutory storage requirements and is usually 10 years.

Specific information about the application process

Affected data: Application information.
Processing purpose: Implementation of application process.
Categories of recipients: Public authorities in the event of priority legislation.
External service providers or other contractors.
Other external bodies in so far as the data subject has given their consent or a transmission is permitted due to a prevailing interest.
Third-country transfers: As part of contractual execution, processors could also be used outside the European Union.
Duration of data storage: Application data will generally be deleted within four months after communication of the decision, unless consent has been given for a longer period of data storage.

 

Specific information for the processing of customer data/prospective parties’ data

Affected data: Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.
Processing purpose: Contract execution.
Categories of recipients: Public authorities in the event of priority legislation.
External service providers or other contractors.
Other external bodies in so far as the data subject has given their consent or a transmission is permitted due to a prevailing interest.
Third-country transfers: As part of contractual execution, processors could also be used outside the European Union.
Duration of data storage: The duration of data storage depends on the statutory storage requirements and is usually 10 years.

 

Specific information on the processing of employee data

Affected data: Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.
Processing purpose: Contract execution.
Categories of recipients: Public authorities in the event of priority legislation.
External service providers or other contractors.
Other external bodies in so far as the data subject has given their consent or a transmission is permitted due to a prevailing interest.
Third-country transfers: As part of contractual execution, processors could also be used outside the European Union.
Duration of data storage: The duration of data storage depends on the statutory storage requirements and is usually 10 years.

 

Specific information for the processing of supplier data

Affected data: Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.
Processing purpose: Contract execution.
Categories of recipients: Public authorities in the event of priority legislation.
External service providers or other contractors.
Other external bodies in so far as the data subject has given their consent or a transmission is permitted due to a prevailing interest.
Third-country transfers: As part of contractual execution, processors could also be used outside the European Union.
Duration of data storage: The duration of data storage depends on the statutory storage requirements and is usually 10 years.

 

Specific information on using video conference/webinar software

Affected data: Data communicated when using video conference software/webinar software (especially first name, last name, email address; optional: audio transmission data; optional: video transmission data; optional: use of chat function); this data is required to establish a connection with the provider of the conference software/webinar software.
Processing purpose: Conducting video conferences/webinars.
Categories of recipients: Public agencies where priority legal provisions exist. External service providers or other contractors, e.g., for data processing and hosting. Other external bodies insofar as the data subject(s) have given their consent or transmission due to a prevailing interest.
Third-country transfers: For contract processors outside the European Union (in this case: the United States of America); the appropriate standard contract clauses have been concluded with the service provider.
Duration of data storage: Video conferences can only be recorded if participants have provided documented consent in advance. The technical data will be deleted if they are no longer required. The duration of data storage depends on the statutory storage requirements and is usually 10 years.

 

Further information and contacts

You may invoke your rights to correction or deletion at any time, to restrict processing, to object to processing, and to data portability.  You also have the right to contact the responsible data protection supervisory authority for complaints.

Contact Information:

Email: GeneralCounsel@glatfelter.com

Mail:

Glatfelter Legal Department
Capitol Towers South
4350 Congress Street, Suite 600
Charlotte, NC 28209 USA