Skip to main content
Ypek GmbHYPEK platform

Privacy policy

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is: Ypek GmbH Max-Planck-Ring 25b 46049 Oberhausen Germany Phone: +49 208 2993100 Email: info@ypekgmbh.de

2. General information on processing

We process personal data only insofar as this is necessary to provide a functional website and our content and services, you have consented, or a legal provision permits or requires it. Personal data means any information relating to an identified or identifiable natural person (e.g. name, email address, IP address).

3. Hosting, website provision & server log files

When you access this website, the hosting provider or web server automatically collects information in server log files (e.g. browser type and version, operating system, referrer URL, hostname, time of the server request, IP address). Processing serves to establish a stable connection, system security and stability, and technical administration. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in secure provision of our online service). Log files are deleted after no more than 7 days unless longer retention is required for security reasons.

4. Contact by email or phone

If you contact us by email or phone, we process the data you provide (e.g. email address, phone number, message content) to handle your enquiry and any follow-up questions. The legal basis is Art. 6(1)(b) GDPR if your enquiry relates to pre-contractual steps or a contract, otherwise Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries). Data are deleted when no longer needed for the purpose unless statutory retention periods apply.

5. Applications & careers

If you apply online or by email, we process the application documents you submit (e.g. CV, cover letter, certificates) to conduct the recruitment process. The legal basis is Section 26 BDSG (German Federal Data Protection Act) as applicable and/or Art. 6(1)(b) GDPR (pre-contractual measures). Application documents are usually deleted no later than six months after the process ends unless longer retention is required on the basis of consent or legitimate interest (e.g. defence of claims).

6. Cookies & local storage

This website may use technically necessary cookies or similar technologies required to operate the site (e.g. language preference, session handling). Processing is based on Art. 6(1)(f) GDPR and/or Section 25(2)(2) TTDSG (German Telecommunications Telemedia Data Protection Act). Where we use consent-based cookies or analytics tools, processing is based on your consent pursuant to Art. 6(1)(a) GDPR in conjunction with Section 25 TTDSG. You may withdraw consent at any time with effect for the future.

7. Recipients & processors

We may use service providers (e.g. hosting, IT maintenance, email) who act as processors under Art. 28 GDPR. We conclude data processing agreements with them and ensure an appropriate level of data protection.

8. Transfers to third countries

If data are transferred to countries outside the EU/EEA, this is done only if an adequacy decision of the EU Commission exists or appropriate safeguards are in place (e.g. EU Standard Contractual Clauses) and your rights remain enforceable.

9. Storage period

We store personal data only as long as necessary for the respective purposes or statutory retention periods (e.g. commercial or tax law) require. After that, data are routinely deleted or anonymised.

10. Your rights

Subject to legal requirements, you have the right to: • Access to the personal data we hold about you (Art. 15 GDPR) • Rectification of inaccurate data (Art. 16 GDPR) • Erasure (Art. 17 GDPR) • Restriction of processing (Art. 18 GDPR) • Data portability (Art. 20 GDPR) • Object to processing (Art. 21 GDPR) To exercise your rights, contact us at info@ypekgmbh.de.

11. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority about our processing of personal data. In North Rhine-Westphalia, the competent authority is the State Commissioner for Data Protection and Freedom of Information (LDI NRW): https://www.ldi.nrw.de/

12. SSL/TLS encryption

This site uses SSL or TLS encryption for security and to protect the transmission of confidential content. You can recognise an encrypted connection by the browser address line changing from "http://" to "https://" and by the lock icon in your browser bar.

13. Changes to this privacy policy

We may update this privacy policy to reflect legal requirements or changes to our services. The version published on this page at the time of your visit applies.

Last updated: April 2026