Privacy policy

1. Data protection at a glance

General information

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data are all data from which you can be personally identified. Detailed information about data protection can be found in the privacy policy set out below.

Data collection on our website

Who is responsible for data collection on this website?
Data processing on this website is done by the website operators. The contact information for the website can be found in the legal disclosure section of this website.

How do we collect your information?

Your data is collected when you communicate it to us. This may be data that you enter in a contact form, for example. Other data are collected automatically by our IT systems when you visit our website. The data collected is mainly technical data (e.g. Internet browser, operating system and the time the page was accessed). The collection of this data happens automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure the website is available and fully functional.

What rights do you have regarding your data?

You have the right at any time to be informed free of charge about the origin, recipient and purpose of your stored personal data. You also have a right to demand the rectification, re-striction or erasure of these data. For further information about these and any other questions on the subject of data protection, you can contact us at any time at the address given in the legal disclosure. You also have a right of complaint to the competent supervisory authority.

2. General information and mandatory information


This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose data collection takes place. We would like to point out that data trans-mission on the Internet (e.g. communication by e-mail) can have security vulnerabilities. Com-plete protection of data against access by third parties is not possible.

Information about the data controller

The data controller responsible for data processing on this website is:

BF Engineering Data Protection Officer
Wallensteinstraße 5
82538 Geretsried

Tel.: +49 (0) 8171-3447-60


Our website contains links to other websites (links). Should you follow such a link, you are leaving our web presence and visiting another site, whose content is outside of our area of control. When you visit the new website, the data protection provisions of the website which you have accessed apply. These may differ from the data protection provisions of our website. Please familiarise yourself with the data protection provisions of the third-party website.

SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries, that you send to us as the website opera-tors. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser bar. When SSL or TLS encryption is activated, the data that you send to us cannot be read by third parties.

Server log files

The provider of the pages automatically collects and stores information in server log files, which your browser automatically transmits to us. This information comprises: Browser name and version, operating system used, referrer URL, hostname of the accessing computer, time of the server request, IP address. These data are not combined with data from other data sources.

The data is stored for reasons connected to technical security in order to prevent attempted attacks against our server. The processing is based on Art. 6 (1) lit. f GDPR.

The personal data collected on our website is stored on the servers of our external hoster. Our hoster processes your data only insofar as this is necessary for the fulfilment of its service obligations and in accordance with our instructions.

Use of cookies

It is possible for us to deposit so-called “cookies” on your computer when you visit our website. Cookies are text files which are received by your Internet browser, and which are stored on your computer.

You can prevent the saving of cookies by setting your browser software accordingly. However, we wish to point out that in such a case, you may not be able to fully use all functions of this website.

There is a difference between so-called session cookies and analysis cookies. Below, you will find an explanation of these types of cookies.

Cookies which are essential for the operation of the website, as otherwise the functionality of the website can be restricted, or parts of the website will not work (necessary session cookies).

Cookies which serve the purpose of analysing user behaviour on the website in order to obtain information concerning number of visitors and to improve the website.

Getting in touch

If you send us enquiries on our contact form, your information from the enquiry form, including the contact data you provide there, are stored on our systems for the purpose of processing your enquiry and in case of follow-up questions.

The data processing is based on Art. 6 (1) lit. f GDPR if processing is necessary for the pur-poses of the legitimate interests pursued by our company. If the processing is necessary for the performance of a contract or for pre-contractual measures, the processing is based on Art. 6 (1) lit. b GDPR. Your data will be deleted after final processing of your request, provided that there are no legal obligations.

Jobs and Applicant data

We process the data you have sent us in connection with your application to assess your suitability for a position (or other open positions in our company, if applicable) and to carry out the application process.

The legal basis for processing your data is primarily Art. 88 GDPR and § 26 BDSG as well as, if applicable, Art. 6 (1) lit. b GDPR for initiating a contractual relationship. According to this, the data processing is allowed if this is necessary to establish an employment contract.

Furthermore, data can be processed based on our legitimate interest according to Art. 6 (1) lit. f GDPR to defend our company against legal claims.

If you give us express consent to process personal data for specific purposes, the processing is based on Art. 6 (1) lit. a GDPR.

We process your personal data as long as this is necessary for the establishment of the em-ployment contract or for a legal requirement. Data of applicants will be deleted after six months in the event of rejection. If you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted if it is no longer relevant for open positions in our company.

Data transfer to third countries

We use services from providers based in the USA. We would like to point out that the USA has been assessed as a country with an insufficient level of data protection according to EU stand-ards by the European Court of Justice.

Our contracts with these service providers incorporate the so-called EU standard contractual clauses. With reference to the EU standard contractual clauses, we consider the level of pro-tection to be adequate.

Wordfence Security

We use “Wordfence Security” to secure our website. The provider is Defiant Inc., 800 5th Ave., Suite 4100, Seattle, WA 98104, USA.

The use is based on our legitimate interests according to Art. 6 (1) lit. f GDPR to protect against brute force and DDoS attacks. In order to recognize whether the visitor is a human or a robot, the plugin uses Cookies. The IP addresses are stored on Wordfence servers in the USA.

More information on the collection and use of data by Wordfence Security can be found in Defiant’s privacy policy:

Rights of the Data Subject

You have the right pursuant to Art. 15 GDPR to obtain information about your personal data processed by us.

According to Art. 16 GDPR you have the right to obtain the rectification of inaccurate personal data without undue delay or the completion of your personal data stored with us.

You have the right pursuant to Art. 17 GDPR to obtain the erasure of your personal data stored with us and pursuant to Art. 18 GDPR you have the right to obtain the restriction of the pro-cessing of your personal data.

Pursuant to Art. 20 GDPR you have the right to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller.

According to Art. 7 (3) GDPR you have the right to withdraw the consent given to us at any time. This means that in future we may no longer continue to process the data as based on this consent.

When your data is processed based on Art. 6 (1) lit. f GDPR, you have the right to objected to processing pursuant to Art. 21 GDPR.

To exercise your rights, please contact our data protection officer. He is listed at the end of the privacy policy.

You have the right pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. The address of the data protection supervisory authority which has jurisdiction over us is:

Data Protection Authority of Bavaria:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach

Changes to the data protection declaration

We reserve the right to alter the data protection declaration, to adjust it to changing legal posi-tions, or in case of changes to the service or data processing.

Data protection queries and information

Should you have any questions concerning the gathering, processing, saving and deletion of your personal data, please do not hesitate to get in touch.

Should you wish to know what data concerning you is saved by us, please feel free to contact us.

ComFor-IT® oHG
Data protection
Bahnhofstraße 6
84405 Dorfen
Tel: 08081-60499-50