Beleid inzake gegevensbescherming

(hereafter “Data protection policy“)


This Privacy Policy pertains to users (“you” or “your”) residing in the European Economic Area (EEA) who access or use this Website. If you are residing in the United States, please view our US Privacy Policy.

We are pleased that you are visiting our website and thank you for your interest in our company and our services. It is important for us to protect your privacy when you use our website.

Als de verwerkingsverantwoordelijke in de zin van de Europese gegevensbeschermingswetgeving van de website

(hiernaook “website“),

Willen wij

Aleris Corporation
25825 Science Park Drive, Suite 400
Beachwood, Ohio, 44122


(hiernaook “wij” of “Aleris“)

u navolgend informeren over de verwerking van uw persoonsgegevens en uw rechten als betrokkene als u de website gebruikt

Indien in bepaalde gevallen dochterondernemingen van Aleris Corporation in de EU in de zin van de Europese gegevensbeschermingswetgeving de verwerkingsverantwoordelijke voor bepaalde verwerkingsprocedures zijn, zullen wij u overeenkomstig navolgend informeren (we verwijzen met name naar 7 “Online sollicitaties”).

Uw persoonsgegevens worden uitsluitend verwerkt in lijn met de geldende bepalingen ter zake van de wetgeving op bescherming van gegevens van de Europese Unie, met name de Algemene Verordening Gegevensbescherming van de EU, (hierna “AVG”), aangevuld met de Duitse Federale Wet betreffende de Gegevensbescherming (BDSG) als van toepassing met ingang van 25 mei 2018 (hierna “BDSG”) en andere wettelijke bepalingen ter zake van gegevensbescherming (tezamen aangeduid als “gegevensbeschermingswetgeving”).

Als u zelf de AVG wilt raadplegen, dan kunt u deze online vinden op:

This data protection policy applies to the website retrievable from the domain and other Aleris websites which explicitly include the following statements as their data protection policy. However, the following statements do not apply to the websites of other providers, such as those linked to by this website. The terms used, such as “personal data” or their “processing”, correspond to the definitions in Art. 4 GDPR.



  1. Voorwerp van gegevensbescherming, rechtsgrondslagen en bronnen
  2. Serverlogbestanden
  3. Communicatie per e-mail en contactformulier
  4. Login voor klanten
  5. Cookies
  6. a) Cookies die absoluut noodzakelijk zijn
  7. b) Extra eigen cookies
  8. c) Cookies van externe providers
  9. Tracking tools
  10. Online sollicitaties (Carrièreportaal)
  11. Ontvangers van persoonsgegevens
  12. Gegevensverwerking in derde landen
  13. Veiligheid
  14. Opslagperiode
  15. Uw rechten
  16. Wijzigingen


1. Object of data protection, legal foundations and sources

The object of data protection are personal data. Personal data means any information relating to an identified or identifiable natural person (‘data subject’). Your personal data are therefore all the data that enables you to be identified as a person, such as your name, your address, your telephone number or your email address. Personal data are also the information that is necessarily generated when you use our website, such as beginning, end and scope of use or your IP address.

We only process your data when an applicable legal provision allows it. In particular we base the processing of your data on the following legal foundations:

  • Consent (Art. 6(1)(a) GDPR): We will only process certain data on the basis of your prior specific and freely given consent. You have the right to withdraw your consent with future effect at any time.
  • Performance of a contract or pre-contractual activities (Art. 6(1)(b) GDPR): We need certain data from you to prepare and execute your contract with Aleris.
  • Compliance with a legal obligation (Art. 6(1)(c) GDPR): In addition, we process your personal data to comply with statutory obligations, such as record-keeping obligations under commercial and tax law.
  • Pursuit of legitimate interests (Art. 6(1)(f) GDPR): Aleris will process certain data to protect its interests or those of third parties. This only applies when your interests do not override them in the specific case, however.

Please note that this is not a complete or definitive list of the possible legal grounds; these are only examples intended to make the legal foundations of data protection law more transparent. Further information on the legal foundations of individual data processing activities on our website can be found below.

Uw persoonsgegevens komen met name van uzelf, deels door uw gebruik van onze website, van uw persoonlijke verzoeken en mogelijk van informatie die u verstrekt voorafgaande aan een contractuele relatie.


2. Server logfiles

You can visit our website without providing any information about yourself. Your visit to our website may mean that the following access information is stored:

  • IP-adres van het apparaat dat de verbinding aanvraagt,
  • opgevraagd bestand,
  • http-antwoordcode,
  • de website vanwaar u naar onze website kwam (referrer URL),
  • datum, tijd en tijdzone van de serveraanvraag,
  • het type en de versie van de browser,
  • besturingssysteem gebruikt door het apparaat dat de verbinding aanvraagt,
  • zoekterm waarmee de website werd gevonden, bijvoorbeeld door Google.

We process these data on the basis of Art. 6(1)(f) GDPR to provide the website, to ensure its technical operation and the security of our IT systems. We do so in the interest of enabling and permanently maintaining the use of our website and its technical functionality. These data are processed automatically when the website is retrieved. Without this processing you cannot use our website. We do not use this data for the purpose of determining your identity.

The automatically collected data are not generally kept for longer than required , unless exceptionally we need them for the above purposes for a longer period. In this case we delete the data without delay when the purpose ceases to apply.

U kunt geen bezwaar maken tegen de verzameling en opslag van uw serverlogbestanden aangezien deze van absoluut belang zijn voor een soepele werking van onze website.


3. Communication by email and contact form

Als u met ons per e-mail contact opneemt, worden uw vrijwillig verstrekte contactgegevens (bijv. naam, e-mailadres) enkel ten behoeve van de registratie en eventuele beantwoording van uw verzoek en voor technisch beheer verzameld, verwerkt en gebruikt.

Under the “Contact” heading you can also get in touch with us by means of a contact form. If you use this contact form, we collect and store the following data:

  • voornaam,
  • achternaam,
  • e-mailadres,
  • reden om contact op te nemen,
  • bericht.

Op vrijwillige basis kunt u ook verstrekken:

  • academische titel,
  • bedrijf,
  • telefoon,
  • stad,
  • sector

Uw browser stuurt gegevens door u verstrekt naar onze server waar deze naar een e-mail omgezet en aan ons verstuurd worden.

Data transferred in the course of communication by contact form or email is processed on the basis of Art. 6(1)(b) GDPR, if it relates to pre-contractual activity, or of Art. 6(1)(f) GDPR. In the latter case we have a legitimate interest in processing contact enquiries addressed to us voluntarily.

Wij wissen de door u verstrekte gegevens zodra het doel waardoor deze verzameld werden komt te vervallen, zulks met inachtneming van voortdurende wettelijk voorgeschreven registratieverplichtingen.

To the extent that your data are processed on the basis of legitimate interests, you can object to the storage of your personal data at any time. In this case we will no longer process your data to the extent that we cannot demonstrate a legitimate interest for doing so, and are not otherwise obliged by law to store them. To exercise your right to object to the storage of data, please contact us in writing, by fax or email.

Please note that we cannot guarantee complete data security, however, especially for communication by contact form and email. You should therefore refrain from sending us confidential information, such as bank or credit card details, via these channels. To send confidential information we recommend that you use a secure means of communication, such as the postal service.


4. Customer log-in

We set up direct, password-protected access for all customers who register with us. As a customer you can receive information about our products (e.g. Surplus Stock Lists) here, view any contract details and manage your master/contact data.

Processing takes place for the purpose of providing contractual services and additional customer services on the basis of Art. 6(1)(b) GDPR (performance of a contract to which the data subject is party) or Art. 6(1)(c) to the extent that the storage is to comply with statutory record-keeping obligations. The information designated as obligatory is required to use the customer log-in. You can also provide additional information voluntarily. Your voluntary disclosures are stored on the basis of Art. 6(1)(f) GDPR, since we have a legitimate interest in processing the data you provide voluntarily. You can object to the processing of voluntarily provided data at any time.

With the function “stay logged-in” we would like to make your visit to our website as convenient as possible. This function enables you to use our website without having to log in again every time. For security reasons you are nonetheless asked to enter your password again when you change your personal data or wish to place an order. We recommend that you do not use this function if your device is accessible to more than one user. We should point out that the “stay logged-in” function is not available if you have set your browser so that cookies are deleted automatically after every session or you have otherwise deactivated cookies (see Point 5).


5. Cookies

The website uses cookies and similar technologies such as HTML5 storage (hereafter known collectively as “cookies”) to optimise the design of the website. They facilitate navigation and enable the website to be as user-friendly as possible.

Cookies are small identifiers that our webserver sends to your browser and that your device stores, if the default settings are unchanged. They can be used to determine whether your device has already communicated with us. This means they help to make website use more convenient for you and to optimise our offering. We make a distinction between cookies that are absolutely necessary for technical reasons, those set by our website and those set by third parties. Detailed information on the type, function, purposes, legal grounds and options for objecting to data processing when cookies are used can be found in the following section:

When you use our website we notify you of the use of cookies. You can object to the storage of cookies at any time by selecting “accept no cookies” in your browser settings. Please refer to the help function of your browser for how to manage and delete cookies in your browser settings. You can also deactivate all cookies by means of free browser add-ons, such as “Adblock Plus“ ( in combination with the “EasyPrivacy“ list( or ”Ghostery“ ( If you do not accept any cookies, this may limit the functionality of the website, however.


a) Cookies die absoluut noodzakelijk zijn

Op onze website gebruiken wij de volgende cookies die absoluut noodzakelijk zijn voor het functioneren van onze website en dievoor ons van rechtmatig belang zijn voor opslag, omdat wij anders onze websiteniet kunnen voorzien van bepaalde elementaire functies.

Beschrijving Functie/doel Opslagperiode
isEnabled=true Achterhaalt of de browser van de gebruiker Javascript kan uitvoeren om te beslissen of een doorzoekbaar dropdown interface wordt aangeboden of een eenvoudig HTML dropdown. Sessie
iFrame Height Slaat de iFrame Height op die werd berekend voor later hergebruik bij hernieuwde weergave in iFrame.  Sessie

Data processing takes place to further our legitimate interests on the basis of Art. 6(1)(f) GDPR. Our legitimate interest is therefore derived from the purposes described.


b) Extra eigen cookies

Additional own cookies that are not absolutely necessary for the use of the website (also known as “first-party cookies”) perform important tasks. They enable convenient surfing on our website, by completing forms in advance, for example Furthermore they enable us to approach you with individual offers. We use the following additional own cookies on our website.

Beschrijving Functie/doel Opslagperiode
Identificatie van een sessie van een gebruiker tijdens interactie met onze website.  2 uur

Data processing takes place to further our legitimate interests on the basis of Art. 6(1)(f) GDPR. Our legitimate interest is therefore derived from the purposes described.


c) Cookies van externe providers

To integrate contents or functions from third-party providers (see the points below) we set cookies from third-party providers (also known as “third-party cookies”), which provide information that you have accessed this website, for example. Please visit the websites of the third-party providers for more information about their use of cookies. We use the following

cookies van derden:

Beschrijving Functie/doel Externe provider Opslagperiode
Geen gebruik van content waarmee gebruiker geïdentificeerd kan worden.
Google Analytics plaatst een cookie op Portaal om gebruikersgedrag te observeren bij interactie met de website en andere geaggregeerde statistische gegevens. Google Analytics 2 jaar (besloten door Google)
Google authenticatie token
Door Google opgenomen om een verificatietoken op te slaan om de gebruiker te onderscheiden. Google Besloten door Google
Cryptographic hash of candidate LinkedIn MemberID
Opgenomen door LinkedIn om de ingelogde LinkedIn-gebruiker te identificeren. LinkedIn Decided by LinkedIn
Gebruikt in sommige prestatiestatistieken die worden opgehaald (indien nodig).
New Relic Decided by New Relic

Data processing takes place to further our legitimate interests on the basis of Art. 6(1)(f) GDPR. Our legitimate interest is therefore derived from the purposes described.

Nadere informatie en opt-outs van gegevensverwerking bij gebruik van cookies van derden vindt u in de volgende beschrijvingen van de afzonderlijke functies gebaseerd op het gebruik van een dergelijke cookie en van vergelijkbare technologieën.



LinkedIn wordt geëxploiteerd door LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ierland.


If you want to use single sign-on, you’ll be redirected to LinkedIn when you log in. There, you will be asked to log in with username and password, unless you are already logged in to LinkedIn. Of course, Aleris does not take note of your login details.


Then you confirm to LinkedIn the transmission of your data to Aleris. The following data is transmitted to Aleris during single sign-on:


  • LinkedIn: First and last name, e-mail address, …


Aleris creates your user account with the submitted data. There is no permanent link between your user account and your LinkedIn account. For login on the website via LinkedIn a LinkedIn-generated unique token (string of letters and numbers) is saved and exchanged with LinkedIn during the login process for secure authentication. The legal basis for the processing of your personal data in this context is in particular Article 6 (1) sentence 1 (f) GDPR, as we have a legitimate interest in facilitating the login process for interested users.


The link from LinkedIn to the website can be removed at any time. You’ll need to delete the connection to “Aleris” in your profile on LinkedIn within the account settings. If you subsequently wish to continue using the website, you may be required to re-register on the website.


Meer informatie over het doel en de omvang van de gegevensverzameling alsmede de verwerking en het gebruik van uw gegevens door LinkedIn en uw desbetreffende rechten en instelmogelijkheden ter bescherming van uw persoonlijke levenssfeer, kunt u nalezen in het privacybeleid van LinkedIn (

New relic

We are using a plug-in of the web analysis service New Relic on this website. This service is provided by New Relic Inc., 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA.


This makes it possible to collect statistical reports on the use and speed of the website. The plug-in gives New Relic among others the information that a user has accessed the corresponding website of the offer. In addition to your IP address, cookie-generated information about your use of our Web site is generally transmitted to and stored on a New Relic server in the United States. Data processing takes place on the basis of our legitimate interests within the meaning of Art. 6 (1) (f) GDPR, namely our interest in the analysis, optimization and economical operation of our online offer.


On our behalf, New Relic will use this information to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website activity and internet usage. The purpose and scope of the data collection, as well as information about the processing and use of the data by New Relic can be found in the New Relic privacy policy:


De gegevens worden gewist zodra ze niet meer nodig zijn voor onze registratiedoeleinden.


U kunt de opslag en het gebruik van cookies door New Relic voorkomen door de instellingen van uw browser aan te passen of door een add-on te activeren.


New Relic heeft zich er bij wege van een EU-US-Privacy-Shield-certificering bij het Amerikaanse ministerie van Economische Zaken toe verbonden zich te houden aan de EU-US-Privacy-Shield-overeenkomst tussen de EU en de Verenigde Staten betreffende de verzameling, het gebruik en de opslag van persoonsgegevens uit de lidstaten van de EU.

U kunt ook kiezen voor registratie via uw LinkedIn-profiel door middel van eenmalige aanmelding.


6. Tracking Tools

This website uses Google Analytics, a web analytics service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). Google Analytics uses third-party cookies to identify preferences and how often certain areas of our website are used. The information generated by the cookie about your use of our website (including your abbreviated IP address) is generally sent to a Google Server in the USA and stored there. Data is processed on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR, namely our interest in analysing, optimising and operating our online offering economically. Google is certified under the Privacy Shield and so provides a guarantee of its compliance with European data protection legislation.

Google zal deze informatie namens ons en op basis van een overeenkomst voor gegevensverwerking gebruiken om uw gebruik van onze website te analyseren, om rapporten over de website-activiteiten voor ons op te stellen en om andere diensten verbonden met het gebruik van de website of van het internet aan ons te verstrekken.

We only use Google Analytics with activated IP anonymisation. This means that Google will abbreviate users’ IP address within the member states of the European Union (EU) or other signatories of the treaty creating the European Economic Area (EEA). Only in exceptional cases will the full IP address be sent to a Google server in the USA and abbreviated there. The IP address sent by your browser will not be merged with other Google data.

The data are deleted as soon as they are no longer needed for the purpose for which they were recorded. In our case this is generally after 14 months.

You can prevent the storage of cookies for Google Analytics by adjusting your browser settings accordingly or by means of browser add-ons. In addition you can prevent the data generated by the cookie relating to your use of the website (including your IP address) being sent to Google and the processing of this data by Google by downloading and installing the browser plug-in from the link below:

Meer informatie over het gebruik van gegevens voor Google, instellingen en opt-outs vindt u op de websites van Google via de volgende links:


7. Online job applications (Career Portal)

You can apply for vacant positions via the Career Portal on our website. Please see our specific privacy policy for the Online Application Portal under (insert the link)

Ontvangers van persoonsgegevens

Uw persoonsgegevens worden door ons alleen overgedragen aan externe ontvangers voor zover dat noodzakelijk is om uw verzoek te behandelen of te verwerken en u ons uw toestemming hebt gegeven of in geval van andere wettige machtiging.

Externe ontvangers kunnen met name zijn:

  • Processors: These are service providers that we use to provide services, including in the areas of technical infrastructure and maintenance of our website. Such processors are carefully selected and regularly audited by us to ensure that your privacy is maintained. They may only use the data for the purposes determined by us and on our instructions. Subject to compliance with the conditions of Art. 28 GDPR, we are authorised to use such processors.
  • Public bodies: These are public authorities, state institutions and other public-law entities, such as supervisory authorities, courts of law, public prosecution services or tax authorities. Personal data are only transferred to such public bodies for binding statutory reasons. The legal basis for any such transfer is Art. 6(1)(c) GDPR.
  • Non-public bodies: Other Aleris companies, external service providers and ancillaries to which data are transferred on the basis of a statutory obligation or to further legitimate interests, e.g. tax advisors or auditors. In this case the transfer takes place on the basis of Art. 6(1)(c) and/or (f) GDPR.


Gegevensverwerking in derde landen

To the extent that we transfer your data to third countries outside the EU or EEA, we ensure beforehand either that the recipient has an appropriate level of data protection or that you consent to the data transfer. This does not apply to exceptional cases allowed by law. An appropriate level of data protection is guaranteed, for example, by the recipient’s certification under the EU-US Privacy Shield, by means of standard EU contractual clauses or by binding corporate rules (BCR).


10. Security

We take technical and organisational security measures to protect your personal data against intentional or chance manipulation, loss, destruction or unauthorised access. Our security measures are adapted in line with the current state of technological knowledge.

Your personal data transferred to us when you use our website are transferred securely in encrypted form. We use the encryption protocol Transport Layer Security (TLS), more widely known under its previous name of Secure Sockets Layer (SSL). Our employees have given a commitment to respect data secrecy.


11. Storage period

We only store your personal data for as long as necessary to fulfil its purpose or if you have given your consent, until you withdraw this consent. If you withdraw your consent we will no longer process your personal data, unless we are allowed or even obliged to so by applicable statutory provisions (e.g. by record-keeping obligations under commercial and tax law). We will also delete your personal data when we are obliged by law to do so.

Voor het overige verwijzen wij naar de opmerkingen in de bovenstaande paragrafen voor bijzonderheden betreffende bewaartermijnen voor uw persoonsgegevens.


12. Your rights

You have numerous rights as a data subject. Specifically, these are:

  • Right of access (Art. 15 GDPR): You have the right to information about your personal data stored by us.
  • Right to rectification and erasure (Art. 16 and 17 GDPR): You can require us to rectify incorrect data and erase your data – insofar as the statutory conditions are met.
  • Right to restriction of processing (Art. 18 GDPR): Insofar as the statutory conditions are met, you can require us to restrict the processing of your data.
  • Right to data portability (Art. 20 GDPR): If you have provided us with data on the basis of a contract or consent, you have the right to receive the personal data provided concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
  • Right to object to data processing based on legitimate interests (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data which is based on point (f) of Article 6(1) GDPR. If you exercise your right to object we will cease processing of your data, unless we can demonstrate compelling legitimate grounds for the processing which override your rights.
  • Opt-out for cookies: You can object to the use of cookies at any time. If you want to opt out from certain cookies, please see our comments under Point 5.
  • Withdrawal of consent (Art. 7 GDPR): If you have consented to the processing of your data, you can withdraw this consent at any time with future effect. This does not affect the validity of the processing of your data until you withdraw consent.
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR). You can also lodge a complaint with the competent supervisory authority if you consider that the processing of your data infringes applicable legislation. You can either approach the supervisory authority responsible for your place of residence or employment or the place of the alleged infringement, or the supervisory authority responsible for us.

If you have any questions about the processing of your personal data, your rights as a data subject and any consent you have granted, we will be happy to answer them. We can be reached by the communications channels mentioned at the beginning of this document.


13. Changes

From time to time it may become necessary to amend this data protection policy. We therefore reserve the right to change it at any time. We will also publish the amended version of the data protection policy in the same place. If you return to our website, you should therefore read the data protection statement again.


Met ingang van: mei 2018



Powered by GlobalLink OneLink Software