Go to homepage

#statusMessage#

Do you want to start the comparison now?

Note
Select at least one product via the “Compare” function to activate the product comparison.

PRIVACY POLICY



The protection of your personal data when you visit our website is very important to us. We protect your privacy and your personal information. We collect, process, and use your personal data in accordance with this Privacy Policy and applicable data protection regulations, in particular the General Data Protection Regulation, the German Federal Data Protection Act, and the German Telecommunications and Digital Ser-vices Data Protection Act.

This Privacy Policy explains what personal data we collect, process, and use about you. We therefore ask that you read the following information carefully.


1. Name and address of the Responsible Party


dataTec AG
Ferdinand-Lassalle-Str. 52
72770 Reutlingen, Germany

Phone: +49 7121 / 51 50 50
Fax: +49 7121 / 51 50 10
Email: info@datatec.eu
Website: www.datatec.eu
Imprint: https://www.datatec.eu/imprint


2. Name and Address of the Data Protection Officer


Ingenieurbüro Bernd Hölle GmbH
Gerhard-Kindler-Straße 3
72770 Reutlingen, Germany
Tel: +49 (0) 7121 820 17 40
Email: datatec@ibh-datenschutz.de


3. General Information on Data Processing


3.1 Scope of Processing of Personal Data
As a general rule, we collect and use our users′ personal data only to the extent necessary to provide a fully functional website and our content and services. We generally collect and use our users′ personal data only with their consent. An exception applies in cases where it is not possible to obtain consent in advance for practical reasons and the processing of the data is permitted by law.

3.2 Legal Basis for Data Processing
If you have consented to the processing of your data, we process your personal data on the basis of Arti-cle 6(1)(a) of GDPR (EU General Data Protection Regulation) or Article 9(2)(a) of GDPR, provided that spe-cial categories of data as defined in Article 9(1) of GDPR are being processed.
br> If you have consented to the storage of cookies or to access to information on your device (e.g., via de-vice fingerprinting), data processing is also carried out on the basis of Section 25(1) of the TDDDG (Ger-man Telecommunications and Digital Services Data Protection Act). Consent may be revoked at any time.

If your data is necessary for the performance of a contract or for the implementation of precontractual measures, we process your data on the basis of Article 6(1)(b) of GDPR. Furthermore, we process your data to the extent that it is necessary to comply with a legal obligation, pursuant to Article 6(1)(c) of GDPR.

Data processing may also be carried out on the basis of our legitimate interest pursuant to Article 6(1)(f) of GDPR. The following sections of this Privacy Policy provide information about the legal basis applicable in each specific case.

3.3 Note on the Transfer of Data to Third Countries
As explained in this Privacy Policy, we use services provided by companies that are in some cases based in so-called third countries (outside of the European Union or the European Economic Area) or that process personal data there – that is, in countries where the data protection standards do not correspond to those of the European Union. To the extent that this is the case and the European Commission has not adopted an adequacy decision (Art. 45 of GDPR) for these countries, we have implemented appropriate safeguards in accordance with Art. 44 et seq. of GDPR to ensure an adequate level of data protection for any data transfers. These include, among other things, the European Union′s standard contractual clauses and bind-ing internal data protection policies.

If a transfer to a third country is planned and there is no adequacy decision or appropriate guarantees in place, there is a possibility and a risk that authorities in the respective third country (e.g., intelligence agen-cies) may gain access to the transferred data in order to collect and analyze it, and that the enforceability of your rights as a data subject cannot be guaranteed.

3.4 Withdrawal of Your Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You may revoke your con-sent at any time. The lawfulness of the data processing carried out prior to the revocation remains unaffect-ed by the revocation.

3.5 Retention period
Unless a more specific retention period is specified in this Privacy Policy, we will retain your personal data until the purpose for which it was collected no longer applies. If you submit a valid request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible grounds for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted once those grounds no longer apply.

3.6 SSL or TLS encryption
For security reasons and to protect the transmission of confidential information – such as orders or inquir-ies that you send to us as the website operator – this site uses SSL or TLS encryption. You can tell that a connection is encrypted when the browser′s address bar changes from “http://” to “https://” and when you see the padlock icon in your browser′s address bar.

If SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.

3.7 Hosting
This website is hosted by an external service provider (host). The personal data collected on this website is stored on the hosting provider′s servers. This may include, in particular, IP addresses, contact requests, metadata and communication data, contract data, contact information, names, website visits, and other data generated through a website.

We use the following hoster:
Microsoft Corporation, One Microsoft Way, 98052-6399 Redmond, WA, United States of America (Microsoft Azure).

For more information about the Microsoft Azure Cloud, please see Microsoft′s Privacy Statement: https://www.microsoft.com/en/trust-center


4. Generation of Server Log Files


4.1 Description and Purpose of Data Processing
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not combined with data from other sources.

4.2 Legal Basis for Data Processing
This data is collected pursuant to Article 6(1)(f) of GDPR in conjunction with Section 25(2)(2) of the TDDDG. The website operator has a legitimate interest in ensuring that its website functions properly and is opti-mized. To this end, server log files must be collected.

4.3 Duration of Storage
The data will be deleted as soon as it is no longer needed to achieve the purpose for which it was collected. In the case of data collected for the purpose of providing the website, this occurs when the respective ses-sion ends.


5. Use of Cookies


5.1 Description and Purpose of Data Processing
Our website uses what are known as “cookies”. Cookies are small text files and do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.

In some cases, cookies from third-party companies may also be stored on your device when you visit our site (third-party cookies). These enable us or you to use certain services provided by the third-party compa-ny (e.g., cookies for processing payment services).

Cookies serve various purposes. Many cookies are technically necessary because certain website features would not work without them (e.g., the shopping cart feature or the display of videos). Other cookies are used to analyze user behavior or display advertisements.

5.2 Legal Basis for Data Processing
Cookies that are required to carry out the electronic communication process (necessary cookies), to provide certain features you have requested (functional cookies, e.g., for the shopping cart feature), or to optimize the website (e.g., cookies for measuring website traffic) are stored pursuant to Article 6(1)(f) of GDPR in conjunction with Section 25(2)(2) of the TDDDG, unless another legal basis is specified. The website opera-tor has a legitimate interest in storing cookies to ensure that its services are provided in a technically error-free and optimized manner. If consent to the storage of cookies has been requested, the relevant cookies are stored solely on the basis of this consent (Art. 6(1)(a) of GDPR, § 25(2)(1) of the TDDDG); consent may be revoked at any time.

You can configure your browser to notify you when cookies are set, to allow cookies only on a case-by-case basis, to block cookies in specific cases or generally, and to enable the automatic deletion of cookies when you close your browser. If you disable cookies, the functionality of this website may be limited.

5.3 Duration of Storage
By changing the settings in your web browser, you can disable or restrict the use of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically.

For detailed information about the cookies used on this website and their respective retention periods, please refer to our cookie consent management tool provided by Usercentrics.


6. Cookies Used

You can find information about the cookies we use here: https://www.datatec.eu/at/en/services-used


7. Contact us via the contact form, email, phone, or fax


7.1 Description and Purpose of Data Processing
Our website features contact forms that can be used to contact us electronically. If a user takes advantage of this option, the data entered in the form will be transmitted to us and stored. These data are:

For the contact form and email contact:

  • Title (Mr., Mrs., Ms., etc.)
  • Professional Title (optional)
  • First Name
  • Last Name
  • Company
  • Email address
  • Phone number
  • Address
  • Message
At the time the message is sent, the following data is also stored:
  • The user′s IP address
  • Date and time of registration
If you contact us by email, phone, or fax, we will store and process your inquiry, including all personal data contained therein, for the purpose of handling your request.

When you contact us, your data will not be shared with third parties. The data is used exclusively for pro-cessing the conversation.

7.2 Legal Basis for Data Processing
This data is processed on the basis of Article 6(1)(b) of GDPR, provided that your inquiry is related to the performance of a contract or is necessary for the implementation of precontractual measures. In all other cases, the processing is based on our legitimate interest in effectively handling inquiries directed to us (Art. 6(1)(f) of GDPR).

7.3 Duration of Storage
The data will be deleted as soon as it is no longer needed to achieve the purpose for which it was collected. For personal data entered in the contact form and data sent via email, telephone, or fax, this applies once the respective conversation with the user has ended. The conversation is considered to be over when the circumstances indicate that the matter in question has been fully resolved.

Any additional personal data collected during the submission process via the contact form and email will be deleted no later than six years after collection.


8. Newsletter


8.1 Description and Purpose of Data Processing
When you subscribe to our newsletter, we use the email address you provide, as well as any additional per-sonal data you choose to provide (title, last name), to send you our newsletter on a regular basis. This newsletter provides you with information about our products, special offers, events, and news.

To further optimize the newsletter and analyze reading behavior, tracking links or web beacons are used in the newsletters. When you open the newsletter, the system records whether and when it was opened and which links were clicked. This data is analyzed in a pseudonymized form.


8.1 Legal Basis for Data Processing
The data collected as part of the newsletter sign-up process is processed exclusively on the basis of your consent in accordance with Article 6(1)(a) of GDPR. You may revoke your consent to the use of your email address for newsletter distribution at any time. You can unsubscribe by clicking the corresponding link in the newsletter or by sending an email to adressmanagement@datatec.de.


8.1 Duration of Storage
Your data will be stored for the purpose of sending the newsletter as long as you do not withdraw your consent. Once you have withdrawn your consent or unsubscribed from the newsletter, your data will be de-leted immediately, provided there are no legally required retention periods.


9. E-commerce and Payment Providers


9.1 Description and Purpose of Data Processing
Online Store / Data Processing (Customer and Contract Data)
If you would like to place an order in our online store (for products or services such as webinars or semi-nars), you must provide personal information necessary for us to process your order in order to conclude the contract. Required information necessary for processing the contracts is marked separately; additional information is optional. We process the data you provide to fulfill your order. To do this, we may share your payment information with our bank.

You can voluntarily create a customer account, which will allow us to save your information for future pur-chases. We may also process the data you provide to inform you about other interesting products in our portfolio or to send you emails containing technical information.

The following information is collected when a customer account is created in the online store:

  • Professional Title (optional)
  • First Name
  • Last Name
  • Email address
  • Password
  • Phone number
  • Company
  • Department Information (optional)
  • Sales Tax ID (optional)
  • Address
  • Country
Alternatively, you can place your order without creating a customer account. In this case, you do not need to set a password.


9.1.1 Encrypted Payments on This Website
If, after entering into a paid contract, you are required to provide us with your payment information (e.g., account number for direct debit authorization), this information is necessary for processing the payment.

Payment transactions using standard payment methods (Visa/MasterCard, direct debit) are processed ex-clusively via an encrypted SSL or TLS connection. You can tell that a connection is encrypted when the browser′s address bar changes from “http://” to “https://” and when you see the padlock icon in your brows-er′s address bar.

9.1.2 Data Transmission Upon Contract Conclusion for Online Stores, Retailers, and Merchandise Shipping
When you order goods from us, we share your personal data with the shipping company responsible for delivery and with the payment service provider handling the payment transaction. Only data that the respec-tive service provider needs to perform its tasks will be disclosed.

9.1.3 Data Transmission Upon Conclusion of a Contract for Services and Digital Content
We disclose personal data to third parties only when necessary for the fulfillment of the contract, such as to the financial institution responsible for processing payments.

The data will not be disclosed to third parties, or will only be disclosed if you have expressly consented to such disclosure. We will not disclose your data to third parties without your express consent, for example for advertising purposes.

9.1.4 Credit Checks
For purchases on account or other payment methods where we make an advance payment, we may conduct a credit check (scoring). To this end, we will forward the information you have provided (e.g., name, ad-dress, age, or bank details) to a credit bureau. This data is used to determine the probability of default. If the risk of nonpayment is excessive, we may refuse to accept that payment method.

9.1.5 Payment Services
We integrate third-party payment services into our website. When you make a purchase from us, your pay-ment information (e.g., name, payment amount, bank account information, credit card number) is processed by the payment service provider for the purpose of processing your payment. The respective terms and conditions and privacy policies of the relevant providers apply to these transactions.

Paypal
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).

You can find PayPal′s privacy statement regarding its processing of your personal data as the data control-ler here: https://www.paypal.com/us/legalhub/paypal/privacy-full.

Sofortüberweisung
This payment service is provided by Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter “Sofort GmbH”). Using the “Sofortüberweisung” service, we receive real-time payment confirmation from Sofort GmbH and can immediately begin fulfilling our obligations. If you have chosen the "Sofortüber-weisung" payment method, please provide Sofort GmbH with your PIN and a valid TAN so that they can log in to your online banking account.

After you log in, Sofort GmbH automatically checks your account balance and processes the transfer to us using the TAN you provided. It then sends us a transaction confirmation immediately. After you log in, your transaction history, your overdraft limit, and the existence of other accounts and their balances will also be automatically checked. In addition to your PIN and TAN, the payment information you enter and your per-sonal information are also transmitted to Sofort GmbH. Your personal information includes your first and last names, address, phone number(s), email address, IP address, and, if applicable, any other information required for payment processing. Providing this information is necessary to verify your identity beyond a doubt and to prevent fraud.

For details on paying via Sofortüberweisung, please see the following links: https://www.klarna.com/international/privacy-policy/ and https://www.klarna.com/international/enterprise/sofort-to-klarna-payments/.

Mollie
This payment service is provided by Mollie B.V., Keizersgracht 126, 1015CW Amsterdam, Netherlands (here-inafter “Mollie”). With Mollie′s help, we can integrate various payment methods into our website. For more details, please refer to Mollie′s Privacy Policy: https://www.mollie.com/gb/legal/privacy.

Mastercard
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Water-loo, Belgium (hereinafter “Mastercard”).

For details on Mastercard′s data processing, please visit: https://www.mastercard.com/gb/en/privacy-notice.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

VISA
This payment service is provided by Visa Europe Services Inc., London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter “VISA”).

You can find details about VISA′s data processing here: https://www.visa.co.uk/legal/global-privacy-notice.html.

9.2 Legal Basis for Data Processing
Data processing in the online store is carried out for the purpose of fulfilling a contract with you, based on Article 6(1)(b) of GDPR. If you have provided your consent in accordance with Article 6(1)(a) of GDPR, we will share your email address with the shipping company responsible for delivery so that it can notify you via email about the shipping status of your order; you may withdraw your consent at any time.

9.3 Duration of Storage
When you create a customer account under “My Account”, the information you provide will be stored on a revocable basis. You can delete all other data, including your user account, at any time in the customer portal.

Due to commercial and tax law requirements, we are obligated to store your address, payment, and order information for a period of ten years. Your data will be used to comply with legal obligations.


10. Value-added Content such as White Papers and Trade Show Passes


10.1 Description and Purpose of Data Processing
From time to time, we offer value-added content on our website, such as white papers on the products we offer or free tickets to trade shows. To access the value-added content, you must register on our website. The following personal data is processed during the registration process:

  • Last Name / First Name
  • Email Address
  • Phone Number
  • Company Name
By registering and receiving value-added content, you will receive regular updates from us about our prod-ucts, services, and events in the form of a newsletter. You can unsubscribe from the newsletter at any time.

Your data will only be shared with third parties whom we have engaged as service providers to send out the newsletter. Appropriate data processing agreements or confidentiality agreements have been entered into with the service providers.

10.2 Legal Basis for Data Processing
The processing of the data collected during registration is based solely on your consent in accordance with Article 6(1)(a) of GDPR. You may revoke your consent to the use of your email address for newsletter dis-tribution at any time. You can unsubscribe by clicking the corresponding link in the newsletter or by sending an email to adressmanagement@datatec.de.

10.3 Duration of Storage
Your data will be stored for the purpose of sending the newsletter as long as you do not withdraw your consent. Once you have withdrawn your consent or unsubscribed from the newsletter, your data will be de-leted immediately, provided there are no legally required retention periods.


11. Online meetings, including webinars, via “Microsoft Teams”


11.1 Description and Purpose of Data Processing
We use “Microsoft Teams” to hold online meetings. Online meetings may include: Job interviews, client meetings, internal communication, webinars. “Microsoft Teams” is a service provided by Microsoft Corpora-tion, One Microsoft Way, Redmond, WA 98052-6399, headquartered in the United States.

If online meetings are recorded, you will be clearly informed of this in advance, before the online meeting begins. A notification about the ongoing recording will be displayed during the online meeting. However, as a rule, online meetings are not recorded.

If it is necessary for the purpose of documenting the results of an online meeting, we will record the chat content. However, that will generally not be the case.

Automated decision-making as defined by Article 22 of GDPR does not apply.

When using Microsoft Teams, various types of data are processed. The scope of the personal data also depends on what information you provide before or during your participation in an online meeting.

The following types of personal data may be processed:

  • IP address
  • Information provided by the participant: Display name, email address (if applicable), profile pic-ture (optional), preferred language.
  • Meeting metadata: Subject, date, time, meeting ID and password, phone number, location, device and hardware information, telemetry data, and diagnostic data.
  • Text, audio, and video data: You may be able to use the chat feature during an online meeting. If this is the case, the text you enter will be processed so that it can be displayed in the online meet-ing. To enable video display and audio playback, data from your device′s microphone and, if appli-cable, its video camera will be processed for the duration of the online meeting. You can turn off or mute your camera or microphone at any time using the Microsoft Teams app.
Your personal data is processed by dataTec AG employees who are involved in conducting the online meeting. Access to personal data is limited to the minimum necessary.

Microsoft Teams is a service provided by a U.S.-based provider. This means that Microsoft also processes personal data in a third country. We have entered into a contract with the provider of Microsoft Teams in accordance with what are referred to as the EU Standard Contractual Clauses. In addition, the EU has is-sued an adequacy decision for the United States pursuant to Article 45 of GDPR. Microsoft is also listed on the U.S.-E.U. Privacy Framework.

As an additional protective measure, we have also configured our Microsoft Teams settings so that only data centers located in the EU or the EEA are used for online meetings. However, data transfers to a third country cannot be ruled out.

11.2 Legal Basis for Data Processing
The legal basis for the processing of your personal data in connection with the conduct of online meetings is based on our legitimate interest in the effective conduct of such meetings and in establishing visual con-tact with, among others, job applicants (Art. 6(1)(f) of GDPR). Furthermore, the legal basis may be the per-formance of a contractual relationship with you (Art. 6(1)(b) of GDPR).

11.3 Duration of Storage
As a general rule, we delete personal data when there is no longer a need to retain it. Such a requirement may exist, in particular, if the data is still needed to fulfill contractual obligations or to assess, grant, or defend against warranty and, where applicable, guarantee claims. In the case of statutory retention require-ments, deletion may only be considered after the respective retention period has expired.

We have no control over how long Microsoft retains your data for its own purposes.


12. Handling of Applicant Data


12.1 Description and Purpose of Data Processing
We offer you the opportunity to apply for a position with us (e.g., by email, mail, or through our online ap-plication form). Below, we provide information about the scope, purpose, and use of your personal data collected as part of the application process. We assure you that the collection, processing, and use of your data are carried out in accordance with applicable data protection laws and all other legal requirements, and that your data will be treated with the strictest confidentiality.

If you submit an application to us, we will process your related personal data (e.g., contact and communica-tion information, application documents, notes taken during job interviews, etc.) to the extent necessary to decide whether to establish an employment relationship. Your personal data will be shared within our com-pany exclusively with those individuals involved in processing your application.

12.2 Legal Basis for Data Processing
The legal basis for this is Section 26 of BDSG (German Federal Data Protection Act) (initiation of an em-ployment relationship), Article 6(1)(b) of GDPR (general contract initiation), and – if you have given your consent – Article 6(1)(a) of GDPR. Consent may be revoked at any time.

If your application is successful, the data you submitted will be stored in our data processing systems in accordance with Section 26 of BDSG and Article 6(1)(b) of GDPR for the purpose of carrying out the em-ployment relationship.

12.3 Duration of Storage
If we are unable to offer you a position, if you decline a job offer, or if you withdraw your application, we reserve the right to retain the data you have provided for up to 6 months from the end of the application process (rejection or withdrawal of the application) based on our legitimate interests (Art. 6(1)(f) of GDPR).

The data will then be deleted, and the physical application documents will be destroyed. The data is retained primarily for evidentiary purposes in the event of a legal dispute. If it is apparent that the data will be need-ed after the 6-month period has expired (e.g., due to an impending or pending legal dispute), the data will not be deleted until the purpose for its continued retention no longer applies.

Data may also be retained for a longer period if you have provided the appropriate consent (Art. 6(1)(a) of GDPR) or if statutory retention requirements prevent its deletion.

If we do not offer you a position, we may be able to add you to our candidate pool. If you are accepted, all documents and information from your application will be added to the candidate pool so that we can con-tact you if suitable openings arise. Inclusion in the candidate pool is based solely on your explicit consent (Art. 6(1)(a) of GDPR). Providing consent is voluntary and has no bearing on the ongoing application pro-cess. The data subject may withdraw their consent at any time. In this case, the data will be permanently deleted from the candidate pool unless there are legal grounds for retaining it.

Data from the candidate pool will be permanently deleted no later than two years after consent is granted.


13. Privacy Notice for Business Partners


13.1 Description and Purpose of Data Processing
We process personal data that we receive from you in connection with a prospective or existing business relationship. We receive this data directly from you, for example, when you inquire about our products, when you place an order, during a trade show interaction, or through an order we place for the delivery of products and services. The data is stored internally in our customer and supplier management system. Spe-cifically, we process the following data:

  • Title (Mr., Mrs., Ms., etc.)
  • Last Name and First Name of the Contact Person
  • Professional Title
  • Position
  • Department
  • Phone Number
  • Email Address
  • Address of the company in question
  • Industry
  • Data related to the fulfillment of an order
  • Correspondence / Content of Conversations
Within our company, only those employees who need your data to fulfill our contractual and legal obliga-tions are granted access to it. Service providers and agents contracted by us may receive data for these purposes, provided that the individuals involved are bound by confidentiality obligations and comply with written data protection guidelines. These are primarily companies from the categories listed below:

Support/maintenance of computer/IT applications, archiving, document, and data carrier destruction, pur-chasing/procurement, debt collection, tax advisors for preparing monthly and annual financial statements, mail and transportation services, credit bureaus, payment processing, asserting legal claims, and defense in legal disputes.

Data may be transferred to entities in countries outside the European Economic Area (EU/EEA) (so-called third countries) if such a transfer is necessary to fulfill a contractual obligation to the business partner, if it is in our legitimate interest, or if you have given us your consent. In this context, the processing of data in a third country may also take place in connection with the engagement of service providers in the context of data processing on behalf of the controller. If the European Commission has not issued a decision confirm-ing that the country in question has an adequate level of data protection, we will ensure, in accordance with EU data protection requirements, through appropriate contracts and suitable technical and organizational measures, that your rights and freedoms are adequately protected and guaranteed.

13.2 Legal Basis for Data Processing
To fulfill contractual obligations pursuant to Article 6(1)(b) of GDPR. Example: Initiating, concluding, per-forming, and terminating a contract with you for the delivery of our products and services or for the pro-curement of products and services. This also includes the disclosure of personal data to our co-partners in connection with a specific request (e.g., registration for an event).

In the context of the balancing of interests pursuant to Article 6(1)(f) of GDPR: To the extent necessary, we process your data beyond the actual performance of the contract to protect our legitimate interests or those of third parties. Examples: Support requests, advertising/market and opinion research (provided you have not objected to the use of your data), credit checks, the assertion of legal claims and defense in legal dis-putes, and, where applicable, the disclosure of contact information to affiliates of dataTec AG for the pur-pose of processing a request.

Based on your consent pursuant to Article 6(1)(a) of GDPR, to the extent that you have given us consent to process personal data for specific purposes.

Due to legal requirements under Article 6(1)(c) of GDPR, i.e., various legal obligations, such as Section 257 of the German Commercial Code (Handelsgesetzbuch), Section 147 of the German Fiscal Code (Abgabe-nordnung), and the German Principles for the Storage of Accounting Data (GoBD) regarding the retention of tax-related data, as well as other relevant laws.

13.3 Duration of Storage
Your personal data will be stored for as long as necessary to fulfill our contractual and legal obligations. If the data is no longer necessary for the fulfillment of contractual or legal obligations, it will be deleted.

Personal data of individuals interested in our products and services is deleted after one year if the initial interest has not led to a business relationship.

Correspondence with you regarding the sale of our products and services (e.g., via email) will not be delet-ed due to potential support requests, as this information is necessary to properly address such requests. Correspondence related to the procurement of products and services is also not deleted for the purpose of follow-up inquiries.


14. Facebook and Instagram


14.1 Description and Purpose of Data Processing
When you visit our Facebook or Instagram page, where we showcase our company or individual products from our lineup, certain information about you is processed. Meta Platforms Ireland Limited (Ireland/EU – “Meta”) is the sole controller responsible for this processing of personal data. For more information about Meta′s processing of personal data, please visit https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0.

Meta provides us with anonymized statistics and insights for our Facebook and Instagram pages, which help us gain an understanding of the types of actions people take on our pages (referred to as “page in-sights”). These page insights are generated based on specific information about people who have visited our page. This processing of personal data is carried out by Meta and us as joint controllers.

We cannot link the information we receive through page insights to individual Facebook profiles that interact with our Facebook page. We have entered into a joint controller agreement with Meta that sets forth the allocation of data protection obligations between us and Meta. For details on the processing of personal data for the purpose of generating page insights and the agreement entered into between us and Meta, please visit https://www.facebook.com/legal/terms/information_about_page_insights_data.

14.2 Legal Basis for Data Processing
The legal basis for our processing of data in this regard is our legitimate interest in effectively informing users and communicating with them, in accordance with Article 6(1)(f) of GDPR.

Please note that, in accordance with Meta′s privacy policy, user data may also be processed in the United States or other third countries. Meta transfers user data only to countries for which the European Commis-sion has issued an adequacy decision pursuant to Article 45 of GDPR or on the basis of appropriate safe-guards pursuant to Article 46 of GDPR.

14.3 Right to Object and Right to Rectification
Meta offers the option to object to certain data processing activities; information on this and opt-out op-tions can be found at https://www.facebook.com/settings?tab=ads.

With regard to this data processing, you have the option of exercising your rights as a data subject (see “Your Rights”) with Meta as well. For more information on this, please see Meta′s Privacy Policy at https://www.facebook.com/privacy/explanation.


15. LinkedIn

15.1 Description and Purpose of Data Processing
LinkedIn Ireland Unlimited Company (Ireland/EU – “LinkedIn”) is generally the sole data controller responsible for the processing of personal data when you visit our LinkedIn page. For more information about LinkedIn′s processing of personal data, please visit https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

When you visit our LinkedIn company page, follow the page, or interact with it, LinkedIn processes personal data to provide us with statistics and insights in an anonymized form. This provides us with insights into the types of actions that people take on our page (referred to as page insights). To do so, LinkedIn processes, in particular, the data you have already provided to LinkedIn through the information in your profile, such as data regarding your job title, country, industry, years of service, company size, and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company page, such as whether you are a follower of our LinkedIn company page. LinkedIn does not provide us with any of your personal data through page insights. We only have access to the summarized page insights. Furthermore, we are unable to draw conclusions about individual members based on the information from page insights. This processing of personal data in connection with page insights is carried out by LinkedIn and us as joint controllers. This processing serves our legitimate interest in analyzing the types of actions taken on our LinkedIn company page and using these insights to improve our company page.

We have entered into a joint controller agreement with LinkedIn that sets forth the allocation of data protec-tion obligations between us and LinkedIn. The agreement is available at: https://legal.linkedin.com/pages-joint-controller-addendum.

We have an agreement with LinkedIn that LinkedIn is responsible for enabling you to exercise your rights under the GDPR. You can contact LinkedIn online via the following link (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=en) or reach LinkedIn using the contact information provided in the Privacy Policy. You can contact the Data Protection Officer at LinkedIn Ireland via the fol-lowing link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO. You can also contact us using the con-tact information provided to exercise your rights regarding the processing of personal data in connection with page insights. In such a case, we will forward your request to LinkedIn.

We have an agreement with LinkedIn that the Irish Data Protection Commission is the lead supervisory au-thority responsible for overseeing the processing of page insights. You always have the right to file a com-plaint with the Irish Data Protection Commission (see www.dataprotection.ie) or with any other supervisory authority.

15.2 Legal Basis for Data Processing
The legal basis for our processing of data in this regard is our legitimate interest in effectively informing users and communicating with them, in accordance with Article 6(1)(f) of GDPR.

Please note that, in accordance with LinkedIn′s Privacy Policy, personal data may also be processed by LinkedIn in the United States or other third countries. In doing so, LinkedIn transfers personal data only to countries for which the European Commission has issued an adequacy decision pursuant to Article 45 of GDPR or on the basis of appropriate safeguards pursuant to Article 46 of GDPR.


16. XING

16.1 Description and Purpose of Data Processing
We use the social media platform provided by XING SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. We process your data in connection with our Xing account for communication purposes and, where appli-cable, to carry out precontractual or contractual measures.

We process personal data when you contact us through our Xing account, for example, by sending a direct message. If you contact us through our social media accounts, we will process the content of your mes-sage as well as any other personal data you provide. Please note that, in addition to the data and content you actively submit, we may also have access to other information regarding your user profile, your posts, and, for example, your “Likes.” Access to this information depends on the privacy settings you have con-figured in your user account.

We use the data strictly for the specific purpose of communicating with you or processing your request.

We and Xing share joint responsibility for the data agreement. XING collects data from logged-in users and other visitors using cookies, pixels, local storage, and other tracking technologies. In addition, user behav-ior is tracked based on sent emails by monitoring which emails are opened, when they are opened, and which links within the emails are clicked. We do not use any analytics tools on the platforms that provide us with statistical analyses of user interaction. Xing currently has no agreement regarding joint responsibility as defined by Article 26(1), sentence 2 of GDPR, which specifies which controller is responsible for fulfilling which data protection obligations under GDPR.

For information on what data XING processes and for what purposes it is used, please see XING′s Privacy Policy: https://privacy.xing.com/en/privacy-policy 

You can find information about the available personalization and privacy settings here: https://privacy.xing.com/en/your-privacy.

You also have the option of requesting information via the XING contact: https://www.xing.com/support/contact/security/data_protection.

16.2 Legal Basis for Data Processing
The legal basis for the processing is Article 6(1)(f) of GDPR. Our legitimate interest, which prevails following a balancing of interests, is to communicate with you and respond to your inquiries and other concerns. To the extent that we are able to do so, and provided that we have also processed the data outside of Xing (e.g., by sending you an email), we will delete the data you have actively provided once the purpose for processing no longer applies – specifically, once our contact with you has been definitively terminated. This does not apply to data stored automatically by Xing as part of our communication; we have no control over the deletion of this data. Mandatory statutory retention periods remain unaffected by this.

Xing transfers personal data and other information to countries within the EU. According to Xing, data trans-fers to third countries take place exclusively in compliance with the legally prescribed conditions for per-missibility. (https://privacy.xing.com/en/privacy-policy/who-may-receive-information-about-you/third-countries).


17. Rights of Affected Individuals

If your personal data is being processed, you are a data subject within the meaning of GDPR, and you have the following rights with respect to the data controller:

17.1 Right to Information
The right, pursuant to Article 15 of GDPR, to request information about your personal data that we process. In particular, you may request information regarding the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing, or objection; the existence of a right to lodge a complaint; the origin of your data, if it was not collected by us; and the existence of automated decision-making, including profiling, and, where applicable, meaningful information regarding its details.

17.2 Right to Rectification
The right to request that we immediately correct any inaccurate personal data concerning you and, where applicable, complete any incomplete personal data (Art. 16 of GDPR).

17.3 Right to Restriction
The right, pursuant to Article 18 of GDPR, to request the restriction of the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful but you oppose its erasure, and if we no longer need the data but you require it to assert, exercise, or defend legal claims, or you have objected to the processing pursuant to Article 21 of GDPR.

17.4 Right to Erasure
The right to request that we immediately erase personal data concerning you, provided that one of the grounds listed in Article 17 of GDPR applies; e.g., if the data is no longer necessary for the purposes for which it was collected (right to erasure).

17.5 Right to Information
If you have exercised your right to rectification, erasure, or restriction of processing with the data controller, the data controller is obligated to notify all recipients to whom your personal data has been disclosed of such rectification, erasure, or restriction of processing, unless this proves impossible or involves a dispro-portionate effort.

You have the right to request information from the data controller regarding these recipients.

17.6 Right to Data Portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. In addition, you have the right to transmit this data to anoth-er controller – to whom the personal data was provided – without any interference from us.

17.7 Right to Object
The right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning you. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or that the processing is necessary for the establishment, exercise, or defense of legal claims (Art. 21 of GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling to the extent that it is related to such direct marketing.

If you object to the processing of your personal data for direct marketing purposes, your personal data will no longer be processed for those purposes.

17.8 Right of Withdrawal
You have the right to withdraw your consent under data protection law at any time. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of that consent prior to its withdrawal.

17.9 Right to File a Complaint
Without prejudice to any other administrative or judicial remedy, you have the right to file a complaint with a supervisory authority – in particular, in the Member State where you reside, where you work, or where the alleged infringement occurred – if you believe that the processing of your personal data violates GDPR.

The supervisory authority to which the complaint was submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of seeking judicial remedy under Article 78 of GDPR.

Our responsible supervisory authority is: Der Landesbeauftragte für den Datenschutz und die Informations-freiheit, Königstraße 10 a, 70173 Stuttgart, Germany.

Version: 11.05.2026

Newsletter and postal advertising

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter, we use newsletter service providers, which are described below.

Inxmail

This website uses Inxmail for sending newsletters. The provider is the Inxmail GmbH, Wetzinger Straße 17, 79106 Freiburg (hereinafter referred to as “Inxmail”).

Inxmail is a service that, among other things, organizes the mailing of newsletters and allows the analysis of such services. The data you enter for the purpose of subscribing to the newsletter is processed on Inxmail servers.

Inxmail Data Analysis

With the assistance of Inxmail, we are in a position to analyze our newsletter campaigns. For instance, this allows us to see whether a newsletter message has actually been opened and which links were clicked. This enables us to find out which links are clicked with great frequency.

We can also see whether any predefined activities took place after opening / clicking (conversion rate). This allows us to recognize whether a purchase was made after the newsletter was clicked.

Inxmail also allows us to divide newsletter recipients into different categories (clusters). It is, for example, possible to divide the newsletter recipients based on age, gender, or place of residence. This allows us to adapt our newsletters more effectively for the respective target groups. If you do not want to participate in the Inxmail analysis, you will have to unsubscribe from the newsletter. We provide a link to opt out in every newsletter message.

To review the Data Privacy Policy of Inxmail please click here: https://www.inxmail.de/datenschutz.

Anonymized Tracking

We use Inxmail’s anonymous tracking, which only allows us to identify you if you have explicitly consented to this in advance.

Legal Basis

The data is processed on the basis of your consent Art. 6(1)(a) GDPR. You may revoke your consent at any time with future impact.

Archiving Period

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after unsubscribing from the newsletter or after the purpose for its use has ceased to exist. We reserve the right to delete email addresses from our newsletter distribution at our own discretion in conjunction with our legitimate interest pursuant to Art. 6(1)(f) GDPR or to block them. This will not affect data we store for other purposes.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. Data from the blacklist will be used exclusively for this purpose and will not be merged with other data. This is in your and our best interest and also in the interest of compliance with the statutory mandates for the sending of newsletters (legitimate interest as defined in Art. 6 (1)(f) GDPR). There is no time limit for archiving in the blacklist. You may object to the storage if your interests outweigh our legitimate interests.

Plugins und Tools

Monotype (fast.fonts)

This site uses so-called web fonts for the uniform display of fonts, which are provided by Spichernstraße 2, 10777 Berlin in cooperation with its parent company Monotype Imaging Holdings Inc. located at 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA ("Monotype").

When you call up this website, the browser loads the required web fonts into the browser cache in order to display texts and fonts correctly. For this purpose, the browser you use must establish connections to the servers of Monotype GmbH.

In this way, Monotype GmbH learns that our website has been accessed via your IP address. The use of Monotype GmbH web fonts is in the interest of a uniform and appealing presentation of our online offers.

The legal basis for the transfer of data to Monotype GmbH is Art. 6 para. 1 lit. f) GDPR. The operator of this website has a legitimate interest in the use of Monotype GmbH web fonts for the visually improved presentation of the website content.

For more information about Monotype GmbH Web Fonts, please see the Monotype GmbH Privacy Policy at https://www.monotype.com/legal/privacy-policy.

YouTube

This website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

If you visit a page on this website into which a YouTube has been embedded, a connection with YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited.

Furthermore, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

Google Web Fonts (local embedding)

This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.

For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq  and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

eCommerce and payment service providers

Processing of data (customer and contract data)

We collect, process, and use personal data only to the extent necessary for the establishment, content organization or change of the legal relationship (data inventory). These actions are taken on the basis of Art. 6(1)(b) GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual actions. We collect, process, and use personal data concerning the use of this website (usage data) only to the extent that this is necessary to make it possible for users to utilize the services and to bill for them.

The collected customer data shall be eradicated upon completion of the order or the termination of the business relationship. This shall be without prejudice to any statutory retention mandates.

Data transfer upon closing of contracts for online stores, retailers, and the shipment of merchandise

Whenever you order merchandise from us, we will share your personal data with the transportation company entrusted with the delivery as well as the payment service commissioned to handle the payment transactions. Only the data these respective service providers require to meet their obligations will be shared.

The legal basis for this sharing is Art. 6 (1)(b) GDPR, which permits the processing of data for the fulfilment of contractual or pre-contractual obligations.

If you give us your respective consent pursuant to Art. 6 (1)(a) GDPR, we will share your email address with the transportation company entrusted with the delivery so that this company can notify you on the shipping status for your order via email. You have the option to revoke your consent at any time.

Data transfer upon closing of contracts for services and digital content

We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with the financial institution tasked with the processing of payments.

Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.

The basis for the processing of data is Art. 6(1)(b) GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.

Credit checks

We may conduct a credit check in the event that purchases are made on account or based on other payment terms that require us to extend credit (scoring). For this purpose, we transmit the data you have entered (e.g., name, address, age, or banking information) to a credit information agency. Based on this data, the probability of non-payment is determined. If the likelihood of non-payment is excessive, we may reject the respective payment term.

The credit check is performed on the basis of contractual fulfillment (Art. 6(1)(b) GDPR) and to avert nonpayment (justified interest pursuant to Art. 6(1)(f) GDPR). If consent has been obtained, the credit check shall be performed on the basis of this consent (Art. 6(1)(a) GDPR); the consent may be revoked at any time.

Payment services

We integrate payment services of third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, bank account details, credit card number) are processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contractual and data protection provisions of the respective providers apply. The use of the payment service providers is based on Art. 6(1)(b) GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment transaction (Art. 6(1)(f) GDPR). Insofar as your consent is requested for certain actions, Art. 6(1)(a) GDPR is the legal basis for data processing; consent may be revoked at any time for the future.

We use the following payment services / payment service providers within the scope of this website:

PayPal

The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full.

Details can be found in PayPal’s privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

instant transfer Sofort

The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter “Sofort GmbH”). With the help of the “Sofortüberweisung” procedure, we receive a payment confirmation from Sofort GmbH in real time and can immediately begin to fulfill our obligations. If you have chosen the payment method “Sofortüberweisung”, please send the PIN and a valid TAN to Sofort GmbH, with which it can log into your online banking account. Sofort GmbH automatically checks your account balance after logging in and carries out the transfer to us with the help of the TAN you have transmitted. Afterwards, it immediately sends us a transaction confirmation. After you log in, your turnover, the credit limit of the overdraft facility and the existence of other accounts and their balances are also checked automatically. In addition to the PIN and the TAN, the payment data entered by you as well as personal data will be transmitted to Sofort GmbH. The data about your person are first and last name, address, telephone number(s), email address, IP address and possibly other data required for payment processing. The transmission of this data is necessary to determine your identity beyond doubt and to prevent fraud attempts. For details on payment with immediate bank transfer, please refer to the following links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.

Mollie

The provider of this payment service is Mollie B.V, Keizersgracht 126, 1015CW Amsterdam, Netherlands (hereinafter "Mollie"). With the help of Mollie, we can integrate various payment methods on our website. Details can be found in Mollie's privacy policy: https://www.mollie.com/de/privacy.

Mastercard

The provider of this payment service is the Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter “Mastercard”).

Mastercard may transfer data to its parent company in the US. The data transfer to the US is based on Mastercard's Binding Corporate Rules. Details can be found here: https://www.mastercard.de/de-de/datenschutz.html and https://www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf.

Visa

The provider of this payment service is the Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter “VISA”).

Great Britain is considered a secure non-EU country as far as data protection legislation is concerned. This means that the data protection level in Great Britain is equivalent to the data protection level of the European Union.

VISA may transfer data to its parent company in the US. The data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zuzustandigkeitsfragen-fur-den-ewr.html.

For more information, please refer to VISA’s privacy policy: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

Online-based Audio and Video Conferences (Conference tools)

Data processing

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us. The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.

Duration of storage

Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.

Conference tools used

We employ the following conference tools:

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, please refer to the Microsoft Teams privacy policy: https://privacy.microsoft.com/en-us/privacystatement.

Eigene Dienste

JHandling applicant data

We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing, and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.

Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 GDPR according to German Law (Negotiation of an Employment Relationship), Art. 6(1)(b) GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.

If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 GDPR and Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship in our data processing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application).

Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.

Longer storage may also take place if you have given your agreement (Article 6(1)(a) GDPR) or if statutory data retention requirements preclude the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our applicant pool. In case of admission, all documents and information from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.

Admission to the applicant pool is based exclusively on your express agreement (Art. 6(1)(a) GDPR). The submission agreement is voluntary and has no relation to the ongoing application procedure. The affected person can revoke his agreement at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for storage.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been granted.

Surveys

Participation in surveys

To conduct surveys on our website, we use the SurveyMonkey service provided by Momentive Europe UC 2 Shelbourne Buildings, Second Floor, Shelbourne Rd. Ballsbridge, Dublin 4, Ireland.

This purpose is also our legitimate interest in processing the aforementioned data, which is based on Art. 6 (1) p. 1 lit. f) GDPR.

When you voluntarily participate in this survey, SurveyMonkey collects information about the device and application you use to take the survey.

This includes the IP address, the version of your operating system, the device type, as well as system and performance information and browser type.

When you take the survey through a mobile device, SurveyMonkey also collects the UUID (Universally Unique Identifier) of the device.

For more information about the cookies SurveyMonkey uses, privacy, and retention periods, please visit the following link https://www.surveymonkey.de/mp/legal/privacy-policy/#pp-section-10.

You can prevent the installation of cookies by deleting existing cookies and deactivating a storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all functions of our website to their full extent.

Momentive Europe UC is a subsidiary of Momentive Inc. based in the USA. Momentive Europe is committed to complying with the standards and regulations of European data protection law.

Sweepstakes

We hereby inform participants of sweepstakes about the processing of their personal data.

By participating in the competition, participants expressly agree to dataTec AG using and storing the personal data required for the execution of the competition within the framework of the provisions of data protection law until the end of the competition.

Information obligations pursuant to Article 13 GDPR

The person responsible for processing the personal data provided by the participant is dataTec AG. The winners will be notified in a timely manner via the respective specified contact channel (e.g., e-mail). All participants are responsible for the correctness of the contact data provided. If winners cannot be notified due to incomplete or incorrect contact data, the claim to the prize shall be forfeited. A payment of the winnings in cash or in kind, their exchange or transfer to other persons is not possible, subject to other information or promises.

Scope of the processing of personal data

When participating in a dataTec AG sweepstakes, we process the data and information provided by the data subject in the respective registration form. This includes the data required for participation, such as: First name, last name, email address, telephone number and company address. As well as, if applicable, the data and information voluntarily provided by the participant in the sweepstakes as part of participation. The data of the participants will only be transmitted to other bodies if this is necessary for the implementation of the competition (e.g. for the purpose of sending prizes) or if a participant has consented to the transmission.

Data processing purposes

The processing of personal data is carried out for the purpose of handling the competition or the promotion, in particular for determining and notifying the winners.

For the purpose of sending and delivering prizes, further data, e.g. postal address, may be subsequently collected and processed.

Data sharing

A transfer to third parties will only take place if this is necessary for the processing of the competition (e.g. development of the competition portal or sending the prize via a logistics company).

Legal basis of data processing

The legal basis for the processing is the fulfillment of the contractual relationship existing as a result of participation in the competition (Art. 6 (1) sentence 1 lit. b GDPR) and the consent of the data subject (Art. 6 (1) lit. a GDPR).

Possibility of objection

Data subjects may object to the processing of their data at any time. To do so, please send a message to datenschutz@bitbasegroup.com or one of the contact addresses given above.

We would like to point out that in the event of an objection, further participation in the competition or the promotion is excluded.

Storage duration

The processed data will be deleted after the end or expiry of the competition or the promotion and the sending of the prizes.

If a participant has consented to the sending of information about products and services of dataTec AG when registering, the further processing of the data and information covered by this consent will be carried out in accordance with the statutory provisions.

Rights of the data subjects

  • Right of access: the data subject has the right to obtain confirmation from the controller as to whether personal data concerning him or her are being processed; if this is the case, he or she has a right of access to such personal data and to the information specified in Article 15 of the GDPR.
  • Right to rectification: The data subject has the right to obtain from the controller, without undue delay, the rectification of inaccurate personal data concerning him or her and, where applicable, the completion of incomplete personal data (Art. 16 GDPR).
  • Right to erasure: The data subject has the right to request the controller to erase personal data concerning him or her without undue delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies, e.g. if the data is no longer needed for the purposes pursued (right to erasure).
  • Right to object: the data subject has the right to request the controller to restrict processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if the data subject has objected to the processing, for the duration of the controller's review. The data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her. The controller shall then no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims (Article 21 GDPR).
  • Right of withdrawal: The data subject has the right to withdraw consent at any time (Art. 7(3) GDPR). The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal (right of withdrawal).
  • Right to lodge a complaint: Without prejudice to any other administrative or judicial remedy, any data subject shall have the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Article 77 GDPR). The data subject may exercise this right before a supervisory authority in the Member State of his or her residence, place of work or the place of the alleged infringement.

The competent supervisory authority is: The State Commissioner for Data Protection and Freedom of Information, Königstrasse 10 a, 70173 Stuttgart, Germany.