Data protection2019-04-25T13:06:14+01:00

Statement on data protection

We are excited about your interest in our company. Data protection is an important asset for Steadforce GmbH’s management. The use of Steadforce GmbH’s web pages is not, in principle, possible without the disclosure of personal data. As long as a data subject wants to use special services of our company through our web page, it may still be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally ask for the consent of the data subject.

The processing of personal data, such as the name, address, email address or telephone number of the data subject, is always consistent with the Basic Data Protection Regulation and in accordance with the specific national data protection rules valid for Steadforce GmbH. Through this statement on data protection, our company wants to inform the public about the way, volume and purpose for which we collect, use and process personal data. In addition, the data subjects will be informed about their rights through this statement on data protection.

Steadforce GmbH, being responsible for processing, has implemented numerous technical and organisational measures with a view to ensuring the protection, as far as possible without any deficiencies, of personal data processed through this web page. However, the Internet-based data transfer may in principle have protection deficiencies, so that absolute protection can not be ensured. For this reason, any data subject is free to send us personal data by alternative means, for example by telephone.

1              Determination of terms

Steadforce GmbH’s statement on data protection is based on a terminology that was used by the European body responsible for issuing directives and regulations when developing the Basic Data Protection Regulation (DSGVO).Our statement on data protection must be easy to read and understand for both the public and our customers and business partners. To accomplish this, we would first like to explain the terminology used.

In this statement on data protection, we use the following terms inter alia:

a) Personal data

Personal data is all information that relates to an identified or identifiable person (‘the data subject’).It is considered that a natural person can be identified if the physical, psychological, genetic, physical, economic, cultural or social identity expression of that individual can be directly or indirectly identified by correlation to a code such as the name, personal code, to location data, an online code or one or more special features.

b) Data subject

The data subject may be any identified or identifiable natural person whose personal data will be processed by the data controller.

c) Processing

Processing is any operation performed with or without the help of an automated process or any series of operations related to personal data such as collecting, recording, organising, ordering, saving, adjusting or modifying, reading, survey, using, providing access by transmission, dissemination or other form of making available, adaptation or association, limitation, deletion or destruction.

d) Limiting processing

The limitation of processing consists of marking the saved personal data in order to limit their processing in the future.

e) Profiling

Profiling is any automatic way of processing personal data, which consists in the fact that this personal data will be used to evaluate certain personal aspects that relate to a natural person, in particular to analyse or predict issues on work capacity, economic situation, health, personal preferences, interests, seriousness, behaviour, place of residence or change of that natural person’s place of residence.

f) Pseudonymisation

Pseudonymisation is the processing of personal data in a way that personal data can not be associated with a particular person concerned without attracting additional information, if that additional information is kept separately and subjected to technical and organisational measures to ensure that personal data can not be attributed to an identified or identifiable person.

g) Data officer or controller

The data officer or controller is a natural or legal person, authority, organisation or other body that decides on its own or with others on the purpose and means of processing personal data. Where the purpose and means of such processing are provided for in the law of the Union or the Member States, the data controller, or the specific criteria for his appointment, may be provided for under Union or Member State legislation.

h) Order operator

The order operator is a natural or legal person, authority, organisation or other body that processes personal data at the request of the data controller.

i) Recipient

The recipient is a natural or legal person, authority, organisation or other body communicating personal data, regardless of the fact that it is about himself/herself or a third party. The authorities, which may receive personal data within a fact finding mission under Union or Member State law, are not considered as recipients.

j) Third party

A third party is a natural or legal person, authority, organisation or other body, other than the data subject, the data controller, the order operator, and the persons under the direct control of the data controller or the order operator are authorised to process personal data.

k) Consent

Consent is any declaration of acceptance voluntarily granted by the data subject for a particular case, in an informed and unmistakable form, in the form of a statement or other clear and conclusive form by which the data subject suggests that he/she agrees with the processing of personal data that concerns him/her.

2           Name and address of the data controller

The data officer/controller, within the meaning of the Basic Data Protection Regulation, of other applicable laws in the Member States of the European Union on data protection and other legislative regulations on data protection is:

Steadforce GmbH

Westendstraße 193

D-80686 München

Germany

Tel.:+49 89 51727 – 0

Email: munich@steadforce.com

Web page: www.steadforce.com

3           Name and address of person responsible for data protection

The person responsible for data protection, responsible for processing is:

Steadforce GmbH

– Data protection compartment –

Gerhard Smischek

Westendstraße 193

80686 München

Tel.:+49 170 2347311

Email: datenschutz@steadforce.com

Web page: www.steadforce.com

Any data subject can call at any time, directly upon our data protection officer, if there are questions or issues related to data protection.

4          Cookies

Steadforce GmbH’s web pages use cookies. Cookies are text files that are stored and saved on a computer system via an internet browser.

Numerous web pages and servers use cookies. Many cookies contain a so-called Cookie-ID.A Cookie-ID is an unambiguous cookie code. It consists of a series of characters that allows web pages and servers to be assigned to a specific internet browser in which the cookie has been saved. This will allow the consulted web page and the servers to distinguish the individual browser of the data subject from other internet browsers containing other cookies. A certain internet browser can be recognised and identified by this unambiguous Cookie-ID.

By using cookies, Steadforce GmbH can provide users of this website with user-friendly services, which can not be possible without a cookie.

Cookies can be used to optimise the information and offers on our website for the benefit of the user. As we mentioned, cookies allow us to re-identify users of our web site.

The purpose of this re-identification is to make it easier for us to use our website.

The user of a web page that uses cookies should not, for example, enter the access data on each visit of the web page because it is taken over by the web page and the cookie stored on the user’s computer. Another example is the cookie of a shopping cart in the online shop. The online-shop keeps with a cookie the article that a customer has deposited in the virtual shopping cart.

The data subject can prevent the placement of a cookie from our web site at any time by means of a proper Internet browser setting and thereby permanently prevent the placement of cookies. Moreover, cookies that have already been placed at any time can be deleted through an internet browser or other software applications. This is possible in all common internet browsers. If the data subject disables the placement of cookies in the Internet browser used, under certain circumstances, all the functions of our web page may not be used in their complexity.

5          Collection of general data and information

Steadforce GmbH’s web page collects a whole range of general data and information at each visit by a data subject or an automated system.

The general data and information will be saved in the Server Logfiles. There may be collected information about (1) types and versions of the browsers used, (2) the operating system of the system that accesses the page, (3) the web page from which he/she comes on our page, a system that accesses it (the so-called the Referrer), (4) secondary web pages, which is directed on our website by a system that accesses it, (5) the date and time of a web page visit, (6) an internet protocol address (IP address), (7) the internet Service-Provider of the system accessed and (8) other similar data and information that serves as a defence against attacks against our information technology systems.

When using these data and general information, Steadforce GmbH does not draw any conclusions on the data subject. This information is needed more for, (1) the correct delivery of the content of our web site, (2) the optimisation of our web site content and advertising, (3) ensuring the long-term functionality of our information technology systems and technical system of our web site as well as (4) providing criminal prosecution authorities with the necessary information in the event of a cyber attack.

These data and information collected anonymously are evaluated by Steadforce GmbH on the one hand statistically and on other hand in order to increase data protection and security in our company, and ultimately we can ensure an optimal level of protection of personal data. The anonymous data of the server Logfile is saved separately from the personal data provided by a data subject.

6         Registration on our web site

The data subject has the possibility to register on the data controller’s website by providing personal data. What personal data will be transmitted, resulting from each input window, which are used for registration. Personal data entered by the data subject will be collected and saved to the data controller for internal use only and for its own purposes. The data controller may transmit the data to one or more order operators, for example a packet service provider, who will also use the personal data exclusively for internal use assigned to the data controller.

By registration on the web page of the data controller, the IP address assigned to the data subject, the date and the time of registration will be saved by the Internet Service Provider (ISP).The saving of this data is made because that is the only way to prevent an abuse of our services and, if necessary, these data allow us to clarify the criminal cases that have been committed. In this way, saving this data is necessary to protect the data controller. As a matter of principle, these data are not passed on to third parties, as long as there is no legal obligation for the data, or if the transmission of the data is for criminal prosecution.

The registration of the data subject, with the provision of personal data serves the data controller to provide the data subject with content or services which, due to the nature of things, can only be offered to registered persons. Registered users are free to change the personal data provided at any time, or request the data controller to delete them completely from the database.

The data controller will communicate at any time, upon request, to any data subject information about personal data that has been saved about the data subject. In addition, the data controller will correct or delete the personal data at the request or indication of the data subject, as long as there is no legal obligation to keep them. In this context, all employees of the data controller are at the disposal of the data subject as a contact person.

7            Possibility to contact through the web page

Due to the legal regulations, Steadforce GmbH’s website contains data that allows us to make a quick electronic contact with our company as well as a direct communication with us, which also contains a general so-called e-mail address (e-mail address).If a data subject contacts the data controller by e-mail or through a contact form, the personal data transmitted by the data subject will be automatically saved. Such personal data voluntarily transmitted by a data subject to the data controller will be saved for processing or for contacting the data subject. No personal data is transmitted to third parties.

8          Routine deletion and blocking of personal data

The data controller processes and saves the personal data of the data subject only for the period necessary to achieve the purpose for which they were saved or if it was regulated by European directives and by laws or regulations issued by regulatory bodies or other legislator, to which the data controller is subject.

If the purpose of the saving disappears or the deadline set by European directives or imposed by regulatory bodies or other legislator expires, the personal data will be blocked or erased routinely and in accordance with legal regulations.

9           Rights of the data subject

a) Right to confirmation

Any data subject has the right conferred by the European directives and the regulatory bodies, to request from the data controller a confirmation that it is processing personal data related to the person. If a data subject wishes to exercise this right, he/she will always be able to contact an employee of the data controller for this purpose.

b) Right to information

Any data subject, whose data has been processed, has the right conferred by the European directives and the regulatory bodies, to obtain information from the data controller free of charge about the personal data saved on his or her person and a copy of this information.

  • In addition, European directives and regulatory bodies shall provide the data subject with access to information on:
  • the processing purposes
  • the categories of personal data to be processed
  • the recipients or categories of recipients in relation to whom personal data has been disclosed or is to be communicated, in particular recipients from third countries or international organisations
  • the planned period for the storage of personal data, if possible, or, if that is not possible, the criteria for determining that period
  • the existence of the right to correct or delete personal data concerning you, or the limitation of processing by the data controller or the right to refuse such processing
  • the existence of the right to appeal to a supervisory authority
  • if personal data has not been collected from the data subject: all available information about the origin of the data
  • the existence of automation of the decision-making process including profiling in accordance with Article 22 (1) and (4) of the DSGVO/Basic Data Protection Regulation and – at least in these cases – provide meaningful information to the data subject about the logic involved, and the magnitude and impact of such processing

In addition, the data subject is granted the right to information on whether personal data has been transmitted to another country or to an international organisation. In this case, the data subject is otherwise entitled to receive information about the appropriate guarantees regarding the transfer.

If the data subject wishes to exercise this right to information, he/she may at any time to contact an employee of the data controller for that purpose.

c) Right to corrections

Any person affected by the processing of personal data has the right conferred by the European directives and the regulatory bodies to request the prompt correction of the personal data that concern him/her and are not correct. In addition, the data subject is entitled, in the light of the purpose of the processing, to request the completion of incomplete personal data – even by means of a supplementary statement.

If a data subject wishes to use this right of correction, he/she may at any time contact an employee of the data controller for that purpose.

d) Right to erasure (‘right to be forgotten’)

Any person affected by the processing of personal data has the right conferred by the European directives and the regulatory bodies to require the data controller to delete his/her personal data without delay if one of the following reasons is applicable and to the extent that the processing is not necessary:

  • Personal data has been collected for such purposes or otherwise processed so that it is no longer required.
  • The data subject withdraws the consent on which the processing under Article 6 (1) (a) of the DSGVO or Article 9 (2) (a) of the DSGVO/Basic Data Protection Regulation is based and another legal basis for processing is lacking.
  • The data subject files an appeal against the processing under Article 21 (1) of the DSGVO/Basic Data Protection Regulation and there is no higher-ranking legal basis with regard to the processing, or the data subject files an appeal against the processing under Article 21 (2) of the DSGVO/Basic Data Protection Regulation.
  • Personal Data has been illegitimately processed.
  • The deletion of personal data is necessary for the fulfilment of a legal obligation under the Union or Member State legislation under which the data controller is subject.
  • Personal data has been collected with reference to the services provided by the information company in accordance with Article 8 (1) of the DSGVO/Basic Data Protection Regulation.

If one of the reasons listed above is applicable and a data subject wishes to request the deletion of personal data that is saved to Steadforce GmbH, he or she may contact at any time an employee of the data controller. The employee of Steadforce GmbH will order the execution of the deletion request without delay.

If personal data has been made public by Steadforce GmbH, our company as data controller pursuant to Article 17 (1) DSGVO/Basic Data Protection Regulation and is required to delete personal data, Steadforce GmbH will take appropriate and technical measures, taking into account the available technology and deployment costs, to inform other data controllers/officers who process personal data made public that the data subject affected by these has requested the data controller to delete all links to that personal data or the copies or replicas of such personal data, to the extent that the processing is not necessary. The employee of Steadforce GmbH will order all the necessary individually for each case.

e) Right to limit the processing

Any person affected by the processing of personal data has the right conferred by the European directives and regulatory bodies to require the data controller to limit the processing if one of the following conditions is met:

  • The correctness of personal data has been challenged by the data subject, that is, for a period that allows the data controller to verify the correctness of the personal data.
  • Processing is unlawful, the data subject refuses the deletion of personal data and instead requests the limitation of the use of personal data.
  • The data controller no longer needs personal data for processing, but the data subject still needs them to claim, exercise or defend their legal rights.
  • The data subject has filed a complaint against processing within the meaning of Article 21 (1) DSGVO/Basic Data Protection Regulation and is still not established if the legitimate reasons of the data controller are superior to those of the data subject.

If one of the above conditions is met and a data subject wishes to request the limitation of the personal data saved to Steadforce GmbH, he/she may contact an employee of the data controller at any time for this purpose. The employee of Steadforce GmbH will order processing limitation.

f) Right to data transmission

Any person affected by the processing of personal data has the right conferred by the European directives and regulatory bodies to obtain personal data concerning him/her, made available to a data controller by the data subject, in a structured, usual and machine readable format. In addition, he/she is entitled to transfer this data to another data controller without any resistance from the data controller to whom the personal data have been made available to the extent that the processing is based on consent within the meaning of Article 6 (1) (a) of the DSGVO or Article 9 (2) (a) of the DSGVO on a contract under Article 6 (1) (b) of the DSGVO/Basic Data Protection Regulation and the processing has as support the automated processes if processing is not required for the performance of a task of public interest or is carried out in the exercise of the public authority which has been conferred on the data controller.

In addition, in the exercise of the right to data transmission, in accordance with Article 20 (1) DSGVO/Basic Data Protection Regulation, the data subject is entitled to obtain the personal data to be transferred directly from a data controller to another data controller, if technically possible and if it does not harm the rights and freedoms of others.

The data subject may contact at any time an employee of Steadforce GmbH for the exercise of the right to data transmission.

g) Right to appeal

Any person affected by the processing of personal data has the right conferred by the European directives and regulatory bodies, for reasons arising from his/her particular situation, to file a complaint against the processing of personal data concerning him/her under Article 6 (1) (e) or (f) of the DSGVO/Basic Data Protection Regulation. This also applies to a profiling based on these regulations.

In the case of an appeal, Steadforce GmbH will no longer continue the processing of personal data if we can not provide compelling legitimate reasons for processing that go beyond the interests, rights and freedoms of the data subject, or the processing serves to claim, exercise or the defence of some legal rights.

If Steadforce GmbH processes personal data for direct advertising purposes, the data subject may at any time file a complaint about the processing of personal data for such purposes. This also applies to profiling if it is related to such direct advertising. If the data subject files an appeal against Steadforce GmbH the direct advertising processing, Steadforce GmbH will no longer process the personal data for these purposes.

In addition, the data subject is entitled, for reasons arising from his / her specific situation, to file a complaint against the proper processing of personal data, which is carried out at Steadforce GmbH for purposes of scientific or historical research or for statistical purposes within the meaning of Article 89 (1) DSGVO/Basic Data Protection Regulation if such processing is not necessary for the performance of a task of public interest.

In order to exercise the right to appeal, the data subject may at any time file the appeal directly to any employee of Steadforce GmbH or another employee. In addition, the data subject is free to exercise his/her right of appeal in connection with the use of the information company services, without taking account of Directive 2002/58/EU, through automated processes using technical specifications.

h) Automated decisions in particular including profiling

Any person affected by the processing of personal data has the right conferred by the European directives and regulatory bodies not to be the subject of a decision based solely on automated processing – including profiling – that produces legal effects for him/her or has a negative influence in a similar manner, as long as the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the data controller, or (2) is permitted under the legal regulations of the Union or of the Member States to which the data controller is subject and such legal provisions contain adequate measures to protect the rights and freedoms and the legitimate interest of the data subject, or (3) it is made based on the explicit consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the data controller or (2) is made based on the explicit consent of the data subject, Steadforce GmbH will take appropriate measures to protect the rights and freedoms as well as the legitimate interest of the data subject, to which it will at least belong and the right to a person’s intervention from the data controller, to present his/her own point of view and to challenge the decision.

If the data subject wishes to exercise his/her rights with respect to automated decisions, he/she may contact at any time one of the employees of the data controller for this purpose.

i) Right to withdraw the consent on data protection

Any person affected by the processing of personal data has the right conferred by the European directives and regulatory bodies to withdraw at any time their consent to the processing of personal data.

If the data subject wishes to exercise his/her right to withdraw the consent, he/she may contact at any time one of the data controller’s employees for this purpose.

10       Data protection in case of recruitment and processes of labour force recruitment

The data controller collects and processes the personal data of the candidates for the purpose of conducting the recruitment process. Processing can also be done electronically. This is particularly the case if a candidate submits the appropriate application documents to the data controller by electronic means, for example by e-mail or via a form on the web page. If the data controller concludes a contract with a candidate, the data transmitted will be saved for the purposes of the employment relationship, taking into account the legal regulations. If no employment contract is concluded between the data controller and the candidate, the application documents will be automatically deleted two months after the date of the waiver decision if the deletion is not hindered by other legitimate interests of the data controller. Another legitimate interest in this can be, for example, an obligation to produce evidence in a lawsuit based on the Law on Equal Treatment / Allgemeinen Gleichbehandlungsgesetz (AGG).

11          Data protection regulations when using Facebook

The data controller has integrated Facebook’s components into this page.

Facebook is a social network.

A social network is a social meeting place that acts on the Internet, a community that usually allows users to communicate with each other and interact in the virtual space. A social network can serve as a platform for exchanging views and experiences or allow the Internet community to publish personal or business related information. Facebook allows social network users to, among other things, create private profiles, upload photos, and integrate them into a network of friends.

The company operating Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The data controller for personal data, if the data subject lives outside the USA or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. By each viewing of the pages of this web page, which is operated by the data controller and where a Facebook component (Facebook plug-in) has been integrated, the web browser on the information technology system of the data subject will cause the download of a representation of the appropriate Facebook component. An overview of all Facebook Plug-ins can be called through https://developers.facebook.com/docs/plugins/?locale=de_DE.Within this technical process, Facebook will be aware of the actual page of our web page that has been accessed.

If a data subject has also entered Facebook at the same time (he/she is logged in), Facebook will recognise on each visit of our web page by the data subject and for as long as he/she stays on our webpage, which actual pages of our web site were visited by the data subject. This information is collected by Facebook components and associated with the data subject’s Facebook account. If the data subject clicks an integrated Facebook button on our webpage, such as the ‘I like’ button, or the data subject posts a comment, Facebook associates this information with the data subject’s personal user account and saves this personal data.

Facebook will always get through Facebook components information about the fact that the data subject visited our webpage if the data subject is also logged on Facebook at the time of opening our webpage; this happens independently from the fact that the person clicked on a Facebook component or not. If such transmission of information to Facebook is not desired by the data subject, its transmission may be impeded if, before visiting our web page, he/she leaves the Facebook account (logout).

The privacy policy published by Facebook, accessible at https://de-de.facebook.com/about/privacy/, serves information about the collecting, processing, and using personal data by Facebook. In addition, there are some ways to configure Facebook to protect the privacy of the data subject. In connection with this, there are applications that make it easier to suppress the transfer of data to Facebook. Such applications can be used by the data subject to prevent the transfer of data to Facebook.

12       Data protection policies when using Google Analytics (with anonymysation function)

The data controller has integrated Google Analytics components (with an anonymisation feature) on this page. Google Analytics is a web analytics service. Web analytics is the pick up, collection and evaluation of data on web site visitors’ behaviour. A web analytics service collects, inter alia, data about from which web site a data subject comes to on another webpage (the so-called Refferer), which pages of a web page were accessed, or how often and for how long a page has been consulted. A web analytics is primarily launched to optimise a web page and for a cost-benefit analysis of Internet advertising.

The company operating Google-Analytics components is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the phrase ‘_gat._anonymizeIp’ for the web analytics made by Google Analytics. Through this phrase, the IP address of the data subject’s Internet connection will be abridged and anonymised by Google if access to our website was made from a Member State of the European Union or another signatory State of the European Economic Area Convention.

The purpose of Google Analytics is to analyse the flow of visitors to our web page. Google uses data and information obtained, among other things, to evaluate the use of our website, to produce online reports that present the activity on our website and to provide other services related to the use of our website.

Google Analytics places a cookie on the data subject’s computer technology system. What cookies are has already been shown above. Cookie placement will allow Google to analyse the use of our web page.

By each accessing of the individual pages of this web page, which is maintained by the data controller, and in which a Google Analytics component has been integrated, the internet browser on the computer technology system of the data subject will automatically dispose, through the Google Analytics component, to transmit data to Google for online review purposes. As part of this technical process, Google will be aware of personal data such as the IP address of the data subject that serves Google, among other things, to reconstitute the visitors’ and clicks’ origin and ultimately allow the settlement of commissions.

Cookies will save personal information, such as the time of access, the place where access was made and frequency of visits to our website were made by the data subject. At each visit of our webpage, this personal data, including the IP address of the internet connection used by the data subject, will be transferred to Google in the United States of America. This personal data will be saved by Google in the United States of America.

Under certain circumstances, Google will pass on to third parties this personal data collected within the technical process.

The data subject can prevent cookies from being placed by our web site at any time, as outlined above, by properly configuring the internet browser and thereby permanently reject the placement of cookies. Such a configuration of the internet browser will also prevent Google from placing a cookie on the computer technology system of the data subject. In addition, a cookie already placed by Google Analytics can be deleted at any time via your internet browser or other software applications.

The data subject has the possibility to reject the fact that the data prepared by Google Analytics regarding the use of this webpage is processed by Google and to hinder it. To do so, the data subject must download and install a Browser-Add-On, available at the following link https://tools.google.com/dlpage/gaoptout.This Browser-Add-On informs Google Analytics through JavaScript that it is not allowed to transfer data and information about visiting web pages to Google Analytics. Installing Browser-Add-Ons will be considered by Google as a denial. If, at a later date, the computer technology system of the data subject is deleted, formatted, or reinstalled, the subject data will have to reinstall Browser-Add-Ons, disable Google Analytics. If Browser-Add-On will be uninstalled or disabled by the data subject or other person, who belongs to its sphere of influence, there is the possibility of reinstalling or re-activating Browser-Add-Ons.

Additional information and Google’s privacy policy in force can be accessed at  https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html .Google Analytics is explained exactly under the following link https://www.google.com/intl/de_de/analytics/.

13       Data protection regulations when using LinkedIn

The data controller has integrated LinkedIn Corporation’s components into this page. LinkedIn is an Internet-based social networking that allows users to connect with existing business contacts as well as create new business contacts.

LinkedIn is used by over 400 million registered people in over 200 countries.

Therefore, LinkedIn is now the largest business contact platform and one of the most visited web sites in the world.

The company operating LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. Data protection issues outside the USA fall under the competence of LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

At each access of our web page, which is provided with a LinkedIn component (LinkedIn Plug-In), these components have the browser used by the data subject to download a corresponding representation of the component from LinkedIn. For more information on LinkedIn Plug-Ins, please visit https://developer.linkedin.com/plugins.Within this technical process, LinkedIn will be aware of the actual page of our web page that has been visited by the data subject.

If a data subject has also entered LinkedIn at the same time (he/she is logged in), LinkedIn will recognise on each visit of our web page by the data subject and for as long as he/she stays on our webpage, which actual pages of our web site were visited by the data subject. This information is collected by LinkedIn components and associated with the data subject’s LinkedIn account. If the data subject clicks an integrated LinkedIn button on our webpage, LinkedIn associates this information with the data subject’s personal user account and saves this personal data.

LinkedIn will always get through LinkedIn components information about the fact that the data subject visited our webpage if the data subject is also logged on LinkedIn at the time of opening our webpage; this happens independently from the fact that the person clicked on a LinkedIn component or not. If such transmission of information to LinkedIn is not desired by the data subject, it may prevent its transmission if, before visiting our web page, he/she leaves his/her LinkedIn account (logout).

LinkedIn offers via https://www.linkedin.com/psettings/guest-controls, the possibility to unsubscribe from mail correspondence, SMS and targeted advertising as well as administering advertising settings. In addition, LinkedIn calls partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, who may place cookies. Cookies of this kind can be avoided by going to https://www.linkedin.com/legal/cookie-policy.LinkedIn’s privacy policy can be accessed via https://www.linkedin.com/legal/privacy-policy.LinkedIn’s cookie-related regulations can be accessed via  https://www.linkedin.com/legal/cookie-policy.

14       Data protection regulations when using Xing

The data controller has integrated Xing’s components into this page. Xing is an Internet-based social networking that allows users to connect with existing business contacts as well as create new business contacts. Users can create a personal profile at Xing. For example, companies can create a company profile or advertise job offers via Xing.

The company operating Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

At each access of this web page, which is maintained by the data controller and which is integrated with a Xing component (Xing Plug-In), these Xing components have the browser used from the computer technology system of the data subject to download a corresponding representation of the component from Xing. For more information on Xing-Plug-Ins, please visit https://dev.xing.com/plugins.Within this technical process, Xing will be aware of the actual page of our web page that has been visited by the data subject.

This technical process will provide information about the actual page of our web page that has been visited by the data subject.

If a data subject has also entered Xing at the same time (he/she is logged in), Xing will recognise on each visit of our web page by the data subject and for as long as he/she stays on our webpage, which actual pages of our web site were visited by the data subject. This information is collected by Xing components and associated with the data subject’s Xing account. If the data subject clicks an integrated Xing button on our webpage, Xing associates this information with the data subject’s Xing personal user account and saves this personal data.

Xing will always get through Xing components information about the fact that the data subject visited our webpage if the data subject is also logged on Xing at the time of opening our webpage; this happens independently from the fact that the person clicked on a Xing component or not. If such transmission of information to Xing is not desired by the data subject, it may prevent its transmission if, before visiting our web page, he/she leaves his/her Xing account (logout).

The privacy policy published by Xing, accessible at https://www.xing.com/privacy, will provide information about the collecting, processing, and using personal data by Xing. In addition, Xing has published a privacy policy linked to the XING-Share button at https://www.xing.com/app/share?op=data_protection.

15       Data protection regulations when using YouTube

The data controller has integrated YouTube’s components into this page. YouTube is a video portal on the Internet that allows video publishers to post freely videos, as well as other users who also receive free-of-charge treatment, evaluation, and commenting on them. YouTube allows the publishing of all types of video, so even full movies and TV shows, music videos, trailers, or video recordings made by users can be accessed on the portal.

The company operating YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

At each access of the pages of this web page, which is maintained by the data controller and which is integrated with a YouTube component (YouTube-Video), these YouTube components have the browser used from the computer technology system of the data subject to download a corresponding representation of the YouTube component from YouTube. For more information on YouTube, please visit https://www.youtube.com/yt/about/de/.Within this technical process, YouTube and Google will be aware of the actual page of our web page that has been visited by the data subject.

If a data subject has also entered YouTube at the same time (he/she is logged in), YouTube will recognise on each visit of our web page, which contains a video of YouTube, which actual pages of our web site were visited by the data subject. This information is collected by YouTube and Google and associated with the YouTube account of the data subject.

YouTube and Google will always get through YouTube components information about the fact that the data subject visited our webpage if the data subject is also logged on YouTube at the time of opening our webpage; this happens independently from the fact that the person clicked on a YouTube video or not. If such transmission of information to YouTube and Google is not desired by the data subject, it may prevent its transmission if, before visiting our web page, he/she leaves his/her YouTube account (logout).

YouTube’s Privacy Policy, accessible at https://www.google.de/intl/de/policies/privacy/, will provide information about the collection, processing and use of personal data by YouTube and Google.

16       Legal basis of processing

Article 6 I (a) of the DSGVO/Basic Data Protection Regulation serves as a legal basis for our company with regard to processing processes, for which we obtain consent for certain processing purposes. When processing personal data for the purpose of fulfilling a contract where the contract partner is the data subject, it is necessary, as for example in the processing processes necessary for the delivery of goods or the provision of services or counter services, the processing is performed under Article 6 I (b) of the DSGVO/Basic Data Protection Regulation. The same applies to such processing processes that are necessary for some pre-contractual measures, possibly in the case of calls for tender for our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as the fulfilment of tax obligations, in this case the processing is based on Article 6 I (c) DSGVO/Basic Data Protection Regulation. In isolated cases, the processing of personal data is necessary to protect the vital interest of the data subject or of another natural person. This would be the case, for example, if a visitor to our company had been injured and by that the name, age, social security data or other vital information should be communicated to a doctor, a hospital or other third parties.

In this case, the processing would be based on Article 6 I (d) DSGVO/Basic Data Protection Regulation. Finally, processing processes can be based on Article 6 I (f) of the DSGVO/Basic Data Protection Regulation. On this provision are based the processing processes that are not covered by any of the foregoing legal provisions if the processing is necessary to protect the legitimate interest of our company or of a third party as long as the interests, the fundamental rights and the fundamental freedoms of the data subject do not predominate. We are allowed such processing processes, especially because they are specifically mentioned by the European legislator. It argues in that regard that a legitimate interest could be accepted if the data subject is the data controller’s customer (Recital 47 Sentence 2 DSGVO/Basic Data Protection Regulation).

17        Legitimate interests for processing, pursued by the data controller or by a third party

If the processing of personal data is based on Article 6 I (f) DSGVO/Basic Data Protection Regulation, our legitimate interest is the conduct of our economic activity for the benefit of all our employees and shareholders.

18      The period for which personal data is saved

The criterion regarding the period of storage of personal data is the legal term of retention. After the expiration of this deadline, the data will be erased routinely if they are no longer necessary for the performance or negotiation of the contracts.

19       Legal or contractual provisions regarding the provision of personal data; Their need for concluding a contract; Obligation of the data subject to provide personal data; possible follow up if the data are not available

Please be advised that the partially provision of the personal data is a legal provision

(eg tax regulations) or may result from contractual arrangements (eg contract partner data).Sometimes it may be necessary, with a view to concluding a contract, that a data subject will provide us with personal data that we must ultimately process. The data subject is required, for example, to provide us with personal data if our company enters into a contract with him/her. If personal data is not made available to us, it could have the consequence that the contract with the data subject can not be concluded. Before the personal data is made available by the data subject, he/she will have to contact one of our employees. Our employee will inform the data subject on a case-by-case basis if the provision of personal data is a legal or contractual provision or if necessary for the conclusion of the contract, if there is an obligation to provide the personal data, and what follow up it could attract if personal data is not made available.

20    The existence of automation of decision making

As a responsible company, we give up automation of decision-making or profiling.