1. Data protection at a glance

General information

Below you will find a simple overview of what happens to your personal data when you visit this website. Personal data includes all the data that allows you to be identified personally. You can find extensive information on data protection in the detailed data privacy statement below.

Data collection on this website

Who is responsible for data collection on this website?

Data is processed on this website by the website operator. You can find their contact details in the section on “Information on the responsible authority” in the data privacy statement.

How do we collect your data?

Some of the data we collect is the data you provide us with. This can, for example, be data you provide in a contact form (not currently available on this website).
Other data is collected automatically by our IT systems or with your consent when you visit the website. This is mainly technical data (e.g. web browser, operating system or time of visit to the website). This data is collected automatically as soon as you enter this website.

How will we use your data?

Some of the data is collected to ensure that the website runs smoothly. Other data can be used to analyse your user behaviour.

What are your data protection rights?

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have provided your consent to the processing of your data, you can revoke this consent at any time in the future. You also have the right, in certain circumstances, to request that the processing of your personal data is restricted. Furthermore, you have the right to appeal to the relevant regulatory authorities.

If you wish to do so, or if you have any other questions on data protection, please feel free to contact us at any time.

2. Hosting and Content Delivery Networks (CDN)

External hosting

This website is hosted by an external service provider (host). The personal data collected on this website is saved on the host’s servers. This may include, but is not limited to, IP addresses, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website.

The host is used for the purposes of fulfilling our contractual obligations to our potential and existing contractual partners (article 6, section 1(b) GDPR), and in the interest of the secure, rapid and efficient provision of our online offer by a professional provider (article 6, section 1(f) GDPR).

Our host will only process your data if this is necessary for the fulfilment of their services and will comply with our instructions relating to this data.

We use the following host:

ALL-INKL.COM - Neue Medien Münnich
Owner: René Münnich
Hauptstraße 68
02742 Friedersdorf
Germany

Signing of an agreement on order processing

We have signed an agreement on order processing with our host in order to guarantee that processing complies with data protection regulations.

3. General and mandatory information

Data protection

The operators of this website take the protection of your personal data very seriously. We handle your personal data confidentially and comply with data protection regulations and this data privacy statement.

Various personal data is collected when you use this website. Personal data includes the data that allows you to be identified personally. This data privacy statement explains which data is collected and what it is used for. It also explains how and for what purpose the data is collected.

We would like to point out that there may be gaps in security when transferring data on the internet (e.g. when communicating by email). It is not possible to guarantee the complete protection of data from access by third parties.

Note on responsible authorities

The authority responsible for processing data on this website is:

German Foundation for International Legal Cooperation (Deutsche Stiftung für Internationale Rechtliche Zusammenarbeit e.V. or IRZ)
Ubierstraße 92
D - 53173 Bonn
Germany
Phone: + 49 228 / 95550
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

The responsible authority is the natural or legal person, who, either alone or with others, determines the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Storage period

If no storage period has been specified in this privacy statement, your personal data will be stored until it is no longer required for data processing. If you make a legitimate claim for the data to be deleted or revoke your consent to data processing, your data will be erased, provided that we do not have any other legitimate reason to store your personal data (e.g. tax and commercial law retention periods); if this is the case, your data will be deleted once these reasons cease to apply.
Statutory data protection officer

We have appointed a data protection officer for our company.

b-pi sec GmbH
Frankfurter Str. 2
65549 Limburg an der Lahn
Germany
Phone: +49 6431 902 910
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Note on the transfer of data to the USA and other third party countries

Our website includes tools provided by companies based in the USA or in other third party countries where data protection may not be guaranteed by law. When these tools are activated, your personal data may be transferred to these other countries and processed there. We would like to point out that the level of data protection in these countries is not guaranteed to be comparable to that of the EU. US companies, for example, are required by law to hand over personal data to security services and, as the person concerned, you have no right to take legal action against this. It cannot be ruled out, therefore, that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on this kind of processing.

Revoking your consent to the processing of data

Many data processing procedures are only possible with your express consent. You can revoke your consent at any time. The legality of any data processing that has taken place before the withdrawal of consent shall remain unaffected from this withdrawal.

Right to object to the collection of data in specific cases and to direct marketing (article 21 GDPR)

If the data processing takes place based on article 6, section 1(e) or (f) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data; this also applies to profiling based on those provisions. The legal basis for processing is outlined in this privacy statement. If you file an objection, your personal data will no longer be processed, unless we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms, or if the processing is for the establishment, exercise or defence of legal claims (right to object according to article 21, section 1 GDPR).

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to any profiling that is related to such direct marketing. If you object, your personal data shall no longer be processed for direct marketing purposes (right to object according to article 21 section 2 GDPR).

Right to complain to the relevant supervisory authority

In the event of violations of the GDPR, the persons concerned shall have the right to appeal to a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged breach. The right to lodge a complaint shall be without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data, which we process automatically based on your consent or the fulfilment of a contract, transferred to you or to a third party in a commonly used and machine-readable format. If you request the direct transfer of data to another responsible party, this will only take place where it is technically feasible.

SSL or TLS encryption

This website uses SLL or TLS encryption for security purposes and to protect the transfer of confidential information, such as orders or requests, which you send to us as the website operator. You can see it is an encrypted connection when the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser bar.

When SSL or TLS encryption is activated, the data you transfer to us cannot be read by any third parties.

Disclosure, erasure and rectification

Within the framework of applicable legal provisions, you have the right to obtain information, free of charge, about your stored personal data, its origins and recipients, and about the purposes of data processing at any time; you also have the right to request the rectification or erasure of this data. If you wish to do so, or if you have any other questions on personal data, please feel free to contact us at any time.

Right to restriction of processing

You have the right to request that the processing of your personal data is restricted. You can contact us at any time if you wish to do so. The right to restriction of processing exists in the following cases:

  • If you contest the accuracy of the personal data saved by us, we generally need time to verify this. You have the right to request that the processing of your personal data is restricted for the duration of the verification period.
  • If the processing is/was unlawful, you can request the restriction of data processing instead of the erasure of the personal data.
  • If we no longer need the personal data, but you need the data for the establishment, exercise or defence of legal claims, you have the right to request the restriction of the processing of your personal data instead of its deletion.
  • If you have lodged an objection pursuant to article 21, section 1 GDPR, the balance of interests must be carefully considered. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a member state.

4. Data collection on this website

Cookies

Our website uses cookies. Cookies are small pieces of data, which do not cause any harm to your terminal device. They are stored either for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies are stored on your terminal device until you delete them yourself or they are automatically deleted by your internet browser.

Some cookies can also be stored on your terminal device by third parties when you use our website (third party cookies). These allow us or you to use certain services provided by third parties (e.g. cookies used to process payment services).

Cookies have various functions. Many cookies are technically necessary, since some website functions cannot operate without them (e.g. shopping basket function or playing videos). Other cookies are for assessing user behaviour or showing adverts.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies for audience measurement) are stored on the basis of article 6, section 1(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies in order to ensure its services are optimised and free of any technical errors. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (article 6, section 1(a) GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be limited.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this data privacy statement and, if necessary, request your consent.

Cookie consent with EU cookies from the provider Veritas Data GmbH

Our website uses the cookie consent technology of Veritas Data GmbH to obtain your consent to the storage of certain cookies in your browser and to document this in compliance with data protection regulations. The provider of this technology is VERITAS DATA GmbH, Fasanenweg 27, 64753 Brombachtal, (hereinafter VERITAS).

When you enter our website, a VERITAS cookie is stored in your browser, which stores any consent you may have given or any withdrawal of this consent. This data will not be passed on to the VERITAS provider.

The collected data will be stored until you request its deletion or until you delete the VERITAS cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods shall remain unaffected.

The VERITAS cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6, section 1(c) GDPR.

Server log files

The website provider automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The collection of this data is based on article 6 section 1(f) GDPR. The website operator has a legitimate interest in the faultless presentation and optimisation of its website - for this purpose, the server log files must be recorded.

Requests by email, phone or fax

If you contact us by email, phone or fax, your enquiry and all your personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

The processing of this data is based on article 6, section 1(b) GDPR, insofar as your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interests in the effective handling of the enquiries addressed to us (article 6, section 1(f) GDPR) or on your consent (article 6, section 1(a) GDPR) if this has been requested.

The data you send to us via contact requests will be stored until you ask us to delete it, revoke your consent to store it or until the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory statutory provisions - particularly statutory retention periods - shall remain unaffected.

5. Audio and video conferences

Data processing

Among other things, we use online conferencing tools to communicate with our clients. The software we use is listed below. If you communicate with us via online video or audio conferencing, your personal data will be collected and processed by us and by the provider of the relevant conferencing software.

The conferencing software collects all the data you provide/enter to use the system (e-mail address and/or your telephone number). The conferencing software also processes the duration of the conference, start and end (time) of participation in the conference, number of participants and other "contextual information" related to the communication process (metadata).

Furthermore, the software provider processes all technical data required for online communications. This includes IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded or otherwise made available within the software, this is also stored on the service provider’s servers. Such content includes, but is not limited to, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. For further information on data processing by conferencing software, please refer to the data privacy statements of the respective software used, which we have listed below this text.

Purpose and legal basis

Conferencing software is used to communicate with prospective or existing contractual partners or to offer certain services to our customers (article 6 section 1(b) GDPR). Use of the software also helps to simplify and accelerate communication with us or the IRZ (legitimate interest in accordance with article 6, section 1(f) GDPR). Insofar as consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.

Storage period

The data collected directly by us via the video and conferencing software will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or if the purpose for storing the data no longer applies. Stored cookies shall remain on your terminal device until you delete them. Mandatory statutory retention periods shall remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conferencing software for their own purposes. For details, please contact the operators of the conferencing software directly.

Conferencing software used

We use the following conferencing software: Webex

We use Webex. This service is provided by Webex Communications Deutschland GmbH, Hansaallee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany.
It cannot be ruled out that the data processed with WebEx will be transferred to third countries (e.g. the USA). Webex has Binding Corporate Rules (BCR) approved by Dutch, Polish, Spanish and other relevant European data protection regulators. These are binding internal company regulations that legitimise the internal transfer of data to third countries outside the EU and the EEA. You can find the details here: https://www.cisco.com/c/de_de/about/trust-center/data-protection-and-privacy-policy.html and https://konferenzen.telekom.de/fileadmin/Redaktion/conference/cisco-webex/Webex_Compliance_Deutsch_V1.0.pdf.
You can find details on data processing on the privacy statement for Webex: https://www.cisco.com/c/de_de/about/legal/privacy-full.html.

6. Own services

Handling of applicant data

We offer you the opportunity to apply to us (e.g. by email, post or using our online application form). The following information tells you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection laws and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

If you send us an application, we shall process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent that this is necessary to decide on the establishment of an employment relationship. The legal basis for this is article 26 BDSG-neu (new version of the German Federal Data Protection Act) under German law (initiation of an employment relationship), article 6 section 1(b) GDPR (general contract negotiation) and – if you have given your consent – article 6 section 1(a) GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of article 26 BDSG-neu and article 6 section 1(b) GDPR for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (article 6 section 1(f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data shall then be deleted, and the physical application documents destroyed. This storage may in particular be useful as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data shall only be deleted when the purpose for continued storage no longer applies.

Longer storage may also take place if you have given your consent (article 6 section 1(a) GDPR) or if legal storage obligations prevent deletion.

Admission to the applicant pool

If we do not make you a job offer, we may be able to include you in our pool of applicants. If you accept, all documents and details from the application shall be transferred to the applicant pool so that we can contact you if there are any suitable vacancies.

Inclusion in the applicant pool is based exclusively on your express consent (article 6 section 1(a) GDPR). The provision of consent is voluntary and is not related in any way to the current application process. The person concerned may revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.