Any collection, use, storage, deletion or other use (hereinafter "processing") of data serves exclusively to provide our services. Rigilog's services have been designed with the aim of using as little personal data as possible. In this context, "personal data" (hereinafter also referred to as "data") is understood to mean all individual details about the personal or factual circumstances of an identified or identifiable natural person (so-called "data subject").
The following information on data protection describes which types of personal data are processed when you visit our website, what happens to this personal data and how you can object to data processing if necessary.
- General information on data processing on this website
1. Person responsible
The controller within the meaning of the EU General Data Protection Regulation (GDPR) is
Rigilog GmbH
Address: Franz-Klühs-Strasse 7
10969 Berlin
Telephone: +(49)03084111807
E-Mail: info@rigilog.com
Homepage: https://www.rigilog.com
-
- Data protection officer
The data protection officer is:
Kemal Webersohn from WS Datenschutz GmbH
If you have any questions about data protection, you can contact WS Datenschutz GmbH at the following e-mail address: rigilog@ws-datenschutz.de
WS Datenschutz GmbH
- Data protection -
Dircksenstraße 51
10178 Berlin
https://ws-datenschutz.de
-
- Protection of your data
We have taken technical and organizational measures to ensure that the provisions of the GDPR are observed both by us and by external service providers who work for us.
If we work with other companies, such as email and server providers, to provide our services, this is only done after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in connection with technical and organizational skills in data protection. This selection process is documented in writing and a contract pursuant to Art. 28 para. 3 GDPR on the processing of personal data on behalf of the controller (data processing contract) is only concluded if it meets the requirements of Art. 28 GDPR.
Your data is stored on specially protected servers. Access to it is only possible for a few specially authorized persons.
Our website is SSL/TLS encrypted, which you can recognize by the "https://" at the beginning of the URL.
-
- Deletion of personal data
We only process personal data for as long as is necessary. As soon as the purpose of the data processing has been fulfilled, the data is blocked and erased in accordance with the standards of the erasure concept here, unless this is contrary to statutory provisions.
- Data processing on this website and creation of log files
- Description and scope of data processing
When you visit our website, our web servers temporarily store every access in a log file. The following personal data is recorded and stored until it is automatically deleted:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which the access is made
- Name of your Internet access provider
In addition to this personal data, further personal data may be collected by us and our partners, more on this below
-
- Legal basis for data processing
This data is processed on the basis of Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest is based on making our website accessible to you.
-
- Purpose of data processing
Data processing is carried out for the purpose of enabling the use of the website (connection establishment). It is used for system security, technical administration of the network infrastructure and optimization of the website. The IP address is only analyzed in the event of attacks on our network infrastructure or the network infrastructure of our Internet provider.
-
- Duration of data storage
-
- Possibility of removal by the data subject
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.
- Use of cookies[AT1]
- Description and scope of data processing
Our website uses cookies. These are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk, assigned to the browser you are using, and through which certain information flows to us or the body that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer. They are used by us to analyze the use of our website in anonymized or pseudonymized form and to present you with interesting offers on this website. Various data can be transmitted in this way:
- Frequency of website visits
- Which functions of the website are used by you
- Search terms used
- Your cookie settings
- Your shopping cart contents
When you access the website, a cookie banner informs you about the use of cookies and refers you to the privacy policy:
"This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and to enable us to remember you. We use this information to improve and customize your browsing experience and to perform analytics and metrics about our visitors both on this website and in other media. You can find more information about the cookies we use in our Data Protection .
If you opt out, your information will not be collected when you visit this website. A single cookie is used in your browser to remember that you do not want to be tracked.
-
- Legal basis for data processing
The legal basis for the processing of data by cookies that do not solely serve the functionality of our website is Art. 6 para. 1 sentence 1 lit. a) GDPR.
The legal basis for the data processing for cookies that are used solely for the functionality of this website is Art. 6 para. 1 sentence 1 lit. f) GDPR.
-
- Purpose of data processing
Our legitimate interest arises from ensuring a smooth connection setup and convenient use of our website as well as for reasons of evaluating system security and stability.
Data processing also takes place in order to enable a statistical evaluation of website usage.
-
- Duration of data storage
There are two types of cookies. Both are used on this website:
- Transient cookies (see a)
Persistent cookies (see b)
a) Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
b) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.
-
- Possibility of removal by the data subject
You have the option to revoke your consent to data processing by cookies, which are not solely used for the functionality of the website, at any time. In addition, we only set cookies after you have consented to the setting of cookies when you access the site. In this way, you can prevent data processing via cookies on our website. You can also delete cookies in the security settings of your browser at any time. We would like to point out that you may not be able to use all the functions of this website. You can also prevent the setting of cookies at any time by making the appropriate settings in your Internet browser.
- Contact us
Via our website it is possible to contact us by e-mail (sales@rigilog.com/support@rigilog.com) or a contact form to get in touch with us. For this purpose, various data are required to answer the request, which are automatically stored for processing. The following data is collected as a minimum (marked as a mandatory field) as part of the contact form:
- First name
- Last name
- e-mail address
- Your message
Confirmation of acknowledgement of the privacy policy
You can voluntarily provide the following information:
- Telephone number
- Subject
Your data will not be passed on to third parties.
-
- Legal basis for data processing
The legal basis used here is Art. 6 para. 1 sentence 1 lit. b) GDPR.
-
- Purpose of data processing
We process your data exclusively in order to process your contact request.
-
- Duration of data storage
Your data will be deleted as soon as the purpose of the data processing has been achieved. In rare cases, however, we may store your data for a longer period of time. This may result from legal or contractual obligations.
-
- Possibility of removal by the data subject
You can contact us at any time and object to further processing of your data. In this case, we will unfortunately not be able to continue communicating with you. All personal data processed by us in the course of contacting you will be deleted in this case, unless there are legal obligations to retain your data that prevent deletion.
- Data processing in the context of applications
- Description and scope of data processing
It is possible to apply via our website using an application form and/or via e-mail to info@rigilog.com or via the application tool www.smartrecruiters.com to apply for a job. For this purpose, personal data is processed and stored for further processing for the respective application procedure.
If an application form is used, we collect the following data:
- First name
- Last name
- E-mail address
You can also provide the following information voluntarily:
- Location
- Phone Number
- Work experience
- Educational background
- Internet presence (e.g. LinkedIn or Xing account)
- Curriculum vitae and cover letter
- Legal basis for data processing
The legal basis for data processing is Art. 88 GDPR and Section 26 BDSG (2018).
-
- Purpose of data processing
We process your data exclusively for the purpose of carrying out the application process.
-
- Duration of data storage
If the application leads to an employment relationship, the personal data will be stored accordingly in compliance with the statutory provisions. If the applicant's application is not considered in the selection of a potential candidate, it will be deleted in accordance with the rules of the deletion concept here, taking into account the provisions of the AGG, in particular the existing burden of proof under Section 22 AGG.
This does not apply if statutory provisions prevent deletion or if you have given your consent to longer storage. In this case, the further storage of your personal data takes place on the basis of Art. 6 para. 1 sentence 1 lit. c) or lit. a) GDPR.
-
- Possibility of removal by the data subject
You can contact us at any time and object to further processing of your data. All personal data processed by us in the course of the application process will be deleted in this case, unless there are mandatory legal provisions to the contrary.
-
- Smart Recruiters
The applicant portal we use is provided by the HR operating system Smart Recruiters. The data processing is carried out by:
Smart Recruiters, Inc, 225 Bush Street #300, San Francisco CA 94104, USA.
The jobs advertised on our site contain a link that leads directly to the Smart Recruiters applicant portal. Smart Recruiters uses persistent and transient cookies with your consent to recognize the individual user and statistically evaluate the individual job offers when the page associated with the job offer is accessed. However, Smart Recruiters is the data controller for this. You can find the relevant information on the Smart Recruiters website.
Note on data processing in the USA:
By clicking on the job link, you will be taken to the Smart Recruiters website. It is possible that your data will subsequently be processed in the USA. According to the ECJ, the data protection standard in the USA is inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without any legal recourse. If you do not click on the link to the application portal and contact us by email, the transmission by Smart Recruiters will not take place.
We trust in the reliability and IT and data security of Smart6 Recruiters. Further information on data protection at Smart Recruiters can be found at
https://www.smartrecruiters.com/de/legal/general-privacy-policy/
-
-
- Legal basis for data processing
-
Data processing by Smart Recruiters is based on our legitimate interest in a user-friendly, centralized provision of an applicant platform on our website. Hereby we fulfill the requirements of Art. 6 para. 1 sentence 1 lit. f) GDPR.[AT2]
-
-
- Purpose of data processing
-
We use Smart Recruiters as a service provider to ensure effective management of applications.
-
-
- Duration of data storage
-
The cookies set by Smart Recruiters lose their validity after two years at the latest. For applications that we receive via the Smart Recruiters application form, the principles set out in 6.4. apply.
-
-
- Possibility of removal by the data subject
-
In addition to the option to object, you can delete cookies in the security settings of your browser at any time. We would like to point out that you may not be able to use all the functions of this website. You can also prevent cookies from being set at any time by making the appropriate settings in your Internet browser.
- Newsletter
- Description and scope of data processing
We offer the option of subscribing to our newsletter on our website. When you subscribe to the newsletter, you will be asked to provide personal data for processing. This is the data that is requested in the newsletter input mask. Input fields marked with an "*" are mandatory fields:
- First name
- Last name
- e-mail address
- Salutation
You can also provide the following information voluntarily:
- Company
These mandatory fields are required in order to send the newsletter to the data subject. All other fields are to be completed voluntarily by the data subject, whereby it is expressly pointed out that these fields do not contain any mandatory information. The newsletter is sent by email. You will only receive the newsletter after registering for the newsletter.
In order to meet the requirements of the GDPR, we use the so-called DOI procedure ("double opt-in"). If the data subject registers for our newsletter, he or she will receive a confirmation email to the electronic mailbox specified by him or her in the input field. This e-mail contains a confirmation link which the data subject must click on. After this procedure, the data subject is successfully registered for the newsletter. The IP address, date and time of registration are stored in order to carry out the procedure. This is to prevent misuse. The data is not passed on to third parties.
-
- Legal basis for data processing
The legal basis is based on Art. 6 para. 1 sentence 1 lit. a) GDPR. We may send newsletters to existing customers who have not given their explicit consent. However, this only takes place within the narrow limits of Section 7 para. 3 UWG, which in the light of Art. 95 GDPR is to be understood as a mirror image of Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest is to inform our existing customers about our products through promotional emails and thus maintain contact with these customers.
-
- Purpose of data processing
The newsletter has the function of informing the data subject at regular intervals about offers and news from us.
-
- Duration of data storage
We only process your data for as long as this is necessary to fulfill the purpose and no legal or official retention obligations prevent deletion.
-
- Possibility of removal by the data subject
Consent to the processing of personal data as part of the newsletter subscription can be withdrawn at any time. To do so, the data subject can click on the unsubscribe link integrated in every newsletter or inform us of the withdrawal of consent in another way.
-
- Shipping service provider Hubspot
- Description and scope of data processing
- Shipping service provider Hubspot
The newsletter is sent using "HubSpot", an online marketing platform. The data processing is carried out by: HubSpot, Inc, 25 First Street Cambridge, MA 02141, USA.
The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on HubSpot's servers in the USA.
Note on data processing in the USA:
By subscribing to the newsletter, you consent to your data being processed by our shipping service provider HubSpot in the USA in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. According to the ECJ, the data protection standard in the USA is inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without the possibility of legal recourse. Any consent given can be revoked at any time.
HubSpot uses this information to send and analyze the newsletter on our behalf. HubSpot does not use the data of our newsletter recipients and does not pass it on to third parties. However, HubSpot does statistically record when, how and with what frequency our newsletters are opened by individual users. We trust in the reliability and IT and data security of HubSpot. Further information on data protection at HubSpot can be found at https://legal.hubspot.com/en/terms-of-service
-
-
- Legal basis for data processingLegal basis for data processing
-
HubSpot processes your data based on your consent in accordance with Art. 6 (1) sentence 1 lit. a) GDPR.[AT3]
-
-
- Purpose of data processing
-
We use HubSpot as our shipping service provider to ensure effective address management and to stay in touch with you via the newsletter.
-
-
- Duration of data storage
-
According to HubSpot, HubSpot only stores your personal data for as long as we use your personal data to send newsletters. HubSpot deletes your data if we delete you from our address database or delete our account there after a period of 30 days.
-
-
- Possibility of removal by the person concerned
-
You have the right to revoke your consent at any time. To do so, please contact our data protection officer. In this case, however, we will no longer be able to send you the newsletter. You can also use the "opt-out" link at the end of each email at any time, which will result in us deleting your email address from our address files, which is why HubSpot will then no longer process your personal data. However, this has no effect on address files that HubSpot manages on behalf of other clients..
- Social media on our website
We have integrated social media platforms on our website via links, which may result in the social media providers receiving data from you. We will break this down for you in detail below.
-
- Facebook
- Description and scope of data processing
- Facebook
We have linked to Facebook on this website. The data processing is carried out by: Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.
If a data subject lives outside the USA or Canada and Facebook carries out the data processing, the controller is:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland.
If you click on the Facebook link, the Facebook website will be opened.
Note on data processing in the USA by Facebook:
By clicking on the Facebook link, you will be taken to the Facebook website. It is possible that your data will then be processed in the USA. The European Court of Justice considers the data protection standard in the USA to be inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without any legal recourse. If you do not click on the Facebook link, Facebook will not process your data.
When you access the Facebook website via our website, the relevant reference data is transmitted to Facebook. Facebook is then informed that you have visited our website. For further information on data protection at Facebook, please refer to the Facebook data policy below:https://de-de.facebook.com/about/privacy/
-
-
- Legal basis for data processing
-
Die Rechtsgrundlage beruht auf Art. 6 Abs. 1 S.1 lit. f) DSGVO. Unser berechtigtes Interesse ergibt sich aus der werbenden Funktion von sozialen Medien. Wir nutzen diese, um den Bekanntheitsgrad unseres Unternehmens zu steigern.
-
-
- Purpose of data processing
-
We use social media to make our company better known. We would also like to give you the opportunity to become aware of our social media presence via our website.
-
-
- Duration of data storage
-
According to Facebook, it stores your data for a period of 90 days. After the 90 days, the data is anonymized so that it can no longer be associated with you.
-
-
- Possibility of removal by the person concerned
-
You have the option to object to data processing. The data protection officer of Facebook can be reached via the following linked contact form: https://www.facebook.com/help/contact/540977946302970
Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings or via the US or EU Facebook page. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.
-
- LinkedIn
- Description and scope of data processing
- LinkedIn
We have linked components of LinkedIn on our website. The data processing is carried out by: LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA.
If you live outside the USA or Canada and LinkedIn carries out the data processing, the responsible party is:
LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Irland.
If you click on the LinkedIn link, the LinkedIn website will be opened.
Note on data processing in the USA by LinkedIn:
By clicking on the LinkedIn link, you will be taken to the LinkedIn website. It is possible that your data will then be processed in the USA. The European Court of Justice considers the data protection standard in the USA to be inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without any legal recourse. If you do not click on the LinkedIn link, LinkedIn will not process your data.
By accessing the website of LinkedIn We transmit the relevant reference data to LinkedIn via our website. LinkedIn therefore receives the information that you have visited our website. For further information on data protection at LinkedIn, please refer to LinkedIn's privacy policy below: https://www.linkedin.com/legal/privacy-policy
-
-
- Legal basis for data processing
-
The legal basis is Art. 6 Paragraph 1 Clause 1 Letter f) GDPR. Our legitimate interest arises from the advertising function of social media. We use these to increase the awareness of our company.
-
-
- Purpose of data processing
-
We use social media to make our company better known. We would also like to give you the opportunity to become aware of our social media presence via our website.
-
-
- Duration of data storage
-
According to LinkedIn, all personal data will be deleted from the service if you delete your account on the service. Some data may be stored for longer. However, this data will only be processed in anonymized or aggregated form.
-
-
- Possibility of removal by the person concerned
-
You have the option to object to data processing at any time. You can contact LinkedIn's data protection officer via the following linked contact form: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
Further settings and objections to the use of data for advertising purposes are possible within the LinkedIn profile settings or via the US or EU LinkedIn site. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.
-
- Xing
- Description and scope of data processing
- Xing
We have linked components of XING on its website. The data processing is carried out by: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
If you click on the XING-If you click on the link, the XING website will be opened. When you access the XING website via our website, the relevant reference data is transmitted to XING. XING is then informed that you have visited our website. For further information on data protection at XING, please refer to the XING data protection policy below. This can be found at: https://www.xing.com/privacy und https://www.xing.com/app/share?op=data_protection
-
-
- Legal basis for data processing
-
The legal basis is Art. 6 Paragraph 1 Clause 1 Letter f) GDPR. Our legitimate interest arises from the advertising function of social media. We use these to increase the awareness of our company.
-
-
- Purpose of data processing
-
We use social media to make our company better known. We would also like to give you the opportunity to become aware of our social media presence via our website.
-
-
- Duration of data storage
-
According to its own information, Xing deletes all data concerning you as soon as you delete your user account or the purpose of the data processing has been achieved and there are no legal, official or contractual regulations that prevent deletion.
-
-
- Possibility of removal by the person concerned
-
You can object to data storage on the basis of legitimate interest.Data protection officer of XINGcan be reached via the following email address:Datenschutzbeauftragter@xing.com
Further settings and objections to the use of data for advertising purposes are possible within the XING profile settings. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
- Trackers and analysis tools
We use the following analysis tools to continually improve our website offering. Below you will find out which data is processed and how you can contact the respective service providers:
-
- Google Analytics
- Description and scope of data processing
- Google Analytics
Our website uses Google Analytics. This is a service for analyzing access to websites of Google LLC (“Google”) and enables us to improve our website. Data processing for the European Economic Area and Switzerland is carried out by:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.
Cookies enable us to analyse your use of our website. The information collected by a cookie is:
- IP Address,
- Access time,
- Access duration
and are transferred to a Google server in the USA and stored there. The evaluation of your activities on our website is sent to us in the form of reports. Google may pass the information collected on to third parties if this is required by law or if third parties process this data on behalf of Google. The Google tracking codes on our website use the "_anonymizeIp()" function, so IP addresses are only processed in abbreviated form in order to exclude any possible direct personal reference to you.https://www.google.de/intl/de/policies/ and underhttp://www.google.com/analytics/terms/de.html You can find more information about the terms of use and privacy policy of Google Analytics.
-
-
- Legal basis for data processing
-
The legal basis for the processing of personal data is Art. 6 Para. 1 Clause 1 Letter a) GDPR.
-
-
- Purpose of data processing
-
The processing of your personal data enables us to analyse your surfing behaviour. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. By anonymising the IP address, the user's interest in the protection of their personal data is sufficiently taken into account.
-
-
- Duration of data storage
-
The data will be deleted 14 / 26 / 38 / 50 months after your [last] visit to our website.[AT4]
-
-
- Beseitigungsmöglichkeit durch die betroffene Person
-
You have the option of revoking your consent at any time by notifying our data protection officer. You can also prevent the installation of cookies from Google Analytics by setting your browser software accordingly. In this case, however, it may happen that you cannot use all the functions of our website to their full extent. Browser extensions, e.g. http://tools.google.com/dlpage/gaoptout?hl=de Google Analytics can be deactivated and controlled.
- Other third-party tools
We also use third-party providers to help us with page display and website functionality. These are listed below:
-
- Font Awesome
- Description and scope of data processing
- Font Awesome
Description and scope of data processingOur website uses so-called web fonts from Font Awesome for the uniform display of certain fonts. When you visit our pages, your browser downloads the required fonts directly from Font Awesome so that they can be displayed correctly on your device. Your browser establishes a connection to Adobe's servers in the USA. This allows Font Awesome to know that our website was accessed via your IP address. According to Font Awesome, no cookies are stored when the fonts are provided. The data processing is carried out by:
Fonticons, Inc., 307 S. Main St., Suite 202 Bentonville, AR, 72712, USA
Font Awesome says it respects data protection rights under Regulation (EU) 2016/679, the European Union's General Data Protection Regulation (GDPR). Fonticons' terms of use can be found at https://fontawesome.com/tosand the privacy policy at: https://fontawesome.com/privacy
-
-
- Legal basis for data processing
-
The legal basis for data processing is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) GDPR.
-
-
- Purpose of data processing
-
The purpose of the data processing is the uniform presentation of the fonts on our website.
-
-
- Duration of data storage
-
According to their information, the data will only be stored for as long as it is necessary for the purpose of data processing and there are no legal, contractual or official regulations that prevent deletion.
-
-
- Possibility of removal by the person concerned
-
You have the option to revoke your consent at any time by notifying our data protection officer. You can also set your browser so that the fonts are not loaded from the Font Awesome servers. If your browser does not support the fonts or you prevent access to the Font Awesome servers, the text will be displayed in the system's standard font. If you have any questions about data protection at Font Awesome, please contact Font Awesome at:privacy@fontawesome.com
-
- Google Maps
- Description and scope of data processing
- Google Maps
This website uses the Google Maps product from Google LLC. Data processing for the European Economic Area and Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit a page, your browser loads the required geo-information into your browser cache in order to display the map correctly. For this purpose, the browser you use must connect to Google's servers. This allows Google to know that our website was accessed via your IP address and which map was displayed. The terms of use for Google Maps can be found at https://www.google.com/intl/de_de/help/terms_maps.html
-
-
- Legal basis for data processingg
-
The legal basis for data processing is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) GDPR.
-
-
- Purpose of data processing
-
Using Google Maps makes it easier for you to find our location and to interact with it in various ways, e.g. by planning routes.
-
-
- Duration of data storage
-
The data will be deleted as soon as it is no longer required for the purpose of data processing, unless legal, contractual or official regulations prevent deletion.
-
-
- Possibility of removal by the person concerned
-
You have the option to revoke your previously granted consent at any time by notifying our data protection officer. The data processing is necessary in order to be able to display the location information on our website..
-
- Mittwald
- Description and scope of data processing
- Mittwald
Our website is hosted by the provider Mittwald. The purpose of this hosting is to provide server capacity to make the website available to you on the Internet. When you access our website, data, in particular your IP address, is stored and processed for technical reasons. The Mittwald data center is located in Germany. The data processing is carried out by:
Mittwald CM Service GmbH & Co. KG, Königsberger Strasse 4-6 32339 Espelkamp, Germany.
For further information please see Mittwald’s privacy policy athttps://www.mittwald.de/faq/service-informationen/faq/datenschutz-alles-wichtige-zur-dsgvo.
-
-
- Legal basis for data processing
-
This data is processed on the basis of Art. 6 Paragraph 1 Clause 1 Letter f) GDPR. Our legitimate interest is to make our website accessible to you.
-
-
- Purpose of data processing
-
Data processing is necessary to make the website accessible on the Internet and is carried out for the purpose of enabling the use of the website (establishing a connection). It serves to ensure system security, the technical administration of the network infrastructure and the optimization of the Internet offering.
-
-
- Duration of data storage
-
The data will be deleted after 60 days at the latest. However, the data will be deleted at the latest in the event of termination by us with the hosting provider. This only applies if there are no legal, official or contractual regulations that prevent deletion.
-
-
- Possibility of removal by the person concerned
-
In addition to the right to information, you also have the right to rectification of the personal data stored about you, the right to erasure, the right to blocking and the right to transfer your data. If you would like to exercise one of these rights, you can contact Mittwald's data protection officer: Andreas Durnio, Königsberger Straße 4-6, 32339 Espelkamp, telephone: +49-5772-293-100, fax: +49-5772-293-333, email:datenschutz@mittwald.de
- Datentransfer in ein Drittland
Adequate level of protection: The provider comes from a country whose adequate level of data protection has been recognized by the EU Commission. For more information, see: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
EU standard contractual clauses: Our provider has submitted to the EU standard contractual clauses to ensure secure data transfer. You can find more information at: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF
Binding Corporate Rules: Article 47 of the GDPR provides for the possibility of ensuring data protection when transferring data to a third country through binding internal data protection rules. These are checked and approved by the responsible supervisory authorities as part of the coherence procedure according to Article 63 of the GDPR. You can find more information about this here:
Consent: In addition, data will only be transferred to a third country without an adequate level of protection if you have given us your consent in accordance with Article 49 paragraph 1 letter a) of the GDPR.
- Your rights
You have the following rights with regard to the personal data concerning you:
-
- Right to withdraw consent (see Art. 7 GDPR)
If you have given your consent to the processing of your data, you can withdraw it at any time. Such a withdrawal affects the admissibility of the processing of your personal data for the future after you have given it to us. It can be sent to us verbally (by telephone) or in writing by post or email.
-
- Right to information (see Art. 15 GDPR)
In the event of a request for information, you must provide sufficient information about your identity and provide proof that the information is yours. The information concerns the following information:
- the purposes for which the personal data are processed;
- the categories of personal data that are processed;
- the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
- the planned duration of storage of the personal data concerning you or, if specific information is not possible, criteria for determining the storage period;
- the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
- the existence of a right to lodge a complaint with a Supervisory authority;
- all available information about the origin of the data if the personal data are not collected from the data subject;
- the existence of automated decision-making, including profiling, in accordance with Art. 22 Para. 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved, as well as the scope and intended effects of such processing for the data subject.
- Right to rectification or erasure (cf. Art. 16, 17 GDPR)
You have the right to have your personal data rectified and/or completed by us as the controller if the personal data concerning you that are processed are incorrect or incomplete. The controller must carry out the rectification immediately.
You can also request the deletion of the personal data concerning you if one of the following reasons applies to you:
- The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing was based in accordance with Art. 6 Para. 1 Clause 1 Letter a) or Art. 9 Para. 2 Letter a) of the GDPR, and there is no other legal basis for the processing.
- You object to the processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 Para. 2 GDPR.
- The personal data concerning you were processed unlawfully.
- The deletion of the personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
- The personal data concerning you were collected in relation to information society services offered in accordance with Art. 8 Para. 1 GDPR.
If we have made the personal data concerning you public and are obliged to delete it in accordance with Art. 17 Para. 1 GDPR, we will take all reasonable measures to inform other data controllers that you have requested the deletion of all links to these personal data or of copies or replications of these personal data.
The right to deletion does not exist if the processing is necessary is:
- to exercise the right to freedom of expression and information;
- to fulfil a legal obligation which requires processing under Union or Member State law to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the area of public health pursuant to Art. 9 Para. 2 lit. h and i and Art. 9 Para. 3 GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 Para. 1 GDPR, insofar as the above-mentioned right is likely to make the realisation of the objectives of this processing impossible or seriously compromises it, or
- to assert, exercise or defense of legal claims.
- Right to restriction of processing (cf. Art. 18 GDPR)
Under the following conditions, you can request that we restrict the processing of personal data concerning you:
- if you contest the accuracy of the personal data concerning you for a period that enables us to verify the accuracy of your personal data;
- the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
- we no longer need the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims, or
- if you object to the processing pursuant to Art. 21 Para. 1 GDPR and it is not yet clear whether our legitimate reasons outweigh your reasons.
If the processing of personal data concerning you has been restricted, these data may - with the exception of their storage - only be processed with your consent or for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If the restriction of processing has been restricted in accordance with the above-mentioned requirements, you will be informed by us before the restriction is lifted.
-
- Right to information (cf. Art. 19 GDPR)
If you have asserted your right to rectification, erasure or restriction of data processing, we are obliged to inform all recipients of your personal data of the rectification, erasure or restriction of data processing. This only applies to the extent that this notification does not prove impossible or involve disproportionate expenditure.
You have the right to know which recipients have received your data.
-
- Right to data portability (cf. Art. 20 GDPR)
You have the right to receive your personal data from us in a common, machine-readable format in order to have it forwarded to another responsible party if necessary, provided that
- the processing is based on consent in accordance with Art. 6 Para. 1 Clause 1 Letter a) GDPR or Art. 9 Para. 2 Letter a) GDPR or on a contract in accordance with Art. 6 Para. 1 Clause 1 Letter b) GDPR and
- the processing is carried out using automated procedures is carried out.
When exercising your right to data portability, you have the right to have the personal data transmitted directly from us to another controller, provided this is technically feasible.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
-
- Right to object to processing (cf. Art. 21 GDPR)
If we base the processing of your personal data on a legitimate interest (according to Art. 6 Para. 1 Clause 1 Letter f) GDPR) on our part, you can object to the processing. The same applies if we base the data processing on Art. 6 Para. 1 Clause 1 Letter e) GDPR.
If you exercise such an objection, we ask you to explain the reasons why we should not process your personal data as we do. In the event of your justified objection, we will examine the situation and will either stop or adjust the data processing or show you our compelling legitimate reasons on the basis of which we continue the processing.
-
- Right to lodge a complaint with the competent supervisory authority (cf. Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR.
The supervisory authority to which the complaint was submitted will inform you about the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
- How to exercise these rights
To exercise these rights, please contact our data protection officer:
Kemal Webersohn from WS Datenschutz GmbH
or by post:
WS Datenschutz GmbH
Dircksenstraße 51
10178 Berlin
- Subject to change
We reserve the right to change this privacy policy in compliance with the statutory provisions.
As of September 2020
[AT1]Note on the selection of service providers
We would like to point out that we advise against using service providers with headquarters in the USA/ China/ Russia. A GDPR-compliant data transfer cannot be guaranteed even if the standard contractual clauses approved by the European Commission are included, as the intervention powers of the local authorities are too far-reaching and there may be no legal remedies for the data subject. It is therefore not possible to adequately protect the data of your website visitors.
It is therefore imperative that you indicate this data transfer in the cookie banner:
"Note on data processing in the USA by Font Awesome, Google:
By clicking on "Accept", you consent to your data being processed in the USA in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) of GDPR. According to the ECJ, the data protection standard in the USA is inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without any legal recourse. If you only agree to the use of essential cookies, the transmission will not take place. Consent given can be revoked at any time."
If you have any questions or, despite our concerns, would like to use providers from these countries, please contact us.
[AT2]If it is actually a link, a reference to data processing in the USA is sufficient. This should be visibly integrated on the "Careers" subpage.
"Note on data processing in the USA by the Smart Recruiters applicant portal:
By clicking on the job link, you will be taken to the Smart Recruiters website. It is possible that your data will then be processed in the USA. According to the ECJ, the data protection standard in the USA is inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without legal recourse. If you do not click on the link to the application portal and contact us by email, Smart Recruiters will not transmit the data. "
If a social plugin is set, consent is required via a cookie banner and the data protection declaration must be adjusted. Please inform us in this case.
[AT3]Since Hubspot processes data in the USA and the USA is a country without an adequate level of protection, you must include a note when registering for the newsletter that your newsletter provider processes data in the USA. This should read as follows:
““Note on data processing in the USA by our shipping service provider HubSpot:
By subscribing to the newsletter, you consent to your data being processed by our shipping service provider HubSpot in the USA in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) of GDPR. The data protection standard in the USA is inadequate in the opinion of the ECJ and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without any legal remedies. Consent given can be revoked at any time."
[AT4] [AT4]These deletion periods can be set in Google Analytics after a user's visit or last website visit. Unfortunately, we do not have any information from you on this.
You can view and change the relevant settings in your Google account settings. Please check these and adjust the sentence accordingly.