Privacy policy

Data protection at a glance

General information:

The following information provides a simplified overview of what happens to your personal data when you visit our website. Personal data includes all data that can be used for identifying you as a person. For detailed information on data protection, please read our Privacy Policy beneath this text.

Data collection on our website:

Who is responsible for collecting the data on this website?

The website operator processes the data on this website. You can find the contact details of the website operator in the Legal Information.

How do we collect your data?

Your data is collected when you disclose it to us. This could be data that you enter in a contact form, for example. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (such as browser, operating system or time of website access). This data is collected automatically as soon as you enter our website.

What do we use the data for?

Some of the data is collected to ensure that the website is displayed without errors. Other data can be used for analysing your user behaviour.

What rights do you have regarding your data?

You have the right to obtain free of charge information about the origin, recipient and purpose of your stored personal data at any time. You also have the right to request the rectification, blocking or erasure of this data. You can contact us at any time about this topic as well as other questions relating to data protection at the address stated in the Legal Information. You further have the right to complain to the competent supervisory authority.

Analysis tools, advertising and tools by third-party providers

Google Analytics 

Your surfing behaviour can be statistically analysed when you visit our website. This analysis primarily uses cookies and analysis programmes. Your surfing behaviour is generally analysed anonymously and cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. For detailed information on this topic please read the Privacy Policy. You can object to this analysis. You can find out more about your option to object in this Privacy Policy.

This website uses functions provided by the Google Analytics web analysis service. It is provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables website operators to analyse the behaviour of website visitors. The website operator receives various user data, such as page access, duration of visit, operating systems used and origin of the user. Google may compile this data in a profile which is allocated to the respective user and/or their device.

Google Analytics uses technologies that make it possible to recognise users for the purpose of analysing their user behaviour (e.g. cookies or device fingerprinting). The information collected by Google on the use of this website is generally transferred to and stored on a Google server in the USA.

The use of this analysis tool is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour so as to optimise its advertising activities and adverts. If corresponding consent has been requested (e.g. consent to store cookies), the processing is exclusively based on Art. 6 (1) lit. a GDPR. The consent can be withdrawn at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. For further details go to: https://eur-lex.europa.eu/legal-content/DE-EN/TXT/?uri=CELEX:32010D0087&from=en and/or is based on consent in accordance with Art. 49 (1) lit. a GDPR.

IP anonymisation

We have activated the IP anonymisation function on this website. Google abbreviates your IP address in the member states of the European Union and other contracting member states of the Agreement on the European Economic Area before transferring it to the USA. The full IP address is only transferred to a Google server in the USA and abbreviated there in exceptional circumstances. Google has been engaged by the operator of this website to use this information for analysing your use of the website to prepare website activity reports and provide additional services related to the use of the website and internet for the website operator. The IP address transferred by your browser as part of Google Analytics is not compiled with other Google data.

Browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin from the following link https://tools.google.com/dlpage/gaoptout?hl=de.

Order processing

We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Link to the Google Search Console

The Search Console metrics can be linked with Google Analytics for data enhancement purposes.

Storage period

Data stored by Google at user and event level that is linked to cookies, user IDs or advertising IDs (e.g. double-click cookies, Android advertising ID) are anonymised and/or deleted after 14 months. For details on this process, go to: https://support.google.com/analytics/answer/7667196?hl=de

You can permanently block the collection of your data by Google Analytics at any time and for the currently used device / browser by withdrawing the corresponding consent in the data protection setting for this website.

For more information on the use of user data by Google Analytics, read the Google privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

General and mandatory information

Data protection:

The protection of your personal data is paramount to the operator of this website. We treat your personal data in strictest confidence and in accordance with data protection law as well as this Privacy Policy. Various personal data is collected when you use this website. Personal data includes data that can be used for identifying you as a person. This Privacy Policy explains which data we collect and what it is used for. It also explains how this is done and for which purpose. Please note that data transfer via the internet (e.g. when communication via email) can be subject to security gaps. It is impossible to fully protect data against third-party access.

Information on the controller:

The controller responsible for data processing on this website is: see Legal Information Phone: see Legal Information Email: info@rpa-datenschutz.de

The controller is the natural person or legal entity that solely or jointly with other parties decides about the purpose and means of the processing of personal data (e.g. name, email address, etc.).

Withdrawing your consent to data processing:

Many data processing activities are only possible with your explicit consent. You can withdraw previously issued consent at any time. To do so, it is sufficient to email us an informal notification. Your withdrawal does not affect the legitimacy of the data processing activities performed until the date of withdrawal.

Right to complain to the competent supervisory authority:

In the event of violations of data protection laws, the data subject has the right to complain to the competent supervisory authority. The competent supervisory authority which deals with data protection is the federal data protection officer of the federal state where the company is domiciled. For a list of data protection officers and their contact details, go to www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

 

Right to data portability:

You have the right to request for data that we automatically process based on your consent or for the fulfilment of a contract to be transferred to you or a third party in a standard machine-readable format. If you request the direct transfer of the data to another controller, this shall only be done insofar as it is technically possible.

SSL and/or TLS encryption:

This website uses SSL and/or TLS encryption for security purposes and to protect the transfer of confidential contents, such as orders or enquiries that you send to us, the website operator. You can recognise an encrypted connection by the address bar of your browser changing from "http://" to "https://” and by the lock symbol in your browser bar.

When SSL and/or TLS encryption is active, data that you transfer to us cannot be read by third parties.

Information, blocking, erasure:

In accordance with the applicable legal provisions, you have the right, at any time, to free of charge information about your stored personal data, its origin and recipient and purpose of the data processing activities and possibly also the right to rectification, blocking or erasure of this data. You can contact us at any time about this topic as well as other questions relating to personal data at the address stated in the Legal Information.

Objection to advertising emails:

We herewith object to the use of contact data published in accordance with obligations to disclose legal information on websites for any advertising and information that we have not explicitly requested. The operators of the websites explicitly reserve the right to take legal action against any deliveries of unwanted advertising information, such as via spam emails.

Data protection officer:

Mandatory data protection officer

We have appointed a data protection officer for our company.

RPA Datenschutz + Compliance GmbH, represented by Henning Koch and Ilja Borchers Hauser Gasse 19b 35578 Wetzlar Phone: +49 (0) 6441 67100 0 Email: info(at)rpa-datenschutz(dot)de

 

Data collection on our website
Cookies:

The website uses cookies in some parts. Cookies do not damage your computer and do not contain any viruses. Cookies are used for creating a more user-friendly, effective and secure website. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are session cookies. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can adjust your browser so that you are informed when cookies are installed and can permit cookies only in individual cases, generally block the acceptance of cookies in certain cases and activate the automatic deletion of cookies when closing the browser. The functionality of this website can be restricted if you deactivate cookies.

Cookies that are required for performing an electronic communication process or for providing certain functions selected by you (e.g. shopping basket function) are stored on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in storing cookies for the fault-free, optimised provision of its services. Other cookies (e.g. cookies for analysing your surfing behaviour) that may be stored are described separately in this Privacy Policy.

Required cookies

Analysis cookies

Deactivate Google cookies

Server log files:

The website provider automatically collects and stores information in so-called server log files that your browser automatically transfers to us. They include:

Browser type and version

Operating system

Referrer URL

Hostname of the accessing computer

Time of server query

IP address

This data is not combined with other data sources. 

The basis for these data processing activities is Art. 6 (1) lit. f GDPR, which permits the processing of data for the fulfilment of a contract or precontractual measures.

Newsletter

Newsletter data:

If you wish to subscribe to the newsletter offered on the website, we require your email address as well as information that enables us to check that you are the owner of the email address you have stated ad that you agree to receive the newsletter. Other data is not collected or only on a voluntary basis. This data is used exclusively for sending the requested information. We do not transfer it to third parties.

The data entered in the newsletter subscription form is processed exclusively on the basis of your consent (Art. 6 (1) lit. a GDPR). You can withdraw your consent to store the data, email address and its use for sending the newsletter at any time, such as via the “Unsubscribe” link in the newsletter. Your withdrawal does not affect the legitimacy of the data processing activities performed until the date of withdrawal. We store the data you provide to us for the purpose of receiving the newsletter until you unsubscribe from the newsletter and then delete it. This does not affect data that is stored by us for other reasons (e.g. email addresses for the member area).

INXMAIL:

This website uses the services of INXMAIL for sending the newsletter. The provider is Inxmail GmbH, Wentzingerstr. 17, 79106 Freiburg, GERMANY

Inxmail is a service for organising and analysing the dispatch of newsletters, etc. When you enter data for the purpose of receiving the newsletter (e.g. email address), this is stored on the Inxmail servers in Germany.

We can analyse our newsletter campaigns with the help of Inxmail. When you open an email sent with Inxmail, a file contained in the email (web beacon) links to the Inxmail servers in Germany. This makes it possible to determine if a newsletter message has been opened and which links have been clicked on. Technical information is also collected (e.g. time of query, IP address, browser type and operating system). This information cannot be allocated to the respective newsletter recipient. It is exclusively used for the statistical analysis of newsletter campaigns. The results of these analyses can be used for adjusting future newsletters to better match the interests of the recipients.

If you do not want your data to be analysed by Inxmail, you have to unsubscribe from the newsletter. We provide a link for you to do so in every newsletter message. You can also unsubscribe from the newsletter directly on the website.

The data is processed on the basis of your consent (Art. 6 (1) lit. a GDPR). You can withdraw this consent at any time by unsubscribing from the newsletter. Your withdrawal does not affect the legitimacy of the data processing activities performed until the date of withdrawal.

We store the data you provide to us for the purpose of receiving the newsletter until you unsubscribe from the newsletter and then delete it from our servers as well as the Inxmail servers. This does not affect data that is stored by us for other reasons (e.g. email addresses for the member area).

Conclusion of a data processing agreement We have concluded a data processing agreement with Inxmail in which we oblige Inxmail to protect the data of our customers and not to transfer it to third parties.

Plugins and tools

YouTube

Our website uses plugins by YouTube, which is operated by Google. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit our pages containing a YouTube plugin, a connection is established with the YouTube servers. During this process, the YouTube server is informed of the pages you have visited on our website.

If you are logged into your YouTube account, you enable YouTube to directly allocate your surfing behaviour to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of creating an appealing appearance of our website. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.

For further information on the use of user data, go to the YouTube privacy policy at: www.google.de/intl/de/policies/privacy.

Handling of applicant data

You can use the career section on our website and/or submit applications per email.

The personal data (master data, contact details, attachments such as cover letter, CV, certificates, etc.) of applicants is collected and processed for the purpose of handling the application process.

The data may be processed electronically. This is particularly the case when an applicant transfers corresponding application documents to the controller, such as per email or through an online form on the website. The data entered by you in the application form is collected in our application management system. You receive a confirmation email after you send the form.

If you have applied per email or post, the relevant information is collected and your documents are scanned. We then professionally destroy the original paper documents so that your data is secure. We only use information that you have provided in your application, professional networks (such as XING or LinkedIn) or job fairs.

If the controller concludes an employment contract with an applicant, the transferred data is stored for the purpose of processing the employment relationship in accordance with the legal requirements. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted 90 days after the announcement of the decision not to recruit the applicant, unless the controller has other opposing legitimate interests. Within this meaning, other legitimate interests are, for instance, the duty to provide evidence in proceedings in accordance with the General Sex Discrimination Act (Allgemeines Gleichbehandlungsgesetz – AGG).

Art. 6 (1) lit. f GDPR is the legal basis for the collection and processing of the data.

When you apply online, you can give your explicit consent for us to store and use your data even after the conclusion of the current application process (inclusion in the talent pool and consideration for other positions in our company). By giving this consent, you enable us to inform you about new vacancies that may be of interest to you and/or open vacancies. Your data is included in the talent pool solely on the basis of your explicit consent (Art. 6 (1) lit. a GDPR). Giving your consent is voluntary and does not affect the ongoing application process. You can withdraw your consent at any time. In this case, the data will be irrevocably deleted from the talent pool, unless there are legal obligations to store it. The data from the talent pool is irrevocably deleted no later than two years from the date on which you gave your consent.

Data transfer to third parties

The data transferred during your application is transferred using TLS encryption and stored in a database. This database is operated by Personio GmbH, which provides HR and application management software (https://www.personio.com/legal-notice/). In this context, Personio is our processor in accordance with Art. 28 GDPR. These processing activities are based on a data processing agreement between us, the controller, and Personio.