The protection of your personal data during the process of elicitation, processing, and utilisation of said data over the course of your visit to our homepage is of utmost importance to us. Your data is safeguarded in accordance with legal regulations. Below, we would like to inform you about the nature and extent to which the processing of personal data via this website, pursuant to Article 13 of the General Data Protection Regulation (GDPR) occurs.
I. Information regarding the relevant bodies
II. Information regarding the Data Protection Supervisor
For questions regarding data protection, please do not hesitate to contact our external representative for operational data protection:
Mr. Arndt Halbach from GINDAT GmbH
Wetterauer Str. 6
Tel.: +49 (0)2191 – 909 – 430
III. Data processing via the website
Your visit to our websites is recorded and logged. Essentially, the following data, which is transmitted via your browser, is recorded:
• the internet protocol (IP) address currently in use by your PC or router
• date and time
• browsertype and version
• the operating system of the PC
• a history of the pages viewed
• name and size of the requested files
• as well as, where appropriate, the URL of the referring website.
This information is collected solely for the purposes of data security, the improvement of our web content, and the fault analysis in accordance with Art 6. (1) f of the GDPR. The IP address of your PC is evaluated only after being anonymized (abbreviated by the last 3 digits). Apart from that, you can visit our website without providing any personal information.
We draw your attention to the fact that the transfer of data in the internet (i.e. by communication via e-mail) may involve gaps in security. It is not possible to protect such data completely from being accessed by third parties. Therefore, you should provide us with confidential information via other means such as i.e. by mail.
The controlling individual responsible for the processing of data collects and processes the personal data of applicants for the purpose of processing the application process. The processing can occur by electronic means. This is the case, if the applicant submits the relevant documents to the controller by electronic means – for example via email, or a web form that is available on the website. If the controller concludes a contract of employment with the applicant, the submitted data will be stored according to the law, for the purpose of processing the employment relationship. However, if no employment contract is concluded between the controller and applicant, the relevant documents will be deleted in accordance with the law and as soon as the position has been filled, provided that the erasure does not conflict any other legitimate interest of the controller. In that sense, a reason for legitimate interest may be the burden of proof in a procedure pursuant to the General Equal Treatment Act (AGG).
Applications can only be processed if they were send to the email address “firstname.lastname@example.org“. If you use any other email registered with our company, our system will unfortunately not be able to recognise your application and thus, it will not be considered. Please keep in mind that email is not a secure medium. However, should your application reach our email server via the above-mentioned email address, we will protect your application through high technical and organisational measures. Nevertheless, we have no influence on your application’s safety during its journey through the public internet and thus, cannot guarantee any level of protection before it reaches our company. Should your sending email server support STARTTLS, our email server will do the same and offer transport encryption through STRATTLS.
Personal data (i.e. your name, address or contact details) that you have provided to us in the course of a request, or in any other way, will be stored and used for correspondence only, as well as for the purpose for which you provided the data for. The processing of this data occurs pursuant to Article 6 (1) a; 6 (1) f of the GDRP.
We offer you the opportunity to subscribe for a newsletter via our homepage. When signing up for our newsletter, personal data will be collected. Therefore, in order to be sure that the newsletter was ordered through your email, you will initially receive a confirmation email. You will be successfully registered for the mailing list, and will receive the newsletter only if you click on the activation link contained in the email. The order of the newsletter will be documented for the purpose of evidence (IP address, date, time). At any time, you may unsubscribe from the mailing list by notification. In order to do so, you can use the link at the end of each newsletter. The legal basis for this is Article 6 (1) a of the GDPR.
In order to send the newsletter, we employ the newsletter service XYZ. This service is bound by our instructions and solely processes the data pursuant to Article 28 of the GDRP.
Secure/safe data transfer
In order to safeguard your data during the transmission process, we utilize state-of-the-art encryption (SSL) via HTTPS.
IV. Recipient of personal data
We may employ service providers by way of order data processing for the implementation and execution of data processing.
Specifically, we employ service providers for sending out newsletters, as well as for the hosting of our website.
The contractual relationship with our service providers is regulated pursuant to the provisions of Article 28 of the GDPR, in which the legally required aspects in regards to data protection and data security are listed.
V. Note regarding the use of Matomo (formerly Piwik)
• Currently, your visit to this particular website is recorded by Matomo web analysis. Click here, if you do not want your visit to be recorded any longer.
This tracking measure is pursuant of Article 6 (1) S.1 lit. f of the GDRP.
VI. Google web fonts
This website uses so-called web fonts provided by Google in order to offer a uniform presentation of fonts. When first accessing a page, all web fonts necessary for the correct display of texts and fonts are loaded into your browser’s cache. Thus, the browser you use must connect to Google’s servers. As a result, Google gains the knowledge that your IP address has accessed our website. The use of Google web fonts is in the interest of a uniform and attractive presentation of our online services. This constitutes legitimate interest pursuant to Article 6 (1) lit. f of the GDPR. If your browser does not support web fonts, your computer will use a default font.
Additional information regarding Google web fonts can be found at:
In order to protect your requests via internet form we utilise the service reCAPTCHA by Google Inc. (Google). This query distinguishes between a request being made by a human, or improperly made by automated and mechanical processing. The transmission of the IP address and other data required by Google’s reCAPTCHA service is included in this request. Therefore, your input will be transmitted to, and processed by Google. Nevertheless, Google will shorten your IP addresses within member states of the European Union and countries that are contracting parties to the Agreement on the European Economic Area. Only in exceptional cases, will the full IP address be transmitted to Google’s servers in the US, and shortened there. Google will utilise this information on behalf of the operator of this website in order to evaluate your use of this service. The IP address, which was sent by your browser via reCAPTCHA, will not be merged with other data collected by Google.
This service is pursuant to Art. 6 (1) S.1 lit. f of the GDRP.
VIII. Google Maps
This site uses the map service of Google Maps via API. Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, US, provides this service.
In order to use the features provided by Google Maps it is necessary to save your IP address. As a rule, this data is transmitted and saved on Google’s servers in the US. The provider of this site has no influence on this data transmission.
In the interest of an attractive presentation of our online offers, Google Maps is utilised to ensure the easy retrievability of the locations indicated on the website. This constitutes legitimate interest pursuant to Article 6 (1) lit. f of the GDPR.
If you disagree with the processing of your data, you may disable the “Google Maps“ service and thus, prevent the transmission of your data to Google. For that purpose, you will have to deactivate the Java script feature in your browser. We would like to point out that in this case you will not be able to use “Google Maps” to its full extent, or at all. Additional information regarding the handling of user data can be found in Google’s privacy notice:
Our internet offer utilises so-called cookies. The cookies are small text files, which are downloaded by your browser, and stored by your computer. Cookies are used in order to make the internet offer more user-friendly. For example, it is possible to recognise the user for the duration of a session that way, making it obsolete to re-enter the user name and password constantly. These cookies will not harm your computer and are deleted when you are closing your session. The basis for this part of data processing is Article 6 (1) f of the GDPR.
Some of the cookies we use, will be deleted immediately when you are closing your browser (so-called session cookies).
Other cookies will remain on your device thus, enabling the recognition of your browser during the next visit (persistent cookies).
The processing of data in connection with cookies serves to achieve the desired functionality of our online offers, and is based on the legitimate interest pursuant to Article 6 I f of the GDPR.
X. Legal rights
In case the prerequisites pursuant to §§ 15-21 of the GDRP apply, you may assert the following rights in regards to the personal data processed by us.
Right of access
You have the right to demand disclosure in regards to your personal data, which is processed by us.
Right of rectification
You may request the rectification of incomplete or incorrectly processed personal data.
Right of erasure
You have the right to demand the erasure of your personal data, especially, if one of the following reasons apply:
• Your personal data is no longer required for the purposes, for which it was collected and otherwise processed.
• You revoke the explicit consent given to the processing of your data.
• You have asserted the right to object to the processing of your data.
• Your data was processed unlawfully.
However, the right to erasure does not exist, if processing is necessary for the purpose of the legitimate interests pursued by the responsible person. This could be the case, if for example:
• Personal data is required in order to assert, exercise, or defend legal claims.
• The erasure is not possible due to storage requirements.
If data cannot be deleted, a right of restriction in regards to data processing can exist (see below).
Right of restriction in regards to data processing
You have the right to demand the limitation of the processing of your personal data, if:
• You deny the accuracy of the data and thus, force us to verify the accuracy.
• The processing is unlawful, you refuse the erasure of your data, and demand the restriction of use instead.
• We no longer need the data, but you need it to assert, exercise, or defend legal claims.
• You objected the processing of your data and ist has not been determined yet whether our legitimate interest outweighs your reasons.
Right of data transmission
You have the right to receive the personal data, which was provided by you and relates to you, in a structured, common, and machine-readable format. Furthermore, you have the right to transfer this data without any hindrance from our side, if the processing is based on consent, or a contract, and can be processed by means of automated procedures.
Right of revocation
The individual involved has the right to object to the processing of personal data relating to him/her – pursuant to Article 6 (1) e or f – at any time due to a particular situation; This also applies to profiling which is based on these provisions. If the processing of your personal data is based on your consent, you have the right of revocation at any time.
XI. Statutory standard periods for deletion of the data
Provided that a legal retention regulation does not exist, data will be deleted, or destroyed, if it is no longer necessary for the purpose of data processing. There are various time limits regarding the retention period of personal data. This means that data with tax relevance will ordinarily be kept for 10 years, while other data will be kept for 6 years in accordance with the commercial law. Ultimately, the retention period can be based on the statutes of limitations, for instance according to §§ 195 ff. of the Civil Code (BGB), and can ordinarily amount to three years, or in some cases up to thirty years.
XII. Right of complaint to a supervisory authority
Any person concerned has the right to appeal to a supervisory authority pursuant to Article 77 of the GDRP, if the individual involved considers that the processing of personal data relating to him/her infringes on the GDRP. The competent supervisory authority for data protection issues is the data protection officer of the federal state in which our company is based.
Liability for the contents
As a service provider, we are responsible for the proprietary content on these pages in accordance tot he general law (pursuant § 7 (1) TMG). However, as a service provider, we are not obliged to monitor transmitted and/or stored third party information, or to investigate circumstances that indicate illegal activity (pursuant §8 to §10 TMG). This does not affect obligations to remove, or block the use of information according to the general law. Any liability for damages resulting therefrom applies only after such a time that a concrete knowledge of the legal infringement exists. Upon being notified of legal violations, we will remove the content immediately.
Liability for links
Our offer contains links to external websites of third parties, over whose content we have no influence. Due to this fact, we cannot assume liability for these foreign contents. The content of these linked pages falls under the jurisdiction of the respective provider, or operator. The linked pages were thoroughly checked at the time that the linking occurred. At the time of the linking, the corresponding pages were free of illegal contents. Moreover, a constant and permanent control of a linked page is not possible without concrete evidence of an infringement. Upon being notified of legal violations, we will remove such links immediately.