Data protection

1. Data Privacy at a Glance

General information

The following information provides a simple overview of how we use your personal data when you visit our website. Personal data includes all data that can be used to personally identify you. Please see our Data Privacy Declaration below this text for full information on data privacy.

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is handled by the website operator. The operator’s contact information is provided in this website’s Legal Notice.

How do we record your data?

We collect your data firstly when you share it with us. This may include data, for instance, that you enter into a contact from. Other data is collected automatically by our IT systems when you visit our website. This primarily includes technical data (such as data on your web browser, operating system, or the time at which you accessed our page). This data is recorded automatically when you access our website.

For what purposes do we use your data?

We collect some of your data to ensure we can provide this website free from errors. Other data may be used to analyze your user behavior.

What rights do you have to your data?

You have the right to receive information free of charge at any time regarding the origin, recipient, and purpose of your saved personal data. You also have the right to request rectification, blockage, or deletion of this data. You can contact us at any time using the address provided in the Legal Notice for these and other questions related to data privacy. Furthermore, you have the right to submit a complaint with the responsible supervising authority.

Analytic tools and tools from third party providers

When you visit our website, your surfing behavior can be statistically analyzed. We do so primarily using cookies and analytic programs. Typically, your surfing behavior is analyzed anonymously; your surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this analysis is provided in the following Data Privacy Declaration. You can object to this analysis. We will inform you on how to object in this Data Privacy Declaration.

 

2. Hosting

External Hosting

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include, but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site. The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

 

3. General framework and mandatory information

Data protection

The operator of this website takes the protection of your personal data very seriously. We treat your personal data as confidential and use it in accordance with legal data privacy regulations and this Data Privacy Declaration. We collect a variety of personal data when you use this website. Personal data includes data that can be used to personally identify you. This Data Privacy Declaration explains what data we collect and the purposes for which we use it. It also explains how and for what purpose we use your data. We would like to note that data transmission online (for instance through e-mail communication) may involve gaps in security. It is not possible to provide seamless protection for data from third party access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data processing controller on this website is AEROCOMPACT® Europe GmbH, Gewerbestrasse 14, 6822 Satteins, Tel. +43 (0) 5524 22 566, office@aerocompact.com. The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).

Storage duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

Information on data transfer to the USA and other non-EU countries

Among other things, we use tools of companies domiciled in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. We must point out that in these countries, a data protection level that is comparable to that in the EU cannot be guaranteed. For instance, U.S. enterprises are under a mandate to release personal data to the security agencies and you as the data subject do not have any litigation options to defend yourself in court. Hence, it cannot be ruled out that U.S. agencies (e.g., the Secret Service) may process, analyze, and permanently archive your personal data for surveillance purposes. We have no control over these processing activities.

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

In the event that data are processed on the basis of Art. 6(1)(e) or (f) GDPR, you have the right to at any time object to the processing of your personal data based on grounds arising from your unique situation. This also applies to any profiling based on these provisions. To determine the legal basis, on which any processing of data is based, please consult this data protection declaration. If you log an objection, we will no longer process your affected personal data, unless we are in a position to present compelling protection worthy grounds for the processing of your data, that outweigh your interests, rights and freedoms or if the purpose of the processing is the claiming, exercising or defence of legal entitlements (objection pursuant to Art. 21(1) GDPR). If your personal data is being processed in order to engage in direct advertising, you have the right to object to the processing of your affected personal data for the purposes of such advertising at any time. This also applies to profiling to the extent that it is affiliated with such direct advertising. If you object, your personal data will subsequently no longer be used for direct advertising purposes (objection pursuant to Art. 21(2) GDPR).

Right to submit complaints to the responsible supervisory authority

If data privacy law violations occur, the data subject has the right to submit a complaint to the responsible supervisory authority. The responsible supervisory authority for questions about data privacy law is the State Data Protection Officer of the state where our company is headquartered. A list of Data Protection Officers and their contact information is provided at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfil a contract be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible.

SSL and TLS encryption

This website uses SSL or TLS encryption for reasons of security, and to protect the transmission of confidential content such as orders or inquiries you send to us as the page operator. You can recognize an encrypted connection because the address line in your browser will switch from “http://” to “https://” and you will see a lock symbol in your browser line. If SSL or TLS encryption is activated, data you transmit to us cannot be accessed by third parties.

Information, blockage, deletion

You have the right to receive information on your saved personal data at any time within the framework of applicable law, as well as the origin of that data, data recipients, and the purpose of data processing. You may also have the right to have this data corrected, blocked, or deleted. You can contact us at any time using the address provided in the Legal Notice for these and other questions related to your personal data.

Right to demand processing restrictions

You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:

  • In the event that you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
  • If the processing of your personal data was/is conducted in an unlawful manner, you have the option to demand the restriction of the processing of your data in lieu of demanding the eradication of this data.
  • If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.
  • If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

Rejection of unsolicited e-mails

We herewith object to the use of contact information published in conjunction with the mandatory information to be provided in our Site Notice to send us promotional and information material that we have not expressly requested. The operators of this website and its pages reserve the express right to take legal action in the event of the unsolicited sending of promotional information, for instance via SPAM messages.

 

4. RECORDING OF DATA ON THIS WEBSITE

Cookies

Our websites and pages use what the industry refers to as “cookies.” Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser. In some cases, it is possible that third-party cookies are stored on your device once you enter our site (third-party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g., cookies for the processing of payment services). Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of the cookies (e.g., the shopping cart function or the display of videos). The purpose of other cookies may be the analysis of user patterns or the display of promotional messages. Cookies, which are required for the performance of electronic communication transactions (required cookies) or for the provision of certain functions you want to use (functional cookies, e.g., for the shopping cart function) or those that are necessary for the optimization of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of cookies to ensure the technically error free and optimized provision of the operator’s services. If your consent to the storage of the cookies has been requested, the respective cookies are stored exclusively on the basis of the consent obtained (Art. 6(1)(a) GDPR); this consent may be revoked at any time. You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited. In the event that third-party cookies are used or if cookies are used for analytical purposes, we will separately notify you in conjunction with this Data Protection Policy and, if applicable, ask for your consent.

Server log files

The page provider automatically collects and saves information in so-called log files, which your browser transmits to us automatically. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server inquiry
  • IP address

This data is not combined with data from other sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows for the processing of data to fulfill an agreement or to carry out pre-contractual measures.

Contact form

If you send us an inquiry using the contact form, your information from the contact form and the contact data you provide there is saved by us for the purpose of processing your inquiry and for follow-up questions. We do not provide this data to third parties without your consent. Data entered into the contact form, therefore, is processed solely based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. An e-mail notification to us is sufficient to do so, with no formal requirements. The legality of data processing carried out up to the time the revocation was submitted shall remain unaffected by it. We will retain data entered by you into the contact form until you request its deletion, revoke your consent to save it, or until the purpose for which data was saved no longer applies (for instance after we have finished processing your inquiry). Mandatory legal regulations – in particular retention periods – shall remain unaffected.

Request by e-mail, telephone, or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent. These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained. The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

 

5. Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. Google may consolidate these data in a profile that is allocated to the respective user or the user’s device. Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis. Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored. This analysis tool is used on the basis of Art. 6(1)(f) GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator’s advertising activities. If a corresponding agreement has been requested (e.g., an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States. The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If the relevant consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.

Archiving period

Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 months. For details, please click the following link: https://support.google.com/analytics/answer/7667196?hl=en

IP anonymization

We have activated the IP anonymization function on this website. Because of this, your IP address will be abbreviated by Google within member states of the European Union or other contracting states to the Agreement on the European Economic Area before transmission to the USA. Only in exceptional cases will your full IP address be transferred to a Google server in the USA, where it will be shortened. Google will use this information to evaluate your site usage, create reports regarding website activity, and complete additional services associated with your internet use for the website operator. The IP addresses transferred by your browser as part of Google Analytics are not associated with other data from Google.

Browser plug-in

You can prohibit the storage of cookies by changing the settings in your browser software accordingly; we would, however, like to inform you that in this case you will not be able to use the full extent of all functions on our website. You can, additionally, prohibit the collection of the data created by cookies and related to your use of the website (incl. your IP address) by Google and Google’s processing of this data by downloading and installing the browser plug-in available at the following link. https://tools.google.com/dlpage/gaoptout?hl=de. For more information on how user data are handled by Google Analytics, please see the Google Data Privacy Declaration: https://support.google.com/analytics/answer/6004245?hl=de.

Contract data processing

We have concluded an agreement for contract data processing with Google, and we fully implement the strict specifications of German data privacy agencies governing the use of Google Analytics.

Facebook Pixel

To measure conversion rates, this website uses the visitor activity pixel of Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too. This tool allows the tracking of page visitors after they have been linked to the website of the provider after clicking on a Facebook ad. This makes it possible to analyze the effectiveness of Facebook ads for statistical and market research purposes and to optimize future advertising campaigns. For us as the operators of this website, the collected data is anonymous. We are not in a position to arrive at any conclusions as to the identity of users. However, Facebook archives the information and processes it, so that it is possible to make a connection to the respective user profile and Facebook is in a position to use the data for its own promotional purposes in compliance with the Facebook Data Usage Policy. This enables Facebook to display ads on Facebook pages as well as in locations outside of Facebook. We as the operator of this website have no control over the use of such data. The use of Facebook Pixel is based on Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in effective advertising campaigns, which also include social media. If a corresponding agreement has been requested (e.g., an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum und https://de-de.facebook.com/help/566994660333381. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook. In Facebook’s Data Privacy Policies, you will find additional information about the protection of your privacy at: https://www.facebook.com/about/privacy/. You also have the option to deactivate the remarketing function “Custom Audiences” in the ad settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you first have to log into Facebook. If you do not have a Facebook account, you can deactivate any user-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

LinkedIn Insight Tag

This website uses the Insight tag from LinkedIn. This service is provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight tag

We use the LinkedIn Insight tag to obtain information about visitors to our website. Once a website visitor is registered with LinkedIn, we can analyze the key occupational data (e.g., career level, company size, country, location, industry, job title) of our website visitors to help us better target our site to the relevant audience. We can also use LinkedIn Insight tags to measure whether visitors to our websites make a purchase or perform other actions (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also features a retargeting function that allows us to display targeted advertising to visitors to our website outside of the website. According to LinkedIn, no identification of the advertising addressee takes place. LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser characteristics and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymized data will then be deleted within 180 days. The data collected by LinkedIn cannot be assigned by us as a website operator to specific individuals. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own promotional activities. For details, please see LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

Demographic features on Google Analytics

This website uses the “demographic features” function of Google Analytics. This function can be used to create reports with information on the age, sex and interests of page visitors. This data comes from interest-based advertisements from Google and visitor data from third party providers. This data cannot be associated with a specific person. You can deactivate this function at any time using the display settings in your Google account, or generally object to the collection of your data by Google Analytics as indicated in the point “Objection to data collection.”

 

6. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you and information allowing us to verify that you are the owner of the e-mail address provided and consent to receive the newsletter. Further data will be collected only on a voluntary basis. We only use this data to send the requested information, and do not transmit it to third parties. Data entered into the newsletter registration form is processed solely based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke the consent you have granted to save your data and your e-mail address and to use these to send the newsletter at any time, for instance by clicking the “Unsubscribe” link in the newsletter. The legality of data processing carried out up to the time the revocation was submitted shall remain unaffected by it. We will continue saving data obtained for the purpose of sending the newsletter until you unsubscribe. This data will be deleted after you unsubscribe from the newsletter. Data we have saved for other purposes (such as e-mail addresses for the member area) shall remain unaffected.

Pardot

We use the analysis tool Pardot from salesforce.com Inc., Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, Main: 1-800-NO-SOFTWARE, Fax: 415-901-7040, Sales: 1-800-NO-SOFTWARE on our website. Pardot is a software module for tracking and analysing the use of a website by website visitors. Pardot sets a maximum of two cookies. These are a "Visitor Cookie" and a "Pardot App Session Cookie". The "Visitor Cookie" generates an identification number that is used to recognize the browser of the website visitor. The identification number is a generated numerical code that has no meaning outside of Pardot Services. The "Pardot App Session Cookie" is only set when a customer logs into the Pardot App as a user. The Pardot cookies record your click path and uses it to create an individual user profile using a pseudonym. This allows us to analyse the use of our website and improve it regularly. The cookies are stored for a maximum of 360 days and the user data for a maximum of 5 years. The deletion of the profile data can be requested by the user at any time. The legal basis for the use of Pardot is your consent according to Art. 6 para. 1 sent. 1 lit. a GDPR. Insofar as Pardot processes personal data, the processing is carried out exclusively on our behalf and according to our instructions. For this purpose, we have concluded a data processing agreement with Salesforce.com, Inc. to ensure compliance with the GDPR. When using Pardot, a data transfer to the USA cannot be ruled out. Salesforce.com Inc. has had Binding Corporate Rules approved by the European Data Protection Board since 2015, which ensure a level of data protection that complies with the GDPR. For more information, see: Salesforce’s Processor Binding Corporate Rules for the Processing of Personal Data and European Data Protection Board Binding Corporate Rules. Furthermore, Standard Contractual Clauses have been concluded in addition to the data processing agreement. For further information on data processing, please refer to the privacy policy of Salesforce.com inc. at: Salesforce Privacy Policy. You can revoke your consent at any time with effect for the future within the cookie settings. In addition, you may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

 

7. Plugins und Tools

Google Maps

This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. In case Google Maps has been activated, Google has the option to use Google web fonts for the purpose of the uniform depiction of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts. We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR. If a respective declaration of consent has been obtained, the data shall be processed exclusively on the basis of Art. 6(1)(a) GDPR. This declaration of consent may be revoked at any time. Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/. For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en.

YouTube with expanded data protection integration

Our website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network. As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account. Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud. Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control. The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If a corresponding agreement has been requested, the processing takes place exclusively on the basis of Art. 6(1)(a) GDPR; the agreement can be revoked at any time. For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.

 

8. CUSTOM SERVICES

Job Applications

We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.

Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 New GDPR according to German Law (Negotiation of an Employment Relationship), Art. 6(1)(b) GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application. If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 New GDPR and Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship in our data processing system.

Data Archiving Period

If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies. Longer storage may also take place if you have given your agreement (Article 6(1)(a) GDPR) or if statutory data retention requirements preclude the deletion.