Data Protection Regulations
By using our website, you agree to the collection, processing and use of data according to the following description. Our website can be used without the need for registration. In this case, data such as visited pages, names of downloaded files, dates and times are saved on our servers for statistical purposes without being linked to the specific user. Personal data such as name, address or email address is only collected voluntarily where possible. Your data will not be passed on to third parties without your permission.
Hosting and email dispatch
We use hosting services so we can provide the following services: infrastructure and platform services, computing capacity, storage space and data bank services, email dispatch, security services and technical maintenance services which we use to operate our online content.
We, or our hosting providers, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors to the online content based on our entitled interests of providing this online content efficiently and securely in accordance with Art. 6 Par. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (completion of order processing contract).
Content-Delivery-Network from Amazon Web Services
We use a so called "Content Delivery Network" (CDN) provided by Amazon Web Services.
A CDN is a service with which online content, particularly large media files such as images or scripts can be delivered quickly with the help of regionally distributed servers which are connected to the internet. The processing of user data occurs only for the above-mentioned purposes and to ensure the security and functionality of the CDN.
The usage is based on our entitled interest, i.e. our interests in providing, analyzing and optimizing secure and efficient online content in accordance with Art. 6 Par. 1 lit. f. DSGVO.
In order to protect your data, the website operators use SSL-encryption. You can recognize connections that use this encryption by the prefix “https://” of the page address in the address bar of your browser. Unencrypted pages are marked with “http://”.
Various data that is transferred to this website – e.g. during enquiries or log in – cannot be read by third parties due to the SSL-encryption.
If you contact us (e.g. via contact form, email, telephone or social media), your data is processed according to the DSGVO Art. 6 Par. 1 lit. b) to process your contact request. User data may be stored in a Customer-Relationship-Management System ("CRM System") or comparable contact request system. We delete this data when it is no longer needed. We check which data is no longer needed every two years; legal archive duties also apply.
We process applicants’ data only for the purpose of and within the scope of the application process in accordance with the legal requirements. Applicants’ data is processed to fulfill our (pre)contractual obligation within the scope of the application process in accordance with Art. 6 Par. 1 lit. b. DSGVO Art. 6 Par. 1 lit. f. DSGVO in so far as data processing is required of us, e.g. in case of legal proceedings (for Germany § 26 BDSG also applies).
The application process presupposes that applicants provide us with their applicant data. If an online application form is available, the required applicant data is clearly marked. Otherwise, the required data is compiled from the application. The required data includes personal data, post and contact information and the documents required for the application, such as cover letter, curriculum vitae and certificates. In addition to this, applicants can voluntarily supply us with additional information.
If additional personal data is voluntarily shared during the application process in accordance with Art. 9 Par. 1 DSGVO, this data will be processed additionally in accordance with Art. 9 Par. 2 lit. b DSGVO (e.g. health data, disabilities or ethnicity). If additional categories of personal data are requested from applicants in the course of the application process in accordance with Art. 9 Par. 1 DSGVO, these will be processed additionally in accordance with Art. 9 Par. 2 lit. a DSGVO (e.g. health data if necessary for performing the occupation).
In addition, applicants can submit their application via email. In this case we wish to clarify that emails are not encrypted and that applicants must ensure encryption themselves. Therefore, we cannot assume responsibility for the transmission of the application from the sender to the delivery on our server and recommend that applicants use the online form or send their application by post, as postal applications remain an option in addition to online or email application.
The data that is provided by the applicant can be, in the case of subsequent employment, be further processed by us for the purpose of the employment relationship. If the application is not successful and does not result in subsequent employment, the applicant’s data will be deleted. The applicant’s data will also be deleted is the applicant revokes their application, which the applicant may do at any time.
The data is deleted, subject to the entitled repeal of the applicant, after a period of six months to allow for possible follow-up questions regarding the application and to meet obligations to produce proof as laid out in the General Act on Equal Treatment (Gleichbehandlungsgesetz). Receipts of compensation for any travel expenses will be archived according to tax guidelines.
With the following information we inform you about the contents of our newsletter as well as the registration, mailing and statistical evaluation procedure and your rights of revocation. By subscribing to our newsletter, you agree to receive it and to the procedures described.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter "newsletter") only with the consent of the subscriber or with legal permission. If the contents of the Newsletter are specifically described in the course of registration, they are decisive for the consent of the users. Apart from that, our newsletters contain information about our services and us.
Double opt-in and documentation: The registration for our newsletter is based on a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so no one else's email address can be used to register. The registrations for the newsletter are documented to be able to track the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored with the newsletter service provider are also documented.
To register for the newsletter, it is necessary to enter your e-mail address. Optionally, we ask you to enter a name for the purpose of personalisation in the newsletter.
Legal basis for documentation of the registration process: The protocol of the registration process is based on our legitimate interests in accordance with Art. 6 Para. 1 lit. f of the German Data Protection Regulation (GDPR). Our interest is directed towards the use of a user-friendly as well as secure newsletter system that serves our business interests as well as meets the expectations of the users and furthermore allows us to document consent.
Cancellation/revocation - You can cancel the subscription to our newsletter at any time, i.e. cancel your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may save unsubscribed email addresses for up to three years based on our legitimate interests before deleting them for newsletter sending purposes to be able to verify consent previously given. The processing of this data is limited to the purpose of a possible defence against claims.
An individual deletion request is possible at any time if the former existence of consent is confirmed at the same time.
Newsletter - service provider
The newsletter is sent by means of the newsletter service provider [inxmail, Wentzingerstr. 17, D-79106 Freiburg/GERMANY]. You can view the data protection provisions of the Newsletter service provider here: [https://www.inxmail.de/datenschutz].
We have concluded an order processing agreement with the newsletter service provider in accordance with Art. 28 Para. 3 S. 1 GDPR. The newsletter service provider is used based on our legitimate interests according to Art. 6 Para. 1 lit. f GDPR.
The newsletter service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimise or improve its own services, e.g. to technically optimise the mailing and presentation of the newsletter or for statistical purposes. However, the newsletter service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
Newsletter - performance tracking
The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or if we use a newsletter service provider, from their server.
The following data is processed:
- When and which mailings has a subscriber received?
For each mailing, each start and end time is stored, as well as for each subscriber that they were contacted and whether the email was delivered. This log is kept for two years. If the mailing is deleted beforehand, the log is also deleted 30 days after deletion.
- When did the subscriber open which mailing?
This data is stored anonymously, but can be distinguished. However, it is then not possible to conclude on the subscriber data record due to the anonymised collection.
- When did the subscriber click on which link in which mailing?
In principle, Inxmail Professional stores every click on a tracked link, as well as every call-up of a tracked image (opening pixel). In particular, the following is recorded
o the date and time of the click
o the so-called user agent string of the browser/mail client from which the click was made
o which link from which mailing and which mailing was opened.
This data is stored anonymously but can be distinguished, which means that it is not possible to identify subscribers. If the subscriber is deleted from the system, neither the recipient data nor the click information can be identified.
This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour based on their access locations (which can be determined with the help of the IP address) or the access times. The evaluations serve us to recognise the reading behaviour of our users and to adapt our content to them or to send different content according to the interests of our users.
Third-party content and services
We use content are services from third-party providers as part of our online content according to our entitled interests (i.e. interest in analysis, optimization and economic operation of our online content in accordance with art. 6 par. 1 lit. f. DSGVO) in order to incorporate their content and services, for example videos or fonts (hereafter referred to as “content”). This always implies that the third-party providers of this content register the IP-address of the user, as they need the IP-address to send the content to the user’s browser. Therefore, the IP-address is always necessary to display this content. We try to only use third-party content which only needs the IP-address to display. Third parties can also use so-called pixel tags (invisible images, also called web beacons) for statistical or marketing purposes. Pixel tags make it possible to analyze information such as visitor traffic on certain website pages. Pseudonym information can also be save das cookies on the user’s device and may contain technical information about the browser or operating system, visited websites, visiting times, as well as information about use of our online services, and may be connected to information from other sources.