Privacy Policy (as of 28th February 2019)
Those of us at RaceChip Chiptuning GmbH & Co. KG take the protection of your personal data very seriously and adhere strictly to the rules of data protection legislation and the EU’s General Data Protection Regulation (GDPR) in particular. In the following we inform you about how your personal data are processed when you use our website at www.racechip.com.
Personal data means any information concerning the personal or material circumstances of an identified or identifiable individual. This includes information such as your real name, address, phone number and date of birth.
I. Data controller
Data controller within the meaning of the General Data Protection Regulation:
RaceChip Chiptuning GmbH & Co. KG
Karl-Frasch-Str. 14
73037 Göppingen
Germany
Phone: +49 7161 1584 999
Fax: +49 7161 1581 899
E-mail: [email protected]
II. Data Protection Officer
Contact details of our Data Protection Officer:
Examcert Ltd.
An der Dünung 48
23968 Wismar
Phone: +49 800-5891262
E-mail: [email protected]
III. Purposes and legal basis of data processing
Informational use of the website
When you use our website solely for informational purposes, in other words if you do not register, log in, place an order or otherwise provide us with information about yourself, we do not process any personal data except for the data provided by your browser to permit you to visit the website as well as information transmitted to us by cookies used for preparing statistical analyses of how our site is used.
a. Technical operation of the website
(i) Creation of logfiles
For the purpose of technical website operation, we may need to process certain automatically transmitted information about you in order for your browser to display our website and for you to use it. This information is automatically collected and stored in our server logfiles every time our website is accessed. The following information is collected:
- browser type and version
- operating system used
- referring URL (the previously visited page)
- host name of the accessing computer (IP address)
- time of the server inquiry.
These data are not combined with data from other sources and will be deleted following their statistical analysis.
The legal basis for the temporary storage of this data is Art. 6 (1) (f) GDPR. We have a legitimate interest in ensuring our ability to technically operate the website for you and in safeguarding its functionality. We also have a legitimate interest in optimising our website and in safeguarding the security of our information technology systems.
(ii) Cookies
We use cookies on various pages of our website in order to enhance the user experience and to allow the use of certain functions. Cookies are small text files that are stored on your device. Some of the cookies we use are deleted at the end of your browser session, in other words when you close your browser (session cookies). Other cookies remain on your device and allow us to recognise your browser on your next visit our to website (persistent cookies). You can configure your browser to notify you when cookies are set and only allow cookies in individual cases or block the acceptance of cookies, either in specific cases or in general. If you choose not to accept cookies, this may limit the functionality of our website.
Below you will find further information on the cookies we use and your browser’s settings.
Essential cookies
These cookies are essential for us to operate our website. They include cookies that allow you to log into the customer area or place something into the shopping cart.
Analytical/performance cookies
These cookies make it possible to collect anonymised data about how our visitors use the site. These are then evaluated by us in order to improve the functionality of the website, for example, and to show you interesting offers.
Functional cookies
These cookies are used for certain features offered by our website, e.g. to suggest improved navigation to our website, to show you personalised and relevant information (e.g. “interest-based advertisements”).
Targeting cookies
These cookies remember your visit to our website, the pages you visited and the links you clicked. We will use this information to customise the advertising you see on our website to better reflect your interests.
Third-party cookies
These cookies from some of our advertising partners help make our website more interesting to you. We also save cookies from partner companies on your hard drive for this purpose. These are temporary cookies that are deleted automatically after a specific period of time has elapsed. Cookies from partner companies are usually deleted after a few days or after up to 24 months, in some cases even after several years. The cookies placed by our partner companies do not contain any personal data either. They merely collect pseudonymous data under a user ID. This pseudonymous data will at no point in time be combined with your personal data.
The data collected through analytical/performance cookies, functional cookies, targeting cookies and third-party cookies will be pseudonymised and/or anonymised by technical means. As a result, the data can no longer be attributed to the user visiting the site. The data will not be stored together with other personal data concerning the user.
The legal basis for our use of cookies to process your personal data is Art. 6 (1) (f) GDPR. In the case of technically essential cookies, we have a legitimate interest in being able to provide you a technically functional, easy-to-use website. With respect to the other cookies, we have a legitimate interest in improving the quality of our website and its contents. Analytical/performance cookies, functional cookies and targeting cookies also furnish us with information on how the website is used, thereby allowing us to continuously improve our offering and make it more user friendly.
How can I configure my browser's cookie settings?
Every browser manages cookie settings differently. This approach is described in every browser’s Help menu, which provides instructions on how to change your cookie settings. To find it, click the link below that corresponds to your browser:
- Internet Explorer™: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Safari™: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
- Chrome™: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
- Firefox™ https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Opera™ : https://help.opera.com/en/latest/web-preferences/#cookies
b. Statistical analysis of website use and improving reach
For the purpose of performing statistical analyses of how our website is used, we use Google Analytics, Criteo, Google DoubleClick, Google Tag Manager and Google Ads, and therefore cookies which allow us to analyse your navigation of our website. This helps us improve the quality of our website and its contents. We learn how the website is used and can continuously optimise our offer as a result.
The information obtained through the statistical analysis of our website will not be combined with any other data collected about you during your visit to our website.
The legal basis for processing your personal data to perform statistical analyses of how our website is used is Art. 6 (1) (f) GDPR; we have a legitimate interest in offering a website with an appealing, technically functional and user-friendly interface and a needs-based design.
Google Analytics
We use Google Analytics, a web analysis service provided by Google Inc., on our website. Google Analytics uses cookies, text files that are stored on your computer and enable your website usage to be analysed. The information generated by the cookie regarding your use of our website is generally sent to a Google server in the USA, where it is stored. If you activate IP anonymisation on this site, your IP address will be truncated prior to being transferred within European Union member states or in other contracting states to the Agreement on the European Economic Area. Only in exceptional circumstances will the full IP address be sent to a Google server in the USA and truncated there. The anonymised IP address sent by your browser within the context of Google Analytics will not be combined with any other Google data.
You can prevent the installation of cookies by adjusting the relevant setting in your browser software; however, we would like to point out that you may not be able to use all the functions of this website to their full extent in this case.
You can opt out of the communication to Google of data collected by the cookie in connection with your use of our website (including your IP address) and the processing of such information by Google by downloading and installing a browser plug-in available at: http://tools.google.com/dlpage/gaoptout?hl=en.
Alternatively, click here to opt out of Google Analytics.
For more information on conditions of use and data protection or about Google Analytics, go to http://www.google.com/analytics/terms/us.html or https://policies.google.com/?hl=en&gl=en
Criteo
On our pages, technology provided by Criteo (Criteo GmbH, Unterer Anger 3, 80331 Munich, Germany) places cookies to collect information in purely anonymised form about the surfing activity of visitors to the website which is then used for marketing purposes.
These cookies enable Criteo to analyse surfing activity and then display targeted product recommendations in the form of personalised advertising banners on other websites. The anonymised data cannot, under any circumstances, be used to personally identify visitors to the website. The data collected by Criteo will only be used to improve the advertisements offered. Every banner displayed contains a small “i” (for information) in the bottom left corner. Mousing over this “i” will open it and clicking on it will take you to a page with an explanation of the methodology and an opportunity to opt out. Clicking on “Opt out” places an “Opt-out” cookie that prevents this banner from being displayed in the future. It is not passed on to third parties nor used in any other way. Visit Criteo for general information about their Privacy Policy and Data Protection Guidelines and also to opt out of anonymous analyses of your browsing behaviour (Opt out).
Google DoubleClick cookie
Our website still uses DoubleClick, Google’s online marketing tool. DoubleClick places cookies in order to display ads that are relevant to users, improve campaign performance reports or to prevent users from seeing the same ad more than once. Google uses a cookie ID to collect information about which ads are displayed in which browser to prevent these from being displayed multiple times. In addition, DoubleClick may use cookie IDs to track conversions related to ad enquiries. This could be the case if a user sees a DoubleClick ad and uses the same browser to open the advertiser’s website and make a purchase at a later point in time. According to Google, DoubleClick cookies do not contain any personal information.
The marketing tools used cause your browser to automatically establish a direct connection to the Google server. Since we have no influence on the scope or further use of the data collected by Google using this tool, we are providing you with the information we have at our disposal: The use of DoubleClick means that Google receives the information that you have visited the corresponding section of our website or have clicked on one of our ads. If you are registered with a service provided by Google, it can connect the visit to your account. Even if you are not registered with Google or are not logged in, it is still possible that the provider will discover and store your IP address.
There are several ways for you to prevent your participation in this tracking process: a) by changing your browser settings accordingly, whereby rejecting third-party cookies, in particular, will prevent you from seeing third-party ads; b) by deactivating conversion tracking cookies by configuring your browser settings so that cookies from the domain “www.googleadservices.com” are blocked, https://www.google.com/settings/ads, however this setting is deleted if you delete your cookies; c) by deactivating the interest-related ads of providers who are part of the self-regulation campaign “About Ads” using the link http://www.aboutads.info/choices, however this setting is deleted if you delete your cookies; d) by permanently deactivating plugins in your Firefox, Internet Explorer or Google Chrome browser by clicking the link http://www.google.com/settings/ads/plugin. Please note that, in this case, you may not be able to use all the functions of this website to their full extent.
You can find additional information regarding DoubleClick by Google at https://www.google.com/doubleclick as well as additional information regarding Google’s policies on data privacy, in general, at https://policies.google.com/privacy?hl=en. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org.
Google Tag Manager
We use the Google Tag Manager by Google on our website. The Google Tag Manager is a solution that lets marketers manage website tags through an interface. The Google Tag Manager service itself (which implements the tags), is a cookie-free domain that does not collect any personal data. The Google Tag Manager service triggers other tags which, in turn, may collect data. Google Tag Manager does not access this data however. If tags have been disabled at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
Google Ads
We use the online advertising programme “Google Ads“ and the conversion tracking feature offered as part of Google Ads. Google conversion tracking is an analytical service offered by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If you click on an ad placed by Google, a conversion tracking cookie is placed on your computer. These cookies expire after 30 days, do not contain any personal data and are therefore not used for the purpose of personal identification.
If you visit certain pages on our website and the cookie has not expired, Google and we can recognise that you have clicked on the ad and been forwarded to this page. Since each Google Ads customer gets a different cookie, it is not possible to track cookies across the websites of Ads customers.
The information obtained with the help of conversion cookies is used to generate conversion statistics for Ads customers who have opted in favour of conversion tracking. This service reveals to customers the total number of users who have clicked on their ad and been forwarded to a page with a conversion tracking tag where they purchased a product, for example. However, they do not receive any information which can be used to identify users personally.
If you do not wish to participate in tracking, you can object to this use by preventing cookies from being installed by adjusting your browser settings accordingly (deactivation option). Then you will not be included in the conversion tracking statistics. You can find further information about Google’s Privacy Policy at: http://www.google.com/policies/technologies/ads/
https://policies.google.com/privacy?hl=en
Google Web Fonts
To ensure that the fonts displayed on this website have a uniform appearance, the site only uses web fonts provided by Google. When you visit a page, your browser downloads the web fonts it needs into your browser’s cache in order to display texts and fonts correctly.
To do so, the browser you use must establish a connection to Google’s servers. This tells Google that our website was accessed via your IP address.
The legal basis for processing your personal data in order to use Google Web Fonts is Art. 6 (1) (f) GDPR; we have a legitimate interest in offering a website with a uniform, appealing and user-friendly interface.
If your browser does not support Web Fonts, your computer will use a default font.
You will find additional information about Google Web Fonts at https://developers.google.com/fonts/faq and https://policies.google.com/privacy?hl=en.
Google Maps
This website uses the Google Maps service through an API. It is provided by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Your IP address must be stored in order to use the functions provided by Google Maps. This information is generally sent to a Google server in the USA, where it is stored. The provider of this website has no influence on the transmission of this data.
The legal basis for processing your personal data in order to use Google Maps is Art. 6 (1) (f) GDPR; we have a legitimate interest in offering a website with an appealing, user-friendly interface and in ensuring that we can be found easily at the locations specified on the website.
You can find out more about how user data are handled in Google’s Privacy Policy: https://policies.google.com/privacy?hl=en.
Measure conversions with the Facebook Pixel action tracker
On our website we use the “Facebook Pixel” action tracker from Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). We use this to help track the actions of users after they have seen or clicked on a Facebook ad. It allows us to collect data on the efficiency of Facebook ads for statistical and marketing purposes. The data collected through this tool are anonymous to us, which means that we are unable to see the personal data of individual users. These data are stored and processed by Facebook, however, so we are providing you with the information we have at our disposal. Facebook can combine these data with your Facebook account and also use it for its own advertising purposes, in accordance with Facebook’s Data Policy https://www.facebook.com/about/privacy/. You can permit Facebook and its partners to display ads both on and off the Facebook platform. Furthermore, a cookie can be stored on your computer for this purpose.
The legal basis for processing your personal data to measure conversions on our website with the Facebook Pixel action tracker is Art. 6 (1) (f) GDPR; we have a legitimate interest in offering a website with an appealing, technically functional and user-friendly interface and a needs-based design.
Microsoft Clarity
This website uses Microsoft Clarity to analyse website interactions. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA
(hereinafter referred to as "Microsoft Clarity").
Microsoft Clarity is a service that can be used to create session recordings, heat maps and ML Insights, among other things.
The data you create/transmit is stored on Microsoft Clarity's servers. Further information on the functions of Microsoft Clarity can be found at:
https://docs.microsoft.com/en-gb/clarity/faq
Legal basis
The data is processed on the basis of Art. 6 para. 1 lit. a GDPR. The website operator obtains a corresponding consent from you (e.g. consent to the storage of cookies).
You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
Storage period
The data you provide us with for Microsoft Clarity will be stored for up to 12 months and then deleted. For more information, please refer to Microsoft Clarity's privacy policy at:
https://privacy.microsoft.com/en-gb/privacystatement
Microsoft Clarity undertakes to guarantee the protection of data in its Online Service Terms and by using the EU standard contractual clauses.
Varify
We use http://Varify.io from the company Varify GmbH, Südliche Münchner Straße 55, 82031 Grünwald. Varify is a service that makes it possible to
create dynamic websites (so-called landing pages) based on search engine queries.
We use cookies so that the dynamic website you have called up is available to you for the duration of your
online shop. Neither we nor the service http://Varify.io transfer or store any of your personal data.
Purpose and legal basis
The use of http://Varify.io is based on our legitimate interests, i.e. interest in the efficient provision and optimisation of our
online offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR.
Storage duration
Varify does not store any user data when using the landing page tool. The cookies we set are deleted after 2 hours.
Carrying out A/B tests
In order to ensure that our website is constantly developed and customised to your interests, we carry out so-called "A/B tests". For this purpose, we store cookies in your browser
in order to evaluate and analyse these "A/B tests". We have ensured that the cookies stored in your browser do not process any of your personal data and that no conclusions can be drawn
about you. The cookies only register your interaction with the website by categorising you into a user group. The user group is analysed and evaluated anonymously. Your IP address is processed for a short time to play the cookie, but is not stored.
c. Use of CloudFlare
CloudFlare functions are used on our website. The provider is CloudFlare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.
CloudFlare offers a globally distributed content delivery network with DNS. At the technical level, transfers of information between your browser and our website are routed through the CloudFlare network. That puts CloudFlare in a position to analyse the data traffic between users and our website in order to identify and prevent attacks on our services, for example. CloudFlare may also store cookies on your computer for optimisation and analytical purposes.
The legal basis for processing your personal data in conjunction with the use of CloudFlare is Art. 6 (1) (f) GDPR; we have a legitimate interest in identifying and preventing attacks on our services, in particular.
For additional information, please refer to the CloudFlare Privacy Policy: https://www.cloudflare.com/security-policy/.
d. Use and application of affilinet
Components offered by affilinet are integrated into this website. Affilinet is a German affiliate network that offers affiliate marketing. Affilinet is operated by affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany.
Affiliate marketing is a type of Internet-based marketing which enables commercial operators of websites, referred to as merchants or advertisers, to show advertisements, which are mostly paid for by means of per-click or per-sale commissions, on third-party websites, i.e. distribution partners, which are also referred to as affiliates or publishers. The merchant provides an advertising medium, i.e. an advertising banner or other suitable means of Internet advertising, via the affiliate network, after which this medium is subsequently integrated into the affiliate’s own Internet pages or advertised via other channels, such as keyword advertising or e-mail marketing.
Affilinet places a cookie on the individual’s IT system. Cookies have already been explained above. Affilinet’s tracking cookie stores absolutely no personal data. The only information stored is the identification number of the affiliate, i.e. the partner referring potential customers, the serial number of the visitor to the website and the ad clicked. This data is stored in order to process commission payments between a merchant and the affiliate, which are processed via the affiliate network, i.e. Affilinet.
The legal basis for processing your personal data in conjunction with the use of Affilinet is Art. 6 (1) (f) GDPR; we have a legitimate interest in making our marketing as appealing as possible and in improving our products and services.
As already explained above, the data subject may prevent our website from storing cookies at any time by adjusting the settings of their Internet browser accordingly and, in doing so, permanently blocking cookies from being stored. This browser setting would also prevent Affilinet from placing a cookie on the data subject’s IT system. In addition, cookies already placed by Affilinet can be deleted at any time via an Internet browser or other software.
Affilinet’s currently valid Privacy Policy can be accessed at https://www.awin.com/gb/legal/privacy-policy-gb.
e. Social links
The website contains links to services such as Google+, YouTube, Facebook, Twitter and Xing. When you click on the link, you will be redirected to the page of the respective provider, i.e. only then will user information be transferred to the respective provider. Since the conduct of third parties is by nature beyond our control, we no longer have any influence on the collection, processing and use of any personal data (such as the IP address or the URL of the page containing the link) transferred to a third party when the link is clicked. For information on how your data is handled when you use the websites of other providers, please refer to the respective data protection information of those providers.
Active use of the website
In addition to the purely informational use of our website, you can also actively use our website to order one of our products, to register for our newsletter or to contact us. In addition to processing your personal data for purely informational purposes, as explained above, we will also process other personal data of yours that we need to process your order or to process and respond to your enquiry.
a. User enquiries
In order to process and respond to enquiries you send to us, e.g. via the contact form, to our e-mail address or by telephone, we process the personal data provided by you in this context.
For enquiries submitted via the contact form, you must provide your first name, surname and e-mail address. Providing your phone number and invoice number is voluntary.
If you send an enquiry to one of our e-mail addresses, we will always process your e-mail address in order to send you an answer, as well as any other information you send us within the context of your message.
When we receive enquiries via Facebook, we process the name provided in connection with your Facebook account and any other information you send us within the context of your message.
When we receive telephone enquiries, we process the personal data you provide us with over the phone.
The legal basis for the processing of your personal data in connection with user enquiries in order to respond to such enquiries is Art. 6 (1) (f) GDPR. We have a legitimate interest in providing correct responses to customer enquiries.
b. Registration and user account
You can create a user account in order to use our website and our online shop. To do so, you must first register. This requires that you provide your first name, surname, e-mail address and a password of your choice. Once you have successfully registered on our site, you carry out certain activities and make purchases via your user account. Registered users also have the option of changing or the data provided during registration at any time if necessary.
We use something referred to as a double opt-in approach for registration, i.e. your registration is not complete until you have confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. If we do not receive confirmation from you within 24 hours, your registration will automatically be deleted from our database.
We process your data for the purposes specified above on the following legal basis:
- for the performance of a contract or to take steps prior to entering into a contract in accordance with Art. 6 (1) (b) GDPR, if you use the user account for making purchases in our online shop and
- to preserve our legitimate interests in accordance with Art. 6 (1) (f) GDPR. We have a legitimate interest in offering you a user-friendly, personalised website.
c. Online shop and order placement
When you visit our online shop, we give you the opportunity to place an order for a product from our product range. You can select items from our product range in the online shop and place them in the shopping cart. The shopping cart stores information about all items and item quantities. To simplify your order placement experience, we even store incomplete orders for you so you can finish placing your order on your next visit.
If you order goods through our online shop, we collect your personal data in order to accept and process your e-commerce order and send you the ordered goods. You can place an order in our online as the registered user of a user account. In this case, we process your e-mail address, password or any other information you provided in connection with the user account. Additionally, you can also place an order via a guest account. For all orders, we process your title, name, address, e-mail address and any payment data (e.g. credit card number) you provide to us.
We process the data you provide in accordance with Art. 6 (1) (b) GDPR for the initiation and execution of contracts, in particular for offer preparation and the fulfilment and processing of your order, as well as for customer relationship management. Non-provision of any mandatory data could result in our inability to conclude a contract.
d. Compliance with legal regulations
We also process your personal data in order to fulfil other legal obligations which apply to us in connection with the processing of the order. These include, in particular, retention periods under commercial, trade or tax law.
We process your personal data for the fulfilment of a legal obligation to which we are subject pursuant to Art. 6 (1) (c) GDPR, in connection with commercial, trade or tax law, insofar as we are obligated to record and store your data.
e. Legal remedy
We also process your personal data to assert our rights and enforce our legal claims. We also process your personal data in order to be able to defend ourselves against legal claims. Finally, we process your personal data to the extent necessary to defend ourselves against or prosecute criminal offences.
For this purpose, we process your personal data in order to safeguard our legitimate interests in accordance with Art. 6 (1) (f) GDPR, insofar as we assert legal claims or defend ourselves in legal disputes or we prevent or investigate criminal offences.
f. Use for marketing purposes
Newsletters
We use your data with your consent to send you our newsletter. When you subscribe to the newsletter through our website, we collect your e-mail address as mandatory information. For subscriptions to and sending our newsletter we use MailChimp, which is commissioned by us to perform certain tasks.
Once granted, you may withdraw your consent at any time, with effect for the future. Withdrawal of consent, however, shall not affect the legality of any processing done up to the time of withdrawal. You may therefore unsubscribe from the newsletter at any time by sending a message to the contact information specified in Section I or by using the unsubscribe link provided in the newsletter.
If you have granted your consent, the legal basis for processing your data for the purpose of sending the newsletter is Art. 6 (1) (a) GDPR.
Use of data for e-mail marketing and right to object
When we receive your e-mail address in connection with contract conclusion and the provision of our products, we reserve the right to regularly send you interesting offers by e-mail for similar products from our product range unless you have objected to this. You can object to this use of your e-mail address at any time by sending a message through the contact options listed in Section I or by using the unsubscribe link provided for this purpose in the advertising e-mail; you will not incur any costs for this other than for transmission costs at the basic rates.
If you have provided us with your e-mail address in connection with the purchase of goods or services and we send you personalised advertising, we process your data to send e-mail advertising to safeguard our legitimate interests in accordance with Art. 6 (1) (b) GDPR in conjunction with Art. 7 (3) of the Federal Act against Unfair Competition (UCA). Our legitimate interest is based on our economic interest in performing marketing activities and target group advertising.
g. Sending an application
If you submit an application to us, we process your personal data in connection with your application. Your application documents could contain special categories of personal data.
Processing of personal data
Applicant data generally comprises the following: first name and surname, your academic degree if applicable, date and place of birth, contact details (address, e-mail, phone and/or mobile phone number), application documents (cover letter, CV, transcripts), language skills, other skills. We also process data sent when you contact us by e-mail.
In line with legal requirements, we base the decisions we make during the application process on the personal data you provide. For example, we use your professional qualifications to decide whether to let you continue to the next stage of the selection process and we use an interview to gain a personal impression of you in order to decide whether to offer you the job you applied for.
We process your personal data on the following legal basis:
- Data processing for the purpose of reaching a decision on the establishment of an employment relationship, Art. 88 (1) GDPR in conjunction with Section 26 (1) (1) of the German Federal Data Protection Act (BDSG).
Processing of special categories of personal data
In accordance with Art. 9 GDPR, special categories of personal data comprise data that could reveal a person’s racial or ethnic origin, political opinions, religious (e.g. information about religious affiliation/denomination) or philosophical beliefs or trade union membership, and the processing of biometric data for the purpose of uniquely identifying a natural person (e.g. photos), data concerning a person’s health (e.g. Information concerning the degree of severe disability) or data relating to a person’s sex life or sexual orientation. If your CV contains special categories of personal data, we do not collect such data intentionally. We specifically ask that you please refrain from sending us data of this nature.
If you, voluntarily and contrary to our express request, send us application documents containing special categories of personal data in accordance with Art. 9 (1) GDPR (e.g. your photo or details concerning your religious affiliation/denomination), we will store them on the basis of your consent pursuant to Art. 88 (1) GDPR in conjunction with Section 26 (3) (2) BDSG. The same also holds true if you provide us with other special personal data during the application process. By voluntarily submitting this data, you agree to the storage of this special personal data as part of the application process.
We do not take this special personal data into account when reaching our selection, unless we are required by law to take this special personal data into account. It is possible, for example, that some job advertisements may give preferential treatment to people with disabilities in accordance with prevailing legal provisions. In these cases, provision of this information is always voluntary and subject to your express consent, which you give by voluntarily submitting this data.
We process your special personal data on the following legal basis:
- In accordance with Art. 9 (1) GDPR based on your consent pursuant to Art. 88 (1) GDPR in connection with Section 26 (3) (2) BDSG.
IV. Links
Some parts of our webpages contain links to third-party websites. These websites are subject to their own principles of data protection. We are not responsible for the operation of such sites nor the way in which they handle data. If you send information to or through this kind of third-party sites, you should check the privacy policies of these sites before sending them any information that can be linked to you.
V. Categories of recipients
First of all, our employees become aware of your personal data. In addition, we use carefully selected and commissioned service providers for some of our business processes, especially for IT services, contract handling, the cultivation of customer relations and services provided to customers and interested parties. In some cases, our service providers receive your personal data in their capacity as processors and are then strictly bound by our instructions when handling your personal data. In some cases, the recipients handle your data independently as it is transmitted to them by us.
Below is a list of the recipient categories regarding your personal data: Payment service providers, newsletter service providers, communication service providers, logistics service providers, credit reporting agencies, debt collection service providers, advertising and market research services, printing services, law firms, tax offices and auditing firms.
VI. Transfer to third countries
We may also transfer personal data to recipients domiciled outside the EEA, i.e. third countries. In this case, we will ensure that the recipient either has an adequate level of data protection (e.g. based on an adequacy decision by the EU Commission for the respective country or on the basis of EU Standard Contractual Clauses agreed with the recipient) or you have consented to the transfer.
We transfer your truncated IP address to the USA in connection with our use of tools from Google. This data transfer is based on the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-US Privacy Shield. Certification under the EU-US Privacy Shield guarantees the presence of an adequate level of data protection in accordance with European data protection law. Any data transfer performed using Facebook Pixel and the use CloudFlare are based on the EU-US Privacy Shield as well.
VII. Length of storage
Unless this data protection information contains special instructions regarding deletion, we will delete any of your personal data that is no longer necessary for the business relationship, in particular for the purpose of initiating and executing contracts, if there is no further legal obligation or legal justification for such storage. The storage periods set forth in the German Commercial Code (HGB) and the Tax Code (AO) are two to ten years. The length of storage is also affected by statutory periods of limitation. The statutory period of limitation is generally between 12 and 36 months, however it can also be up to 30 years.
VIII. Your rights as a data subject
Rights to information, reporting, deletion, restriction on processing and data transmission
Pursuant to Art. 15 GDPR, you have the right to obtain information at any time regarding whether and which of your personal data is stored by us and to whom we may have disclosed it. In addition, you have the right to rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR) and data portability (Article 20 GDPR) in accordance with legal provisions.
Right to object
Furthermore, pursuant to Art. 21 (1) GDPR, you may at any time object to any data processing that we perform on the basis of Art. 6 (1) (f) GDPR (on the basis of a balance of interests) for reasons relating to your particular situation. In particular, you may object to the use of your data for the purpose of direct marketing at any time with future effect.
Right of withdrawal
Once granted, you may withdraw your consent to us at any time and without stating the reason. Withdrawal of consent, however, shall not affect the legality of any processing done up to the time consent was withdrawn.
Assertion of rights
You may assert the aforementioned rights in writing to our company's Data Protection Officer, whose name and contact details are listed under Section II.
Please note that, if any doubt exists as to whether you are seeking to assert the rights specified here as the data subject, we reserve the right to request more detailed proof of your identity as the actual data subject seeking to assert these rights.
Right to lodge a complaint with the data protection authority
In accordance with the requirements of Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your usual place of residence, place of work or place of the alleged infringement if you consider that the processing of your personal data violates the GDPR. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
The data protection authority responsible for our company is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
(The State Commissioner for Data Protection and the Freedom of Information)
Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Germany
E-mail: [email protected]
IX. Scope of your obligations to provide data
In principle, you are under no obligation to provide us with your personal data. If you choose not to, however, we will not be able to provide you access to our website, answer your questions or enter into any contracts with you. Personal data that are mandatory are indicated with an asterisk (*); any other personal data you provide to us is done so on a voluntary basis.
X. Automated decision-making / profiling
We do not use automatic decision-making or profiling (automatic analysis of your personal circumstances).
Information about your right to object, Art. 21 GDPR
-
You have the right to object at any time to the processing of your data on the basis of Art. 6 (1) (f) GDPR (data processing on the basis of a balance of interests) or Art. 6 (1) (e) GDPR (data processing in the public interest) on grounds relating to your particular situation. This shall also apply with respect to profiling based on this provision within the meaning of Art. 4 (4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
-
In individual cases, we also process your personal data for the purpose of conducting direct marketing. If you do not wish to receive advertising, you have the right to object to it at any time; this also applies to profiling, insofar as it is associated with such direct advertising. We will take your objection into account for the future.
We will no longer process your data for direct marketing if you object to their processing for this purpose.
XI. Amendments
We reserve the right to update this Privacy Policy occasionally to ensure that it always complies with current legal requirements or to implement changes to our services in the Privacy Policy, e.g. when introducing new services. The new Privacy Policy will then apply on your next visit. Unless stated otherwise, amendments of this nature shall take effect immediately. Therefore, please check this Privacy Policy on a regular basis to see the latest version.
Most recently updated in February 2019