Privacy policy
I would like to promote user confidence in the web and for this reason disclose the handling of personal data. Below you can find out what information we collect, for what purposes and how we deal with it.
The data protection declaration contains special information for applicants as well as general information that applies to both applicants and other visitors to our website.
As it is a matter of course for us to handle your data carefully and to treat it confidentially, we kindly ask you to send us only serious applications and to check attached files for viruses, etc. before forwarding them to us.
Table of contents
1 Objective and responsibility
2. basic information on data processing and legal basis
3. security measures
4. transfer of data to third parties and third-party providers
5. purpose and scope of the processing of applicant data
6. transfer of applicant data
7. type of transmission of applications
8. storage and deletion of applicant data
9. contacting
10. collection of access data
11. cookies & reach measurement
12. social media buttons and links
13. web analysis by Matomo (formerly PIWIK)
14. integration of services and contents of third parties
15. user rights
16. deletion of data
17. right to object
18. changes to the data protection declaration
1. objective and responsibility
This data protection declaration informs you about the type, scope and purpose of the processing of personal data within our online offer and the websites, functions and content connected to it (hereinafter jointly referred to as "online offer" or "website"). The data protection declaration applies irrespective of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the online offer is executed.
2. provider of the online offer and responsible under data protection law is Dieter Beller, Oststraße 32, 59227 Ahlen, Germany.
E-Mail: dieter@beller.info (hereinafter referred to as "we" or "us").
The term "user" used below includes both applicants and other website visitors. All terms used, such as "applicant", are to be understood as gender-neutral.
2 Basic information on data processing and legal basis
We process users' personal data only in compliance with the relevant data protection regulations. This means that the user's data will only be processed if a legal permission exists. This means, in particular, if the data processing is necessary for the provision of our contractual services (e.g. processing of orders) as well as online services, or is required by law, or if the users have given their consent, as well as on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation and security of our online offer within the meaning of Art. 6 Para. 1 lit. f. DSGVO, or until the validity of the DSGVO on the basis of § 15 para. 3 TMG), in particular in the case of range measurement, creation of profiles for advertising and marketing purposes as well as collection of access data and use of third-party services.
2 With regard to the processing of personal data on the basis of the Data Protection Regulation (DSGVO), we point out that the legal basis for consent is Art. 6 para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing for the fulfilment of our services and implementation of contractual measures is Art. 6 para. 1 lit. b DSGVO, the legal basis for processing to fulfil our legal obligations Art. 6 para. 1 lit. c DSGVO, and the legal basis for processing to protect our legitimate interests Art. 6 para. 1 lit. f DSGVO. 3.
Notwithstanding the above purposes, we also process your contact data (in particular name, address, e-mail address) within the scope of what is legally permissible for marketing and web purposes, i.e. for example to send you information about our products, our company, offers or events. Finally, we also process your contact data to maintain our business contacts if we have received them in the context of a business event, in the context of a business appointment (e.g. by exchanging business cards) or in the context of an order, and transfer them to the CRM system (Customer Relationship Management System) used by us.
Since we have a legitimate economic interest in maintaining contacts that have arisen in the course of business dealings even beyond the initial contact, in using them to build up a business relationship and in staying in contact with the persons concerned for this purpose, the aforementioned processing of your personal data is carried out on the basis of Art. 6 para. 1 lit. f) DSGVO.
3. security measures
We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data we process against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. 2.
The security measures include in particular the encrypted transmission of data between your browser and our server.
4. disclosure of data to third parties and third-party providers
1. data is only passed on to third parties within the framework of legal requirements. We only disclose users' data to third parties if this is necessary, for example, for billing purposes or for other purposes if these are necessary to fulfil our contractual obligations to users.
2. where we use subcontractors to provide our services, we take appropriate legal precautions and technical and organisational measures to ensure the protection of personal data in accordance with the relevant legal requirements.
If content, tools or other means from other providers (hereinafter collectively referred to as "third party providers") are used within the scope of this data protection declaration and their registered office is located in a third country, it must be assumed that data is transferred to the countries in which the third party providers are based. 4.
(4) Third countries are countries in which the GDPR is not directly applicable law, i.e. countries outside the EU or the European Economic Area.
The transfer of data to third countries takes place either if there is an adequate level of data protection, user consent or other legal permission.
5. purpose and scope of the processing of applicant data
We process the applicant data only for the purpose of and within the scope of the application procedure in accordance with the legal requirements. Applicant data is processed in order to fulfil our contractual obligations and on the basis of our legitimate interests, as well as the interests of applicants in the implementation of a fast and effective application procedure. 2.
2 The application procedure requires applicants to provide us with the applicant data. The necessary applicant data is marked as such in our online form. This includes personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, CV and certificates. In addition, applicants can voluntarily provide us with additional information. By submitting the application to us, applicants agree to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this data protection declaration.
6. disclosure of applicant data
1. as a matter of principle, we do not pass on applicant data to third parties. However, we may be supported by external service providers or other companies within our group within the scope of the application process. In doing so, the service providers may also process applicant data. The service providers only process the applicants' data on our behalf and on the basis of contractual obligations that provide for compliance with the agreed organisational and technical measures. 2.
2 Furthermore, applicant data may be passed on if a position has been expressly advertised by several companies within our group of companies, i.e. the application procedure is carried out by several companies. 3.
In all other cases, we ask the applicants for permission before we pass on their data.
7. method of transmission of applications
Applicants can send us their applications using the contact form on our website. The data will be transmitted to us in encrypted form in accordance with the state of the art. 2.
2 Alternatively, applicants can send us their applications by e-mail. However, please note that e-mails are not sent in encrypted form. We cannot therefore accept any responsibility for the transmission path of the application between the sender and receipt on our server and therefore recommend using the online form.
Instead of applying via the online form and e-mail, applicants still have the option of sending us their application by post.
8. retention and deletion of applicant data
1. the data provided by applicants may be processed by us for the purposes of the employment relationship in the event of a successful application.
2. otherwise, if the application for a vacancy is unsuccessful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time. 3.
3. subject to a justified revocation by the applicants, the deletion will take place after the expiry of a period of six months so that we can answer any follow-up questions about the application and satisfy our obligations to provide evidence under the General Equal Treatment Act (AGG).
9. contacting
(1) When contacting us (via contact form, e-mail in the context of an order or, for example, when exchanging business cards), the user's details are processed for the purpose of handling the contact enquiry and its settlement.
2. the user's details may be stored in our customer relationship management system ("CRM system") or comparable enquiry organisation for the further maintenance of the business relationship and must be stored as business letters for 6 years due to statutory requirements and for 10 years in the case of statutory relevance under tax law.
10. collection of access data
1. log file information is only collected by the provider as part of the monitoring process.
Log file information is stored for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident has been finally clarified.
11 Cookies & Reach Measurement
Cookies are pieces of information that are transferred from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage. Users are informed about the use of cookies in the context of pseudonymous reach measurement within the scope of this data protection declaration. 2.
If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer. 3.
3. you can object to the use of cookies that serve range measurement and advertising purposes via the deactivation page of the network advertising initiative(http://optout.networkadvertising.org/) and additionally the US website(http://www.aboutads.info/choices) or the European website(http://www.youronlinechoices.com/uk/your-ad-choices/).
12. social media buttons and links
The links/buttons to social networks and platforms (hereinafter referred to as "social media") used within our online offer only establish contact between social networks and users when users click on the links/buttons and the respective networks or their websites are called up. This function corresponds to the mode of action of a regular online link. 2.
The following presentation provides an overview of the linked social media providers, together with links to their data protection declarations, which contain further information on the processing of data and, in part already mentioned here, options for objection (so-called opt-out):
- facebook.com, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, privacy policy: http://de-de.facebook.com/policy.php, opt-out: http://www.facebook.com/settings.
- YouTube/ Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- XING SE / kununu, Dammtorstraße 29-32, 20354 Hamburg, Germany. Privacy policy: https://www.xing.com/privacy.
- Instagram, Instagram LLC, Represented by Kevin Systrom and Mike Krieger, 1601 Willow Rd, Menlo Park CA 94025, USA. Privacy policy:
https://help.instagram.com/155833707900388/
- LinkedIn, Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Privacy policy: https://www.linkedin.com/legal/privacy-policy
13. web analysis by Matomo (formerly PIWIK)
Scope of the processing of personal data:
We use the open source software tool Matomo (formerly PIWIK) on our online offer to analyse the surfing behaviour of our users. The software sets a cookie on the user's computer (for cookies, see above). If individual pages of our website are called up, the following data is stored:
(1) Two bytes of the IP address of the user's calling system.
(2) The website called up
(3) The website from which the user accessed the accessed website (referrer)
(4) The sub-pages accessed from the accessed website
(5) The time spent on the website
(6) The frequency with which the website is accessed
The software runs exclusively on the servers of our website. Personal data of the users is only stored there. The data is not passed on to third parties.
Legal basis for the processing of personal data:
The legal basis for the processing of the users' personal data is Art. 6 para. 1 lit. f DSGVO.
3. purpose of data processing and legitimate interest:
The processing of the users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes are also our legitimate interest in processing the data in accordance with Art. 6 Para. 1 lit. f DSGVO. By anonymising the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.
More information on the privacy settings of the Matomo software can be found at the following link: https://matomo.org/docs/privacy/
14. integration of services and contents of third parties
We use content or service offers from third-party providers within our online offer on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 (1) f) DSGVO) in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavour to use only such content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.
The following presentation provides an overview of third-party providers and their content, together with links to their data protection declarations, which contain further information on the processing of data and, in part already mentioned here, options for objection (so-called opt-out):
- Maps of the "Google Maps" service of the third-party provider Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Videos from the "YouTube" platform of the third-party provider Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Note on Google, Inc.: Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
15. rights of the users
1. users have the right to obtain, on request and free of charge, information about the personal data we hold about them. In addition, users have the right to correct incorrect data, restrict processing and delete their personal data, if applicable, to assert their rights to data portability and, in the event of the assumption of unlawful data processing, to file a complaint with the competent supervisory authority (Der Landesbeauftragte für den Datenschutz Baden-Württemberg, Königstraße 10a, 70025 Stuttgart). 2.
Users can also revoke their consent, in principle with effect for the future, without giving reasons.
16. deletion of data
The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion is not contrary to any statutory retention obligations. If the user data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for reasons of commercial or tax law. 2.
According to legal requirements, data is stored for 6 years in accordance with § 257 para. 1 HGB (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).
17 Right of objection
Users may object to the future processing of their personal data in accordance with the legal requirements at any time without giving reasons. The objection can be made in particular against the processing for purposes of direct advertising.
18. changes to the privacy policy
We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing. Insofar as user consent is required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users. 2.
Users are requested to inform themselves regularly about the content of the data protection declaration.