Data protection

Smart IT Alliance GmbH

We hereby inform you in accordance with the legal requirements of data protection law (especially according to the BDSG n.F. and the European General Data Protection Regulation ‘GDPR’) about the type, scope and purpose of processing personal data by our company. This privacy policy also applies to our websites and social media profiles. With regard to the definition of terms such as “personal data” or “processing”, we refer to Art. 4 GDPR.

 

Name and contact details of the data controller(s)

Our data controller(s) (hereinafter “controller”) within the meaning of Art. 4(7) of the GDPR is/are:

 

Smart IT Alliance GmbH

 

TecCenter

31162 Bad Salzdetfurth

Deutschland

 

Fax: +49 (0) 5063 63 29 799

 

E-Mail-Adresse: info@gainfarm.de

 

Geschäftsleitung: Jennifer Behrens

 

Registrierung: Amtsgericht Hildesheim, HRB 207921

 

Ust.-IdNr.: DE348397355

 

Datenschutzbeauftragte/r: Christian Behrens

 

TecCenter
31162 Bad Salzdetfurth
Deutschland

 

Fax: +49 (0) 5063 63 29 799

 

E-Mail: info@smart-it-alliance.

 

Types of data, purposes of processing, and categories of data subjects:

Hereinafter, we inform you about the type, scope, and purpose of the collection, processing, and use of personal data.

Please provide more information on the types of data, purposes of processing, and categories of data

 

  1. Types of data we process Usage data (access times, visited websites, etc.), inventory data (name, address, etc.), contact data (phone number, email, fax, etc.), payment data (bank details, account information, payment history, etc.), contract data (subject of the contract, duration, etc.), content data (text inputs, videos, photos, etc.), communication data (IP address, etc.).

 

  1. Purposes of processing according to Art. 13(1)(c) GDPR Execution of contracts, purposes of proof / securing evidence, technical and economic optimization of the website, enabling easy access to the website, fulfillment of contractual obligations, contact in case of legal complaints by third parties, fulfillment of legal retention requirements, optimization and statistical evaluation of our services, supporting commercial use of the website, improving user experience, designing the website to be user-friendly, economic operation of advertising and website, marketing / sales / advertising, creation of statistics, prevention of spam and abuse, processing of applicant procedures, customer service and customer care, handling contact inquiries, providing websites with features and content, security measures, uninterrupted and secure operation of our website.
  1. Categories of data subjects according to Art. 13(1)(e) GDPR Visitors/users of the website, customers, suppliers, prospects, applicants, employees, employees of customers or suppliers.

The data subjects are collectively referred to as “users”.

Legal bases for processing personal data

Below, we inform you about the legal bases for processing personal data.

 

  1. If we have obtained your consent for the processing of personal data, Art. 6(1)(a) of the GDPR is the legal basis.
  2. If the processing is necessary for the performance of a contract or for taking pre-contractual measures at your request, Art. 6(1)(b) of the GDPR is the legal basis.
  3. If the processing is necessary for compliance with a legal obligation to which we are subject (e.g. statutory retention obligations), Art. 6(1)(c) of the GDPR is the legal basis.
  4. If the processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) of the GDPR is the legal basis.
  5. If the processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, and your interests or fundamental rights and freedoms do not override these interests, Art. 6(1)(f) of the GDPR is the legal basis.

 

Disclosure of personal data to third parties and processors. 

Without your consent, we do not disclose personal data to third parties. However, if such disclosure is necessary, it will be based on the legal grounds mentioned above, such as disclosing data to online payment providers for contract fulfillment, upon court order or legal obligation for law enforcement purposes, hazard prevention, or to protect intellectual property rights.

We also engage processors (external service providers, for example, for web hosting our websites and databases) to process your data. When data is disclosed to processors as part of a data processing agreement, it is always done in accordance with Art. 28 of the GDPR. We carefully select our processors, regularly monitor them, and retain the right to provide instructions regarding the data. Additionally, processors must have implemented appropriate technical and organizational measures and comply with the data protection regulations according to BDSG n.F. and GDPR.

 

Data transfer to third countries. 

Through the adoption of the European General Data Protection Regulation (GDPR), a unified basis for data protection in Europe has been established. As a result, your data is primarily processed by companies that are subject to the GDPR. However, if processing is performed by third-party services located outside the European Union or the European Economic Area, they must comply with the specific requirements outlined in Articles 44 et seq. of the GDPR. This means that processing would only occur if there are sufficient safeguards in place, such as the EU Commission’s recognition of an adequate level of data protection or adherence to officially recognized specialized contractual obligations, such as “standard contractual clauses.”

In the event that, due to the invalidation of the “Privacy Shields,” we are required to explicitly seek your consent for data transfers to the United States in accordance with Article 49(1)(a) of the GDPR, we would like to inform you about the risk of potential covert access by US authorities and the utilization of data for surveillance purposes, which could potentially not provide legal recourse for EU citizens.

 

Deletion of data and storage period. 

Unless expressly stated otherwise in this privacy policy, your personal data will be deleted or blocked as soon as your consent for processing is revoked or the purpose of storage no longer applies, or the data is no longer necessary for the purpose, unless their further retention is necessary for evidentiary purposes or is contrary to legal storage obligations. This includes, for example, commercial storage obligations for business letters according to § 257 para. 1 HGB (6 years) as well as tax storage obligations for documents according to § 147 para. 1 AO (10 years). When the prescribed retention period expires, your data will be blocked or deleted, unless storage is still necessary for the conclusion or performance of a contract.

Existence of automated decision-making

 

We do not use automated decision-making or profiling.

 

Provision of our website and creation of log files.

  1. If you only use our website for informational purposes (i.e., no registration or other transmission of information), we only collect the personal data that your browser transmits to our server. When you want to view our website, we collect the following data: • IP address; • Internet service provider of the user; • Date and time of access; • Browser type; • Language and browser version; • Content accessed; • Timezone; • Access status/HTTP status code; • Data volume; • Websites from which the request originates; • Operating system. No storage of this data together with other personal data about you takes place.
  2. This data is used for the purpose of delivering our website to you in a user-friendly, functional, and secure manner, with features and content, as well as for its optimization and statistical evaluation.
  3. The legal basis for this is our legitimate interest in data processing pursuant to Art. 6(1)(f) of the GDPR, which also lies in the above purposes.
  4. For security reasons, we store this data in server log files for a retention period of 30 days. After this period, it is automatically deleted unless we need to retain it for evidence purposes in the event of attacks on the server infrastructure or other legal infringements.

Cookies

 

We use so-called cookies when you visit our website. Cookies are small text files that are stored by your internet browser on your computer. When you visit our website again, these cookies provide information to automatically recognize you. Among the cookies are also the so-called “user IDs,” where user information is stored in pseudonymized profiles. When you visit our website, we inform you about the use of cookies for the purposes mentioned above and how you can object to this or prevent their storage (“opt-out”) by displaying a notice on our website linking to our privacy policy.

The following types of cookies are distinguished:

Necessary, essential cookies: Essential cookies are cookies that are absolutely necessary for the operation of the website, such as storing login information, shopping cart data, or user inputs, e.g. regarding the language of the website.

Session cookies: Session cookies are needed to recognize repeated use of an offer by the same user (e.g., if you have logged in to determine your login status). When you revisit our site, these cookies provide information to automatically recognize you. The information obtained in this way is used to optimize our offers and enable easier access to our site. Session cookies are deleted when you close your browser or log out.

Persistent cookies: These cookies are stored even after closing the browser. They are used for storing login information, measuring reach, and for marketing purposes. They are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

Third-party cookies (third-party cookies, especially from advertisers): According to your preferences, you can configure your browser settings and, for example, reject the acceptance of third-party cookies or all cookies. However, we would like to point out that in this case, you may not be able to use all functions of this website. You can find more information about these cookies in the respective privacy policies of the third-party providers.

  1. Data categories: User data, cookie, user ID (in particular the pages visited, device information, access times, and IP addresses).
  2. Purposes of processing: The obtained information is used for the purpose of technically and economically optimizing our web offerings and providing you with easier and more secure access to our website.
  3. Legal basis: If we process your personal data using cookies based on your consent (“opt-in”), then Article 6(1)(a) of the General Data Protection Regulation (GDPR) is the legal basis. Otherwise, we have a legitimate interest in the effective functioning, improvement, and economic operation of the website, so in this case, the legal basis is Article 6(1)(f) GDPR. The legal basis is also Article 6(1)(b) GDPR when cookies are set for the purpose of initiating a contract, e.g. for orders.
  4. Storage duration/ deletion: The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of data collected for providing the website, this is the case when the respective session is ended. Cookies are otherwise stored on your computer and transmitted to our site from there. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may no longer be possible to fully utilize all functions of the website. Here you can find information on how to delete cookies according to different browsers: Chrome: https://support.google.com/chrome/answer/95647 Safari: https://support.apple.com/en-us/guide/safari/sfri11471/mac Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies Microsoft Edge: https://support.microsoft.com/en-us/help/4027947/windows-delete-cookies

 

  1. Objection and “Opt-Out”: You can generally prevent the storage of cookies on your hard drive, regardless of consent or legal permission, by selecting “do not accept cookies” in your browser settings. However, this may result in limited functionality of our offerings. You can object to the use of cookies by third parties for advertising purposes through an “opt-out” on this American website (https://optout.aboutads.info) or this European website (http://www.youronlinechoices.com/de/praferenzmanagement/).

 

Processing of contracts

 

  1. We process inventory data (e.g. company, title/academic degree, names and addresses, as well as contact information of users, email), contract data (e.g. services used, names of contact persons), and payment data (e.g. bank details, payment history) for the purpose of fulfilling our contractual obligations (knowledge of contract parties; establishment, content-related design and execution of the contract; plausibility check of the data) and providing service (e.g. contact of customer service) pursuant to Art. 6(1)(b) of the GDPR. The entries marked as mandatory in online forms are necessary for the conclusion of the contract.
  2. Generally, we do not transfer this data to third parties, unless it is necessary for the pursuit of our claims (e.g. transfer to a lawyer for debt collection) or for fulfilling the contract (e.g. transfer of data to payment service providers), or there is a legal obligation pursuant to Art. 6(1)(c) of the GDPR.
  1. We may also process the data you provided to inform you about other interesting products from our portfolio or send you emails with technical information.
  2. The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case for inventory and contract data when the data is no longer necessary for the performance of the contract and no claims can be made from the contract because they are time-barred (warranty: two years / statutory limitation period: three years). We are obliged to store your address, payment and order data for a period of ten years due to commercial and tax law requirements. However, after the contract has ended after three years, we will restrict the processing, i.e. your data will only be used to comply with legal obligations. Information in the user account will remain until it is deleted.

Online payment provider

  1. The billing is done through PayPal (Europe) S.àr.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, Web: paypal.de, https://www.paypal.com/de/webapps/mpp/ua/privacy-full, when payment is made via “Paypal”. The billing is done through Klarna GmbH, Theresienhöhe 12, 80339 Munich, https://www.klarna.com/sofort/datenschutz/, when payment is made via “Sofort.com”. Hereinafter referred to as “online billing providers”. The online billing providers collect, store and process the usage and billing data from you to determine and bill for the services you have used. The data entered on the online billing providers’ platforms is only processed and stored by them. If the online billing providers are unable to collect the usage fees in full or in part, or if they refrain from doing so due to a complaint from you, the usage data will be passed on to the data controller and the data controller may block the usage. The same applies if, for example, a credit card company reverses a transaction made by you at the expense of the data controller.
  2. The legal basis is Art. 6 (1) (b) GDPR, as the processing is necessary for the performance of a contract by the data controller. In addition, external online billing providers are used based on Art. 6 (1) (f) GDPR for legitimate interests of the data controller, in order to offer you secure, simple and diverse payment options.
  3. Regarding the storage period, revocation, information and data subjects’ rights, please refer to the above privacy policies of the online billing providers.

Contact via contact form / email / fax / mail.

  1. When contacting us via contact form, fax, post or email, your information will be processed for the purpose of processing the contact request.
  2. The legal basis for the processing of data, provided that you have given your consent, is Art. 6 (1) sentence 1 lit. a) GDPR. The legal basis for the processing of data transmitted in the course of a contact request or email, letter or fax is Art. 6 (1) sentence 1 lit. f) GDPR. The data controller has a legitimate interest in processing and storing the data in order to be able to respond to user inquiries, to secure evidence for liability reasons, and to be able to comply with any legal retention obligations for business letters. If the contact is aimed at concluding a contract, an additional legal basis for processing is Art. 6 (1) sentence 1 lit. b) GDPR.
  3. We may store your details and contact request in our Customer Relationship Management (CRM) system or a comparable system.
  4. The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. For the personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with you has ended. The conversation is deemed to have ended when the circumstances indicate that the matter in question has been finally clarified. We store inquiries from users who have an account or contract with us for a period of two years after the contract has ended. In the case of legal archiving obligations, deletion takes place after their expiry: end of commercial retention obligations (6 years) and tax retention obligations (10 years).
  5. You have the opportunity to revoke your consent to the processing of personal data at any time in accordance with Art. 6 (1) sentence 1 lit. a) GDPR. If you contact us by email, you can object to the storage of your personal data at any time.

Contact by telephone

 

  1. When contacting us by phone, your phone number will be processed and temporarily stored and displayed in the RAM / cache of the telephone device / display for the purpose of processing and handling the contact request. The storage is done for liability and security reasons in order to be able to provide evidence of the call and for economic reasons to enable a callback. In the case of unauthorized marketing calls, we block the numbers.
  2. The legal basis for processing the phone number is Art. 6 (1) sentence 1 lit. f) of the GDPR. If the contact aims to conclude a contract, an additional legal basis for the processing is Art. 6 (1) lit. b) of the GDPR.
  3. The device cache stores the calls for 30 days and successively overwrites or deletes old data. When the device is disposed of, all data is deleted and the storage may be destroyed. Blocked phone numbers are reviewed yearly for the necessity of blocking.
  4. You can prevent the display of your phone number by calling with a suppressed phone number.
  1. We have integrated the anti-spam function “reCAPTCHA” from “Google” (provider: Google Ireland Limited, registration number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) on our website.
  2. Data category and description of data processing: Usage data (e.g., visited website, IP). By using “reCAPTCHA” in our forms, we can determine whether the input was made by a machine (robot) or a human. When using the service, your IP address and any other data required for this purpose may be transmitted to Google servers in the United States.
  3. Purpose of processing: Prevention of spam and abuse, as well as our economic interest in optimizing our website.
  4. Legal basis: If you have given your consent (“opt-in”) for the processing of your personal data through “reCAPTCHA” by the third-party provider, the legal basis is Art. 6 (1) sentence 1 lit. a) GDPR. The legal basis is also our legitimate interest in data processing in the above-mentioned purposes according to Art. 6 (1) sentence 1 lit. f) GDPR.
  5. Data transfer/recipient category: Third-party provider in the United States.
  6. Storage period: Until the cookies are deleted by you as the user.
  7. For more information about Google reCAPTCHA, please visit https://www.google.com/recaptcha/ and consult Google’s privacy policy at: https://policies.google.com/privacy.

Google Maps

  1. We have integrated maps from “Google Maps” (provider: Google Ireland Limited, registration number: 368047, Gordon House, Barrow Street, Dublin 4, Ireland) on our website.
  2. Data category and description of data processing: Usage data (e.g. IP address, location, accessed page). With Google Maps, we can display the location of addresses and provide directions directly on our website in interactive maps, enabling you to use this tool. When accessing our website where Google Maps is integrated, a connection is established to Google servers in the USA. Your IP address and location may be transmitted to Google. Additionally, Google receives information that you have accessed the respective page. This also occurs without a Google user account. If you are logged into your Google account, Google may associate the above-mentioned data with your account. If you do not wish for this association, you must log out of your Google account. Google creates user profiles from such data and uses these data for advertising, market research, or website optimization purposes.
  3. Purpose of processing: Provision of a user-friendly, cost-effective, and optimized website.
  4. Legal basis: If you have given your consent (opt-in) for the processing of your personal data using “Google Maps” by the third-party provider, the legal basis is Art. 6(1)(a) GDPR. The legal basis is also our legitimate interest in the above-mentioned purposes of data processing pursuant to Art. 6(1)(f) GDPR.
  5. Data transfer/recipient category: Third-party provider in the USA.
  6. Storage duration: Cookies up to 6 months or until deletion by you. Otherwise, as long as they are no longer needed for the processing purposes.
  7. Right to object and removal options: You have the right to object to the creation of user profiles by Google. Therefore, please contact Google directly using the privacy policy listed below. You can opt-out of advertising cookies through your Google account here: https://adssettings.google.com/authenticated.
  8. You can find further information on the use of Google cookies and their advertising technologies, storage duration, anonymization, location data, functionality, and your rights in the terms of use of Google Maps at https://www.google.com/intl/de_de/help/terms_maps.html and in Google’s privacy policy for advertising at https://policies.google.com/technologies/ads. General privacy policy of Google: https://policies.google.com/privacy.

Social media plug-ins

  1. On our website, we use social media plug-ins from social networks. We employ the “two-click solution” Shariff by c’t/heise.de: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html; Service provider: Heise Medien GmbH & Co. KG, Karl-Wiechert-Allee 10, 30625 Hannover, Germany; Privacy policy: https://www.heise.de/Datenschutzerklaerung-der-Heise-Medien-GmbH-Co-KG-4860.html.
  2. Data category and description of data processing: Usage data, content data, master data. When accessing our website, no personal data is transmitted to the third-party providers of the social plug-ins through “Shariff”. In addition to the logo or brand of the social network, you will find a slider that allows you to activate the plug-in by clicking on it. This activation constitutes your consent in the form that the respective provider of the social network receives the information that you have accessed our website and that your personal data is transmitted to the provider of the plug-in and stored there. These are so-called third-party cookies. According to their own information, some providers such as Facebook and XING immediately anonymize your IP after collection. The plug-in provider stores the data collected about the user as usage profiles. You can revoke your consent at any time by deactivating the slider.
  3. Purpose of data processing: Improvement and optimization of our website; Increasing our visibility through social networks; Possibility of interaction with you and users among each other via social networks; Advertising, analysis, and/or demand-oriented design of the website.
  4. Legal basis: The legal basis for the processing of personal data is our legitimate interest pursuant to Art. 6(1)(f) GDPR, as outlined in the aforementioned purposes. If you have given us or the responsible party of the social network your consent to the processing of your personal data, the legal basis is Art. 6(1)(a) in conjunction with Art. 7 GDPR. In the case of pre-contractual inquiries or the use of your personal data for contract fulfillment, the legal basis is Art. 6(1)(b) GDPR.
  5. Data transfer/recipient category: Social network.
  6. Used social networks and objection: With regard to the purpose and scope of data collection and processing, please refer to the respective privacy policies of the social networks. There, you will also find information regarding your rights and options for protecting your personal data. You have the right to object to the creation of these user profiles, and you can exercise these rights directly with the respective plug-in provider.

Facebook

  1. We have integrated plug-ins from the social network Facebook.com (headquartered in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on our website as part of the aforementioned “two-click solution” by Shariff. You can recognize them by the Facebook logo “f” or the addition “Like”, “Gefällt mir” or “Share”.
  2. When you voluntarily activate the Facebook plug-in, a connection is established from your browser to Facebook’s servers. In doing so, Facebook receives the information, including your IP, that you have accessed our website and transmits this information to servers in the USA, where it is stored. If you are logged into your Facebook account, Facebook can associate this information with your account. When using the functions of the plug-in, e.g., by clicking the “Like” button, this information is also transmitted from your browser to Facebook’s servers in the USA and stored there, as well as displayed in your Facebook profile and possibly to your friends.
  3. For the purpose and scope of data collection, further processing and use of the data by Facebook, as well as your related rights and options for protecting your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/. Data collection relating to the “Like” button: https://www.facebook.com/help/186325668085084. You can manage and object to the use of your profile data for advertising purposes on Facebook here: https://www.facebook.com/ads/preferences/.
  4. If you log out of Facebook and delete your cookies before visiting our website, no data about your visit to our website will be associated with your Facebook profile when activating the plug-in.
  5. Agreement on joint processing of personal data on Facebook pages (Art. 26 GDPR): https://www.facebook.com/legal/terms/page_controller_addendum, Privacy policy for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Twitter

  1. We have integrated plug-ins of the social network Twitter.com (Twitter Inc., 1355 Market St., Suite 900, San Francisco, California 94103, USA) on our website as part of the “two-click solution” by Shariff. You can recognize these plug-ins by the Twitter logo with a white bird on a blue background. An overview of Twitter buttons and tweets can be found at: https://developer.twitter.com/en/docs/twitter-for-websites/overview.
  2. If you are logged into your Twitter account while willingly activating the Twitter plug-ins, Twitter can assign the call of our website to your Twitter profile.
  3. If you want to exclude the transmission of data to Twitter when activating the plug-in, please log out of Twitter before visiting our website and delete your cookies.
  4. You can find the purpose and scope of data collection as well as its further processing and use by Twitter, as well as your related rights and settings to protect your privacy, in Twitter’s privacy policy: https://twitter.com/en/privacy. Opt-out: https://twitter.com/personalization.

XING

  1. We have integrated plug-ins from the social network XING (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) on our website as part of the “two-click solution” by Shariff. You can recognize them by the share button with the white XING logo and the “X” symbol on a green background.
  2. If you willingly activate the XING share button on our website, this will cause your browser to establish a connection to the XING server when the respective webpage is called. According to XING, no data about the visit is stored from which XING could directly identify an individual. XING does not store IP addresses and does not use cookies. When you click the share button, you will be redirected to XING’s homepage, where you can recommend our page if you are logged in, which serves the purpose of increasing our visibility and reach. XING’s privacy policy applies to these activities on the XING platform.
  3. If you log out of XING before visiting our website and delete your cookies, no data about the visit to our website will be assigned to your profile on XING when activating the plug-in.
  4. You can find the purpose and scope of data collection as well as its further processing and use by XING, as well as your related rights and settings to protect your privacy, in XING’s privacy policy for the share button at https://www.xing.com/app/share%3Fop%3Ddata_protection, as well as in XING’s general privacy policy at https://privacy.xing.com/en/data-protection-policy.

Instagram

  1. We have integrated plugins from the social network Instagram (service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on our website using the “two-click solution” from Shariff. You can recognize these by the Instagram logo in the form of a square camera.
  2. If you voluntarily activate the plugin, a connection is established from your browser to Instagram’s servers. Instagram receives information, including your IP address, that you have visited our site and transfers this information to servers in the USA where it is stored. If you are logged into your Instagram account, Instagram can associate this information with your account, and you can click the Instagram button to share and save the content of our pages on your Instagram account and potentially show it to your friends there. We have no knowledge of the exact content of the transmitted data, its use, and storage duration by Instagram.
  3. If you log out of Instagram and delete your cookies before visiting our website, no data about your visit to our website will be associated with your profile on Instagram when activating the plugin.
  4. You can find further information in Instagram’s privacy policy/opt-out: https://help.instagram.com/519522125107875, objection: https://help.instagram.com/contact/186020218683230; agreement on the joint processing of personal data on Instagram pages (Art. 26 GDPR): https://www.facebook.com/legal/terms/page_controller_addendum.

Pinterest

  1. We have integrated plugins from the social network Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) on our website using the “two-click solution” from Shariff. You can recognize these by buttons with the white “P” on a red background.
  2. If you voluntarily activate the plugin, a connection is established from your browser to Pinterest’s servers. Pinterest receives information, including your IP address, that you have visited our site and transfers this information to servers in the USA where it is stored. If you are logged into your Pinterest account, Pinterest can associate this information with your account, and you can click the Pinterest button to share and save the content of our pages on your Pinterest account and potentially show it to your friends there.
  3. If you log out of Pinterest and delete your cookies before visiting our website, no data about your visit to our website will be associated with your profile on Pinterest when activating the plugin.
  4. You can find further information in Pinterest’s privacy policy: https://policy.pinterest.com/en/privacy-policy, opt-out: https://help.pinterest.com/en/articles/personalized-ads-pinterest.

Data Protection in Applications and in the Application Process

  1. Applications sent electronically or by mail to the responsible party will be processed electronically or manually for the purpose of handling the application process.
  2. We explicitly point out that application documents containing “special categories of personal data” according to Art. 9 GDPR (e.g., a photo that reveals your ethnic origin, religion, or marital status), with the exception of any information about severe disabilities that you voluntarily disclose, are not desired. You should submit your application without this data. This does not affect your chances of being selected.
  3. The legal bases for processing are Art. 6 (1) (b) GDPR and § 26 BDSG n.F.
  4. If an employment relationship is established with the applicant after the application process is completed, the applicant’s data will be stored in compliance with relevant data protection regulations. If no position is offered to you after the application process is completed, your submitted application letter and documents will be deleted 6 months after sending the rejection in order to comply with any legal claims or obligations under the General Equal Treatment Act (AGG).

 Rights of the data subject

  1. Objection or revocation of consent: If the processing of your data is based on your consent according to Art. 6(1)(a) and Art. 7 of the GDPR, you have the right to revoke your consent at any time. The legality of the processing carried out based on the consent until the revocation is not affected. If we base the processing of your personal data on the balancing of interests according to Art. 6(1)(f) of the GDPR, you can object to the processing. This is the case when the processing is not necessary for the performance of a contract with you, which we will explain in more detail when describing the functions below. If you wish to exercise your right to object, we ask you to provide us with the reasons why we should not process your personal data as we have done. In the event of a justified objection, we will examine the facts and either discontinue or adjust the data processing or demonstrate our compelling legitimate grounds for continuing the processing. You have the right to object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can exercise this right to object free of charge. You can inform us of your objection to advertising using the following contact details:

Smart IT Alliance GmbH TecCenter 1 31162 Bad Salzdetfurth, Germany Fax: +49 (0) 5063 63 29 799 Email address: info@smart-it-alliance.de

  1. Right to information: You have the right to information about the personal data stored by us concerning you, in accordance with Art. 15 of the GDPR. This includes, in particular, information about the purposes of the processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you.
  2. Right to rectification: You have a right to rectification of inaccurate data or completion of correct data according to Art. 16 of the GDPR.
  3. Right to erasure: You have the right to erasure of your personal data stored by us according to Art. 17 of the GDPR, unless legal or contractual retention periods or other statutory obligations or rights to further storage oppose this.
  4. Right to restriction of processing: You have the right to demand restrictions on the processing of your personal data if one of the conditions in Art. 18(1)(a) to (d) of the GDPR is fulfilled, such as when you contest the accuracy of the personal data, the processing is unlawful and you oppose the erasure of the personal data, or when we no longer need the personal data for the purposes of the processing, but you require it for the establishment, exercise or defense of legal claims.
  5. Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, according to Art. 20 of the GDPR, or to request the transmission of said data to another controller.
  6. Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your habitual residence, place of work or place of the alleged infringement.

Data security

To protect all personal data transmitted to us and to ensure that data protection regulations are complied with by us and our external service providers, we have implemented appropriate technical and organizational security measures. Among other things, all data transmitted between your browser and our server is encrypted using a secure SSL connection.

 

03.04.2021

Sign up for Webinar