Data protection declaration and information for data subjects in accordance with Article 13 and Article 14 of the EU General Data Protection Regulation
We appreciate your interest in our services and your visit to our website. Data protection and data security when using our websites are very important to us and go without saying in the context of our advice services. Therefore, we wish to inform you as to what personal data relating to you is gathered when you visit our websites and for what purposes this is used.
As changes in legislation or changes to our internal corporate processes can make an adjustment to this data protection declaration necessary, we would kindly request that you regularly read through this data protection declaration. The data protection declaration can be accessed, saved and printed out at any time via the following link: https://www.startech-cc.de/en/privacy-policy/
Controller
The controller as defined in the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection laws of the Member States, as well as in other provisions under data protection legislation is:
StarTech
Owner: Manfred Maier
Göppinger Str. 21/1
73119 Zell u.A.
Germany
Phone: +49 (0) 7164-14944-0
Mail: info@startech-cc.de
I. General data processing information
Personal data is all information which relates to an identified or identifiable natural person. For example, this includes information such as your name, address, telephone number, date of birth, email address, IP address or user behaviour. Information which does not allow us to trace your person (or only allows us to trace your person with disproportionate expense), for example through anonymization of the information, is not personal data.
The processing of personal data (for example gathering, retrieval, use, saving or transfer) always requires a legal basis or your consent. Personal data which has been processed is deleted, once the purpose of the processing has been attained and no retention periods prescribed by law need to be complied with.
Should we process your personal data in order to provide certain services, we will inform you below of the concrete processes, the scope and purpose of the data processing, the legal basis for the processing and the length of time for which the personal data is saved.
II. Individual processing procedures in relation to the website
1. Provision and use of the website
1.1. Server log files
When accessing and using our website, we gather personal data which your browser automatically transfers to our server. This information is saved temporarily in a so-called log file. When you use our website, we gather the following data which is technically necessary for us, in order to display our website to you and to ensure stability and security.
– IP address of the accessing computer
– Date and time of the access
– Name and URL of the accessing file
– Website from which the access takes place (referrer URL)
– Browser used and, if applicable, the operating system of your computer and the name of your access provider
For the named data processing, Article 6 Paragraph 1 Letter f) GDPR serves as the legal basis. The processing of the named data is necessary to provide the website and therefore serves the purpose of safeguarding a legitimate interest of our company.
Once the named data is no longer necessary in order to display the website, it will be deleted. The recording of the data to provide the website and the saving of the data in logfiles is absolutely necessary in order to operate the website. The user has no right of objection in this respect. Further saving can take place in an individual case, if this is mandated by law.
1.2. Cookies
We use individual cookies on our website. Cookies are small files, which are sent by us to the browser of your end device when you visit our Internet sites and temporarily deposited there. Cookies do not cause any damage to your end device. These cannot start any programs and do not contain any viruses.
Session cookies are used on our website, which are automatically deleted when you close your browser. This type of cookie enables us to record your session ID. By means of this, various requests of your browser can be assigned to a joint session and we are able to recognise your end device next time you visit our websites.
These cookies are required for technical reasons, so that you can visit our website and use functions which are provided by us.
Cookies for advertising purposes or cookies which are integrated by third parties are not used on our sites.
By means of the purposes of use described above and the necessity of the session cookies in order to provide / use our website, the processing represents our legitimate interest and is based on Article 6 Paragraph 1 Letter f) GDPR.
Once the data transferred to us by the cookies is no longer necessary in order to attain the purposes described above, this information will be deleted. This is the case when you close your browser.
Notice concerning configuration of the browser settings: Most browsers are pre-set in such a way that they accept cookies as standard. However, you can configure your browser in such a way that it only accepts certain cookies or no longer accepts any cookies. Via your browser settings, you can also delete cookies which have already been set in your browser. In addition, it is possible to set your browser in such a way that you are informed before cookies are set. As the different browsers may differ in terms of functionality, we would kindly request that you use the help menu of your browser in order to find out your configuration options. Should you require a comprehensive overview of all third party accesses to your Internet browser, we would recommend you to install the plugins which have been specially developed for this purpose.
1.3. Google Analytics tracking and analysis tool
On this website, we use Google Analytics, a web analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountainview, CA 94043 USA (“Google”). Google Analytics uses so-called “cookies”, i.e. text files which are saved on your computer and which enable an analysis of the use of the website by you.
The information which is generated by these cookies, for example concerning your use of this website, is generally transferred to a server of Google in the USA and saved there. When using Google Analytics, it cannot be excluded that the cookies set by Google Analytics may record further personal data in addition to the IP address. We wish to point out that Google may transmit this information to third parties, should this be required by law or should the said third parties process this data on behalf of Google.
The information generated by the cookies will be used by Google on behalf of the operator of this website in order to evaluate your use of the website, to compile reports concerning the website activities and to provide additional services for the website operator connected to the use of the website and the use of the Internet. The IP address transmitted by your browser in the course of Google Analytics will not be combined with other data by Google, according to the information which it has provided.
You can generally prevent the saving of cookies by setting your browser software accordingly. However, we wish to point out that in such a case, you may not be able to fully use all of the functions of this website.
It cannot be excluded that the cookies set by Google Analytics may record further personal data in addition to the IP address. In order to prevent information concerning your use of the website being recorded by and sent to Google Analytics, you can download and install a plugin for your browser via the following link: http://tools.google.com/dlpage/gaoptout?hl=de. This plugin prevents information concerning your visit to the website being sent to Google Analytics. Other analysis is not prevented by this plugin.
We wish to point out that the browser plugin described above cannot be used when visiting our website via the browser of a mobile end device (smartphone or tablet). When using a mobile end device, you can prevent the recording of your usage data by Google Analytics by clicking on the following link: Google Browser Plugins. By clicking on this link, a so-called opt out cookie will be set in your browser. This prevents information concerning your visit to the website being sent to Google Analytics. Please bear in mind that the opt out cookie is only valid for this browser and this domain. Should you delete the cookies in this browser, the opt out cookie will also be deleted. In order to continue to prevent the recording by Google Analytics, you need to click on the link again. The use of the opt out cookie is also possible as an alternative to the plug in above when using the browser on your computer.
In addition, this site uses the Google Analytics reports concerning demographic characteristics in which data from all targeted advertising of Google and visitor data of third parties (for example age, gender and interests) is used. This data cannot be used to trace a specific person and can be deleted at any time via the advertising settings in your Google account or you can object to the recording of your data by Google Analytics by using a Google Browser Plugin.
By using this tracking and analysis tool, we are able to ensure continued optimisation of our website and are able to tailor it to customer requirements. With the assistance of tracking measures, it is also possible for us to statistically record the use of our website by visitors and to further develop our online service for you with the assistance of the knowledge acquired. Due to these interests, the use of the tracking and analysis tools described below is justified in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR.
User and event data is saved for 14 months as standard and is then de-activated and deleted.
1.4 Use of Google Web Fonts
External fonts (Google Fonts) are used on these Internet sites. Google Fonts is a service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”). Further information concerning the data protection notices of Google can be accessed here: https://policies.google.com/privacy?hl=en, https://developers.google.com/fonts/faq.
When using Web Fonts, the following data will be transferred to Google:
– Browser type / version
– Operating system used
– Referrer URL (previously visited page)
– Host name of the accessing computer (IP address)
– Time of the server access
– Monitor resolution of the user
– Language settings of the browser and operating system used
The legal basis for the use of Google Web Fonts is Article 16 Paragraph 1 Sentence 1 Letter f) GDPR. We have a legitimate interest, as this technology allows the display of the fonts which are used by us. When accessing our websites, your browser loads the necessary web fonts into your browser cache, in order to correctly display texts and fonts. Should your browser not support Web Fonts, a standard font will be used by your computer.
1.5 Hyperlinks
So-called hyperlinks to websites of other providers can be found on our website. When activating these hyperlinks, you will be redirected from our website directly to the website of the other providers. You can recognise this by the change in URL. We cannot assume any responsibility for the confidential treatment of your data on these third party sites, as we have no influence over whether these companies comply with the data protection regulations. Please see these websites directly as to how your personal data is handled by these companies.
Please contact the respective operator in order to find out how your data is processed and used. Information provided by the operator concerning the respective data protection provisions and possible settings to protect your private sphere can be found here for example:
– Google Inc: http://www.google.de/intl/de/privacy/plusone/.
– LinkedIn Ireland Unlimited Company: https://www.linkedin.com/legal/privacy-policy?_l=de_DE
– Xing S.E. https://privacy.xing.com/de/datenschutzerklaerung
2. Website contact form
On our website, we provide you with the option of getting in touch with us via contact form. Should you use the contact form, the following personal data is processed as standard, as well as the content which you provide the contact field:
– Email address
– Name
The purpose of the gathering of your email address is to allocate you enquire and respond to you. When using the contact form, your personal data is not passed on to third parties.
It is possible to voluntarily provide more detail concerning your company and its address, as well your contactability by telephone and to precisely state your query via the relevant fields.
The data processing for the purpose of getting in touch with us which is described above is based on Article 6 Paragraph 1 Letter f) GDPR. The provision of an interface for communication with you is in our legitimate interest of ensuring that you can get in touch with us in a speedy and uncomplicated manner.
Once the query submitted by you has been dealt with and the matter at hand has been fully clarified, the personal data which you provided via the contact form which has been processed will be deleted. Further saving can take place in an individual case, if this is mandated by law.
3. Sending of newsletters
It is possible to subscribe to a free-of-charge newsletter. In order to be able to regularly send you the newsletter, we require the following information from you:
– Email address
In relation to the sending of the newsletter, we use the so-called double opt in procedure, i.e. we will not send you the newsletter until you confirm your registration by clicking on the link contained in a confirmation email which we will send to you for this purpose. By means of this, we wish to ensure that only you as the holder of the provided email address can register for the newsletter. Your confirmation in this respect must take place quickly following receipt of the confirmation email, as otherwise your newsletter registration will be automatically deleted from our database.
The processing of your email address for the purpose of sending the newsletter is based on Article 6 Paragraph 1 Letter a) GDPR with your declaration of consent which is sent voluntarily in connection with the registration on our website, the wording of which is repeated below:
Declaration of consent:
By means of the sending of my data and clicking on the “order newsletter” button, I am declaring my agreement to my email address being used to regularly send the newsletter. I can cancel the newsletter service at any time by clicking on the relevant link at the end of the newsletter. Accordingly, I can revoke this consent to the gathering and processing of the personal data obtained during the registration process at any time.
The data provided to us for the purpose of the newsletter subscription will be saved by us until you cancel the newsletter subscription and will then be deleted. Data which was saved by us for other purposes (for example email addresses for log in area) remains unaffected by the above.
III. Information concerning data processing procedures
1. Processing of applicant data
| Data category: | Application data |
| Processing purpose: | Carrying out of application process |
| Category of recipients: | Public bodies if prioritised legal regulations are present External service providers or other contractors Further external bodies, should the data subject have issued his or her consent or should a transfer be permitted due to an overriding interest |
| Legal basis | Article 6 Paragraph 1 Letter b) GDPR, Article 9 Paragraph 2 Letter b) GDPR |
| Duration of data saving: |
Application documents are saved for 12 months. Should your application not have been successful, we will contact you prior to the expiry of these 12 months. Your data will then be automatically deleted two months after notification that the application was unsuccessful, unless legitimate interests under Article 6 Paragraph 1 Sentence 1 Letter f) prevent a deletion. Another legitimate interest in this sense is an evidence obligation in procedures under the German Equal Treatment Act (AGG) as an example. Should an employment contract be concluded, the data which has been provided will be saved in order to perform the employment relationship in compliance with the statutory regulations. |
2. Processing of customers’ / interested persons’ data
| Data categories | Data which is notified in order to process the contract; and data which goes beyond this for process on the basis of your express consent. |
| Processing purpose: | Performance of the contract, inter alia offers, orders, sale and billing, quality assurance. |
|
Category of recipients: |
Public bodies if prioritised legal regulations are present External service providers or other contractors, amongst others for data processing and hosting, shipping, transport and logistics
Further external bodies, should the data subject have issued his or her consent or should a transfer be permitted due to an overriding interest
|
| Legal basis | Article 6 Paragraph 1 Letter b) GDPR, Article 6 Paragraph 1 Letter a) GDPR |
| Duration of data saving: | The duration of the data storage is determined by the statutory retention obligations and is generally 10 years. |
3. Specific information concerning the processing of employee data
| Data affected: | Data which is notified in order to process the contract; and data which goes beyond this for process on the basis of your express consent. |
| Processing purpose: | Performance of the contract in the context of the employment relationship |
| Category of recipients: | Public bodies if prioritised legal regulations are present, for example tax office, social security providers. External service providers or other contractors, amongst others for data processing and hosting, shipping, wages, travel cost claims, insurance benefits Further external bodies, should the data subject have issued his or her consent or should a transfer be permitted due to an overriding interest |
| Legal basis | Article 88 GDPR, Article 26 GDPR |
| Duration of data saving: | The duration of the data storage is determined by the statutory retention obligations and is generally 10 years. |
4. Specific information concerning the processing of sales partner data
| Data affected: | Data which is notified in order to process the contract (sales partner contract); and data which goes beyond this for process on the basis of your express consent. |
| Processing purpose: | Performance of the contract, including enquiries, commission billing etc. |
| Category of recipients: | Public bodies if prioritised legal regulations are present External service providers or other contractors, amongst others data processing, bookkeeping, payment processing Further external bodies, should the data subject have issued his or her consent or should a transfer be permitted due to an overriding interest |
| Legal basis | Article 6 Paragraph 1 Letter b) GDPR, Article 6 Paragraph 1 Letter a) GDPR |
| Duration of data saving: | The duration of the data storage is determined by the statutory retention obligations and is generally 10 years. |
IV. Rights of data subjects
You have the following rights in relation to us concerning the personal data relating to you:
– in accordance with Article 7 Paragraph 3 GDPR, to revoke the consent which you issued to us at any time. This means that we cannot continue the data processing which was based on this consent in the future.
– in accordance with Article 15 GDPR, the right of information
– in accordance with Articles 16 and 17 GDPR, the right of rectification or erasure
– in accordance with Article 18 GDPR, the right to have the processing restricted
– in accordance with Article 20 GDPR, the right of data portability
– in accordance with Article 77 GDPR, the right to complain to a data protection supervisory authority about the processing of your personal data by us
Should your personal data be processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Sentence 1 Letter f) GDPR, you have the right under Article 21 GDPR to raise an objection to the processing of your personal data. Should you wish to claim your right of objection, please send an email to info@startech-cc.de.
When claiming the right of objection, we would kindly request that you state the reasons why your personal data should not be processed by us. We will then check the matter and suspend or adjust the data processing or inform you of our mandatory protectable reasons why we will continue the processing.
You can object to the processing of your personal data for advertising purposes and data analysis at any time. You can contact us as follows in order to claim your right to object to advertising: info@startech-cc.de
V. Data security and security measures
We are obliged to protect your private sphere and to treat your personal data confidentially. In order to prevent manipulation or loss or abuse of your personal data saved by us, we take comprehensive technical and organisational security precautions which are regularly checked and adjusted in line with technical progress. Amongst others, these include the use of recognised encryption procedures (SSL / TLS encryption). However, we wish to inform you that due to the structure of the Internet, it is possible that the data protection rules and the above-mentioned security measures may not be complied with by other persons or institutions for whom we are not responsible. In particular, personal data which is disclosed in unencrypted form, for example by email, may be read by third parties. We have no technical control over this. The user is responsible for protecting the data provided by him or her against misuse by means of encryption or other methods.