DATA PROTECTION AT A GLANCE
Based on the obligation to provide information under Article 13 of the EU Data Protection Regulation, we would like to inform you transparently about the processing of your data. The following information provides a simple overview of which data we collect and for which purposes we use them.
Personal data are all the data that personally identify you.
You will find detailed information on the subject of data protection in our data protection declaration, which is to be found below this text. We inform you about the processing of the data of almost every group of people, such as customers, applicants, suppliers, business partners and visitors to the website. For the sake of clarity, we have divided this detailed data protection declaration into the following sections:
- General details and mandatory information
- Information on the processing of data on this website
- Information on the processing of personal data for our own business purposes
General information on data protection on our website
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. When you use this website, a variety of personal data is collected. This data protection declaration explains which information we collect and what we use it for. It also explains how and for what purpose this is performed. We would like to point out that data transmission over the Internet (e.g. communication by email) may be marked by security gaps. Absolute protection of the data from access by third parties is not possible.
How do we collect your data on this website?
On the one hand, your data is collected when you communicate them to us. For example, this may be data that you enter in a contact form. Other data is automatically collected by our IT systems when you visit our website. These are primarily technical data (e.g. on the Internet browser, the operating system or the time that the page was called up). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the error-free provision of the website. Other data can be used to analyze your user behavior.
SSL and/or TLS encryption
This site uses SSL encryption for reasons of security and to protect the transmission of confidential contents. You can recognize an encrypted connection because the address line of the browser changes from “http://” to “https://” and because a “lock” icon appears in your browser line.
If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
Analysis tools and third-party tools
When you visit our website, your surfing behavior can be evaluated statistically. This is done mainly with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually performed anonymously; the surfing behavior cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following data protection declaration.
You may object to this analysis. In this data protection declaration, we will inform you about the possibilities of objection.
DETAILED DATA PROTECTION DECLARATION
- GENERAL DETAILS AND MANDATORY INFORMATION
Who is responsible for data processing?
Responsibility for the data processing in general and on this website in particular is borne by:
NOFFZ Technologies GmbH
47918 Tönisvorst, Germany
Telephone: +49 2151 / 99878-0
Data protection officer
We have appointed a data protection officer for our company.
DPN Datenschutz GmbH & Co. KG
41747 Viersen, Germany
What are your rights when your data is processed?
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. Your consent, once given, can be revoked at any time. All you need to do is to send us an informal email. The legality of the data processing carried out until the revocation shall remain unaffected by the revocation.
Information on your data
You have the right to receive information on your personal data processed by us and to request a copy of the data. Components of this information are: Processing purposes, data categories, their recipients or categories of recipients, and, if possible, the planned duration of data storage or criteria for determining this duration.
Correction, deletion and restriction
In addition, you have the right to request correction if the data is incorrect or ask for the data to be deleted in the case of storage of inadmissible data. If deletion is not possible–for a variety of reasons–you have the right to request a restriction to the processing of your data or to ask for your data to be blocked.
Right of objection
Insofar as the processing is based on Art. 6 para 1 f) of the GDPR (balancing of interests), you have the right to object to the processing of these data at any time. We will no longer process this personal data unless we can provide compelling legitimate reasons that outweigh your legitimate interests, or if the processing is required to assert, exercise or defend legal claims.
The right to data transferability.
You have the right to have the data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done if it is technically feasible.
Right of appeal to the competent supervisory authority
In the case of violations of the data protection law, the person concerned has the right of appeal to the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found on the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
To exercise your rights, please contact our data protection officer [email@example.com].
- INFORMATION ON THE PROCESSING OF DATA ON THIS WEBSITE
Only those of our employees who are responsible for the technical administration, maintenance and continued development of the website, have access to your personal data.
Should you contact us, the employees responsible for processing the relevant transaction will also have access to your personal data. In addition, we employ external IT service providers to maintain our IT systems, who may be able to gain access to your personal information in the course of their working activities. The same applies for the hosting provider.
We will not transmit your personal information to a third country outside the EU. Any other transmission will only be carried out if we are legally or officially obliged to do so or if such transmission is necessary within the context of your use of the website.
How long will your personal information be stored?
Your personal data will be deleted if you have revoked your consent to processing or if your personal data is no longer required to fulfill the purpose for which it was processed, e.g. a request made via one of our contact forms.
Automated decision-making and profiling
We do not use your personal information for automated decision-making. Likewise, we will not create any profiles from your personal information. We would like to point out that we do not use any identification software ourselves and that no evaluation of biometric data takes place.
Why are your personal data collected?
We require your personal data to enable the use of the website. You have the option to refrain from providing your personal information or you can provide us with incomplete information. However, this may mean that we will be unable to allow you to use the website or that you may not be able to take part in a competition.
DATA COLLECTION ON OUR WEBSITE
Some of the Internet pages use so-called “cookies”. Cookies do not harm your computer and do not contain any viruses. Cookies serve to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They will be automatically deleted after your visit. Other cookies remain stored on your device until you delete them (the so-called “persistent cookies”). These cookies allow us to recognize your browser the next time you visit our website.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases. You may also exclude the acceptance of cookies for certain cases or in general or you may activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.
Cookies, which are necessary to carry out the electronic communication process or to provide certain functions that you wish to use (e.g. a shopping cart function) are saved on the basis of Art. 6 para. 1 lit. f of the GDPR. We have a legitimate interest in storing cookies to provide our services in a technically error-free and optimized way. If other cookies (such as cookies for analyzing your surfing behavior) are stored, they will be treated separately in this data protection declaration.
Server log files, log data
The provider of the pages automatically collects and stores information in so-called “server log files”, which your browser transmits to us automatically. This information is on the:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address (anonymised)
This data will not be merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. b of the GDPR, which allows the processing of data for the fulfillment of a contract or of pre-contractual measures. We are unable to assign this data to individual, identifiable persons without any additional information, such as information from an Internet service provider about the connection owner, which we generally do not have, and without a specific reason, such as a suspected case of infringement.
We do not offer any kind of form for data entry. If you would like to send us information, please send us an email.
Facebook, Xing, LinkedIn and YouTube
In order to prevent data from being transmitted to the service providers Facebook, Xing, LinkedIn and YouTube without your knowledge, we do not use any social media plug-ins from these providers.
Wherever you see the logos of these providers on our websites, they are solely redirects to our public company pages of the respective service providers or to our YouTube Channel.
Information on data processing with regard to online presence in social media
We maintain online presences on social networks and platforms in order to communicate with active customers, interested parties and users to inform them about our services. The processing of users’ personal data is carried out on the basis of our legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 lit. f. GDPR. If users are asked by the respective providers for consent to data processing (i.e. give their consent e.g. by ticking a checkbox or confirming a button), the legal basis of processing is Art. 6 para. 1 lit. a., Art. 7 GDPR .
In accordance with the ruling of the European Court of Justice of 5 June 2018, we must inform you in detail about the data processing that takes place via and through the Facebook page (and, if applicable, other social media). As we currently do not have sufficient information at our disposal, we would like to refer you here to the data processing guideline and the possibilities of objection (opt-out) of the respective social network. Requests for information and assertion of rights of data subjects can only be asserted with the respective providers, since only they have access to the data of the users in each case.
Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
Data protection declaration: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Data protection declaration: https://policies.google.com/privacy
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
Data protection declaration: https://twitter.com/de/privacy
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland)
Data protection declaration: https://www.linkedin.com/legal/privacy-policy
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland)
Data protection declaration/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.
- INFORMATION ON THE PROCESSING OF PERSONAL DATA FOR OUR OWN BUSINESS PURPOSES
- Purposes and legal bases of the processing
We collect and process your personal data for the following purposes:
We collect and process applicant data for the purpose of conducting application procedures, insofar as this is necessary for deciding on the establishment of an employment relationship with us. The legal basis is Art. 88 of the GDPR in conjunction with Section (§) 26, para. 1 in conjunction with para. 8 sentence 2 of the BDSG (German privacy law). If we hire applicants, we can process the personal data already received in accordance with Section (§) 26 para. 1 of the BDSG if this is necessary for the purposes of the employment relationship.
We store the data of rejected applicants in text form on the basis of Art. 6 para. 1 f) of the GDPR for up to 6 months following the receipt of the termination notice, in order to defend against any legal claims asserted in the application procedure. Our legitimate interest is a possible burden of proof in proceedings under the General Equal Treatment Act (AGG). Any extended storage may only take place with the express consent of the applicant.
Processing of personal data
- To carry out pre-contractual measures or initiate a sales contract or business relationship. This processing is based on Article 6, para 1 b) of the GDPR. You may object to the storage of your data at any time, in which case we will delete your data, unless statutory retention periods exist.
- For the fulfillment of the contract and for the support of existing customers. The basis for data processing is Art. 6 para. 1 b of the GDPR, which allows the processing of data for the fulfillment of a contract or pre-contractual measures. The data will be deleted after the termination of the business relationship, unless statutory retention periods exist. These may arise, among other things, from tax regulations and may extend up to ten years.
- Transmission of data
We may transfer your personal information to other companies, to the extent permitted or required by the purposes and legal bases set out above. Your data will not be transferred outside the EU under any circumstances.
- Storage of the data
Your personal data will only be stored as long as the knowledge of the data is required for the purpose of the contract or the purposes for which they were collected or should any statutory or contractual provisions for storage exist. Statutory retention periods result, among other things, from social and tax regulations and may be valid for as long ten years for tax-relevant documentation and records.
End of the data protection declaration