We collect, process and store personal data when you visit our website. Why and how?
The company responsible for data processing on this website shall be
]init[ AG für digitale Kommunikation (limited company for digital communication)
Köpenicker Str. 9
Phone: +49 30 97006 727
Fax: + 49 30 97006 135
We attach particular importance to the protection of your personal data, and therefore we collect, process and use your personal data solely in compliance with the principles described in the following, as well as in accordance with the European Union General Data Protection Regulations (GDPR) and Federal Data Protection Act (BDSG)-new.
ISO 27001 Certificate for the highest levels of security
Your data is exclusively saved on our internal servers in Germany. Our data processing center is designed for portal and business applications with very high protection level. This is why we already received the German IT Security Certificate in 2008. With this certificate, the German Federal Office for Information Security (BSI) certifies that our data processing center complies with the security properties of ISO 27001 based on Baseline IT Protection.
Nature, scope and purpose of the processing of personal data
When visiting the website
With each visit to our website, our servers in Germany save exclusively the personal data that is transmitted to our server via your browser into a log file for information purposes and in accordance with Article 6 paragraph 1 lit. (f) of the GDPR.
The following data are collected during each visit to our website, and are saved by us until the time of automatic deletion:
- data and time of access;
- name and URL of the retrieved file;
- website from which access is made;
- operating system of your computer, and browser used by you;
- IP address;
- name of your Internet service provider.
The purpose of collecting and processing these data such as date, time, name and URL of the retrieved file, website from which access is made is to allow use of the website (connection setup), to ensure that the content of our web pages is correct, as well as to permanently guarantee the security and stability of the system. The processing of data relating to the operating system and browser used, as well as the name of Internet service provider serves to enable the technical administration of the network infrastructure, and the optimization of our Internet offer, as well as for internal statistical purposes. An IP address will only be analyzed in case of an attack on our Internet infrastructure, as well as for statistical purposes. The processing of these data is based on the legitimate interest, to protect our website against unauthorized access. At the same time, we are striving to constantly improve our services to our customers, and therefore depend on statistical analyses.
We do not transfer your data to a third country.
Storage duration and deletion
]init[ AG saves personal data of the data subject only for the time period necessary to achieve the purpose of the storage, or, as long as stipulated by the GDPR or other regulations as special mandatory retention periods. If you visit our website, your data will be stored for 7 days maximum to detect and ward off attacks.
If the storage purpose is not applicable, or if a storage period prescribed expires, the personal data are routinely blocked or erased in accordance with legal requirements.
Mailings and newsletters
Currently, we do not offer newsletters or mailings through our website. If you, as an interested party, receive newsletters/mailings from us outside the website offerings, and you have given us your express authorization to do so, we will use your email address and personal data submitted on a strictly voluntary basis only to deliver our newsletters and/or mailings to you on a regular basis, in accordance with Article 6 paragraph 1 lit. (a) of the GDPR. To receive our newsletters/mailings, entering your email address will be sufficient. Additional personal information submitted on a strictly voluntary basis exclusively serve to customize the newsletter.
We use the so-called double opt-in process to guarantee a mutually agreed mailing of the newsletter. As a result, the potential recipient is added to a mailing list. After entering your email address, you will receive a confirmation email with the option to legally confirm your subscription. The address you provide will only be included in the active mailing list after you have completed this confirmation. We use your data exclusively to send out the requested information and offers, and on the basis of your consent in accordance with Article 6 paragraph 1 lit. (a) of the GDPR.
By clicking on the "Unsubscribe” link at the bottom of the actual newsletter, you can revoke (unsubscribe) your consent to save your personal data and email address as well as its use for sending out the newsletters and mailings at any time. You have also the option to unsubscribe by email to firstname.lastname@example.org at any time. If you unsubscribe from the newsletter and mailings, your personal data will be deleted without delay. This means, that your data is only stored for the time period you wish to receive the newsletters. You are entitled to request disclosure of any personal data stored about you.
Newsletter2Go by the German Newsletter2Go GmbH is used as newsletter and mailing software. In the process, your personal data is transferred to the Newsletter2Go GmbH acting as our service provider on our behalf. According to our mutual contract, Newsletter2Go GmbH is prohibited to sell or use your personal data for purposes other than sending our mailings and newsletters. Newsletter2Go is a certified German service provider who we selected in compliance with the requirements of the General Data Protection Regulations and the Federal Data Protection Act. For further information, please click here.
Of course, we have concluded a current order processing agreement with Newsletter2Go accordingly.
Use of contact forms
You can contact us directly by using our contact forms provided on our website. We will collect, process and use your personal data entered into the form exclusively for the processing of your concrete request, and with your consent only.
By submitting your request and giving your consent, you acknowledge and agree that we can use your personal information for the response to your request and/or establishment of contact in accordance with Article 6 paragraph 1 lit. (a) of the GDPR. Your personal data will principally not be disclosed to third parties, unless such disclosure is justified by applicable data protection regulations, or we are required by law to do so. For processing your request, entering your email address will be sufficient. Additional personal information submitted on a strictly voluntary basis exclusively serve to customize the request.
You may, at any time, revoke your consent given with future effect by sending an email to email@example.com. If you revoke your consent, your personal data will be deleted without delay. Otherwise, your personal data will be deleted after the processing of your request has been completed, or if the purpose for the retention no longer applies. You are entitled to request disclosure of any personal data stored about you.
Usually, your application documents are processed electronically by sending your documents via our career portal by email to our HR department. Your personal data are exclusively used for the ongoing application process.
If we conclude an employment contract with you as applicant, we will store the submitted data for the purpose of processing the employment relationship under consideration of statutory regulations.
If no contract is concluded between the controller and the applicant, your data will be stored for 6 months after completion of the application process, and will be deleted after these 6 months, provided that the deletion is not opposed by justified interests within the meaning of Article 6 paragraph 1 lit. (a) of the GDPR. For example, a justified interest within this meaning is the burden of proof in proceedings according to the General Equal Treatment Act.
You will be given the option to have your information stored over the following 24 months after completion of the application process in accordance with Article 6 paragraph 1 lit. (a) of the GDPR, if you are interested to be considered for future job offers. Following the completion of the application process, you will receive a notification from us by email providing you the option to such an agreement. You are entitled to revoke your consent to the storage of your personal data for 24 months at any time. For this purpose please contact us at firstname.lastname@example.org.
For questions regarding the application process, please do not hesitate to contact us anytime at email@example.com.
Data disclosure to third parties
No data is disclosed to third parties without your prior consent. Exceptions apply only, if and insofar as it is required for the purpose of enforcing our rights, or if there is a legal obligation for us.
When you visit our website, information can be stored on your computer or your mobile device (hereinafter generally referred to as computer) in the form of cookies. Cookies allow us to make your visit on our website even more convenient, easy and practical. Cookies are small text files that your browser automatically saves to the hard drive of your computer whenever you visit our website.
Cookies will not damage the hard drive of your computer. Cookies are also unable to execute programs or introduce viruses to your computer.
We use Session Cookies to be able to identify you as user of our website. Session Cookies are temporary, and are automatically deleted, as soon as you leave our website. The majority of web browsers do accept Cookies automatically.
We also use eTracker for statistical purposes only. Compare the respective section below.
At any time, you can adjust your browser by setting your configuration accordingly, to prevent and object to the installation of cookies on your computer. Already installed cookies may also be deleted at any time via a web browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the web browser used, not all functions of our website may be entirely usable.
eTracker web statistics
This website uses technologies by etracker GmbH (www.etracker.com) to collect and store data exclusively for statistical purposes. No user profiles are created from this data, nor do we use the data for retargeting purposes.
Cookies are used in the process to allow carrying out statistical analyses of the use of this website by visitors within the meaning of the Authority Principle (50) of the GDPR.
This data created thereby is processed and stored by etracker in Germany only, and are therefore subject to strict German and European data protection laws and directives. etracker has been audited and then certified in this regard, and was awarded with the European ePrivacyseal.
The data processing is carried out based on statutory provisions of Article 6 paragraph 1 lit. (f) of the GDPR (justified interests). Our aim within the meaning of Article 6 paragraph 1 lit. (f) of the GDPR (justified interests) is the optimization of our online offers and our website. In order to respect your privacy, we have activated the shortened IP-address for the etracker technology. In doing so, the address cannot be directly linked to a particular individual.
No data will be merged or used with other data of etracker, and no data will be passed on to third parties.
You are entitled to object to the stipulated data processing at any time.
Such objection is technically realized via a Cookie, and is only effective, as long as this Cookie is stored in your browser. Therefore, please do not delete this Cookie, if you still wish to maintain such objection.
We do not use links to social networks which already contain the code of the respective external network on our web pages, so-called “social plug ins”. On our website you only find simple links which are created by us, so that during the stay on our site no data transfer to external site operators is possible.
In order to provide you with information and additional contact options, we are, however, also present on a variety of social media platforms which allow us to communicate with active clients, interested parties and users while providing information on our services.
Please be aware that the processing of your personal data on these social media platforms is primarily controlled by the respective platform provider. During the visit on our social media pages, the platform provider stores cookies in your browser that collect and save data regarding your user behavior and information about your probable interests for market research and advertising purposes. As the services of these platforms can also partly be used without registration, it cannot be excluded that users who are not registered with the platform may also be affected by the data processing.
The providers of the respective social media platforms potentially process user data outside the EU. The providers in the US, who are certified under the Privacy Shields, undertake to observe the European data protection norms.
During the visit of one of our social media pages, your personal data is processed based on our legitimate interest in effective user information and communication with the user according to Article 6 paragraph 1 lit. (f) of the GDPR. We have interest in introducing our company to the public with common market practices and providing our users the social media pages as additional information and communication channels. If the users are asked for their consent to the processing of their data by the provider of the platform and they agree to do so, the legal basis for the data processing will be Article 6 paragraph 1 lit. (a) and Article 7 of the GDPR.
In case of requests for information and the assertion of the right to use, please be aware that it is most effective if you assert your right against the provider directly. Only the providers have access to the user data, and therefore can provide the information accordingly, and take appropriate measures directly.
Joint controllership, Article 26 of the GDPR. We determine our respective responsibilities in this controller addendum. Accordingly, Facebook is the responsible party and contact partner for the obligation to provide information (Articles 12-13 of the GDPR), your data subject rights (Articles 15-22 of the GDPR), data security and the obligation to report any data protection violations (Articles 32-34 of the GDPR). According to Article 26 paragraph 3 of the GDPR, you are also entitled to assert your right against us. As the data processed by Facebook are exclusively controlled by Facebook, asserting your right directly against Facebook is most effective.
We determine our respective responsibilities in this controller addendum. Accordingly, Facebook is the responsible party and contact partner for the obligation to provide information (Articles 12-13 of the GDPR), your data subject rights (Articles 15-22 of the GDPR), data security and the obligation to report any data protection violations (Articles 32-34 of the GDPR). According to Article 26 paragraph 3 of the GDPR, you are also entitled to assert your right against us. As the data processed by Facebook are exclusively controlled by Facebook, asserting your right directly against Facebook is most effective.
You Tube (Google)
If you visit one of our websites with embedded videos, the internet browser will not automatically establish a link to the server on the appropriate network. By clicking on the embedded video you give your consent to communication with the aforementioned website and the placing of cookies by this website. By clicking on the embedded video the information that you visited our website will be automatically be forwarded to the aforementioned website operator and cookies will be placed by the aforementioned website.
If you are logged into the aforementioned website visiting our website, the data transmitted will be associated with your user account. If you wish to prevent a network from linking information with your user account in this manner, please log out from the respective network before clicking on the respective video.
Even if you are not registered as a member of the aforementioned website, or you are currently not logged in your data may be stored by the operator of the aforementioned website after you click on the respective video. We have no influence on the placement of third-party cookies and over the scope and content of the data collected by the aforementioned website or on how that data is used.
The fonts we use are stored on our own servers. This means that data is not transferred to third parties.
We apply appropriate technical and organizational security measures in order to protect your personal data against accidental or deliberate manipulations, partial or full loss, destruction and against unauthorized access by third parties. Our security measures are continually enhanced as new technology becomes available. Also compare with the section above relating to ISO 27001 Certificate for the highest levels of security.
By registering for one of our events, you are consenting to the processing of your data (first name, surname, email address, employer (if applicable), and postal address). Data is processed on the basis of Art. 6 para. 1 lit. (b) of GDPR and only to the extent required for your attendance at the event.
Please note that photos or video recordings are often taken at our events and these are sometimes published online (e.g. on our homepage, via our social media channels) and printed (e.g. in an event program or print media). If you do not want to be included in these, please tell our photographer at the event.
Your rights as data subject
You are entitled to demand information at any time about whether and how your personal data is processed. The right to demand information includes information about the nature of the data, period and purpose of retention, potential recipients and transmissions as well as what is the legal basis that justifies such processing, and whether automated decision-making is intended. You are entitled to request a copy of this information. You are entitled to request rectification, deletion or restriction of the processing of your personal data, if its use is prohibited in terms of data protection law, in particular, as (i) the data are incomplete or incorrect, (ii) the data are no longer necessary for the purposes for which they were initially collected, (iii) the consent on which the processing was based has been revoked, or (iv) you have successfully made use of your right to object to the processing of your personal data; in case your data are processed by a third party, we will forward your request for rectification, deletion or restriction of the processing of your personal data to these third parties, unless this proves impossible or involves a disproportionate effort. Furthermore, we will - upon request - provide you your personal data for further use. Upon your request, we will also transfer your personal data to a third party recipient designated by you. You are entitled to revoke your authorization for the collection, processing and use of your personal data at any time with effect for the future. Such a legal request must be carried out in writing and with proof of identity.
In addition, you may contact the competent local data protection authority at any time.
Special note regarding the right to object:
You are entitled to object at any time to such data processing that is based on justified interests, unless we are able to provide compelling and legitimate grounds for the data processing which - as an exception - outweigh your interests, rights and liberties; you are always entitled to object to data processing for the purpose of direct marketing.
You, as data subject, have the following rights:
- Right to be informed according to Article 15 of the GDPR
- Right to demand correction according to Article 16 of the GDPR
- Right to erasure according to Article 17 of the GDPR
- Right to restrict processing of the data according to Article 18 of the GDPR
- Right to data transferability according to Article 20 of the GDPR
- Right to object according to Article 21 of the GDPR
Data Protection Officer
]init[ AG für digitale Kommunikation
z. Hd. Datenschutzbeauftragter
Köpenicker Str. 9